starlight-apk/tiny_computer
1
0
Fork 0
mirror of https://github.com/Cateners/tiny_computer.git synced 2026-05-21 00:45:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update code to v1.0.14 (10)

Browse Source
This commit is contained in:
Caten
2024-02-29 19:35:00 +08:00
parent c2ee3b694c
commit a956d26f6d
3188 changed files with 2317293 additions and 146 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1037
android/extern/wolfssl/doc/dox_comments/header_files/aes.h vendored Normal file
View File

File diff suppressed because it is too large Load Diff

59
android/extern/wolfssl/doc/dox_comments/header_files/arc4.h vendored Normal file
View File

@@ -0,0 +1,59 @@
/*!
\ingroup ARC4
\brief This function encrypts an input message from the buffer in, placing
the ciphertext in the output buffer out, or decrypts a ciphertext from the
buffer in, placing the plaintext in the output buffer out, using ARC4
encryption. This function is used for both encryption and decryption.
Before this method may be called, one must first initialize the ARC4
structure using wc_Arc4SetKey.
\return none
\param arc4 pointer to the ARC4 structure used to process the message
\param out pointer to the output buffer in which to store the
processed message
\param in pointer to the input buffer containing the message to process
\param length length of the message to process
_Example_
\code
Arc4 enc;
byte key[] = { key to use for encryption };
wc_Arc4SetKey(&enc, key, sizeof(key));
byte plain[] = { plain text to encode };
byte cipher[sizeof(plain)];
byte decrypted[sizeof(plain)];
// encrypt the plain into cipher
wc_Arc4Process(&enc, cipher, plain, sizeof(plain));
// decrypt the cipher
wc_Arc4Process(&enc, decrypted, cipher, sizeof(cipher));
\endcode
\sa wc_Arc4SetKey
*/
int wc_Arc4Process(Arc4* arc4, byte* out, const byte* in, word32 length);
/*!
\ingroup ARC4
\brief This function sets the key for a ARC4 object, initializing it for
use as a cipher. It should be called before using it for encryption
with wc_Arc4Process.
\return none
\param arc4 pointer to an arc4 structure to be used for encryption
\param key key with which to initialize the arc4 structure
\param length length of the key used to initialize the arc4 structure
_Example_
\code
Arc4 enc;
byte key[] = { initialize with key to use for encryption };
wc_Arc4SetKey(&enc, key, sizeof(key));
\endcode
\sa wc_Arc4Process
*/
int wc_Arc4SetKey(Arc4* arc4, const byte* key, word32 length);

0
android/extern/wolfssl/doc/dox_comments/header_files/asn.h vendored Normal file
View File

2169
android/extern/wolfssl/doc/dox_comments/header_files/asn_public.h vendored Normal file
View File

File diff suppressed because it is too large Load Diff

95
android/extern/wolfssl/doc/dox_comments/header_files/blake2.h vendored Normal file
View File

@@ -0,0 +1,95 @@
/*!
\ingroup BLAKE2
\brief This function initializes a Blake2b structure for use with the
Blake2 hash function.
\return 0 Returned upon successfully initializing the Blake2b structure and
setting the digest size.
\param b2b pointer to the Blake2b structure to initialize
\param digestSz length of the blake 2 digest to implement
_Example_
\code
Blake2b b2b;
// initialize Blake2b structure with 64 byte digest
wc_InitBlake2b(&b2b, 64);
\endcode
\sa wc_Blake2bUpdate
*/
int wc_InitBlake2b(Blake2b* b2b, word32 digestSz);
/*!
\ingroup BLAKE2
\brief This function updates the Blake2b hash with the given input data.
This function should be called after wc_InitBlake2b, and repeated until
one is ready for the final hash: wc_Blake2bFinal.
\return 0 Returned upon successfully update the Blake2b structure with
the given data
\return -1 Returned if there is a failure while compressing the input data
\param b2b pointer to the Blake2b structure to update
\param data pointer to a buffer containing the data to append
\param sz length of the input data to append
_Example_
\code
int ret;
Blake2b b2b;
// initialize Blake2b structure with 64 byte digest
wc_InitBlake2b(&b2b, 64);
byte plain[] = { // initialize input };
ret = wc_Blake2bUpdate(&b2b, plain, sizeof(plain));
if( ret != 0) {
// error updating blake2b
}
\endcode
\sa wc_InitBlake2b
\sa wc_Blake2bFinal
*/
int wc_Blake2bUpdate(Blake2b* b2b, const byte* data, word32 sz);
/*!
\ingroup BLAKE2
\brief This function computes the Blake2b hash of the previously supplied
input data. The output hash will be of length requestSz, or, if
requestSz==0, the digestSz of the b2b structure. This function should be
called after wc_InitBlake2b and wc_Blake2bUpdate has been processed for
each piece of input data desired.
\return 0 Returned upon successfully computing the Blake2b hash
\return -1 Returned if there is a failure while parsing the Blake2b hash
\param b2b pointer to the Blake2b structure to update
\param final pointer to a buffer in which to store the blake2b hash.
Should be of length requestSz
\param requestSz length of the digest to compute. When this is zero,
b2b->digestSz will be used instead
_Example_
\code
int ret;
Blake2b b2b;
byte hash[64];
// initialize Blake2b structure with 64 byte digest
wc_InitBlake2b(&b2b, 64);
... // call wc_Blake2bUpdate to add data to hash
ret = wc_Blake2bFinal(&b2b, hash, 64);
if( ret != 0) {
// error generating blake2b hash
}
\endcode
\sa wc_InitBlake2b
\sa wc_Blake2bUpdate
*/
int wc_Blake2bFinal(Blake2b* b2b, byte* final, word32 requestSz);

28
android/extern/wolfssl/doc/dox_comments/header_files/bn.h vendored Normal file
View File

@@ -0,0 +1,28 @@
/*!
\ingroup openSSL
\brief This function performs the following math “r = (a^p) % m”.
\return SSL_SUCCESS On successfully performing math operation.
\return SSL_FAILURE If an error case was encountered.
\param r structure to hold result.
\param a value to be raised by a power.
\param p power to raise a by.
\param m modulus to use.
\param ctx currently not used with wolfSSL can be NULL.
_Example_
\code
WOLFSSL_BIGNUM r,a,p,m;
int ret;
// set big number values
ret = wolfSSL_BN_mod_exp(r, a, p, m, NULL);
// check ret value
\endcode
\sa wolfSSL_BN_new
\sa wolfSSL_BN_free
*/
int wolfSSL_BN_mod_exp(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *a,
const WOLFSSL_BIGNUM *p, const WOLFSSL_BIGNUM *m, WOLFSSL_BN_CTX *ctx);

184
android/extern/wolfssl/doc/dox_comments/header_files/camellia.h vendored Normal file
View File

@@ -0,0 +1,184 @@
/*!
\ingroup Camellia
\brief This function sets the key and initialization vector for a
camellia object, initializing it for use as a cipher.
\return 0 Returned upon successfully setting the key and initialization
vector
\return BAD_FUNC_ARG returned if there is an error processing one of
the input arguments
\return MEMORY_E returned if there is an error allocating memory with
XMALLOC
\param cam pointer to the camellia structure on which to set the key and iv
\param key pointer to the buffer containing the 16, 24, or 32 byte key
to use for encryption and decryption
\param len length of the key passed in
\param iv pointer to the buffer containing the 16 byte initialization
vector for use with this camellia structure
_Example_
\code
Camellia cam;
byte key[32];
// initialize key
byte iv[16];
// initialize iv
if( wc_CamelliaSetKey(&cam, key, sizeof(key), iv) != 0) {
// error initializing camellia structure
}
\endcode
\sa wc_CamelliaEncryptDirect
\sa wc_CamelliaDecryptDirect
\sa wc_CamelliaCbcEncrypt
\sa wc_CamelliaCbcDecrypt
*/
int wc_CamelliaSetKey(Camellia* cam,
const byte* key, word32 len, const byte* iv);
/*!
\ingroup Camellia
\brief This function sets the initialization vector for a camellia object.
\return 0 Returned upon successfully setting the key and initialization
vector
\return BAD_FUNC_ARG returned if there is an error processing one of the
input arguments
\param cam pointer to the camellia structure on which to set the iv
\param iv pointer to the buffer containing the 16 byte initialization
vector for use with this camellia structure
_Example_
\code
Camellia cam;
byte iv[16];
// initialize iv
if( wc_CamelliaSetIV(&cam, iv) != 0) {
// error initializing camellia structure
}
\endcode
\sa wc_CamelliaSetKey
*/
int wc_CamelliaSetIV(Camellia* cam, const byte* iv);
/*!
\ingroup Camellia
\brief This function does a one-block encrypt using the provided camellia
object. It parses the first 16 byte block from the buffer in and stores
the encrypted result in the buffer out. Before using this function, one
should initialize the camellia object using wc_CamelliaSetKey.
\return none No returns.
\param cam pointer to the camellia structure to use for encryption
\param out pointer to the buffer in which to store the encrypted block
\param in pointer to the buffer containing the plaintext block to encrypt
_Example_
\code
Camellia cam;
// initialize cam structure with key and iv
byte plain[] = { // initialize with message to encrypt };
byte cipher[16];
wc_CamelliaEncryptDirect(&ca, cipher, plain);
\endcode
\sa wc_CamelliaDecryptDirect
*/
int wc_CamelliaEncryptDirect(Camellia* cam, byte* out,
const byte* in);
/*!
\ingroup Camellia
\brief This function does a one-block decrypt using the provided camellia
object. It parses the first 16 byte block from the buffer in, decrypts it,
and stores the result in the buffer out. Before using this function, one
should initialize the camellia object using wc_CamelliaSetKey.
\return none No returns.
\param cam pointer to the camellia structure to use for encryption
\param out pointer to the buffer in which to store the decrypted
plaintext block
\param in pointer to the buffer containing the ciphertext block to decrypt
_Example_
\code
Camellia cam;
// initialize cam structure with key and iv
byte cipher[] = { // initialize with encrypted message to decrypt };
byte decrypted[16];
wc_CamelliaDecryptDirect(&cam, decrypted, cipher);
\endcode
\sa wc_CamelliaEncryptDirect
*/
int wc_CamelliaDecryptDirect(Camellia* cam, byte* out,
const byte* in);
/*!
\ingroup Camellia
\brief This function encrypts the plaintext from the buffer in and
stores the output in the buffer out. It performs this encryption
using Camellia with Cipher Block Chaining (CBC).
\return none No returns.
\param cam pointer to the camellia structure to use for encryption
\param out pointer to the buffer in which to store the encrypted ciphertext
\param in pointer to the buffer containing the plaintext to encrypt
\param sz the size of the message to encrypt
_Example_
\code
Camellia cam;
// initialize cam structure with key and iv
byte plain[] = { // initialize with encrypted message to decrypt };
byte cipher[sizeof(plain)];
wc_CamelliaCbcEncrypt(&cam, cipher, plain, sizeof(plain));
\endcode
\sa wc_CamelliaCbcDecrypt
*/
int wc_CamelliaCbcEncrypt(Camellia* cam,
byte* out, const byte* in, word32 sz);
/*!
\ingroup Camellia
\brief This function decrypts the ciphertext from the buffer in and
stores the output in the buffer out. It performs this decryption using
Camellia with Cipher Block Chaining (CBC).
\return none No returns.
\param cam pointer to the camellia structure to use for encryption
\param out pointer to the buffer in which to store the decrypted message
\param in pointer to the buffer containing the encrypted ciphertext
\param sz the size of the message to encrypt
_Example_
\code
Camellia cam;
// initialize cam structure with key and iv
byte cipher[] = { // initialize with encrypted message to decrypt };
byte decrypted[sizeof(cipher)];
wc_CamelliaCbcDecrypt(&cam, decrypted, cipher, sizeof(cipher));
\endcode
\sa wc_CamelliaCbcEncrypt
*/
int wc_CamelliaCbcDecrypt(Camellia* cam,
byte* out, const byte* in, word32 sz);

99
android/extern/wolfssl/doc/dox_comments/header_files/chacha.h vendored Normal file
View File

@@ -0,0 +1,99 @@
/*!
\ingroup ChaCha
\brief This function sets the initialization vector (nonce) for a ChaCha
object, initializing it for use as a cipher. It should be called after the
key has been set, using wc_Chacha_SetKey. A difference nonce should be
used for each round of encryption.
\return 0 Returned upon successfully setting the initialization vector
\return BAD_FUNC_ARG returned if there is an error processing the ctx
input argument
\param ctx pointer to the ChaCha structure on which to set the iv
\param inIv pointer to a buffer containing the 12 byte initialization
vector with which to initialize the ChaCha structure
\param counter the value at which the block counter should start--usually
zero.
_Example_
\code
ChaCha enc;
// initialize enc with wc_Chacha_SetKey
byte iv[12];
// initialize iv
if( wc_Chacha_SetIV(&enc, iv, 0) != 0) {
// error initializing ChaCha structure
}
\endcode
\sa wc_Chacha_SetKey
\sa wc_Chacha_Process
*/
int wc_Chacha_SetIV(ChaCha* ctx, const byte* inIv, word32 counter);
/*!
\ingroup ChaCha
\brief This function processes the text from the buffer input, encrypts
or decrypts it, and stores the result in the buffer output.
\return 0 Returned upon successfully encrypting or decrypting the input
\return BAD_FUNC_ARG returned if there is an error processing the ctx
input argument
\param ctx pointer to the ChaCha structure on which to set the iv
\param output pointer to a buffer in which to store the output ciphertext
or decrypted plaintext
\param input pointer to the buffer containing the input plaintext to
encrypt or the input ciphertext to decrypt
\param msglen length of the message to encrypt or the ciphertext to decrypt
_Example_
\code
ChaCha enc;
// initialize enc with wc_Chacha_SetKey and wc_Chacha_SetIV
byte plain[] = { // initialize plaintext };
byte cipher[sizeof(plain)];
if( wc_Chacha_Process(&enc, cipher, plain, sizeof(plain)) != 0) {
// error processing ChaCha cipher
}
\endcode
\sa wc_Chacha_SetKey
\sa wc_Chacha_Process
*/
int wc_Chacha_Process(ChaCha* ctx, byte* cipher, const byte* plain,
word32 msglen);
/*!
\ingroup ChaCha
\brief This function sets the key for a ChaCha object, initializing it for
use as a cipher. It should be called before setting the nonce with
wc_Chacha_SetIV, and before using it for encryption with wc_Chacha_Process.
\return 0 Returned upon successfully setting the key
\return BAD_FUNC_ARG returned if there is an error processing the ctx
input argument or if the key is not 16 or 32 bytes long
\param ctx pointer to the ChaCha structure in which to set the key
\param key pointer to a buffer containing the 16 or 32 byte key with
which to initialize the ChaCha structure
\param keySz the length of the key passed in
_Example_
\code
ChaCha enc;
byte key[] = { // initialize key };
if( wc_Chacha_SetKey(&enc, key, sizeof(key)) != 0) {
// error initializing ChaCha structure
}
\endcode
\sa wc_Chacha_SetIV
\sa wc_Chacha_Process
*/
int wc_Chacha_SetKey(ChaCha* ctx, const byte* key, word32 keySz);

120
android/extern/wolfssl/doc/dox_comments/header_files/chacha20_poly1305.h vendored Normal file
View File

@@ -0,0 +1,120 @@
/*!
\ingroup ChaCha20Poly1305
\brief This function encrypts an input message, inPlaintext, using the
ChaCha20 stream cipher, into the output buffer, outCiphertext. It
also performs Poly-1305 authentication (on the cipher text), and
stores the generated authentication tag in the output buffer, outAuthTag.
\return 0 Returned upon successfully encrypting the message
\return BAD_FUNC_ARG returned if there is an error during the encryption
process
\param inKey pointer to a buffer containing the 32 byte key to use
for encryption
\param inIv pointer to a buffer containing the 12 byte iv to use for
encryption
\param inAAD pointer to the buffer containing arbitrary length additional
authenticated data (AAD)
\param inAADLen length of the input AAD
\param inPlaintext pointer to the buffer containing the plaintext to
encrypt
\param inPlaintextLen the length of the plain text to encrypt
\param outCiphertext pointer to the buffer in which to store the ciphertext
\param outAuthTag pointer to a 16 byte wide buffer in which to store the
authentication tag
_Example_
\code
byte key[] = { // initialize 32 byte key };
byte iv[] = { // initialize 12 byte key };
byte inAAD[] = { // initialize AAD };
byte plain[] = { // initialize message to encrypt };
byte cipher[sizeof(plain)];
byte authTag[16];
int ret = wc_ChaCha20Poly1305_Encrypt(key, iv, inAAD, sizeof(inAAD),
plain, sizeof(plain), cipher, authTag);
if(ret != 0) {
// error running encrypt
}
\endcode
\sa wc_ChaCha20Poly1305_Decrypt
\sa wc_ChaCha_*
\sa wc_Poly1305*
*/
int wc_ChaCha20Poly1305_Encrypt(
const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE],
const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE],
const byte* inAAD, const word32 inAADLen,
const byte* inPlaintext, const word32 inPlaintextLen,
byte* outCiphertext,
byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]);
/*!
\ingroup ChaCha20Poly1305
\brief This function decrypts input ciphertext, inCiphertext, using the
ChaCha20 stream cipher, into the output buffer, outPlaintext. It also
performs Poly-1305 authentication, comparing the given inAuthTag to an
authentication generated with the inAAD (arbitrary length additional
authentication data). Note: If the generated authentication tag does
not match the supplied authentication tag, the text is not decrypted.
\return 0 Returned upon successfully decrypting the message
\return BAD_FUNC_ARG Returned if any of the function arguments do not
match what is expected
\return MAC_CMP_FAILED_E Returned if the generated authentication tag
does not match the supplied inAuthTag.
\param inKey pointer to a buffer containing the 32 byte key to use for
decryption
\param inIv pointer to a buffer containing the 12 byte iv to use for
decryption
\param inAAD pointer to the buffer containing arbitrary length additional
authenticated data (AAD)
\param inAADLen length of the input AAD
\param inCiphertext pointer to the buffer containing the ciphertext to
decrypt
\param outCiphertextLen the length of the ciphertext to decrypt
\param inAuthTag pointer to the buffer containing the 16 byte digest
for authentication
\param outPlaintext pointer to the buffer in which to store the plaintext
_Example_
\code
byte key[] = { // initialize 32 byte key };
byte iv[] = { // initialize 12 byte key };
byte inAAD[] = { // initialize AAD };
byte cipher[] = { // initialize with received ciphertext };
byte authTag[16] = { // initialize with received authentication tag };
byte plain[sizeof(cipher)];
int ret = wc_ChaCha20Poly1305_Decrypt(key, iv, inAAD, sizeof(inAAD),
cipher, sizeof(cipher), plain, authTag);
if(ret == MAC_CMP_FAILED_E) {
// error during authentication
} else if( ret != 0) {
// error with function arguments
}
\endcode
\sa wc_ChaCha20Poly1305_Encrypt
\sa wc_ChaCha_*
\sa wc_Poly1305*
*/
int wc_ChaCha20Poly1305_Decrypt(
const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE],
const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE],
const byte* inAAD, const word32 inAADLen,
const byte* inCiphertext, const word32 inCiphertextLen,
const byte inAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE],
byte* outPlaintext);

158
android/extern/wolfssl/doc/dox_comments/header_files/cmac.h vendored Normal file
View File

@@ -0,0 +1,158 @@
/*!
\ingroup CMAC
\brief Initialize the Cmac structure with defaults
\return 0 on success
\param cmac pointer to the Cmac structure
\param key key pointer
\param keySz size of the key pointer (16, 24 or 32)
\param type Always WC_CMAC_AES = 1
\param unused not used, exists for potential future use around compatiblity
_Example_
\code
Cmac cmac[1];
ret = wc_InitCmac(cmac, key, keySz, WC_CMAC_AES, NULL);
if (ret == 0) {
ret = wc_CmacUpdate(cmac, in, inSz);
}
if (ret == 0) {
ret = wc_CmacFinal(cmac, out, outSz);
}
\endcode
\sa wc_InitCmac_ex
\sa wc_CmacUpdate
\sa wc_CmacFinal
*/
int wc_InitCmac(Cmac* cmac,
const byte* key, word32 keySz,
int type, void* unused);
/*!
\ingroup CMAC
\brief Initialize the Cmac structure with defaults
\return 0 on success
\param cmac pointer to the Cmac structure
\param key key pointer
\param keySz size of the key pointer (16, 24 or 32)
\param type Always WC_CMAC_AES = 1
\param unused not used, exists for potential future use around compatiblity
\param heap pointer to the heap hint used for dynamic allocation. Typically used with our static memory option. Can be NULL.
\param devId ID to use with async hardware. Set to INVALID_DEVID if not using async hardware.
_Example_
\code
Cmac cmac[1];
ret = wc_InitCmac_ex(cmac, key, keySz, WC_CMAC_AES, NULL, NULL, INVALID_DEVID);
if (ret == 0) {
ret = wc_CmacUpdate(cmac, in, inSz);
}
if (ret == 0) {
ret = wc_CmacFinal(cmac, out, &outSz);
}
\endcode
\sa wc_InitCmac_ex
\sa wc_CmacUpdate
\sa wc_CmacFinal
*/
int wc_InitCmac_ex(Cmac* cmac,
const byte* key, word32 keySz,
int type, void* unused, void* heap, int devId);
/*!
\ingroup CMAC
\brief Add Cipher-based Message Authentication Code input data
\return 0 on success
\param cmac pointer to the Cmac structure
\param in input data to process
\param inSz size of input data
_Example_
\code
ret = wc_CmacUpdate(cmac, in, inSz);
\endcode
\sa wc_InitCmac
\sa wc_CmacFinal
*/
int wc_CmacUpdate(Cmac* cmac,
const byte* in, word32 inSz);
/*!
\ingroup CMAC
\brief Generate the final result using Cipher-based Message Authentication Code
\return 0 on success
\param cmac pointer to the Cmac structure
\param out pointer to return the result
\param outSz pointer size of output (in/out)
_Example_
\code
ret = wc_CmacFinal(cmac, out, &outSz);
\endcode
\sa wc_InitCmac
\sa wc_CmacFinal
*/
int wc_CmacFinal(Cmac* cmac,
byte* out, word32* outSz);
/*!
\ingroup CMAC
\brief Single shot fuction for generating a CMAC
\return 0 on success
\param out pointer to return the result
\param outSz pointer size of output (in/out)
\param in input data to process
\param inSz size of input data
\param key key pointer
\param keySz size of the key pointer (16, 24 or 32)
_Example_
\code
ret = wc_AesCmacGenerate(mac, &macSz, msg, msgSz, key, keySz);
\endcode
\sa wc_AesCmacVerify
*/
int wc_AesCmacGenerate(byte* out, word32* outSz,
const byte* in, word32 inSz,
const byte* key, word32 keySz);
/*!
\ingroup CMAC
\brief Single shot fuction for validating a CMAC
\return 0 on success
\param check pointer to return the result
\param checkSz size of checkout buffer
\param in input data to process
\param inSz size of input data
\param key key pointer
\param keySz size of the key pointer (16, 24 or 32)
_Example_
\code
ret = wc_AesCmacVerify(mac, macSz, msg, msgSz, key, keySz);
\endcode
\sa wc_AesCmacGenerate
*/
int wc_AesCmacVerify(const byte* check, word32 checkSz,
const byte* in, word32 inSz,
const byte* key, word32 keySz);
/*!
\ingroup CMAC
\brief Only used with WOLFSSL_HASH_KEEP when hardware requires single-shot and the updates must be cached in memory
\return 0 on success
\param in input data to process
\param inSz size of input data
_Example_
\code
ret = wc_CMAC_Grow(cmac, in, inSz)
\endcode
*/
int wc_CMAC_Grow(Cmac* cmac, const byte* in, int inSz);

233
android/extern/wolfssl/doc/dox_comments/header_files/coding.h vendored Normal file
View File

@@ -0,0 +1,233 @@
/*!
\ingroup Base_Encoding
\brief This function decodes the given Base64 encoded input, in, and
stores the result in the output buffer out. It also sets the size
written to the output buffer in the variable outLen.
\return 0 Returned upon successfully decoding the Base64 encoded input
\return BAD_FUNC_ARG Returned if the output buffer is too small to
store the decoded input
\return ASN_INPUT_E Returned if a character in the input buffer falls
outside of the Base64 range ([A-Za-z0-9+/=]) or if there is an invalid
line ending in the Base64 encoded input
\param in pointer to the input buffer to decode
\param inLen length of the input buffer to decode
\param out pointer to the output buffer in which to store the decoded
message
\param outLen pointer to the length of the output buffer. Updated with
the bytes written at the end of the function call
_Example_
\code
byte encoded[] = { // initialize text to decode };
byte decoded[sizeof(encoded)];
// requires at least (sizeof(encoded) * 3 + 3) / 4 room
int outLen = sizeof(decoded);
if( Base64_Decode(encoded,sizeof(encoded), decoded, &outLen) != 0 ) {
// error decoding input buffer
}
\endcode
\sa Base64_Encode
\sa Base16_Decode
*/
int Base64_Decode(const byte* in, word32 inLen, byte* out,
word32* outLen);
/*!
\ingroup Base_Encoding
\brief This function encodes the given input, in, and stores the Base64
encoded result in the output buffer out. It writes the data with the
traditional \n line endings, instead of escaped %0A line endings. Upon
successfully completing, this function also sets outLen to the number
of bytes written to the output buffer.
\return 0 Returned upon successfully decoding the Base64 encoded input
\return BAD_FUNC_ARG Returned if the output buffer is too small to
store the encoded input
\return BUFFER_E Returned if the output buffer runs out of room
while encoding
\param in pointer to the input buffer to encode
\param inLen length of the input buffer to encode
\param out pointer to the output buffer in which to store the
encoded message
\param outLen pointer to the length of the output buffer in
which to store the encoded message
_Example_
\code
byte plain[] = { // initialize text to encode };
byte encoded[MAX_BUFFER_SIZE];
int outLen = sizeof(encoded);
if( Base64_Encode(plain, sizeof(plain), encoded, &outLen) != 0 ) {
// error encoding input buffer
}
\endcode
\sa Base64_EncodeEsc
\sa Base64_Decode
*/
int Base64_Encode(const byte* in, word32 inLen, byte* out,
word32* outLen);
/*!
\ingroup Base_Encoding
\brief This function encodes the given input, in, and stores the
Base64 encoded result in the output buffer out. It writes the data
with %0A escaped line endings instead of \n line endings.
Upon successfully completing, this function also sets outLen
to the number of bytes written to the output buffer.
\return 0 Returned upon successfully decoding the Base64 encoded input
\return BAD_FUNC_ARG Returned if the output buffer is too small
to store the encoded input
\return BUFFER_E Returned if the output buffer runs out of
room while encoding
\return ASN_INPUT_E Returned if there is an error processing
the decode on the input message
\param in pointer to the input buffer to encode
\param inLen length of the input buffer to encode
\param out pointer to the output buffer in which to store
the encoded message
\param outLen pointer to the length of the output buffer in
which to store the encoded message
_Example_
\code
byte plain[] = { // initialize text to encode };
byte encoded[MAX_BUFFER_SIZE];
int outLen = sizeof(encoded);
if( Base64_EncodeEsc(plain, sizeof(plain), encoded, &outLen) != 0 ) {
// error encoding input buffer
}
\endcode
\sa Base64_Encode
\sa Base64_Decode
*/
int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out,
word32* outLen);
/*!
\ingroup Base_Encoding
\brief This function encodes the given input, in, and stores the
Base64 encoded result in the output buffer out. It writes the data
with no new lines. Upon successfully completing, this function
also sets outLen to the number of bytes written to the output buffer
\return 0 Returned upon successfully decoding the Base64 encoded input
\return BAD_FUNC_ARG Returned if the output buffer is too small
to store the encoded input
\return BUFFER_E Returned if the output buffer runs out of room
while encoding
\return ASN_INPUT_E Returned if there is an error processing the
decode on the input message
\param in pointer to the input buffer to encode
\param inLen length of the input buffer to encode
\param out pointer to the output buffer in which to store the
encoded message
\param outLen pointer to the length of the output buffer in which to
store the encoded message
_Example_
\code
byte plain[] = { // initialize text to encode };
byte encoded[MAX_BUFFER_SIZE];
int outLen = sizeof(encoded);
if( Base64_Encode_NoNl(plain, sizeof(plain), encoded, &outLen) != 0 ) {
// error encoding input buffer
}
\endcode
\sa Base64_Encode
\sa Base64_Decode
*/
int Base64_Encode_NoNl(const byte* in, word32 inLen, byte* out,
word32* outLen);
/*!
\ingroup Base_Encoding
\brief This function decodes the given Base16 encoded input, in, and
stores the result in the output buffer out. It also sets the size written
to the output buffer in the variable outLen.
\return 0 Returned upon successfully decoding the Base16 encoded input
\return BAD_FUNC_ARG Returned if the output buffer is too small to store
the decoded input or if the input length is not a multiple of two
\return ASN_INPUT_E Returned if a character in the input buffer falls
outside of the Base16 range ([0-9A-F])
\param in pointer to the input buffer to decode
\param inLen length of the input buffer to decode
\param out pointer to the output buffer in which to store the decoded
message
\param outLen pointer to the length of the output buffer. Updated with the
bytes written at the end of the function call
_Example_
\code
byte encoded[] = { // initialize text to decode };
byte decoded[sizeof(encoded)];
int outLen = sizeof(decoded);
if( Base16_Decode(encoded,sizeof(encoded), decoded, &outLen) != 0 ) {
// error decoding input buffer
}
\endcode
\sa Base64_Encode
\sa Base64_Decode
\sa Base16_Encode
*/
int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen);
/*!
\ingroup Base_Encoding
\brief Encode input to base16 output.
\return 0 Success
\return BAD_FUNC_ARG Returns if in, out, or outLen is null or if outLen is
less than 2 times inLen plus 1.
\param in Pointer to input buffer to be encoded.
\param inLen Length of input buffer.
\param out Pointer to output buffer.
\param outLen Length of output buffer. Is set to len of encoded output.
_Example_
\code
byte in[] = { // Contents of something to be encoded };
byte out[NECESSARY_OUTPUT_SIZE];
word32 outSz = sizeof(out);
if(Base16_Encode(in, sizeof(in), out, &outSz) != 0)
{
// Handle encode error
}
\endcode
\sa Base64_Encode
\sa Base64_Decode
\sa Base16_Decode
*/
int Base16_Encode(const byte* in, word32 inLen, byte* out, word32* outLen);

72
android/extern/wolfssl/doc/dox_comments/header_files/compress.h vendored Normal file
View File

@@ -0,0 +1,72 @@
/*!
\ingroup Compression
\brief This function compresses the given input data using Huffman coding
and stores the output in out. Note that the output buffer should still be
larger than the input buffer because there exists a certain input for
which there will be no compression possible, which will still require a
lookup table. It is recommended that one allocate srcSz + 0.1% + 12 for
the output buffer.
\return On successfully compressing the input data, returns the number
of bytes stored in the output buffer
\return COMPRESS_INIT_E Returned if there is an error initializing the
stream for compression
\return COMPRESS_E Returned if an error occurs during compression
\param out pointer to the output buffer in which to store the compressed
data
\param outSz size available in the output buffer for storage
\param in pointer to the buffer containing the message to compress
\param inSz size of the input message to compress
\param flags flags to control how compression operates. Use 0 for normal
decompression
_Example_
\code
byte message[] = { // initialize text to compress };
byte compressed[(sizeof(message) + sizeof(message) * .001 + 12 )];
// Recommends at least srcSz + .1% + 12
if( wc_Compress(compressed, sizeof(compressed), message, sizeof(message),
0) != 0){
// error compressing data
}
\endcode
\sa wc_DeCompress
*/
int wc_Compress(byte* out, word32 outSz, const byte* in, word32 inSz, word32 flags);
/*!
\ingroup Compression
\brief This function decompresses the given compressed data using Huffman
coding and stores the output in out.
\return Success On successfully decompressing the input data, returns the
number of bytes stored in the output buffer
\return COMPRESS_INIT_E: Returned if there is an error initializing the
stream for compression
\return COMPRESS_E: Returned if an error occurs during compression
\param out pointer to the output buffer in which to store the decompressed
data
\param outSz size available in the output buffer for storage
\param in pointer to the buffer containing the message to decompress
\param inSz size of the input message to decompress
_Example_
\code
byte compressed[] = { // initialize compressed message };
byte decompressed[MAX_MESSAGE_SIZE];
if( wc_DeCompress(decompressed, sizeof(decompressed),
compressed, sizeof(compressed)) != 0 ) {
// error decompressing data
}
\endcode
\sa wc_Compress
*/
int wc_DeCompress(byte* out, word32 outSz, const byte* in, word32 inSz);

111
android/extern/wolfssl/doc/dox_comments/header_files/cryptocb.h vendored Normal file
View File

@@ -0,0 +1,111 @@
/*!
\ingroup CryptoCb
\brief This function registers a unique device identifier (devID) and
callback function for offloading crypto operations to external
hardware such as Key Store, Secure Element, HSM, PKCS11 or TPM.
For STSAFE with Crypto Callbacks example see
wolfcrypt/src/port/st/stsafe.c and the wolfSSL_STSAFE_CryptoDevCb function.
For TPM based crypto callbacks example see the wolfTPM2_CryptoDevCb
function in wolfTPM src/tpm2_wrap.c
\return CRYPTOCB_UNAVAILABLE to fallback to using software crypto
\return 0 for success
\return negative value for failure
\param devId any unique value, not -2 (INVALID_DEVID)
\param cb a callback function with prototype:
typedef int (*CryptoDevCallbackFunc)(int devId, wc_CryptoInfo* info, void* ctx);
_Example_
\code
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/cryptocb.h>
static int myCryptoCb_Func(int devId, wc_CryptoInfo* info, void* ctx)
{
int ret = CRYPTOCB_UNAVAILABLE;
if (info->algo_type == WC_ALGO_TYPE_PK) {
#ifndef NO_RSA
if (info->pk.type == WC_PK_TYPE_RSA) {
switch (info->pk.rsa.type) {
case RSA_PUBLIC_ENCRYPT:
case RSA_PUBLIC_DECRYPT:
// RSA public op
ret = wc_RsaFunction(
info->pk.rsa.in, info->pk.rsa.inLen,
info->pk.rsa.out, info->pk.rsa.outLen,
info->pk.rsa.type, info->pk.rsa.key,
info->pk.rsa.rng);
break;
case RSA_PRIVATE_ENCRYPT:
case RSA_PRIVATE_DECRYPT:
// RSA private op
ret = wc_RsaFunction(
info->pk.rsa.in, info->pk.rsa.inLen,
info->pk.rsa.out, info->pk.rsa.outLen,
info->pk.rsa.type, info->pk.rsa.key,
info->pk.rsa.rng);
break;
}
}
#endif
#ifdef HAVE_ECC
if (info->pk.type == WC_PK_TYPE_ECDSA_SIGN) {
// ECDSA
ret = wc_ecc_sign_hash(
info->pk.eccsign.in, info->pk.eccsign.inlen,
info->pk.eccsign.out, info->pk.eccsign.outlen,
info->pk.eccsign.rng, info->pk.eccsign.key);
}
#endif
#ifdef HAVE_ED25519
if (info->pk.type == WC_PK_TYPE_ED25519_SIGN) {
// ED25519 sign
ret = wc_ed25519_sign_msg_ex(
info->pk.ed25519sign.in, info->pk.ed25519sign.inLen,
info->pk.ed25519sign.out, info->pk.ed25519sign.outLen,
info->pk.ed25519sign.key, info->pk.ed25519sign.type,
info->pk.ed25519sign.context,
info->pk.ed25519sign.contextLen);
}
#endif
}
return ret;
}
int devId = 1;
wc_CryptoCb_RegisterDevice(devId, myCryptoCb_Func, &myCtx);
wolfSSL_CTX_SetDevId(ctx, devId);
\endcode
\sa wc_CryptoCb_UnRegisterDevice
\sa wolfSSL_SetDevId
\sa wolfSSL_CTX_SetDevId
*/
int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx);
/*!
\ingroup CryptoCb
\brief This function un-registers a unique device identifier (devID)
callback function.
\return none No returns.
\param devId any unique value, not -2 (INVALID_DEVID)
_Example_
\code
wc_CryptoCb_UnRegisterDevice(devId);
devId = INVALID_DEVID;
wolfSSL_CTX_SetDevId(ctx, devId);
\endcode
\sa wc_CryptoCb_RegisterDevice
\sa wolfSSL_SetDevId
\sa wolfSSL_CTX_SetDevId
*/
void wc_CryptoCb_UnRegisterDevice(int devId);

771
android/extern/wolfssl/doc/dox_comments/header_files/curve25519.h vendored Normal file
View File

@@ -0,0 +1,771 @@
/*!
\ingroup Curve25519
\brief This function generates a Curve25519 key using the given random
number generator, rng, of the size given (keysize), and stores it in
the given curve25519_key structure. It should be called after the key
structure has been initialized through wc_curve25519_init().
\return 0 Returned on successfully generating the key and and storing
it in the given curve25519_key structure.
\return ECC_BAD_ARG_E Returned if the input keysize does not correspond to
the keysize for a curve25519 key (32 bytes).
\return RNG_FAILURE_E Returned if the rng internal status is not
DRBG_OK or if there is in generating the next random block with rng.
\return BAD_FUNC_ARG Returned if any of the input parameters passed in
are NULL.
\param [in] rng Pointer to the RNG object used to generate the ecc key.
\param [in] keysize Size of the key to generate. Must be 32 bytes for
curve25519.
\param [in,out] key Pointer to the curve25519_key structure in which to
store the generated key.
_Example_
\code
int ret;
curve25519_key key;
wc_curve25519_init(&key); // initialize key
WC_RNG rng;
wc_InitRng(&rng); // initialize random number generator
ret = wc_curve25519_make_key(&rng, 32, &key);
if (ret != 0) {
// error making Curve25519 key
}
\endcode
\sa wc_curve25519_init
*/
int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key);
/*!
\ingroup Curve25519
\brief This function computes a shared secret key given a secret private
key and a received public key. It stores the generated secret key in the
buffer out and assigns the variable of the secret key to outlen. Only
supports big endian.
\return 0 Returned on successfully computing a shared secret key.
\return BAD_FUNC_ARG Returned if any of the input parameters passed in
are NULL.
\return ECC_BAD_ARG_E Returned if the first bit of the public key is
set, to avoid implementation fingerprinting.
\param [in] private_key Pointer to the curve25519_key structure initialized
with the users private key.
\param [in] public_key Pointer to the curve25519_key structure containing
the received public key.
\param [out] out Pointer to a buffer in which to store the 32 byte computed
secret key.
\param [in,out] outlen Pointer in which to store the length written to the
output buffer.
_Example_
\code
int ret;
byte sharedKey[32];
word32 keySz;
curve25519_key privKey, pubKey;
// initialize both keys
ret = wc_curve25519_shared_secret(&privKey, &pubKey, sharedKey, &keySz);
if (ret != 0) {
// error generating shared key
}
\endcode
\sa wc_curve25519_init
\sa wc_curve25519_make_key
\sa wc_curve25519_shared_secret_ex
*/
int wc_curve25519_shared_secret(curve25519_key* private_key,
curve25519_key* public_key,
byte* out, word32* outlen);
/*!
\ingroup Curve25519
\brief This function computes a shared secret key given a secret private
key and a received public key. It stores the generated secret key in the
buffer out and assigns the variable of the secret key to outlen. Supports
both big and little endian.
\return 0 Returned on successfully computing a shared secret key.
\return BAD_FUNC_ARG Returned if any of the input parameters passed in
are NULL.
\return ECC_BAD_ARG_E Returned if the first bit of the public key is set,
to avoid implementation fingerprinting.
\param [in] private_key Pointer to the curve25519_key structure initialized
with the users private key.
\param [in] public_key Pointer to the curve25519_key structure containing
the received public key.
\param [out] out Pointer to a buffer in which to store the 32 byte computed
secret key.
\param pin,out] outlen Pointer in which to store the length written to the
output buffer.
\param [in] endian EC25519_BIG_ENDIAN or EC25519_LITTLE_ENDIAN to set which
form to use.
_Example_
\code
int ret;
byte sharedKey[32];
word32 keySz;
curve25519_key privKey, pubKey;
// initialize both keys
ret = wc_curve25519_shared_secret_ex(&privKey, &pubKey, sharedKey, &keySz,
EC25519_BIG_ENDIAN);
if (ret != 0) {
// error generating shared key
}
\endcode
\sa wc_curve25519_init
\sa wc_curve25519_make_key
\sa wc_curve25519_shared_secret
*/
int wc_curve25519_shared_secret_ex(curve25519_key* private_key,
curve25519_key* public_key,
byte* out, word32* outlen, int endian);
/*!
\ingroup Curve25519
\brief This function initializes a Curve25519 key. It should be called
before generating a key for the structure.
\return 0 Returned on successfully initializing the curve25519_key
structure.
\return BAD_FUNC_ARG Returned when key is NULL.
\param [in,out] key Pointer to the curve25519_key structure to initialize.
_Example_
\code
curve25519_key key;
wc_curve25519_init(&key); // initialize key
// make key and proceed to encryption
\endcode
\sa wc_curve25519_make_key
*/
int wc_curve25519_init(curve25519_key* key);
/*!
\ingroup Curve25519
\brief This function frees a Curve25519 object.
\param [in,out] key Pointer to the key object to free.
_Example_
\code
curve25519_key privKey;
// initialize key, use it to generate shared secret key
wc_curve25519_free(&privKey);
\endcode
\sa wc_curve25519_init
\sa wc_curve25519_make_key
*/
void wc_curve25519_free(curve25519_key* key);
/*!
\ingroup Curve25519
\brief This function imports a curve25519 private key only. (Big endian).
\return 0 Returned on successfully importing private key.
\return BAD_FUNC_ARG Returns if key or priv is null.
\return ECC_BAD_ARG_E Returns if privSz is not equal to CURVE25519_KEY_SIZE.
\param [in] priv Pointer to a buffer containing the private key to import.
\param [in] privSz Length of the private key to import.
\param [in,out] key Pointer to the structure in which to store the imported
key.
_Example_
\code
int ret;
byte priv[] = { Contents of private key };
curve25519_key key;
wc_curve25519_init(&key);
ret = wc_curve25519_import_private(priv, sizeof(priv), &key);
if (ret != 0) {
// error importing keys
}
\endcode
\sa wc_curve25519_import_private_ex
\sa wc_curve25519_size
*/
int wc_curve25519_import_private(const byte* priv, word32 privSz,
curve25519_key* key);
/*!
\ingroup Curve25519
\brief curve25519 private key import only. (Big or Little endian).
\return 0 Returned on successfully importing private key.
\return BAD_FUNC_ARG Returns if key or priv is null.
\return ECC_BAD_ARG_E Returns if privSz is not equal to CURVE25519_KEY_SIZE.
\param [in] priv Pointer to a buffer containing the private key to import.
\param [in] privSz Length of the private key to import.
\param [in,out] key Pointer to the structure in which to store the imported
key.
\param [in] endian EC25519_BIG_ENDIAN or EC25519_LITTLE_ENDIAN to
set which form to use.
_Example_
\code
int ret;
byte priv[] = { // Contents of private key };
curve25519_key key;
wc_curve25519_init(&key);
ret = wc_curve25519_import_private_ex(priv, sizeof(priv), &key,
EC25519_BIG_ENDIAN);
if (ret != 0) {
// error importing keys
}
\endcode
\sa wc_curve25519_import_private
\sa wc_curve25519_size
*/
int wc_curve25519_import_private_ex(const byte* priv, word32 privSz,
curve25519_key* key, int endian);
/*!
\ingroup Curve25519
\brief This function imports a public-private key pair into a
curve25519_key structure. Big endian only.
\return 0 Returned on importing into the curve25519_key structure
\return BAD_FUNC_ARG Returns if any of the input parameters are null.
\return ECC_BAD_ARG_E Returned if the input keys key size does not match
the public or private key sizes.
\param [in] priv Pointer to a buffer containing the private key to import.
\param [in] privSz Length of the private key to import.
\param [in] pub Pointer to a buffer containing the public key to import.
\param [in] pubSz Length of the public key to import.
\param [in,out] key Pointer to the structure in which to store the imported
keys.
_Example_
\code
int ret;
byte priv[32];
byte pub[32];
// initialize with public and private keys
curve25519_key key;
wc_curve25519_init(&key);
// initialize key
ret = wc_curve25519_import_private_raw(&priv, sizeof(priv), pub,
sizeof(pub), &key);
if (ret != 0) {
// error importing keys
}
\endcode
\sa wc_curve25519_init
\sa wc_curve25519_make_key
\sa wc_curve25519_import_public
\sa wc_curve25519_export_private_raw
*/
int wc_curve25519_import_private_raw(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, curve25519_key* key);
/*!
\ingroup Curve25519
\brief This function imports a public-private key pair into a curve25519_key structure. Supports both big and little endian.
\return 0 Returned on importing into the curve25519_key structure
\return BAD_FUNC_ARG Returns if any of the input parameters are null.
\return ECC_BAD_ARG_E Returned if or the input keys key size does not match
the public or private key sizes
\param [in] priv Pointer to a buffer containing the private key to import.
\param [in] privSz Length of the private key to import.
\param [in] pub Pointer to a buffer containing the public key to import.
\param [in] pubSz Length of the public key to import.
\param [in,out] key Pointer to the structure in which to store the imported
keys.
\param [in] endian EC25519_BIG_ENDIAN or EC25519_LITTLE_ENDIAN to set
which form to use.
_Example_
\code
int ret;
byte priv[32];
byte pub[32];
// initialize with public and private keys
curve25519_key key;
wc_curve25519_init(&key);
// initialize key
ret = wc_curve25519_import_private_raw_ex(&priv, sizeof(priv), pub,
sizeof(pub), &key, EC25519_BIG_ENDIAN);
if (ret != 0) {
// error importing keys
}
\endcode
\sa wc_curve25519_init
\sa wc_curve25519_make_key
\sa wc_curve25519_import_public
\sa wc_curve25519_export_private_raw
\sa wc_curve25519_import_private_raw
*/
int wc_curve25519_import_private_raw_ex(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz,
curve25519_key* key, int endian);
/*!
\ingroup Curve25519
\brief This function exports a private key from a curve25519_key structure
and stores it in the given out buffer. It also sets outLen to be the size
of the exported key. Big Endian only.
\return 0 Returned on successfully exporting the private key from the
curve25519_key structure.
\return BAD_FUNC_ARG Returned if any input parameters are NULL.
\return ECC_BAD_ARG_E Returned if wc_curve25519_size() is not equal to key.
\param [in] key Pointer to the structure from which to export the key.
\param [out] out Pointer to the buffer in which to store the exported key.
\param [in,out] outLen On in, is the size of the out in bytes.
On out, will store the bytes written to the output buffer.
_Example_
\code
int ret;
byte priv[32];
int privSz;
curve25519_key key;
// initialize and make key
ret = wc_curve25519_export_private_raw(&key, priv, &privSz);
if (ret != 0) {
// error exporting key
}
\endcode
\sa wc_curve25519_init
\sa wc_curve25519_make_key
\sa wc_curve25519_import_private_raw
\sa wc_curve25519_export_private_raw_ex
*/
int wc_curve25519_export_private_raw(curve25519_key* key, byte* out,
word32* outLen);
/*!
\ingroup Curve25519
\brief This function exports a private key from a curve25519_key structure
and stores it in the given out buffer. It also sets outLen to be the size
of the exported key. Can specify whether it's big or little endian.
\return 0 Returned on successfully exporting the private key from the
curve25519_key structure.
\return BAD_FUNC_ARG Returned if any input parameters are NULL.
\return ECC_BAD_ARG_E Returned if wc_curve25519_size() is not equal to key.
\param [in] key Pointer to the structure from which to export the key.
\param [out] out Pointer to the buffer in which to store the exported key.
\param [in,out] outLen On in, is the size of the out in bytes.
On out, will store the bytes written to the output buffer.
\param [in] endian EC25519_BIG_ENDIAN or EC25519_LITTLE_ENDIAN to set which
form to use.
_Example_
\code
int ret;
byte priv[32];
int privSz;
curve25519_key key;
// initialize and make key
ret = wc_curve25519_export_private_raw_ex(&key, priv, &privSz,
EC25519_BIG_ENDIAN);
if (ret != 0) {
// error exporting key
}
\endcode
\sa wc_curve25519_init
\sa wc_curve25519_make_key
\sa wc_curve25519_import_private_raw
\sa wc_curve25519_export_private_raw
\sa wc_curve25519_size
*/
int wc_curve25519_export_private_raw_ex(curve25519_key* key, byte* out,
word32* outLen, int endian);
/*!
\ingroup Curve25519
\brief This function imports a public key from the given in buffer and
stores it in the curve25519_key structure.
\return 0 Returned on successfully importing the public key into the
curve25519_key structure.
\return ECC_BAD_ARG_E Returned if the inLen parameter does not match the key
size of the key structure.
\return BAD_FUNC_ARG Returned if any of the input parameters are NULL.
\param [in] in Pointer to the buffer containing the public key to import.
\param [in] inLen Length of the public key to import.
\param [in,out] key Pointer to the curve25519_key structure in which to
store the key.
_Example_
\code
int ret;
byte pub[32];
// initialize pub with public key
curve25519_key key;
// initialize key
ret = wc_curve25519_import_public(pub,sizeof(pub), &key);
if (ret != 0) {
// error importing key
}
\endcode
\sa wc_curve25519_init
\sa wc_curve25519_export_public
\sa wc_curve25519_import_private_raw
\sa wc_curve25519_import_public_ex
\sa wc_curve25519_check_public
\sa wc_curve25519_size
*/
int wc_curve25519_import_public(const byte* in, word32 inLen,
curve25519_key* key);
/*!
\ingroup Curve25519
\brief This function imports a public key from the given in buffer and
stores it in the curve25519_key structure.
\return 0 Returned on successfully importing the public key into the
curve25519_key structure.
\return ECC_BAD_ARG_E Returned if the inLen parameter does not match the
key size of the key structure.
\return BAD_FUNC_ARG Returned if any of the input parameters are NULL.
\param [in] in Pointer to the buffer containing the public key to import.
\param [in] inLen Length of the public key to import.
\param [in,out] key Pointer to the curve25519_key structure in which to
store the key.
\param [in] endian EC25519_BIG_ENDIAN or EC25519_LITTLE_ENDIAN to set which
form to use.
_Example_
\code
int ret;
byte pub[32];
// initialize pub with public key
curve25519_key key;
// initialize key
ret = wc_curve25519_import_public_ex(pub, sizeof(pub), &key,
EC25519_BIG_ENDIAN);
if (ret != 0) {
// error importing key
}
\endcode
\sa wc_curve25519_init
\sa wc_curve25519_export_public
\sa wc_curve25519_import_private_raw
\sa wc_curve25519_import_public
\sa wc_curve25519_check_public
\sa wc_curve25519_size
*/
int wc_curve25519_import_public_ex(const byte* in, word32 inLen,
curve25519_key* key, int endian);
/*!
\ingroup Curve25519
\brief This function checks that a public key buffer holds a valid
Curve25519 key value given the endian ordering.
\return 0 Returned when the public key value is valid.
\return ECC_BAD_ARG_E Returned if the public key value is not valid.
\return BAD_FUNC_ARG Returned if any of the input parameters are NULL.
\param [in] pub Pointer to the buffer containing the public key to check.
\param [in] pubLen Length of the public key to check.
\param [in] endian EC25519_BIG_ENDIAN or EC25519_LITTLE_ENDIAN to set which
form to use.
_Example_
\code
int ret;
byte pub[] = { Contents of public key };
ret = wc_curve25519_check_public_ex(pub, sizeof(pub), EC25519_BIG_ENDIAN);
if (ret != 0) {
// error importing key
}
\endcode
\sa wc_curve25519_init
\sa wc_curve25519_import_public
\sa wc_curve25519_import_public_ex
\sa wc_curve25519_size
*/
int wc_curve25519_check_public(const byte* pub, word32 pubSz, int endian);
/*!
\ingroup Curve25519
\brief This function exports a public key from the given key structure and
stores the result in the out buffer. Big endian only.
\return 0 Returned on successfully exporting the public key from the
curve25519_key structure.
\return ECC_BAD_ARG_E Returned if outLen is less than
CURVE25519_PUB_KEY_SIZE.
\return BAD_FUNC_ARG Returned if any of the input parameters are NULL.
\param [in] key Pointer to the curve25519_key structure in from which to
export the key.
\param [out] out Pointer to the buffer in which to store the public key.
\param [in,out] outLen On in, is the size of the out in bytes.
On out, will store the bytes written to the output buffer.
_Example_
\code
int ret;
byte pub[32];
int pubSz;
curve25519_key key;
// initialize and make key
ret = wc_curve25519_export_public(&key, pub, &pubSz);
if (ret != 0) {
// error exporting key
}
\endcode
\sa wc_curve25519_init
\sa wc_curve25519_export_private_raw
\sa wc_curve25519_import_public
*/
int wc_curve25519_export_public(curve25519_key* key, byte* out, word32* outLen);
/*!
\ingroup Curve25519
\brief This function exports a public key from the given key structure and
stores the result in the out buffer. Supports both big and little endian.
\return 0 Returned on successfully exporting the public key from the
curve25519_key structure.
\return ECC_BAD_ARG_E Returned if outLen is less than
CURVE25519_PUB_KEY_SIZE.
\return BAD_FUNC_ARG Returned if any of the input parameters are NULL.
\param [in] key Pointer to the curve25519_key structure in from which to
export the key.
\param [out] out Pointer to the buffer in which to store the public key.
\param [in,out] outLen On in, is the size of the out in bytes.
On out, will store the bytes written to the output buffer.
\param [in] endian EC25519_BIG_ENDIAN or EC25519_LITTLE_ENDIAN to set which
form to use.
_Example_
\code
int ret;
byte pub[32];
int pubSz;
curve25519_key key;
// initialize and make key
ret = wc_curve25519_export_public_ex(&key, pub, &pubSz, EC25519_BIG_ENDIAN);
if (ret != 0) {
// error exporting key
}
\endcode
\sa wc_curve25519_init
\sa wc_curve25519_export_private_raw
\sa wc_curve25519_import_public
*/
int wc_curve25519_export_public_ex(curve25519_key* key, byte* out,
word32* outLen, int endian);
/*!
\ingroup Curve25519
\brief Export Curve25519 key pair. Big endian only.
\return 0 Returned on successfully exporting the key pair from the
curve25519_key structure.
\return BAD_FUNC_ARG Returned if any input parameters are NULL.
\return ECC_BAD_ARG_E Returned if privSz is less than CURVE25519_KEY_SIZE or
pubSz is less than CURVE25519_PUB_KEY_SIZE.
\param [in] key Pointer to the curve448_key structure in from which to
export the key pair.
\param [out] priv Pointer to the buffer in which to store the private key.
\param [in,out] privSz On in, is the size of the priv buffer in bytes.
On out, will store the bytes written to the priv buffer.
\param [out] pub Pointer to the buffer in which to store the public key.
\param [in,out] pubSz On in, is the size of the pub buffer in bytes.
On out, will store the bytes written to the pub buffer.
_Example_
\code
int ret;
byte pub[32];
byte priv[32];
int pubSz;
int privSz;
curve25519_key key;
// initialize and make key
ret = wc_curve25519_export_key_raw(&key, priv, &privSz, pub, &pubSz);
if (ret != 0) {
// error exporting key
}
\endcode
\sa wc_curve25519_export_key_raw_ex
\sa wc_curve25519_export_private_raw
*/
int wc_curve25519_export_key_raw(curve25519_key* key,
byte* priv, word32 *privSz,
byte* pub, word32 *pubSz);
/*!
\ingroup Curve25519
\brief Export curve25519 key pair. Big or little endian.
\return 0 Returned on successfully exporting the key pair from the
curve25519_key structure.
\return BAD_FUNC_ARG Returned if any input parameters are NULL.
\return ECC_BAD_ARG_E Returned if privSz is less than CURVE25519_KEY_SIZE or
pubSz is less than CURVE25519_PUB_KEY_SIZE.
\param [in] key Pointer to the curve448_key structure in from which to
export the key pair.
\param [out] priv Pointer to the buffer in which to store the private key.
\param [in,out] privSz On in, is the size of the priv buffer in bytes.
On out, will store the bytes written to the priv buffer.
\param [out] pub Pointer to the buffer in which to store the public key.
\param [in,out] pubSz On in, is the size of the pub buffer in bytes.
On out, will store the bytes written to the pub buffer.
\param [in] endian EC25519_BIG_ENDIAN or EC25519_LITTLE_ENDIAN to set which
form to use.
_Example_
\code
int ret;
byte pub[32];
byte priv[32];
int pubSz;
int privSz;
curve25519_key key;
// initialize and make key
ret = wc_curve25519_export_key_raw_ex(&key,priv, &privSz, pub, &pubSz,
EC25519_BIG_ENDIAN);
if (ret != 0) {
// error exporting key
}
\endcode
\sa wc_curve25519_export_key_raw
\sa wc_curve25519_export_private_raw_ex
\sa wc_curve25519_export_public_ex
*/
int wc_curve25519_export_key_raw_ex(curve25519_key* key,
byte* priv, word32 *privSz,
byte* pub, word32 *pubSz,
int endian);
/*!
\ingroup Curve25519
\brief This function returns the key size of the given key structure.
\return Success Given a valid, initialized curve25519_key structure,
returns the size of the key.
\return 0 Returned if key is NULL
\param [in] key Pointer to the curve25519_key structure in for which to
determine the key size.
_Example_
\code
int keySz;
curve25519_key key;
// initialize and make key
keySz = wc_curve25519_size(&key);
\endcode
\sa wc_curve25519_init
\sa wc_curve25519_make_key
*/
int wc_curve25519_size(curve25519_key* key);

768
android/extern/wolfssl/doc/dox_comments/header_files/curve448.h vendored Normal file
View File

@@ -0,0 +1,768 @@
/*!
\ingroup Curve448
\brief This function generates a Curve448 key using the given random
number generator, rng, of the size given (keysize), and stores it in
the given curve448_key structure. It should be called after the key
structure has been initialized through wc_curve448_init().
\return 0 Returned on successfully generating the key and and storing
it in the given curve448_key structure.
\return ECC_BAD_ARG_E Returned if the input keysize does not correspond to
the keysize for a curve448 key (56 bytes).
\return RNG_FAILURE_E Returned if the rng internal status is not
DRBG_OK or if there is in generating the next random block with rng.
\return BAD_FUNC_ARG Returned if any of the input parameters passed in
are NULL.
\param [in] rng Pointer to the RNG object used to generate the ecc key.
\param [in] keysize Size of the key to generate. Must be 56 bytes for
curve448.
\param [in,out] key Pointer to the curve448_key structure in which to
store the generated key.
_Example_
\code
int ret;
curve448_key key;
wc_curve448_init(&key); // initialize key
WC_RNG rng;
wc_InitRng(&rng); // initialize random number generator
ret = wc_curve448_make_key(&rng, 56, &key);
if (ret != 0) {
// error making Curve448 key
}
\endcode
\sa wc_curve448_init
*/
int wc_curve448_make_key(WC_RNG* rng, int keysize, curve448_key* key);
/*!
\ingroup Curve448
\brief This function computes a shared secret key given a secret private
key and a received public key. It stores the generated secret key in the
buffer out and assigns the variable of the secret key to outlen. Only
supports big endian.
\return 0 Returned on successfully computing a shared secret key
\return BAD_FUNC_ARG Returned if any of the input parameters passed in
are NULL
\param [in] private_key Pointer to the curve448_key structure initialized
with the users private key.
\param [in] public_key Pointer to the curve448_key structure containing
the received public key.
\param [out] out Pointer to a buffer in which to store the 56 byte computed
secret key.
\param [in,out] outlen Pointer in which to store the length written to the
output buffer.
_Example_
\code
int ret;
byte sharedKey[56];
word32 keySz;
curve448_key privKey, pubKey;
// initialize both keys
ret = wc_curve448_shared_secret(&privKey, &pubKey, sharedKey, &keySz);
if (ret != 0) {
// error generating shared key
}
\endcode
\sa wc_curve448_init
\sa wc_curve448_make_key
\sa wc_curve448_shared_secret_ex
*/
int wc_curve448_shared_secret(curve448_key* private_key,
curve448_key* public_key,
byte* out, word32* outlen);
/*!
\ingroup Curve448
\brief This function computes a shared secret key given a secret private
key and a received public key. It stores the generated secret key in the
buffer out and assigns the variable of the secret key to outlen. Supports
both big and little endian.
\return 0 Returned on successfully computing a shared secret key.
\return BAD_FUNC_ARG Returned if any of the input parameters passed in
are NULL.
\param [in] private_key Pointer to the curve448_key structure initialized
with the users private key.
\param [in] public_key Pointer to the curve448_key structure containing
the received public key.
\param [out] out Pointer to a buffer in which to store the 56 byte computed
secret key.
\param [in,out] outlen Pointer in which to store the length written to the
output buffer.
\param [in] endian EC448_BIG_ENDIAN or EC448_LITTLE_ENDIAN to set which
form to use.
_Example_
\code
int ret;
byte sharedKey[56];
word32 keySz;
curve448_key privKey, pubKey;
// initialize both keys
ret = wc_curve448_shared_secret_ex(&privKey, &pubKey, sharedKey, &keySz,
EC448_BIG_ENDIAN);
if (ret != 0) {
// error generating shared key
}
\endcode
\sa wc_curve448_init
\sa wc_curve448_make_key
\sa wc_curve448_shared_secret
*/
int wc_curve448_shared_secret_ex(curve448_key* private_key,
curve448_key* public_key,
byte* out, word32* outlen, int endian);
/*!
\ingroup Curve448
\brief This function initializes a Curve448 key. It should be called
before generating a key for the structure.
\return 0 Returned on successfully initializing the curve448_key structure.
\return BAD_FUNC_ARG Returned when key is NULL.
\param [in,out] key Pointer to the curve448_key structure to initialize.
_Example_
\code
curve448_key key;
wc_curve448_init(&key); // initialize key
// make key and proceed to encryption
\endcode
\sa wc_curve448_make_key
*/
int wc_curve448_init(curve448_key* key);
/*!
\ingroup Curve448
\brief This function frees a Curve448 object.
\param [in,out] key Pointer to the key object to free.
_Example_
\code
curve448_key privKey;
// initialize key, use it to generate shared secret key
wc_curve448_free(&privKey);
\endcode
\sa wc_curve448_init
\sa wc_curve448_make_key
*/
void wc_curve448_free(curve448_key* key);
/*!
\ingroup Curve448
\brief This function imports a curve448 private key only. (Big endian).
\return 0 Returned on successfully importing private key.
\return BAD_FUNC_ARG Returns if key or priv is null.
\return ECC_BAD_ARG_E Returns if privSz is not equal to CURVE448_KEY_SIZE.
\param [in] priv Pointer to a buffer containing the private key to import.
\param [in] privSz Length of the private key to import.
\param [in,out] key Pointer to the structure in which to store the imported
key.
_Example_
\code
int ret;
byte priv[] = { Contents of private key };
curve448_key key;
wc_curve448_init(&key);
ret = wc_curve448_import_private(priv, sizeof(priv), &key);
if (ret != 0) {
// error importing key
}
\endcode
\sa wc_curve448_import_private_ex
\sa wc_curve448_size
*/
int wc_curve448_import_private(const byte* priv, word32 privSz,
curve448_key* key);
/*!
\ingroup Curve448
\brief curve448 private key import only. (Big or Little endian).
\return 0 Returned on successfully importing private key.
\return BAD_FUNC_ARG Returns if key or priv is null.
\return ECC_BAD_ARG_E Returns if privSz is not equal to CURVE448_KEY_SIZE.
\param [in] priv Pointer to a buffer containing the private key to import.
\param [in] privSz Length of the private key to import.
\param [in,out] key Pointer to the structure in which to store the imported
key.
\param [in] endian EC448_BIG_ENDIAN or EC448_LITTLE_ENDIAN to
set which form to use.
_Example_
\code
int ret;
byte priv[] = { // Contents of private key };
curve448_key key;
wc_curve448_init(&key);
ret = wc_curve448_import_private_ex(priv, sizeof(priv), &key,
EC448_BIG_ENDIAN);
if (ret != 0) {
// error importing key
}
\endcode
\sa wc_curve448_import_private
\sa wc_curve448_size
*/
int wc_curve448_import_private_ex(const byte* priv, word32 privSz,
curve448_key* key, int endian);
/*!
\ingroup Curve448
\brief This function imports a public-private key pair into a
curve448_key structure. Big endian only.
\return 0 Returned on importing into the curve448_key structure.
\return BAD_FUNC_ARG Returns if any of the input parameters are null.
\return ECC_BAD_ARG_E Returned if the input keys key size does not match
the public or private key sizes.
\param [in] priv Pointer to a buffer containing the private key to import.
\param [in] privSz Length of the private key to import.
\param [in] pub Pointer to a buffer containing the public key to import.
\param [in] pubSz Length of the public key to import.
\param [in,out] key Pointer to the structure in which to store the imported
keys
_Example_
\code
int ret;
byte priv[56];
byte pub[56];
// initialize with public and private keys
curve448_key key;
wc_curve448_init(&key);
// initialize key
ret = wc_curve448_import_private_raw(&priv, sizeof(priv), pub, sizeof(pub),
&key);
if (ret != 0) {
// error importing keys
}
\endcode
\sa wc_curve448_init
\sa wc_curve448_make_key
\sa wc_curve448_import_public
\sa wc_curve448_export_private_raw
*/
int wc_curve448_import_private_raw(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, curve448_key* key);
/*!
\ingroup Curve448
\brief This function imports a public-private key pair into a curve448_key structure. Supports both big and little endian.
\return 0 Returned on importing into the curve448_key structure.
\return BAD_FUNC_ARG Returns if any of the input parameters are null.
\return ECC_BAD_ARG_E Returned if the input keys key size does not match
the public or private key sizes.
\param [in] priv Pointer to a buffer containing the private key to import.
\param [in] privSz Length of the private key to import.
\param [in] pub Pointer to a buffer containing the public key to import.
\param [in] pubSz Length of the public key to import.
\param [in,out] key Pointer to the structure in which to store the imported
keys.
\param [in] endian EC448_BIG_ENDIAN or EC448_LITTLE_ENDIAN to set
which form to use.
_Example_
\code
int ret;
byte priv[56];
byte pub[56];
// initialize with public and private keys
curve448_key key;
wc_curve448_init(&key);
// initialize key
ret = wc_curve448_import_private_raw_ex(&priv, sizeof(priv), pub,
sizeof(pub), &key, EC448_BIG_ENDIAN);
if (ret != 0) {
// error importing keys
}
\endcode
\sa wc_curve448_init
\sa wc_curve448_make_key
\sa wc_curve448_import_public
\sa wc_curve448_export_private_raw
\sa wc_curve448_import_private_raw
*/
int wc_curve448_import_private_raw_ex(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz,
curve448_key* key, int endian);
/*!
\ingroup Curve448
\brief This function exports a private key from a curve448_key structure
and stores it in the given out buffer. It also sets outLen to be the size
of the exported key. Big Endian only.
\return 0 Returned on successfully exporting the private key from the
curve448_key structure.
\return BAD_FUNC_ARG Returned if any input parameters are NULL.
\return ECC_BAD_ARG_E Returned if wc_curve448_size() is not equal to key.
\param [in] key Pointer to the structure from which to export the key.
\param [out] out Pointer to the buffer in which to store the exported key.
\param [in,out] outLen On in, is the size of the out in bytes.
On out, will store the bytes written to the output buffer.
_Example_
\code
int ret;
byte priv[56];
int privSz;
curve448_key key;
// initialize and make key
ret = wc_curve448_export_private_raw(&key, priv, &privSz);
if (ret != 0) {
// error exporting key
}
\endcode
\sa wc_curve448_init
\sa wc_curve448_make_key
\sa wc_curve448_import_private_raw
\sa wc_curve448_export_private_raw_ex
*/
int wc_curve448_export_private_raw(curve448_key* key, byte* out,
word32* outLen);
/*!
\ingroup Curve448
\brief This function exports a private key from a curve448_key structure
and stores it in the given out buffer. It also sets outLen to be the size
of the exported key. Can specify whether it's big or little endian.
\return 0 Returned on successfully exporting the private key from the
curve448_key structure.
\return BAD_FUNC_ARG Returned if any input parameters are NULL.
\return ECC_BAD_ARG_E Returned if wc_curve448_size() is not equal to key.
\param [in] key Pointer to the structure from which to export the key.
\param [out] out Pointer to the buffer in which to store the exported key.
\param [in,out] outLen On in, is the size of the out in bytes.
On out, will store the bytes written to the output buffer.
\param [in] endian EC448_BIG_ENDIAN or EC448_LITTLE_ENDIAN to set which
form to use.
_Example_
\code
int ret;
byte priv[56];
int privSz;
curve448_key key;
// initialize and make key
ret = wc_curve448_export_private_raw_ex(&key, priv, &privSz,
EC448_BIG_ENDIAN);
if (ret != 0) {
// error exporting key
}
\endcode
\sa wc_curve448_init
\sa wc_curve448_make_key
\sa wc_curve448_import_private_raw
\sa wc_curve448_export_private_raw
\sa wc_curve448_size
*/
int wc_curve448_export_private_raw_ex(curve448_key* key, byte* out,
word32* outLen, int endian);
/*!
\ingroup Curve448
\brief This function imports a public key from the given in buffer and
stores it in the curve448_key structure.
\return 0 Returned on successfully importing the public key into the
curve448_key structure.
\return ECC_BAD_ARG_E Returned if the inLen parameter does not match the key
size of the key structure.
\return BAD_FUNC_ARG Returned if any of the input parameters are NULL.
\param [in] in Pointer to the buffer containing the public key to import.
\param [in] inLen Length of the public key to import.
\param [in,out] key Pointer to the curve448_key structure in which to store
the key.
_Example_
\code
int ret;
byte pub[56];
// initialize pub with public key
curve448_key key;
// initialize key
ret = wc_curve448_import_public(pub,sizeof(pub), &key);
if (ret != 0) {
// error importing key
}
\endcode
\sa wc_curve448_init
\sa wc_curve448_export_public
\sa wc_curve448_import_private_raw
\sa wc_curve448_import_public_ex
\sa wc_curve448_check_public
\sa wc_curve448_size
*/
int wc_curve448_import_public(const byte* in, word32 inLen,
curve448_key* key);
/*!
\ingroup Curve448
\brief This function imports a public key from the given in buffer and
stores it in the curve448_key structure.
\return 0 Returned on successfully importing the public key into the
curve448_key structure.
\return ECC_BAD_ARG_E Returned if the inLen parameter does not match the
key size of the key structure.
\return BAD_FUNC_ARG Returned if any of the input parameters are NULL.
\param [in] in Pointer to the buffer containing the public key to import.
\param [in] inLen Length of the public key to import.
\param [in,out] key Pointer to the curve448_key structure in which to store
the key.
\param [in] endian EC448_BIG_ENDIAN or EC448_LITTLE_ENDIAN to set which
form to use.
_Example_
\code
int ret;
byte pub[56];
// initialize pub with public key
curve448_key key;
// initialize key
ret = wc_curve448_import_public_ex(pub, sizeof(pub), &key,
EC448_BIG_ENDIAN);
if (ret != 0) {
// error importing key
}
\endcode
\sa wc_curve448_init
\sa wc_curve448_export_public
\sa wc_curve448_import_private_raw
\sa wc_curve448_import_public
\sa wc_curve448_check_public
\sa wc_curve448_size
*/
int wc_curve448_import_public_ex(const byte* in, word32 inLen,
curve448_key* key, int endian);
/*!
\ingroup Curve448
\brief This function checks that a public key buffer holds a valid
Curve448 key value given the endian ordering.
\return 0 Returned when the public key value is valid.
\return ECC_BAD_ARG_E Returned if the public key value is not valid.
\return BAD_FUNC_ARG Returned if any of the input parameters are NULL.
\param [in] pub Pointer to the buffer containing the public key to check.
\param [in] pubLen Length of the public key to check.
\param [in] endian EC448_BIG_ENDIAN or EC448_LITTLE_ENDIAN to set which
form to use.
_Example_
\code
int ret;
byte pub[] = { Contents of public key };
ret = wc_curve448_check_public_ex(pub, sizeof(pub), EC448_BIG_ENDIAN);
if (ret != 0) {
// error importing key
}
\endcode
\sa wc_curve448_init
\sa wc_curve448_import_public
\sa wc_curve448_import_public_ex
\sa wc_curve448_size
*/
int wc_curve448_check_public(const byte* pub, word32 pubSz, int endian);
/*!
\ingroup Curve448
\brief This function exports a public key from the given key structure and
stores the result in the out buffer. Big endian only.
\return 0 Returned on successfully exporting the public key from the
curve448_key structure.
\return ECC_BAD_ARG_E Returned if outLen is less than CURVE448_PUB_KEY_SIZE.
\return BAD_FUNC_ARG Returned if any of the input parameters are NULL.
\param [in] key Pointer to the curve448_key structure in from which to
export the key.
\param [out] out Pointer to the buffer in which to store the public key.
\param [in,out] outLen On in, is the size of the out in bytes.
On out, will store the bytes written to the output buffer.
_Example_
\code
int ret;
byte pub[56];
int pubSz;
curve448_key key;
// initialize and make key
ret = wc_curve448_export_public(&key, pub, &pubSz);
if (ret != 0) {
// error exporting key
}
\endcode
\sa wc_curve448_init
\sa wc_curve448_export_private_raw
\sa wc_curve448_import_public
*/
int wc_curve448_export_public(curve448_key* key, byte* out, word32* outLen);
/*!
\ingroup Curve448
\brief This function exports a public key from the given key structure and
stores the result in the out buffer. Supports both big and little endian.
\return 0 Returned on successfully exporting the public key from the
curve448_key structure.
\return ECC_BAD_ARG_E Returned if outLen is less than CURVE448_PUB_KEY_SIZE.
\return BAD_FUNC_ARG Returned if any of the input parameters are NULL.
\param [in] key Pointer to the curve448_key structure in from which to
export the key.
\param [out] out Pointer to the buffer in which to store the public key.
\param [in,out] outLen On in, is the size of the out in bytes.
On out, will store the bytes written to the output buffer.
\param [in] endian EC448_BIG_ENDIAN or EC448_LITTLE_ENDIAN to set which
form to use.
_Example_
\code
int ret;
byte pub[56];
int pubSz;
curve448_key key;
// initialize and make key
ret = wc_curve448_export_public_ex(&key, pub, &pubSz, EC448_BIG_ENDIAN);
if (ret != 0) {
// error exporting key
}
\endcode
\sa wc_curve448_init
\sa wc_curve448_export_private_raw
\sa wc_curve448_import_public
*/
int wc_curve448_export_public_ex(curve448_key* key, byte* out,
word32* outLen, int endian);
/*!
\ingroup Curve448
\brief This function exports a key pair from the given key structure and
stores the result in the out buffer. Big endian only.
\return 0 Returned on successfully exporting the key pair from the
curve448_key structure.
\return BAD_FUNC_ARG Returned if any input parameters are NULL.
\return ECC_BAD_ARG_E Returned if privSz is less than CURVE448_KEY_SIZE or
pubSz is less than CURVE448_PUB_KEY_SIZE.
\param [in] key Pointer to the curve448_key structure in from which to
export the key pair.
\param [out] priv Pointer to the buffer in which to store the private key.
\param [in,out] privSz On in, is the size of the priv buffer in bytes.
On out, will store the bytes written to the priv buffer.
\param [out] pub Pointer to the buffer in which to store the public key.
\param [in,out] pubSz On in, is the size of the pub buffer in bytes.
On out, will store the bytes written to the pub buffer.
_Example_
\code
int ret;
byte pub[56];
byte priv[56];
int pubSz;
int privSz;
curve448_key key;
// initialize and make key
ret = wc_curve448_export_key_raw(&key, priv, &privSz, pub, &pubSz);
if (ret != 0) {
// error exporting key
}
\endcode
\sa wc_curve448_export_key_raw_ex
\sa wc_curve448_export_private_raw
*/
int wc_curve448_export_key_raw(curve448_key* key,
byte* priv, word32 *privSz,
byte* pub, word32 *pubSz);
/*!
\ingroup Curve448
\brief Export curve448 key pair. Big or little endian.
\brief This function exports a key pair from the given key structure and
stores the result in the out buffer. Big or little endian.
\return 0 Success
\return BAD_FUNC_ARG Returned if any input parameters are NULL.
\return ECC_BAD_ARG_E Returned if privSz is less than CURVE448_KEY_SIZE or
pubSz is less than CURVE448_PUB_KEY_SIZE.
\param [in] key Pointer to the curve448_key structure in from which to
export the key pair.
\param [out] priv Pointer to the buffer in which to store the private key.
\param [in,out] privSz On in, is the size of the priv buffer in bytes.
On out, will store the bytes written to the priv buffer.
\param [out] pub Pointer to the buffer in which to store the public key.
\param [in,out] pubSz On in, is the size of the pub buffer in bytes.
On out, will store the bytes written to the pub buffer.
\param [in] endian EC448_BIG_ENDIAN or EC448_LITTLE_ENDIAN to set which
form to use.
_Example_
\code
int ret;
byte pub[56];
byte priv[56];
int pubSz;
int privSz;
curve448_key key;
// initialize and make key
ret = wc_curve448_export_key_raw_ex(&key,priv, &privSz, pub, &pubSz,
EC448_BIG_ENDIAN);
if (ret != 0) {
// error exporting key
}
\endcode
\sa wc_curve448_export_key_raw
\sa wc_curve448_export_private_raw_ex
\sa wc_curve448_export_public_ex
*/
int wc_curve448_export_key_raw_ex(curve448_key* key,
byte* priv, word32 *privSz,
byte* pub, word32 *pubSz,
int endian);
/*!
\ingroup Curve448
\brief This function returns the key size of the given key structure.
\return Success Given a valid, initialized curve448_key structure,
returns the size of the key.
\return 0 Returned if key is NULL.
\param [in] key Pointer to the curve448_key structure in for which to
determine the key size.
_Example_
\code
int keySz;
curve448_key key;
// initialize and make key
keySz = wc_curve448_size(&key);
\endcode
\sa wc_curve448_init
\sa wc_curve448_make_key
*/
int wc_curve448_size(curve448_key* key);

332
android/extern/wolfssl/doc/dox_comments/header_files/des3.h vendored Normal file
View File

@@ -0,0 +1,332 @@
/*!
\ingroup 3DES
\brief This function sets the key and initialization vector (iv) for the
Des structure given as argument. It also initializes and allocates space
for the buffers needed for encryption and decryption, if these have not
yet been initialized. Note: If no iv is provided (i.e. iv == NULL)
the initialization vector defaults to an iv of 0.
\return 0 On successfully setting the key and initialization vector for
the Des structure
\param des pointer to the Des structure to initialize
\param key pointer to the buffer containing the 8 byte key with which to
initialize the Des structure
\param iv pointer to the buffer containing the 8 byte iv with which to
initialize the Des structure. If this is not provided, the iv defaults to 0
\param dir direction of encryption. Valid options are: DES_ENCRYPTION,
and DES_DECRYPTION
_Example_
\code
Des enc; // Des structure used for encryption
int ret;
byte key[] = { // initialize with 8 byte key };
byte iv[] = { // initialize with 8 byte iv };
ret = wc_Des_SetKey(&des, key, iv, DES_ENCRYPTION);
if (ret != 0) {
// error initializing des structure
}
\endcode
\sa wc_Des_SetIV
\sa wc_Des3_SetKey
*/
int wc_Des_SetKey(Des* des, const byte* key,
const byte* iv, int dir);
/*!
\ingroup 3DES
\brief This function sets the initialization vector (iv) for the Des
structure given as argument. When passed a NULL iv, it sets the
initialization vector to 0.
\return none No returns.
\param des pointer to the Des structure for which to set the iv
\param iv pointer to the buffer containing the 8 byte iv with which to
initialize the Des structure. If this is not provided, the iv defaults to 0
_Example_
\code
Des enc; // Des structure used for encryption
// initialize enc with wc_Des_SetKey
byte iv[] = { // initialize with 8 byte iv };
wc_Des_SetIV(&enc, iv);
}
\endcode
\sa wc_Des_SetKey
*/
void wc_Des_SetIV(Des* des, const byte* iv);
/*!
\ingroup 3DES
\brief This function encrypts the input message, in, and stores the result
in the output buffer, out. It uses DES encryption with cipher block
chaining (CBC) mode.
\return 0 Returned upon successfully encrypting the given input message
\param des pointer to the Des structure to use for encryption
\param out pointer to the buffer in which to store the encrypted ciphertext
\param in pointer to the input buffer containing the message to encrypt
\param sz length of the message to encrypt
_Example_
\code
Des enc; // Des structure used for encryption
// initialize enc with wc_Des_SetKey, use mode DES_ENCRYPTION
byte plain[] = { // initialize with message };
byte cipher[sizeof(plain)];
if ( wc_Des_CbcEncrypt(&enc, cipher, plain, sizeof(plain)) != 0) {
// error encrypting message
}
\endcode
\sa wc_Des_SetKey
\sa wc_Des_CbcDecrypt
*/
int wc_Des_CbcEncrypt(Des* des, byte* out,
const byte* in, word32 sz);
/*!
\ingroup 3DES
\brief This function decrypts the input ciphertext, in, and stores the
resulting plaintext in the output buffer, out. It uses DES encryption
with cipher block chaining (CBC) mode.
\return 0 Returned upon successfully decrypting the given ciphertext
\param des pointer to the Des structure to use for decryption
\param out pointer to the buffer in which to store the decrypted plaintext
\param in pointer to the input buffer containing the encrypted ciphertext
\param sz length of the ciphertext to decrypt
_Example_
\code
Des dec; // Des structure used for decryption
// initialize dec with wc_Des_SetKey, use mode DES_DECRYPTION
byte cipher[] = { // initialize with ciphertext };
byte decoded[sizeof(cipher)];
if ( wc_Des_CbcDecrypt(&dec, decoded, cipher, sizeof(cipher)) != 0) {
// error decrypting message
}
\endcode
\sa wc_Des_SetKey
\sa wc_Des_CbcEncrypt
*/
int wc_Des_CbcDecrypt(Des* des, byte* out,
const byte* in, word32 sz);
/*!
\ingroup 3DES
\brief This function encrypts the input message, in, and stores the result
in the output buffer, out. It uses Des encryption with Electronic
Codebook (ECB) mode.
\return 0: Returned upon successfully encrypting the given plaintext.
\param des pointer to the Des structure to use for encryption
\param out pointer to the buffer in which to store the encrypted message
\param in pointer to the input buffer containing the plaintext to encrypt
\param sz length of the plaintext to encrypt
_Example_
\code
Des enc; // Des structure used for encryption
// initialize enc with wc_Des_SetKey, use mode DES_ENCRYPTION
byte plain[] = { // initialize with message to encrypt };
byte cipher[sizeof(plain)];
if ( wc_Des_EcbEncrypt(&enc,cipher, plain, sizeof(plain)) != 0) {
// error encrypting message
}
\endcode
\sa wc_Des_SetKe
*/
int wc_Des_EcbEncrypt(Des* des, byte* out,
const byte* in, word32 sz);
/*!
\ingroup 3DES
\brief This function encrypts the input message, in, and stores the
result in the output buffer, out. It uses Des3 encryption with
Electronic Codebook (ECB) mode. Warning: In nearly all use cases ECB
mode is considered to be less secure. Please avoid using ECB APIs
directly whenever possible.
\return 0 Returned upon successfully encrypting the given plaintext
\param des3 pointer to the Des3 structure to use for encryption
\param out pointer to the buffer in which to store the encrypted message
\param in pointer to the input buffer containing the plaintext to encrypt
\param sz length of the plaintext to encrypt
_Example_
\code
Des3 enc; // Des3 structure used for encryption
// initialize enc with wc_Des3_SetKey, use mode DES_ENCRYPTION
byte plain[] = { // initialize with message to encrypt };
byte cipher[sizeof(plain)];
if ( wc_Des3_EcbEncrypt(&enc,cipher, plain, sizeof(plain)) != 0) {
// error encrypting message
}
\endcode
\sa wc_Des3_SetKey
*/
int wc_Des3_EcbEncrypt(Des3* des, byte* out,
const byte* in, word32 sz);
/*!
\ingroup 3DES
\brief This function sets the key and initialization vector (iv) for
the Des3 structure given as argument. It also initializes and allocates
space for the buffers needed for encryption and decryption, if these
have not yet been initialized. Note: If no iv is provided (i.e. iv ==
NULL) the initialization vector defaults to an iv of 0.
\return 0 On successfully setting the key and initialization vector
for the Des structure
\param des3 pointer to the Des3 structure to initialize
\param key pointer to the buffer containing the 24 byte key with which
to initialize the Des3 structure
\param iv pointer to the buffer containing the 8 byte iv with which to
initialize the Des3 structure. If this is not provided, the iv defaults
to 0
\param dir direction of encryption. Valid options are: DES_ENCRYPTION,
and DES_DECRYPTION
_Example_
\code
Des3 enc; // Des3 structure used for encryption
int ret;
byte key[] = { // initialize with 24 byte key };
byte iv[] = { // initialize with 8 byte iv };
ret = wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION);
if (ret != 0) {
// error initializing des structure
}
\endcode
\sa wc_Des3_SetIV
\sa wc_Des3_CbcEncrypt
\sa wc_Des3_CbcDecrypt
*/
int wc_Des3_SetKey(Des3* des, const byte* key,
const byte* iv,int dir);
/*!
\ingroup 3DES
\brief This function sets the initialization vector (iv) for the Des3
structure given as argument. When passed a NULL iv, it sets the
initialization vector to 0.
\return none No returns.
\param des pointer to the Des3 structure for which to set the iv
\param iv pointer to the buffer containing the 8 byte iv with which to
initialize the Des3 structure. If this is not provided, the iv
defaults to 0
_Example_
\code
Des3 enc; // Des3 structure used for encryption
// initialize enc with wc_Des3_SetKey
byte iv[] = { // initialize with 8 byte iv };
wc_Des3_SetIV(&enc, iv);
}
\endcode
\sa wc_Des3_SetKey
*/
int wc_Des3_SetIV(Des3* des, const byte* iv);
/*!
\ingroup 3DES
\brief This function encrypts the input message, in, and stores the
result in the output buffer, out. It uses Triple Des (3DES) encryption
with cipher block chaining (CBC) mode.
\return 0 Returned upon successfully encrypting the given input message
\param des pointer to the Des3 structure to use for encryption
\param out pointer to the buffer in which to store the encrypted ciphertext
\param in pointer to the input buffer containing the message to encrypt
\param sz length of the message to encrypt
_Example_
\code
Des3 enc; // Des3 structure used for encryption
// initialize enc with wc_Des3_SetKey, use mode DES_ENCRYPTION
byte plain[] = { // initialize with message };
byte cipher[sizeof(plain)];
if ( wc_Des3_CbcEncrypt(&enc, cipher, plain, sizeof(plain)) != 0) {
// error encrypting message
}
\endcode
\sa wc_Des3_SetKey
\sa wc_Des3_CbcDecrypt
*/
int wc_Des3_CbcEncrypt(Des3* des, byte* out,
const byte* in,word32 sz);
/*!
\ingroup 3DES
\brief This function decrypts the input ciphertext, in, and stores the
resulting plaintext in the output buffer, out. It uses Triple Des (3DES)
encryption with cipher block chaining (CBC) mode.
\return 0 Returned upon successfully decrypting the given ciphertext
\param des pointer to the Des3 structure to use for decryption
\param out pointer to the buffer in which to store the decrypted plaintext
\param in pointer to the input buffer containing the encrypted ciphertext
\param sz length of the ciphertext to decrypt
_Example_
\code
Des3 dec; // Des structure used for decryption
// initialize dec with wc_Des3_SetKey, use mode DES_DECRYPTION
byte cipher[] = { // initialize with ciphertext };
byte decoded[sizeof(cipher)];
if ( wc_Des3_CbcDecrypt(&dec, decoded, cipher, sizeof(cipher)) != 0) {
// error decrypting message
}
\endcode
\sa wc_Des3_SetKey
\sa wc_Des3_CbcEncrypt
*/
int wc_Des3_CbcDecrypt(Des3* des, byte* out,
const byte* in,word32 sz);

400
android/extern/wolfssl/doc/dox_comments/header_files/dh.h vendored Normal file
View File

@@ -0,0 +1,400 @@
/*!
\ingroup Diffie-Hellman
\brief This function initializes a Diffie-Hellman key for use in
negotiating a secure secret key with the Diffie-Hellman exchange protocol.
\return none No returns.
\param key pointer to the DhKey structure to initialize for use with
secure key exchanges
_Example_
\code
DhKey key;
wc_InitDhKey(&key); // initialize DH key
\endcode
\sa wc_FreeDhKey
\sa wc_DhGenerateKeyPair
*/
int wc_InitDhKey(DhKey* key);
/*!
\ingroup Diffie-Hellman
\brief This function frees a Diffie-Hellman key after it has been used to
negotiate a secure secret key with the Diffie-Hellman exchange protocol.
\return none No returns.
\param key pointer to the DhKey structure to free
_Example_
\code
DhKey key;
// initialize key, perform key exchange
wc_FreeDhKey(&key); // free DH key to avoid memory leaks
\endcode
\sa wc_InitDhKey
*/
void wc_FreeDhKey(DhKey* key);
/*!
\ingroup Diffie-Hellman
\brief This function generates a public/private key pair based on the
Diffie-Hellman public parameters, storing the private key in priv and the
public key in pub. It takes an initialized Diffie-Hellman key and an
initialized rng structure.
\return BAD_FUNC_ARG Returned if there is an error parsing one of the
inputs to this function
\return RNG_FAILURE_E Returned if there is an error generating a random
number using rng
\return MP_INIT_E May be returned if there is an error in the math library
while generating the public key
\return MP_READ_E May be returned if there is an error in the math library
while generating the public key
\return MP_EXPTMOD_E May be returned if there is an error in the math
library while generating the public key
\return MP_TO_E May be returned if there is an error in the math library
while generating the public key
\param key pointer to the DhKey structure from which to generate
the key pair
\param rng pointer to an initialized random number generator (rng) with
which to generate the keys
\param priv pointer to a buffer in which to store the private key
\param privSz will store the size of the private key written to priv
\param pub pointer to a buffer in which to store the public key
\param pubSz will store the size of the private key written to pub
_Example_
\code
DhKey key;
int ret;
byte priv[256];
byte pub[256];
word32 privSz, pubSz;
wc_InitDhKey(&key); // initialize key
// Set DH parameters using wc_DhSetKey or wc_DhKeyDecode
WC_RNG rng;
wc_InitRng(&rng); // initialize rng
ret = wc_DhGenerateKeyPair(&key, &rng, priv, &privSz, pub, &pubSz);
\endcode
\sa wc_InitDhKey
\sa wc_DhSetKey
\sa wc_DhKeyDecode
*/
int wc_DhGenerateKeyPair(DhKey* key, WC_RNG* rng, byte* priv,
word32* privSz, byte* pub, word32* pubSz);
/*!
\ingroup Diffie-Hellman
\brief This function generates an agreed upon secret key based on a local
private key and a received public key. If completed on both sides of an
exchange, this function generates an agreed upon secret key for symmetric
communication. On successfully generating a shared secret key, the size of
the secret key written will be stored in agreeSz.
\return 0 Returned on successfully generating an agreed upon secret key
\return MP_INIT_E May be returned if there is an error while generating
the shared secret key
\return MP_READ_E May be returned if there is an error while generating
the shared secret key
\return MP_EXPTMOD_E May be returned if there is an error while generating
the shared secret key
\return MP_TO_E May be returned if there is an error while generating the
shared secret key
\param key pointer to the DhKey structure to use to compute the shared key
\param agree pointer to the buffer in which to store the secret key
\param agreeSz will hold the size of the secret key after
successful generation
\param priv pointer to the buffer containing the local secret key
\param privSz size of the local secret key
\param otherPub pointer to a buffer containing the received public key
\param pubSz size of the received public key
_Example_
\code
DhKey key;
int ret;
byte priv[256];
byte agree[256];
word32 agreeSz;
// initialize key, set key prime and base
// wc_DhGenerateKeyPair -- store private key in priv
byte pub[] = { // initialized with the received public key };
ret = wc_DhAgree(&key, agree, &agreeSz, priv, sizeof(priv), pub,
sizeof(pub));
if ( ret != 0 ) {
// error generating shared key
}
\endcode
\sa wc_DhGenerateKeyPair
*/
int wc_DhAgree(DhKey* key, byte* agree, word32* agreeSz,
const byte* priv, word32 privSz, const byte* otherPub,
word32 pubSz);
/*!
\ingroup Diffie-Hellman
\brief This function decodes a Diffie-Hellman key from the given input
buffer containing the key in DER format. It stores the result in the
DhKey structure.
\return 0 Returned on successfully decoding the input key
\return ASN_PARSE_E Returned if there is an error parsing the sequence
of the input
\return ASN_DH_KEY_E Returned if there is an error reading the private
key parameters from the parsed input
\param input pointer to the buffer containing the DER formatted
Diffie-Hellman key
\param inOutIdx pointer to an integer in which to store the index parsed
to while decoding the key
\param key pointer to the DhKey structure to initialize with the input key
\param inSz length of the input buffer. Gives the max length that may
be read
_Example_
\code
DhKey key;
word32 idx = 0;
byte keyBuff[1024];
// initialize with DER formatted key
wc_DhKeyInit(&key);
ret = wc_DhKeyDecode(keyBuff, &idx, &key, sizeof(keyBuff));
if ( ret != 0 ) {
// error decoding key
}
\endcode
\sa wc_DhSetKey
*/
int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key,
word32);
/*!
\ingroup Diffie-Hellman
\brief This function sets the key for a DhKey structure using the input
private key parameters. Unlike wc_DhKeyDecode, this function does not
require that the input key be formatted in DER format, and instead simply
accepts the parsed input parameters p (prime) and g (base).
\return 0 Returned on successfully setting the key
\return BAD_FUNC_ARG Returned if any of the input parameters
evaluate to NULL
\return MP_INIT_E Returned if there is an error initializing the key
parameters for storage
\return ASN_DH_KEY_E Returned if there is an error reading in the
DH key parameters p and g
\param key pointer to the DhKey structure on which to set the key
\param p pointer to the buffer containing the prime for use with the key
\param pSz length of the input prime
\param g pointer to the buffer containing the base for use with the key
\param gSz length of the input base
_Example_
\code
DhKey key;
byte p[] = { // initialize with prime };
byte g[] = { // initialize with base };
wc_DhKeyInit(&key);
ret = wc_DhSetKey(key, p, sizeof(p), g, sizeof(g));
if ( ret != 0 ) {
// error setting key
}
\endcode
\sa wc_DhKeyDecode
*/
int wc_DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
word32 gSz);
/*!
\ingroup Diffie-Hellman
\brief This function loads the Diffie-Hellman parameters, p (prime)
and g (base) out of the given input buffer, DER formatted.
\return 0 Returned on successfully extracting the DH parameters
\return ASN_PARSE_E Returned if an error occurs while parsing the DER
formatted DH certificate
\return BUFFER_E Returned if there is inadequate space in p or g to
store the parsed parameters
\param input pointer to a buffer containing a DER formatted
Diffie-Hellman certificate to parse
\param inSz size of the input buffer
\param p pointer to a buffer in which to store the parsed prime
\param pInOutSz pointer to a word32 object containing the available
size in the p buffer. Will be overwritten with the number of bytes
written to the buffer after completing the function call
\param g pointer to a buffer in which to store the parsed base
\param gInOutSz pointer to a word32 object containing the available size
in the g buffer. Will be overwritten with the number of bytes written to
the buffer after completing the function call
_Example_
\code
byte dhCert[] = { initialize with DER formatted certificate };
byte p[MAX_DH_SIZE];
byte g[MAX_DH_SIZE];
word32 pSz = MAX_DH_SIZE;
word32 gSz = MAX_DH_SIZE;
ret = wc_DhParamsLoad(dhCert, sizeof(dhCert), p, &pSz, g, &gSz);
if ( ret != 0 ) {
// error parsing inputs
}
\endcode
\sa wc_DhSetKey
\sa wc_DhKeyDecode
*/
int wc_DhParamsLoad(const byte* input, word32 inSz, byte* p,
word32* pInOutSz, byte* g, word32* gInOutSz);
/*!
\ingroup Diffie-Hellman
\brief This function returns ... and requires that HAVE_FFDHE_2048 be
defined.
\sa wc_Dh_ffdhe3072_Get
\sa wc_Dh_ffdhe4096_Get
\sa wc_Dh_ffdhe6144_Get
\sa wc_Dh_ffdhe8192_Get
*/
const DhParams* wc_Dh_ffdhe2048_Get(void);
/*!
\ingroup Diffie-Hellman
\brief This function returns ... and requires that HAVE_FFDHE_3072 be
defined.
\sa wc_Dh_ffdhe2048_Get
\sa wc_Dh_ffdhe4096_Get
\sa wc_Dh_ffdhe6144_Get
\sa wc_Dh_ffdhe8192_Get
*/
const DhParams* wc_Dh_ffdhe3072_Get(void);
/*!
\ingroup Diffie-Hellman
\brief This function returns ... and requires that HAVE_FFDHE_4096 be
defined.
\sa wc_Dh_ffdhe2048_Get
\sa wc_Dh_ffdhe3072_Get
\sa wc_Dh_ffdhe6144_Get
\sa wc_Dh_ffdhe8192_Get
*/
const DhParams* wc_Dh_ffdhe4096_Get(void);
/*!
\ingroup Diffie-Hellman
\brief This function returns ... and requires that HAVE_FFDHE_6144 be
defined.
\sa wc_Dh_ffdhe2048_Get
\sa wc_Dh_ffdhe3072_Get
\sa wc_Dh_ffdhe4096_Get
\sa wc_Dh_ffdhe8192_Get
*/
const DhParams* wc_Dh_ffdhe6144_Get(void);
/*!
\ingroup Diffie-Hellman
\brief This function returns ... and requires that HAVE_FFDHE_8192 be
defined.
\sa wc_Dh_ffdhe2048_Get
\sa wc_Dh_ffdhe3072_Get
\sa wc_Dh_ffdhe4096_Get
\sa wc_Dh_ffdhe6144_Get
*/
const DhParams* wc_Dh_ffdhe8192_Get(void);
/*!
\ingroup Diffie-Hellman
\brief Checks DH keys for pair-wise consistency per process in SP 800-56Ar3,
section 5.6.2.1.4, method (b) for FFC.
*/
int wc_DhCheckKeyPair(DhKey* key, const byte* pub, word32 pubSz,
const byte* priv, word32 privSz);
/*!
\ingroup Diffie-Hellman
\brief Check DH private key for invalid numbers
*/
int wc_DhCheckPrivKey(DhKey* key, const byte* priv, word32 pubSz);
/*!
\ingroup Diffie-Hellman
*/
int wc_DhCheckPrivKey_ex(DhKey* key, const byte* priv, word32 pubSz,
const byte* prime, word32 primeSz);
/*!
\ingroup Diffie-Hellman
*/
int wc_DhCheckPubKey(DhKey* key, const byte* pub, word32 pubSz);
/*!
\ingroup Diffie-Hellman
*/
int wc_DhCheckPubKey_ex(DhKey* key, const byte* pub, word32 pubSz,
const byte* prime, word32 primeSz);
/*!
\ingroup Diffie-Hellman
*/
int wc_DhExportParamsRaw(DhKey* dh, byte* p, word32* pSz,
byte* q, word32* qSz, byte* g, word32* gSz);
/*!
\ingroup Diffie-Hellman
*/
int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh);
/*!
\ingroup Diffie-Hellman
*/
int wc_DhSetCheckKey(DhKey* key, const byte* p, word32 pSz,
const byte* g, word32 gSz, const byte* q, word32 qSz,
int trusted, WC_RNG* rng);
/*!
\ingroup Diffie-Hellman
*/
int wc_DhSetKey_ex(DhKey* key, const byte* p, word32 pSz,
const byte* g, word32 gSz, const byte* q, word32 qSz);
/*!
\ingroup Diffie-Hellman
*/
int wc_FreeDhKey(DhKey* key);

244
android/extern/wolfssl/doc/dox_comments/header_files/doxygen_groups.h vendored Normal file
View File

@@ -0,0 +1,244 @@
/*!
\defgroup 3DES Algorithms - 3DES
\defgroup AES Algorithms - AES
\defgroup ARC4 Algorithms - ARC4
\defgroup BLAKE2 Algorithms - BLAKE2
\defgroup Camellia Algorithms - Camellia
\defgroup ChaCha Algorithms - ChaCha
\defgroup ChaCha20Poly1305 Algorithms - ChaCha20_Poly1305
\defgroup CMAC Algorithm - CMAC
\defgroup Crypto Callbacks - CryptoCb
\defgroup Curve25519 Algorithms - Curve25519
\defgroup Curve448 Algorithms - Curve448
\defgroup DSA Algorithms - DSA
\defgroup Diffie-Hellman Algorithms - Diffie-Hellman
\defgroup ECC Algorithms - ECC
\defgroup ED25519 Algorithms - ED25519
\defgroup ED448 Algorithms - ED448
\defgroup ECCSI_Overview Overview of ECCSI
ECCSI (Elliptic Curve-Based Certificateless Signatures for Identity-Based Encryption) is specified in RFC 6507 (https://tools.ietf.org/html/rfc6507).
In Identity-Based cryptography, there is a Key Management Service that generates keys based on an identity for a client.
The private key (SSK) and public key (PVT) are delivered to the signer and the public key (PVT) only delivered to the verifier on request.\n\n
wolfCrypt offers the ability to:
-# Create KMS keys,
-# Generate signing key pairs,
-# Validate signing key pairs,
-# Sign messages and
-# Verify messages.
KMS:
-# Initialize ECCSI Key: wc_InitEccsiKey()
-# Make and save or load ECCSI Key:
-# wc_MakeEccsiKey(), wc_ExportEccsiKey(), wc_ExportEccsiPublicKey() or
-# wc_ImportEccsiKey()
-# Wait for request:
-# Receive signing ID from client.
-# Generate signing key pair from ID: wc_MakeEccsiPair()
-# Encode result:
-# For signer, signing key pair: wc_EncodeEccsiPair()
-# Send KPAK and result
-# Free ECCSI Key: wc_FreeEccsiKey()
Client, signer:
-# Initialize ECCSI Key: wc_InitEccsiKey()
-# (When signing pair not cached) Request KPAK and signing pair from KMS
-# Send signing ID to KMS.
-# Receive signing key pair from KMS.
-# Load KMS Public Key: wc_ImportEccsiPublicKey()
-# Decode signing key pair: wc_DecodeEccsiPair()
-# Validate the key pair: wc_ValidateEccsiPair()
-# (If not done above) Load KMS Public Key: wc_ImportEccsiPublicKey()
-# (If not cached) Calculate hash of the ID and PVT: wc_HashEccsiId()
-# For each message:
-# Set Hash of Identity: wc_SetEccsiHash()
-# Sign message: wc_SignEccsiHash()
-# Send hash ID, message and signature to peer.
-# Free ECCSI Key: wc_FreeEccsiKey()
Client, verifier:
-# Receive hash ID, message and signature from signer.
-# Request KPAK (if not cached) and PVT (if not cached) for hash ID from KMS.
-# Receive KPAK (if not cached) and PVT (if not cached) for hash ID from KMS.
-# Initialize ECCSI Key: wc_InitEccsiKey()
-# Load KMS Public Key: wc_ImportEccsiPublicKey()
-# Decode PVT: wc_DecodeEccsiPvtFromSig()
-# Calculate hash of the ID and PVT: wc_HashEccsiId()
-# Set ECCSI key pair: wc_SetEccsiPair()
-# Verify signature of message: wc_VerifyEccsiHash()
-# Free ECCSI Key: wc_FreeEccsiKey()
\defgroup ECCSI_Setup Setup ECCSI Key
Operations for establinshing an ECCSI key.
Initialize ECCSI Key before use (wc_InitEccsiKey()).\n
Initialize ECCSI Key before use (wc_InitEccsiKey_ex()) for use with a curve other than P256.\n
Either make a new key (wc_MakeEccsiKey()), import an existing key (wc_ImportEccsiKey()) or import existing private key (wc_ImportEccsiPrivateKey()) and public key (wc_ImportEccsiPublicKey()).\n
Export the key (wc_ExportEccsiKey()) after making a new key for future use.\n
Export the private key (wc_ExportEccsiPrivateKey()) after making a new key for future use.\n
Export the public key (wc_ExportEccsiPublicKey()) from KMS to pass to client.\n
Import the public key (wc_ImportEccsiPublicKey()) into client.\n
Free the ECCSI Key (wc_FreeEccsiKey()) when finished.
\defgroup ECCSI_Operations Operations for Signing and Verifying with ECCSI Key
These operations are for signing and verifying with ECCSI keys.
Make an ECCSI key pair (wc_MakeEccsiPair()) with the signer's ID for use when signing.\n
Validate the ECCSI key pair (wc_ValidateEccsiPair()) with the signer's ID.\n
Validate the ECCSI Public Validation Token (PVT) (wc_ValidateEccsiPvt()).\n
Encode the ECCSI key pair (wc_EncodeEccsiPair()) for transfer to client.\n
Encode the ECCSI SSK (wc_EncodeEccsiSsk()) for transfer to client.\n
Encode the ECCSI PVT (wc_EncodeEccsiPvt()) for transfer to verifier.\n
Decode the ECCSI key pair (wc_DecodeEccsiPair()) on client for signing.\n
Decode the ECCSI SSK (wc_DecodeEccsiSsk()) on client for signing.\n
Decode the ECCSI PVT (wc_DecodeEccsiPvt()) on client for signing.\n
Decode the ECCSI PVT from the signature (wc_DecodeEccsiPvtFromSig()) on client for verifying.\n
Calculate hash of the ID (wc_HashEccsiId()) for signing/verifying using ID and Public Validation Token (PVT).\n
Sign (wc_SignEccsiHash()) a message with the hash of the ID and the Secret Signing Key (SSK) and Public Validation Token (PVT).\n
Verify (wc_VerifyEccsiHash()) a message with the hash of the signer's ID.
\defgroup SAKKE_Overview Overview of SAKKE Key
SAKKE (Sakai-Kasahara Key Encryption) is specified in RFC 6508 (https://tools.ietf.org/html/rfc6508).
SAKKE is used to transfer a secret to a peer using Identity Based cryptography.\n
The Key Management Service (KMS) is responsible for issuing Receiver Secret %Keys (RSKs).
Data up to (2^hashlen)^hashlen bytes of data can be transferred.\n
The sender must know the identity of the receiver and the KMS Public Key.\n
The receiver must have obtained a Receiver Secret Key (RSK) for the identity from a KMS in order to derive the secret.
KMS:
-# Initialize SAKKE Key: wc_InitSakkeKey()
-# Make and save or load SAKKE Key:
-# wc_MakeSakkeKey(), wc_ExportSakkeKey(), wc_ExportSakkePublicKey() or
-# wc_ImportSakkeKey()
-# Wait for request:
-# Make an RSK base on ID for the client: wc_MakeSakkeRsk()
-# Encode RSK for transfer to client: wc_EncodeSakkeRsk()
-# Free SAKKE Key: wc_FreeSakkeKey()
Key Exchange, Peer A:
-# Initialize SAKKE Key: wc_InitSakkeKey()
-# Load KMS Public Key: wc_ImportSakkePublicKey()
-# Generate a random SSV: wc_GenerateSakkeSSV()
-# Set the identity of Peer B: wc_SetSakkeIdentity()
-# Make an encapsulated SSV and auth data: wc_MakeSakkeEncapsulatedSSV()
-# Send encapsulated data to Peer B
-# Free SAKKE Key: wc_FreeSakkeKey()
Key Exchange, Peer B:
-# Receive encapsulated data.
-# Initialize SAKKE Key: wc_InitSakkeKey()
-# Load KMS Public Key: wc_ImportSakkePublicKey()
-# Decode RSK transferred from KMS or stored locally: wc_DecodeSakkeRsk()
-# [Optional] Validate RSK before first use: wc_ValidateSakkeRsk()
-# Set the identity: wc_SetSakkeIdentity()
-# Set the RSK and, optionally precomputation table: wc_SetSakkeRsk()
-# Derive SSV with auth data: wc_DeriveSakkeSSV()
-# Free SAKKE Key: wc_FreeSakkeKey()
Transfer secret, Peer A:
-# Initialize SAKKE Key: wc_InitSakkeKey()
-# Load KMS Public Key: wc_ImportSakkePublicKey()
-# Set the identity of Peer B: wc_SetSakkeIdentity()
-# Make an encapsulation of the SSV and auth data: wc_MakeSakkeEncapsulatedSSV()
-# Send encapsulated data to Peer B
-# Free SAKKE Key: wc_FreeSakkeKey()
Transfer secret, Peer B:
-# Initialize SAKKE Key: wc_InitSakkeKey()
-# Load KMS Public Key: wc_ImportSakkePublicKey()
-# Decode RSK transferred from KMS or stored locally: wc_DecodeSakkeRsk()
-# [Optional] Validate RSK before first use: wc_ValidateSakkeRsk()
-# Receive encapsulated data.
-# Set the identity: wc_SetSakkeIdentity()
-# Set the RSK and, optionally precomputation table: wc_SetSakkeRsk()
-# Derive SSV and auth data: wc_DeriveSakkeSSV()
-# Free SAKKE Key: wc_FreeSakkeKey()
\defgroup SAKKE_Setup Setup SAKKE Key
Operations for establishing a SAKKE key.
Initialization SAKKE Key before use (wc_InitSakkeKey() or wc_InitSakkeKey_ex()).\n
Either make a new key (wc_MakeSakkeKey()) or import an existing key (wc_ImportSakkeKey()).\n
Export the key (wc_ExportSakkeKey()) after making a new key for future use.\n
If only the private part of the KMS SAKKE Key is available, make the public key (wc_MakeSakkePublicKey()).\n
Export the private key (wc_ExportSakkePrivateKey()) from KMS from storage.\n
Import the private key (wc_ImportSakkePrivateKey()) into KMS from storage.\n
Export the public key (wc_ExportSakkePublicKey()) from KMS to pass to client.\n
Import the public key (wc_ImportSakkePublicKey()) into client.\n
Set the identity to use (wc_SetSakkeIdentity()) into client.\n
Free the SAKKE Key (wc_FreeSakkeKey()) when finished.
\defgroup SAKKE_RSK Operations on/with SAKKE RSK
These operations make, validate, encode and decode a Receiver Secret Key (RSK).
An RSK is required to derive an SSV (see wc_DeriveSakkeSSV()).\n
On the KMS, make an RSK (wc_MakeSakkeRsk()) from the client's ID.\n
On the client, validate the RSK (wc_ValidateSakkeRsk()) with the ID.\n
Encode the RSK (wc_EncodeSakkeRsk()) to pass to client or for storage.\n
Decode the RSK (wc_DecodeSakkeRsk()) on the client when needed.\n
Import the RSK (wc_ImportSakkeRsk()) on the client when needed.\n
Set the RSK and, optionally, a pre-computation table (wc_SetSakkeRsk()) on the client when needed.
\defgroup SAKKE_Operations Operations using SAKKE Key
These operations transfer a Shared Secret Value (SSV) from one client to another. The SSV may be randomly generated.
Calculate the size of the authentication data (wc_GetSakkeAuthSize()) to determine where the SSV starts in a buffer.\n
Make the intermediate point I (wc_MakeSakkePointI()) to speed making an encapsulated and deriving SSV.\n
Get intermediate point I (wc_GetSakkePointI()) for storage.\n
Set intermediate point I (wc_SetSakkePointI()) from storage.\n
Generate a pre-computation table for intermediate point I (wc_GenerateSakkePointITable()) to further enhance performance. Store as necessary.\n
Set the pre-computation table for intermediate point I (wc_SetSakkePointITable()) to further enhance performance.\n
Clear the pre-computation table for intermediate point I (wc_ClearSakkePointITable()) to remove reference to external table pointer.\n
Make an encapsulated SSV (wc_MakeSakkeEncapsulatedSSV()) to share with another client. Data in SSV is modified.\n
Generate a random SSV (wc_GenerateSakkeSSV()) for key exchange.\n
Derive the SSV, (wc_DeriveSakkeSSV()) on the recipient from the encapsulated SSV.
\defgroup HMAC Algorithms - HMAC
\defgroup MD2 Algorithms - MD2
\defgroup MD4 Algorithms - MD4
\defgroup MD5 Algorithms - MD5
\defgroup PKCS7 Algorithms - PKCS7
\defgroup PKCS11 Algorithms - PKCS11
\defgroup Password Algorithms - Password Based
\defgroup Poly1305 Algorithms - Poly1305
\defgroup RIPEMD Algorithms - RIPEMD
\defgroup RSA Algorithms - RSA
\defgroup SHA Algorithms - SHA 128/224/256/384/512
\defgroup SipHash Algorithm - SipHash
\defgroup SRP Algorithms - SRP
\defgroup ASN ASN.1
\defgroup Base_Encoding Base Encoding
\defgroup CertManager CertManager API
\defgroup Compression Compression
\defgroup Error Error Reporting
\defgroup IoTSafe IoT-Safe Module
IoT-Safe (IoT-SIM Applet For Secure End-2-End Communication) is a technology that leverage the SIM as robust,
scalable and standardized hardware Root of Trust to protect data communication.
IoT-Safe SSL sessions use the SIM as Hardware Security Module, offloading all the crypto public
key operations and reducing the attack surface by restricting access to certificate and keys
to the SIM.
IoT-Safe support can be enabled on an existing WOLFSSL_CTX contex, using wolfSSL_CTX_iotsafe_enable().\n
Session created within the context can set the parameters for IoT-Safe key and files usage, and enable
the public keys callback, with wolfSSL_iotsafe_on().
If compiled in, the module supports IoT-Safe random number generator as source of entropy for wolfCrypt.
\defgroup PSA Platform Security Architecture (PSA) API
\defgroup Keys Key and Cert Conversion
\defgroup Logging Logging
\defgroup Math Math API
\defgroup Memory Memory Handling
\defgroup Random Random Number Generation
\defgroup Signature Signature API
\defgroup openSSL OpenSSL API
\defgroup wolfCrypt wolfCrypt Init and Cleanup
\defgroup TLS wolfSSL Initialization/Shutdown
\defgroup CertsKeys wolfSSL Certificates and Keys
\defgroup Setup wolfSSL Context and Session Set Up
\defgroup IO wolfSSL Connection, Session, and I/O
\defgroup Debug wolfSSL Error Handling and Reporting
*/

76
android/extern/wolfssl/doc/dox_comments/header_files/doxygen_pages.h vendored Normal file
View File

@@ -0,0 +1,76 @@
/*!
\page wolfssl_API wolfSSL API Reference
- \ref CertManager
- \ref Memory
- \ref openSSL
- \ref CertsKeys
- \ref IO
- \ref Setup
- \ref Debug
- \ref TLS
*/
/*!
\page wolfcrypt_API wolfCrypt API Reference
<ul>
<li>\ref ASN</li>
<li>\ref Base_Encoding</li>
<li>\ref Compression</li>
<li>\ref Error</li>
<li>\ref IoTSafe</li>
<li>\ref PSA</li>
<li>\ref Keys</li>
<li>\ref Logging</li>
<li>\ref Math</li>
<li>\ref Random</li>
<li>\ref Signature</li>
<li>\ref wolfCrypt</li>
</ul>
<ul>
<li>\ref DES</li>
<li>\ref AES</li>
<li>\ref ARC4</li>
<li>\ref BLAKE2</li>
<li>\ref Camellia</li>
<li>\ref ChaCha</li>
<li>\ref ChaCha20Poly1305</li>
<li>\ref CMAC</li>
<li>\ref Crypto Callbacks</li>
<li>\ref Curve25519</li>
<li>\ref Curve448</li>
<li>\ref DSA</li>
<li>\ref Diffie-Hellman</li>
<li>\ref ECC</li>
<li>\ref ED25519</li>
<li>\ref ED448</li>
<li>\ref ECCSI</li>
<li>\ref SAKKE</li>
<li>\ref HMAC</li>
<li>\ref MD2</li>
<li>\ref MD4</li>
<li>\ref MD5</li>
<li>\ref Password</li>
<li>\ref PKCS7</li>
<li>\ref PKCS11</li>
<li>\ref Poly1305</li>
<li>\ref RIPEMD</li>
<li>\ref RSA</li>
<li>\ref SHA</li>
<li>\ref SipHash</li>
<li>\ref SRP</li>
</ul>
*/
/*!
\page ECCSI ECCSI API Reference
- \ref ECCSI_Overview
- \ref ECCSI_Setup
- \ref ECCSI_Operations
*/
/*!
\page SAKKE SAKKE API Reference
- \ref SAKKE_Overview
- \ref SAKKE_Setup
- \ref SAKKE_RSK
- \ref SAKKE_Operations
*/

342
android/extern/wolfssl/doc/dox_comments/header_files/dsa.h vendored Normal file
View File

@@ -0,0 +1,342 @@
/*!
\ingroup DSA
\brief This function initializes a DsaKey object in order to use it for
authentication via the Digital Signature Algorithm (DSA).
\return 0 Returned on success.
\return BAD_FUNC_ARG Returned if a NULL key is passed in.
\param key pointer to the DsaKey structure to initialize
_Example_
\code
DsaKey key;
int ret;
ret = wc_InitDsaKey(&key); // initialize DSA key
\endcode
\sa wc_FreeDsaKey
*/
int wc_InitDsaKey(DsaKey* key);
/*!
\ingroup DSA
\brief This function frees a DsaKey object after it has been used.
\return none No returns.
\param key pointer to the DsaKey structure to free
_Example_
\code
DsaKey key;
// initialize key, use for authentication
...
wc_FreeDsaKey(&key); // free DSA key
\endcode
\sa wc_FreeDsaKey
*/
void wc_FreeDsaKey(DsaKey* key);
/*!
\ingroup DSA
\brief This function signs the input digest and stores the result in the
output buffer, out.
\return 0 Returned on successfully signing the input digest
\return MP_INIT_E may be returned if there is an error in processing the
DSA signature.
\return MP_READ_E may be returned if there is an error in processing the
DSA signature.
\return MP_CMP_E may be returned if there is an error in processing the
DSA signature.
\return MP_INVMOD_E may be returned if there is an error in processing the
DSA signature.
\return MP_EXPTMOD_E may be returned if there is an error in processing
the DSA signature.
\return MP_MOD_E may be returned if there is an error in processing the
DSA signature.
\return MP_MUL_E may be returned if there is an error in processing the
DSA signature.
\return MP_ADD_E may be returned if there is an error in processing the
DSA signature.
\return MP_MULMOD_E may be returned if there is an error in processing
the DSA signature.
\return MP_TO_E may be returned if there is an error in processing the
DSA signature.
\return MP_MEM may be returned if there is an error in processing the
DSA signature.
\param digest pointer to the hash to sign
\param out pointer to the buffer in which to store the signature
\param key pointer to the initialized DsaKey structure with which to
generate the signature
\param rng pointer to an initialized RNG to use with the signature
generation
_Example_
\code
DsaKey key;
// initialize DSA key, load private Key
int ret;
WC_RNG rng;
wc_InitRng(&rng);
byte hash[] = { // initialize with hash digest };
byte signature[40]; // signature will be 40 bytes (320 bits)
ret = wc_DsaSign(hash, signature, &key, &rng);
if (ret != 0) {
// error generating DSA signature
}
\endcode
\sa wc_DsaVerify
*/
int wc_DsaSign(const byte* digest, byte* out,
DsaKey* key, WC_RNG* rng);
/*!
\ingroup DSA
\brief This function verifies the signature of a digest, given a private
key. It stores whether the key properly verifies in the answer parameter,
with 1 corresponding to a successful verification, and 0 corresponding to
failed verification.
\return 0 Returned on successfully processing the verify request. Note:
this does not mean that the signature is verified, only that the function
succeeded
\return MP_INIT_E may be returned if there is an error in processing the
DSA signature.
\return MP_READ_E may be returned if there is an error in processing the
DSA signature.
\return MP_CMP_E may be returned if there is an error in processing the
DSA signature.
\return MP_INVMOD_E may be returned if there is an error in processing
the DSA signature.
\return MP_EXPTMOD_E may be returned if there is an error in processing
the DSA signature.
\return MP_MOD_E may be returned if there is an error in processing the
DSA signature.
\return MP_MUL_E may be returned if there is an error in processing the
DSA signature.
\return MP_ADD_E may be returned if there is an error in processing the
DSA signature.
\return MP_MULMOD_E may be returned if there is an error in processing
the DSA signature.
\return MP_TO_E may be returned if there is an error in processing the
DSA signature.
\return MP_MEM may be returned if there is an error in processing the
DSA signature.
\param digest pointer to the digest containing the subject of the signature
\param sig pointer to the buffer containing the signature to verify
\param key pointer to the initialized DsaKey structure with which to
verify the signature
\param answer pointer to an integer which will store whether the
verification was successful
_Example_
\code
DsaKey key;
// initialize DSA key, load public Key
int ret;
int verified;
byte hash[] = { // initialize with hash digest };
byte signature[] = { // initialize with signature to verify };
ret = wc_DsaVerify(hash, signature, &key, &verified);
if (ret != 0) {
// error processing verify request
} else if (answer == 0) {
// invalid signature
}
\endcode
\sa wc_DsaSign
*/
int wc_DsaVerify(const byte* digest, const byte* sig,
DsaKey* key, int* answer);
/*!
\ingroup DSA
\brief This function decodes a DER formatted certificate buffer containing
a DSA public key, and stores the key in the given DsaKey structure. It
also sets the inOutIdx parameter according to the length of the input read.
\return 0 Returned on successfully setting the public key for the DsaKey
object
\return ASN_PARSE_E Returned if there is an error in the encoding while
reading the certificate buffer
\return ASN_DH_KEY_E Returned if one of the DSA parameters is incorrectly
formatted
\param input pointer to the buffer containing the DER formatted DSA
public key
\param inOutIdx pointer to an integer in which to store the final index
of the certificate read
\param key pointer to the DsaKey structure in which to store the public key
\param inSz size of the input buffer
_Example_
\code
int ret, idx=0;
DsaKey key;
wc_InitDsaKey(&key);
byte derBuff[] = { // DSA public key};
ret = wc_DsaPublicKeyDecode(derBuff, &idx, &key, inSz);
if (ret != 0) {
// error reading public key
}
\endcode
\sa wc_InitDsaKey
\sa wc_DsaPrivateKeyDecode
*/
int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx,
DsaKey* key, word32 inSz);
/*!
\ingroup DSA
\brief This function decodes a DER formatted certificate buffer containing
a DSA private key, and stores the key in the given DsaKey structure. It
also sets the inOutIdx parameter according to the length of the input read.
\return 0 Returned on successfully setting the private key for the DsaKey
object
\return ASN_PARSE_E Returned if there is an error in the encoding while
reading the certificate buffer
\return ASN_DH_KEY_E Returned if one of the DSA parameters is incorrectly
formatted
\param input pointer to the buffer containing the DER formatted DSA
private key
\param inOutIdx pointer to an integer in which to store the final index
of the certificate read
\param key pointer to the DsaKey structure in which to store the private
key
\param inSz size of the input buffer
_Example_
\code
int ret, idx=0;
DsaKey key;
wc_InitDsaKey(&key);
byte derBuff[] = { // DSA private key };
ret = wc_DsaPrivateKeyDecode(derBuff, &idx, &key, inSz);
if (ret != 0) {
// error reading private key
}
\endcode
\sa wc_InitDsaKey
\sa wc_DsaPublicKeyDecode
*/
int wc_DsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
DsaKey* key, word32 inSz);
/*!
\ingroup DSA
\brief Convert DsaKey key to DER format, write to output (inLen),
return bytes written.
\return outLen Success, number of bytes written
\return BAD_FUNC_ARG key or output are null or key->type is not
DSA_PRIVATE.
\return MEMORY_E Error allocating memory.
\param key Pointer to DsaKey structure to convert.
\param output Pointer to output buffer for converted key.
\param inLen Length of key input.
_Example_
\code
DsaKey key;
WC_RNG rng;
int derSz;
int bufferSize = // Sufficient buffer size;
byte der[bufferSize];
wc_InitDsaKey(&key);
wc_InitRng(&rng);
wc_MakeDsaKey(&rng, &key);
derSz = wc_DsaKeyToDer(&key, der, bufferSize);
\endcode
\sa wc_InitDsaKey
\sa wc_FreeDsaKey
\sa wc_MakeDsaKey
*/
int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen);
/*!
\ingroup DSA
\brief Create a DSA key.
\return MP_OKAY Success
\return BAD_FUNC_ARG Either rng or dsa is null.
\return MEMORY_E Couldn't allocate memory for buffer.
\return MP_INIT_E Error initializing mp_int
\param rng Pointer to WC_RNG structure.
\param dsa Pointer to DsaKey structure.
_Example_
\code
WC_RNG rng;
DsaKey dsa;
wc_InitRng(&rng);
wc_InitDsa(&dsa);
if(wc_MakeDsaKey(&rng, &dsa) != 0)
{
// Error creating key
}
\endcode
\sa wc_InitDsaKey
\sa wc_FreeDsaKey
\sa wc_DsaSign
*/
int wc_MakeDsaKey(WC_RNG *rng, DsaKey *dsa);
/*!
\ingroup DSA
\brief FIPS 186-4 defines valid for modulus_size values as
(1024, 160) (2048, 256) (3072, 256)
\return 0 Success
\return BAD_FUNC_ARG rng or dsa is null or modulus_size is invalid.
\return MEMORY_E Error attempting to allocate memory.
\param rng pointer to wolfCrypt rng.
\param modulus_size 1024, 2048, or 3072 are valid values.
\param dsa Pointer to a DsaKey structure.
_Example_
\code
DsaKey key;
WC_RNG rng;
wc_InitDsaKey(&key);
wc_InitRng(&rng);
if(wc_MakeDsaParameters(&rng, 1024, &genKey) != 0)
{
// Handle error
}
\endcode
\sa wc_MakeDsaKey
\sa wc_DsaKeyToDer
\sa wc_InitDsaKey
*/
int wc_MakeDsaParameters(WC_RNG *rng, int modulus_size, DsaKey *dsa);

2008
android/extern/wolfssl/doc/dox_comments/header_files/ecc.h vendored Normal file
View File

File diff suppressed because it is too large Load Diff

131
android/extern/wolfssl/doc/dox_comments/header_files/eccsi.h vendored Normal file
View File

@@ -0,0 +1,131 @@
/*!
\ingroup ECCSI_Setup
*/
int wc_InitEccsiKey(EccsiKey* key, void* heap, int devId);
/*!
\ingroup ECCSI_Setup
*/
int wc_InitEccsiKey_ex(EccsiKey* key, int keySz, int curveId,
void* heap, int devId);
/*!
\ingroup ECCSI_Setup
*/
void wc_FreeEccsiKey(EccsiKey* key);
/*!
\ingroup ECCSI_Setup
*/
int wc_MakeEccsiKey(EccsiKey* key, WC_RNG* rng);
/*!
\ingroup ECCSI_Operations
*/
int wc_MakeEccsiPair(EccsiKey* key, WC_RNG* rng,
enum wc_HashType hashType, const byte* id, word32 idSz, mp_int* ssk,
ecc_point* pvt);
/*!
\ingroup ECCSI_Operations
*/
int wc_ValidateEccsiPair(EccsiKey* key, enum wc_HashType hashType,
const byte* id, word32 idSz, const mp_int* ssk, ecc_point* pvt,
int* valid);
/*!
\ingroup ECCSI_Operations
*/
int wc_ValidateEccsiPvt(EccsiKey* key, const ecc_point* pvt,
int* valid);
/*!
\ingroup ECCSI_Operations
*/
int wc_EncodeEccsiPair(const EccsiKey* key, mp_int* ssk,
ecc_point* pvt, byte* data, word32* sz);
/*!
\ingroup ECCSI_Operations
*/
int wc_EncodeEccsiSsk(const EccsiKey* key, mp_int* ssk, byte* data,
word32* sz);
/*!
\ingroup ECCSI_Operations
*/
int wc_EncodeEccsiPvt(const EccsiKey* key, ecc_point* pvt,
byte* data, word32* sz, int raw);
/*!
\ingroup ECCSI_Operations
*/
int wc_DecodeEccsiPair(const EccsiKey* key, const byte* data,
word32 sz, mp_int* ssk, ecc_point* pvt);
/*!
\ingroup ECCSI_Operations
*/
int wc_DecodeEccsiSsk(const EccsiKey* key, const byte* data,
word32 sz, mp_int* ssk);
/*!
\ingroup ECCSI_Operations
*/
int wc_DecodeEccsiPvt(const EccsiKey* key, const byte* data,
word32 sz, ecc_point* pvt);
/*!
\ingroup ECCSI_Operations
*/
int wc_DecodeEccsiPvtFromSig(const EccsiKey* key, const byte* sig,
word32 sz, ecc_point* pvt);
/*!
\ingroup ECCSI_Setup
*/
int wc_ExportEccsiKey(EccsiKey* key, byte* data, word32* sz);
/*!
\ingroup ECCSI_Setup
*/
int wc_ImportEccsiKey(EccsiKey* key, const byte* data, word32 sz);
/*!
\ingroup ECCSI_Setup
*/
int wc_ExportEccsiPrivateKey(EccsiKey* key, byte* data, word32* sz);
/*!
\ingroup ECCSI_Setup
*/
int wc_ImportEccsiPrivateKey(EccsiKey* key, const byte* data,
word32 sz);
/*!
\ingroup ECCSI_Setup
*/
int wc_ExportEccsiPublicKey(EccsiKey* key, byte* data, word32* sz,
int raw);
/*!
\ingroup ECCSI_Setup
*/
int wc_ImportEccsiPublicKey(EccsiKey* key, const byte* data,
word32 sz, int trusted);
/*!
\ingroup ECCSI_Operations
*/
int wc_HashEccsiId(EccsiKey* key, enum wc_HashType hashType,
const byte* id, word32 idSz, ecc_point* pvt, byte* hash, byte* hashSz);
/*!
\ingroup ECCSI_Setup
*/
int wc_SetEccsiHash(EccsiKey* key, const byte* hash, byte hashSz);
/*!
\ingroup ECCSI_Setup
*/
int wc_SetEccsiPair(EccsiKey* key, const mp_int* ssk,
const ecc_point* pvt);
/*!
\ingroup ECCSI_Operations
*/
int wc_SignEccsiHash(EccsiKey* key, WC_RNG* rng,
enum wc_HashType hashType, const byte* msg, word32 msgSz, byte* sig,
word32* sigSz);
/*!
\ingroup ECCSI_Operations
*/
int wc_VerifyEccsiHash(EccsiKey* key, enum wc_HashType hashType,
const byte* msg, word32 msgSz, const byte* sig, word32 sigSz,
int* verified);

1089
android/extern/wolfssl/doc/dox_comments/header_files/ed25519.h vendored Normal file
View File

File diff suppressed because it is too large Load Diff

968
android/extern/wolfssl/doc/dox_comments/header_files/ed448.h vendored Normal file
View File

@@ -0,0 +1,968 @@
/*!
\ingroup ED448
\brief This function generates the Ed448 public key from the private key.
It stores the public key in the buffer pubKey, and sets the bytes
written to this buffer in pubKeySz.
\return 0 Returned upon successfully making the public key.
\return BAD_FUNC_ARG Returned ifi key or pubKey evaluate to NULL, or if the
specified key size is not 57 bytes (Ed448 has 57 byte keys).
\return MEMORY_E Returned if there is an error allocating memory
during function execution.
\param [in] key Pointer to the ed448_key for which to generate a key.
\param [out] out Pointer to the buffer in which to store the public key.
\param [in,out] outLen Pointer to a word32 object with the size available
in out. Set with the number of bytes written to out after successfully
exporting the public key.
_Example_
\code
int ret;
ed448_key key;
byte priv[] = { initialize with 57 byte private key };
byte pub[57];
word32 pubSz = sizeof(pub);
wc_ed448_init(&key);
wc_ed448_import_private_only(priv, sizeof(priv), &key);
ret = wc_ed448_make_public(&key, pub, &pubSz);
if (ret != 0) {
// error making public key
}
\endcode
\sa wc_ed448_init
\sa wc_ed448_import_private_only
\sa wc_ed448_make_key
*/
int wc_ed448_make_public(ed448_key* key, unsigned char* pubKey,
word32 pubKeySz);
/*!
\ingroup ED448
\brief This function generates a new Ed448 key and stores it in key.
\return 0 Returned upon successfully making an ed448_key.
\return BAD_FUNC_ARG Returned if rng or key evaluate to NULL, or if the
specified key size is not 57 bytes (Ed448 has 57 byte keys).
\return MEMORY_E Returned if there is an error allocating memory
during function execution.
\param [in] rng Pointer to an initialized RNG object with which to
generate the key.
\param [in] keysize Length of key to generate. Should always be 57 for
Ed448.
\param [in,out] key Pointer to the ed448_key for which to generate a key.
_Example_
\code
int ret;
WC_RNG rng;
ed448_key key;
wc_InitRng(&rng);
wc_ed448_init(&key);
ret = wc_ed448_make_key(&rng, 57, &key);
if (ret != 0) {
// error making key
}
\endcode
\sa wc_ed448_init
*/
int wc_ed448_make_key(WC_RNG* rng, int keysize, ed448_key* key);
/*!
\ingroup ED448
\brief This function signs a message using an ed448_key object
to guarantee authenticity.
\return 0 Returned upon successfully generating a signature for the
message.
\return BAD_FUNC_ARG Returned if any of the input parameters evaluate to
NULL, or if the output buffer is too small to store the generated signature.
\return MEMORY_E Returned if there is an error allocating memory during
function execution.
\param [in] in Pointer to the buffer containing the message to sign.
\param [in] inlen Length of the message to sign.
\param [out] out Buffer in which to store the generated signature.
\param [in,out] outlen Maximum length of the output buffer. Will store the
bytes written to out upon successfully generating a message signature.
\param [in] key Pointer to a private ed448_key with which to generate the
signature.
_Example_
\code
ed448_key key;
WC_RNG rng;
int ret, sigSz;
byte sig[114]; // will hold generated signature
sigSz = sizeof(sig);
byte message[] = { initialize with message };
wc_InitRng(&rng); // initialize rng
wc_ed448_init(&key); // initialize key
wc_ed448_make_key(&rng, 57, &key); // make public/private key pair
ret = wc_ed448_sign_msg(message, sizeof(message), sig, &sigSz, &key);
if (ret != 0 ) {
// error generating message signature
}
\endcode
\sa wc_ed448ph_sign_hash
\sa wc_ed448ph_sign_msg
\sa wc_ed448_verify_msg
*/
int wc_ed448_sign_msg(const byte* in, word32 inlen, byte* out,
word32 *outlen, ed448_key* key);
/*!
\ingroup ED448
\brief This function signs a message digest using an ed448_key object
to guarantee authenticity. The context is included as part of the data
signed. The hash is the pre-hashed message before signature calculation.
The hash algorithm used to create message digest must be SHAKE-256.
\return 0 Returned upon successfully generating a signature for the
message digest.
\return BAD_FUNC_ARG Returned any of the input parameters evaluate to
NULL, or if the output buffer is too small to store the generated signature.
\return MEMORY_E Returned if there is an error allocating memory during
function execution.
\param [in] hash Pointer to the buffer containing the hash of the message
to sign.
\param [in] hashLen Length of the hash of the message to sign.
\param [out] out Buffer in which to store the generated signature.
\param [in,out] outlen Maximum length of the output buffer. Will store the
bytes written to out upon successfully generating a message signature.
\param [in] key Pointer to a private ed448_key with which to generate the
signature.
\param [in] context Pointer to the buffer containing the context for which
message is being signed.
\param [in] contextLen Length of the context buffer.
_Example_
\code
ed448_key key;
WC_RNG rng;
int ret, sigSz;
byte sig[114]; // will hold generated signature
sigSz = sizeof(sig);
byte hash[] = { initialize with SHAKE-256 hash of message };
byte context[] = { initialize with context of signing };
wc_InitRng(&rng); // initialize rng
wc_ed448_init(&key); // initialize key
wc_ed448_make_key(&rng, 57, &key); // make public/private key pair
ret = wc_ed448ph_sign_hash(hash, sizeof(hash), sig, &sigSz, &key,
context, sizeof(context));
if (ret != 0) {
// error generating message signature
}
\endcode
\sa wc_ed448_sign_msg
\sa wc_ed448ph_sign_msg
\sa wc_ed448ph_verify_hash
*/
int wc_ed448ph_sign_hash(const byte* hash, word32 hashLen, byte* out,
word32 *outLen, ed448_key* key,
const byte* context, byte contextLen);
/*!
\ingroup ED448
\brief This function signs a message using an ed448_key object
to guarantee authenticity. The context is included as part of the data
signed. The message is pre-hashed before signature calculation.
\return 0 Returned upon successfully generating a signature for the
message.
\return BAD_FUNC_ARG Returned any of the input parameters evaluate to
NULL, or if the output buffer is too small to store the generated signature.
\return MEMORY_E Returned if there is an error allocating memory during
function execution.
\param [in] in Pointer to the buffer containing the message to sign.
\param [in] inlen Length of the message to sign.
\param [out] out Buffer in which to store the generated signature.
\param [in,out] outlen Maximum length of the output buffer. Will store the
bytes written to out upon successfully generating a message signature.
\param [in] key Pointer to a private ed448_key with which to generate the
signature.
\param [in] context Pointer to the buffer containing the context for which
message is being signed.
\param [in] contextLen Length of the context buffer.
_Example_
\code
ed448_key key;
WC_RNG rng;
int ret, sigSz;
byte sig[114]; // will hold generated signature
sigSz = sizeof(sig);
byte message[] = { initialize with message };
byte context[] = { initialize with context of signing };
wc_InitRng(&rng); // initialize rng
wc_ed448_init(&key); // initialize key
wc_ed448_make_key(&rng, 57, &key); // make public/private key pair
ret = wc_ed448ph_sign_msg(message, sizeof(message), sig, &sigSz, &key,
context, sizeof(context));
if (ret != 0) {
// error generating message signature
}
\endcode
\sa wc_ed448_sign_msg
\sa wc_ed448ph_sign_hash
\sa wc_ed448ph_verify_msg
*/
int wc_ed448ph_sign_msg(const byte* in, word32 inLen, byte* out,
word32 *outLen, ed448_key* key, const byte* context,
byte contextLen);
/*!
\ingroup ED448
\brief This function verifies the Ed448 signature of a message to ensure
authenticity. The context is included as part of the data
verified. The answer is returned through res, with 1 corresponding to
a valid signature, and 0 corresponding to an invalid signature.
\return 0 Returned upon successfully performing the signature
verification and authentication.
\return BAD_FUNC_ARG Returned if any of the input parameters evaluate to
NULL, or if the siglen does not match the actual length of a signature.
\return SIG_VERIFY_E Returned if verification completes, but the signature
generated does not match the signature provided.
\param [in] sig Pointer to the buffer containing the signature to verify.
\param [in] siglen Length of the signature to verify.
\param [in] msg Pointer to the buffer containing the message to verify.
\param [in] msgLen Length of the message to verify.
\param [in] key Pointer to a public Ed448 key with which to verify the
signature.
\param [in] context Pointer to the buffer containing the context for which
the message was signed.
\param [in] contextLen Length of the context buffer.
_Example_
\code
ed448_key key;
int ret, verified = 0;
byte sig[] { initialize with received signature };
byte msg[] = { initialize with message };
byte context[] = { initialize with context of signature };
// initialize key with received public key
ret = wc_ed448_verify_msg(sig, sizeof(sig), msg, sizeof(msg), &verified,
&key, context, sizeof(context));
if (ret < 0) {
// error performing verification
} else if (verified == 0)
// the signature is invalid
}
\endcode
\sa wc_ed448ph_verify_hash
\sa wc_ed448ph_verify_msg
\sa wc_ed448_sign_msg
*/
int wc_ed448_verify_msg(const byte* sig, word32 siglen, const byte* msg,
word32 msgLen, int* res, ed448_key* key,
const byte* context, byte contextLen);
/*!
\ingroup ED448
\brief This function verifies the Ed448 signature of the digest of a message
to ensure authenticity. The context is included as part of the data
verified. The hash is the pre-hashed message before signature calculation.
The hash algorithm used to create message digest must be SHAKE-256.
The answer is returned through res, with 1 corresponding to a valid
signature, and 0 corresponding to an invalid signature.
\return 0 Returned upon successfully performing the signature
verification and authentication.
\return BAD_FUNC_ARG Returned if any of the input parameters evaluate to
NULL, or if the siglen does not match the actual length of a signature.
\return SIG_VERIFY_E Returned if verification completes, but the signature
generated does not match the signature provided.
\param [in] sig Pointer to the buffer containing the signature to verify.
\param [in] siglen Length of the signature to verify.
\param [in] hash Pointer to the buffer containing the hash of the message
to verify.
\param [in] hashLen Length of the hash to verify.
\param [in] key Pointer to a public Ed448 key with which to verify the
signature.
\param [in] context Pointer to the buffer containing the context for which
the message was signed.
\param [in] contextLen Length of the context buffer.
_Example_
\code
ed448_key key;
int ret, verified = 0;
byte sig[] { initialize with received signature };
byte hash[] = { initialize with SHAKE-256 hash of message };
byte context[] = { initialize with context of signature };
// initialize key with received public key
ret = wc_ed448ph_verify_hash(sig, sizeof(sig), hash, sizeof(hash),
&verified, &key, context, sizeof(context));
if (ret < 0) {
// error performing verification
} else if (verified == 0)
// the signature is invalid
}
\endcode
\sa wc_ed448_verify_msg
\sa wc_ed448ph_verify_msg
\sa wc_ed448ph_sign_hash
*/
int wc_ed448ph_verify_hash(const byte* sig, word32 siglen, const byte* hash,
word32 hashlen, int* res, ed448_key* key,
const byte* context, byte contextLen);
/*!
\ingroup ED448
\brief This function verifies the Ed448 signature of a message to ensure
authenticity. The context is included as part of the data
verified. The message is pre-hashed before verification. The answer is
returned through res, with 1 corresponding to a valid signature, and 0
corresponding to an invalid signature.
\return 0 Returned upon successfully performing the signature
verification and authentication.
\return BAD_FUNC_ARG Returned if any of the input parameters evaluate to
NULL, or if the siglen does not match the actual length of a signature.
\return SIG_VERIFY_E Returned if verification completes, but the signature
generated does not match the signature provided.
\param [in] sig Pointer to the buffer containing the signature to verify.
\param [in] siglen Length of the signature to verify.
\param [in] msg Pointer to the buffer containing the message to verify.
\param [in] msgLen Length of the message to verify.
\param [in] key Pointer to a public Ed448 key with which to verify the
signature.
\param [in] context Pointer to the buffer containing the context for which
the message was signed.
\param [in] contextLen Length of the context buffer.
_Example_
\code
ed448_key key;
int ret, verified = 0;
byte sig[] { initialize with received signature };
byte msg[] = { initialize with message };
byte context[] = { initialize with context of signature };
// initialize key with received public key
ret = wc_ed448ph_verify_msg(sig, sizeof(sig), msg, sizeof(msg), &verified,
&key, context, sizeof(context));
if (ret < 0) {
// error performing verification
} else if (verified == 0)
// the signature is invalid
}
\endcode
\sa wc_ed448_verify_msg
\sa wc_ed448ph_verify_hash
\sa wc_ed448ph_sign_msg
*/
int wc_ed448ph_verify_msg(const byte* sig, word32 siglen, const byte* msg,
word32 msgLen, int* res, ed448_key* key,
const byte* context, byte contextLen);
/*!
\ingroup ED448
\brief This function initializes an ed448_key object for future use
with message verification.
\return 0 Returned upon successfully initializing the ed448_key object.
\return BAD_FUNC_ARG Returned if key is NULL.
\param [in,out] key Pointer to the ed448_key object to initialize.
_Example_
\code
ed448_key key;
wc_ed448_init(&key);
\endcode
\sa wc_ed448_make_key
\sa wc_ed448_free
*/
int wc_ed448_init(ed448_key* key);
/*!
\ingroup ED448
\brief This function frees an Ed448 object after it has been used.
\param [in,out] key Pointer to the ed448_key object to free
_Example_
\code
ed448_key key;
// initialize key and perform secure exchanges
...
wc_ed448_free(&key);
\endcode
\sa wc_ed448_init
*/
void wc_ed448_free(ed448_key* key);
/*!
\ingroup ED448
\brief This function imports a public ed448_key pair from a buffer
containing the public key. This function will handle both compressed and
uncompressed keys. The public key is checked that it matches the private
key when one is present.
\return 0 Returned on successfully importing the ed448_key.
\return BAD_FUNC_ARG Returned if in or key evaluate to NULL, or inLen is
less than the size of an Ed448 key.
\param [in] in Pointer to the buffer containing the public key.
\param [in] inLen Length of the buffer containing the public key.
\param [in,out] key Pointer to the ed448_key object in which to store the
public key.
_Example_
\code
int ret;
byte pub[] = { initialize Ed448 public key };
ed_448 key;
wc_ed448_init_key(&key);
ret = wc_ed448_import_public(pub, sizeof(pub), &key);
if (ret != 0) {
// error importing key
}
\endcode
\sa wc_ed448_import_public_ex
\sa wc_ed448_import_private_key
\sa wc_ed448_import_private_key_ex
\sa wc_ed448_export_public
*/
int wc_ed448_import_public(const byte* in, word32 inLen, ed448_key* key);
/*!
\ingroup ED448
\brief This function imports a public ed448_key pair from a buffer
containing the public key. This function will handle both compressed and
uncompressed keys. Check public key matches private key, when present,
when not trusted.
\return 0 Returned on successfully importing the ed448_key.
\return BAD_FUNC_ARG Returned if in or key evaluate to NULL, or inLen is
less than the size of an Ed448 key.
\param [in] in Pointer to the buffer containing the public key.
\param [in] inLen Length of the buffer containing the public key.
\param [in,out] key Pointer to the ed448_key object in which to store the
public key.
\param [in] trusted Public key data is trusted or not.
_Example_
\code
int ret;
byte pub[] = { initialize Ed448 public key };
ed_448 key;
wc_ed448_init_key(&key);
ret = wc_ed448_import_public_ex(pub, sizeof(pub), &key, 1);
if (ret != 0) {
// error importing key
}
\endcode
\sa wc_ed448_import_public
\sa wc_ed448_import_private_key
\sa wc_ed448_import_private_key_ex
\sa wc_ed448_export_public
*/
int wc_ed448_import_public_ex(const byte* in, word32 inLen, ed448_key* key,
int trusted);
/*!
\ingroup ED448
\brief This function imports an Ed448 private key only from a
buffer.
\return 0 Returned on successfully importing the Ed448 private key.
\return BAD_FUNC_ARG Returned if in or key evaluate to NULL, or if
privSz is less than ED448_KEY_SIZE.
\param [in] priv Pointer to the buffer containing the private key.
\param [in] privSz Length of the private key.
\param [in,out] key Pointer to the ed448_key object in which to store the
imported private key.
_Example_
\code
int ret;
byte priv[] = { initialize with 57 byte private key };
ed448_key key;
wc_ed448_init_key(&key);
ret = wc_ed448_import_private_only(priv, sizeof(priv), &key);
if (ret != 0) {
// error importing private key
}
\endcode
\sa wc_ed448_import_public
\sa wc_ed448_import_public_ex
\sa wc_ed448_import_private_key
\sa wc_ed448_import_private_key_ex
\sa wc_ed448_export_private_only
*/
int wc_ed448_import_private_only(const byte* priv, word32 privSz,
ed448_key* key);
/*!
\ingroup ED448
\brief This function imports a public/private Ed448 key pair from a
pair of buffers. This function will handle both compressed and
uncompressed keys.
\return 0 Returned on successfully importing the Ed448 key.
\return BAD_FUNC_ARG Returned if in or key evaluate to NULL, or if
either privSz is less than ED448_KEY_SIZE or pubSz is less than
ED448_PUB_KEY_SIZE.
\param [in] priv Pointer to the buffer containing the private key.
\param [in] privSz Length of the private key.
\param [in] pub Pointer to the buffer containing the public key.
\param [in] pubSz Length of the public key.
\param [in,out] key Pointer to the ed448_key object in which to store the
imported private/public key pair.
_Example_
\code
int ret;
byte priv[] = { initialize with 57 byte private key };
byte pub[] = { initialize with the corresponding public key };
ed448_key key;
wc_ed448_init_key(&key);
ret = wc_ed448_import_private_key(priv, sizeof(priv), pub, sizeof(pub),
&key);
if (ret != 0) {
// error importing key
}
\endcode
\sa wc_ed448_import_public
\sa wc_ed448_import_public_ex
\sa wc_ed448_import_private_only
\sa wc_ed448_import_private_key_ex
\sa wc_ed448_export_private
*/
int wc_ed448_import_private_key(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, ed448_key* key);
/*!
\ingroup ED448
\brief This function imports a public/private Ed448 key pair from a
pair of buffers. This function will handle both compressed and
uncompressed keys. The public is checked against private key if not trusted.
\return 0 Returned on successfully importing the Ed448 key.
\return BAD_FUNC_ARG Returned if in or key evaluate to NULL, or if
either privSz is less than ED448_KEY_SIZE or pubSz is less than
ED448_PUB_KEY_SIZE.
\param [in] priv Pointer to the buffer containing the private key.
\param [in] privSz Length of the private key.
\param [in] pub Pointer to the buffer containing the public key.
\param [in] pubSz Length of the public key.
\param [in,out] key Pointer to the ed448_key object in which to store the
imported private/public key pair.
\param [in] trusted Public key data is trusted or not.
_Example_
\code
int ret;
byte priv[] = { initialize with 57 byte private key };
byte pub[] = { initialize with the corresponding public key };
ed448_key key;
wc_ed448_init_key(&key);
ret = wc_ed448_import_private_key_ex(priv, sizeof(priv), pub, sizeof(pub),
&key, 1);
if (ret != 0) {
// error importing key
}
\endcode
\sa wc_ed448_import_public
\sa wc_ed448_import_public_ex
\sa wc_ed448_import_private_only
\sa wc_ed448_import_private_key
\sa wc_ed448_export_private
*/
int wc_ed448_import_private_key_ex(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, ed448_key* key, int trusted);
/*!
\ingroup ED448
\brief This function exports the private key from an ed448_key
structure. It stores the public key in the buffer out, and sets the bytes
written to this buffer in outLen.
\return 0 Returned upon successfully exporting the public key.
\return BAD_FUNC_ARG Returned if any of the input values evaluate to NULL.
\return BUFFER_E Returned if the buffer provided is not large enough to
store the private key. Upon returning this error, the function sets the
size required in outLen.
\param [in] key Pointer to an ed448_key structure from which to export the
public key.
\param [out] out Pointer to the buffer in which to store the public key.
\param [in,out] outLen Pointer to a word32 object with the size available
in out. Set with the number of bytes written to out after successfully
exporting the public key.
_Example_
\code
int ret;
ed448_key key;
// initialize key, make key
char pub[57];
word32 pubSz = sizeof(pub);
ret = wc_ed448_export_public(&key, pub, &pubSz);
if (ret != 0) {
// error exporting public key
}
\endcode
\sa wc_ed448_import_public
\sa wc_ed448_import_public_ex
\sa wc_ed448_export_private_only
*/
int wc_ed448_export_public(ed448_key* key, byte* out, word32* outLen);
/*!
\ingroup ED448
\brief This function exports only the private key from an ed448_key
structure. It stores the private key in the buffer out, and sets
the bytes written to this buffer in outLen.
\return 0 Returned upon successfully exporting the private key.
\return ECC_BAD_ARG_E Returned if any of the input values evaluate to NULL.
\return BUFFER_E Returned if the buffer provided is not large enough
to store the private key.
\param [in] key Pointer to an ed448_key structure from which to export
the private key.
\param [out] out Pointer to the buffer in which to store the private key.
\param [in,out] outLen Pointer to a word32 object with the size available in
out. Set with the number of bytes written to out after successfully
exporting the private key.
_Example_
\code
int ret;
ed448_key key;
// initialize key, make key
char priv[57]; // 57 bytes because only private key
word32 privSz = sizeof(priv);
ret = wc_ed448_export_private_only(&key, priv, &privSz);
if (ret != 0) {
// error exporting private key
}
\endcode
\sa wc_ed448_export_public
\sa wc_ed448_import_private_key
\sa wc_ed448_import_private_key_ex
*/
int wc_ed448_export_private_only(ed448_key* key, byte* out, word32* outLen);
/*!
\ingroup ED448
\brief This function exports the key pair from an ed448_key
structure. It stores the key pair in the buffer out, and sets
the bytes written to this buffer in outLen.
\return 0 Returned upon successfully exporting the key pair.
\return ECC_BAD_ARG_E Returned if any of the input values evaluate to NULL.
\return BUFFER_E Returned if the buffer provided is not large enough
to store the key pair.
\param [in] key Pointer to an ed448_key structure from which to export
the key pair.
\param [out] out Pointer to the buffer in which to store the key pair.
\param [in,out] outLen Pointer to a word32 object with the size available in
out. Set with the number of bytes written to out after successfully
exporting the key pair.
_Example_
\code
ed448_key key;
wc_ed448_init(&key);
WC_RNG rng;
wc_InitRng(&rng);
wc_ed448_make_key(&rng, 57, &key); // initialize 57 byte Ed448 key
byte out[114]; // out needs to be a sufficient buffer size
word32 outLen = sizeof(out);
int key_size = wc_ed448_export_private(&key, out, &outLen);
if (key_size == BUFFER_E) {
// Check size of out compared to outLen to see if function reset outLen
}
\endcode
\sa wc_ed448_import_private
\sa wc_ed448_export_private_only
*/
int wc_ed448_export_private(ed448_key* key, byte* out, word32* outLen);
/*!
\ingroup ED448
\brief This function exports the private and public key separately from an
ed448_key structure. It stores the private key in the buffer priv, and sets
the bytes written to this buffer in privSz. It stores the public key in the
buffer pub, and sets the bytes written to this buffer in pubSz.
\return 0 Returned upon successfully exporting the key pair.
\return ECC_BAD_ARG_E Returned if any of the input values evaluate to NULL.
\return BUFFER_E Returned if the buffer provided is not large enough
to store the key pair.
\param [in] key Pointer to an ed448_key structure from which to export
the key pair.
\param [out] priv Pointer to the buffer in which to store the private key.
\param [in,out] privSz Pointer to a word32 object with the size available in
out. Set with the number of bytes written to out after successfully
exporting the private key.
\param [out] pub Pointer to the buffer in which to store the public key.
\param [in,out] pubSz Pointer to a word32 object with the size available in
out. Set with the number of bytes written to out after successfully
exporting the public key.
_Example_
\code
int ret;
ed448_key key;
// initialize key, make key
char pub[57];
word32 pubSz = sizeof(pub);
char priv[57];
word32 privSz = sizeof(priv);
ret = wc_ed448_export_key(&key, priv, &pubSz, pub, &pubSz);
if (ret != 0) {
// error exporting private and public key
}
\endcode
\sa wc_ed448_export_private
\sa wc_ed448_export_public
*/
int wc_ed448_export_key(ed448_key* key,
byte* priv, word32 *privSz,
byte* pub, word32 *pubSz);
/*!
\ingroup ED448
\brief This function checks the public key in ed448_key structure matches
the private key.
\return 0 Returned if the private and public key matched.
\return BAD_FUNC_ARGS Returned if the given key is NULL.
\param [in] key Pointer to an ed448_key structure holding a private and
public key.
_Example_
\code
int ret;
byte priv[] = { initialize with 57 byte private key };
byte pub[] = { initialize with the corresponding public key };
ed448_key key;
wc_ed448_init_key(&key);
wc_ed448_import_private_key_ex(priv, sizeof(priv), pub, sizeof(pub), &key,
1);
ret = wc_ed448_check_key(&key);
if (ret != 0) {
// error checking key
}
\endcode
\sa wc_ed448_import_private_key
\sa wc_ed448_import_private_key_ex
*/
int wc_ed448_check_key(ed448_key* key);
/*!
\ingroup ED448
\brief This function returns the size of an Ed448 private key - 57 bytes.
\return ED448_KEY_SIZE The size of a valid private key (57 bytes).
\return BAD_FUNC_ARGS Returned if the given key is NULL.
\param [in] key Pointer to an ed448_key structure for which to get the
key size.
_Example_
\code
int keySz;
ed448_key key;
// initialize key, make key
keySz = wc_ed448_size(&key);
if (keySz == 0) {
// error determining key size
}
\endcode
\sa wc_ed448_make_key
*/
int wc_ed448_size(ed448_key* key);
/*!
\ingroup ED448
\brief This function returns the private key size (secret + public) in
bytes.
\return ED448_PRV_KEY_SIZE The size of the private key (114 bytes).
\return BAD_FUNC_ARG Returns if key argument is NULL.
\param [in] key Pointer to an ed448_key structure for which to get the
key size.
_Example_
\code
ed448_key key;
wc_ed448_init(&key);
WC_RNG rng;
wc_InitRng(&rng);
wc_ed448_make_key(&rng, 57, &key); // initialize 57 byte Ed448 key
int key_size = wc_ed448_priv_size(&key);
\endcode
\sa wc_ed448_pub_size
*/
int wc_ed448_priv_size(ed448_key* key);
/*!
\ingroup ED448
\brief This function returns the compressed key size in bytes (public key).
\return ED448_PUB_KEY_SIZE The size of the compressed public key (57 bytes).
\return BAD_FUNC_ARG Returns if key argument is NULL.
\param [in] key Pointer to an ed448_key structure for which to get the
key size.
_Example_
\code
ed448_key key;
wc_ed448_init(&key);
WC_RNG rng;
wc_InitRng(&rng);
wc_ed448_make_key(&rng, 57, &key); // initialize 57 byte Ed448 key
int key_size = wc_ed448_pub_size(&key);
\endcode
\sa wc_ed448_priv_size
*/
int wc_ed448_pub_size(ed448_key* key);
/*!
\ingroup ED448
\brief This function returns the size of an Ed448 signature (114 in bytes).
\return ED448_SIG_SIZE The size of an Ed448 signature (114 bytes).
\return BAD_FUNC_ARG Returns if key argument is NULL.
\param [in] key Pointer to an ed448_key structure for which to get the
signature size.
_Example_
\code
int sigSz;
ed448_key key;
// initialize key, make key
sigSz = wc_ed448_sig_size(&key);
if (sigSz == 0) {
// error determining sig size
}
\endcode
\sa wc_ed448_sign_msg
*/
int wc_ed448_sig_size(ed448_key* key);

49
android/extern/wolfssl/doc/dox_comments/header_files/error-crypt.h vendored Normal file
View File

@@ -0,0 +1,49 @@
/*!
\ingroup Error
\brief This function stores the error string for a particular error code
in the given buffer.
\return none No returns.
\param error error code for which to get the string
\param buffer buffer in which to store the error string. Buffer should be
at least WOLFSSL_MAX_ERROR_SZ (80 bytes) long
_Example_
\code
char errorMsg[WOLFSSL_MAX_ERROR_SZ];
int err = wc_some_function();
if( err != 0) { // error occurred
wc_ErrorString(err, errorMsg);
}
\endcode
\sa wc_GetErrorString
*/
void wc_ErrorString(int err, char* buff);
/*!
\ingroup Error
\brief This function returns the error string for a particular error code.
\return string Returns the error string for an error code as a
string literal.
\param error error code for which to get the string
_Example_
\code
char * errorMsg;
int err = wc_some_function();
if( err != 0) { // error occurred
errorMsg = wc_GetErrorString(err);
}
\endcode
\sa wc_ErrorString
*/
const char* wc_GetErrorString(int error);

444
android/extern/wolfssl/doc/dox_comments/header_files/evp.h vendored Normal file
View File

@@ -0,0 +1,444 @@
/*!
\ingroup openSSL
\brief Getter functions for the respective WOLFSSL_EVP_CIPHER pointers.
wolfSSL_EVP_init() must be called once in the program first to populate
these cipher strings. WOLFSSL_DES_ECB macro must be defined for
wolfSSL_EVP_des_ede3_ecb().
\return pointer Returns a WOLFSSL_EVP_CIPHER pointer for DES EDE3 operations.
\param none No parameters.
_Example_
\code
printf("block size des ede3 cbc = %d\n",
wolfSSL_EVP_CIPHER_block_size(wolfSSL_EVP_des_ede3_cbc()));
printf("block size des ede3 ecb = %d\n",
wolfSSL_EVP_CIPHER_block_size(wolfSSL_EVP_des_ede3_ecb()));
\endcode
\sa wolfSSL_EVP_CIPHER_CTX_init
*/
const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ede3_ecb(void);
/*!
\ingroup openSSL
\brief Getter functions for the respective WOLFSSL_EVP_CIPHER pointers.
wolfSSL_EVP_init() must be called once in the program first to populate
these cipher strings. WOLFSSL_DES_ECB macro must be defined for
wolfSSL_EVP_des_ecb().
\return pointer Returns a WOLFSSL_EVP_CIPHER pointer for DES operations.
\param none No parameters.
_Example_
\code
WOLFSSL_EVP_CIPHER* cipher;
cipher = wolfSSL_EVP_des_cbc();
\endcode
\sa wolfSSL_EVP_CIPHER_CTX_init
*/
const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_cbc(void);
/*!
\ingroup openSSL
\brief Function for initializing WOLFSSL_EVP_MD_CTX. This function is a
wrapper for wolfSSL_EVP_DigestInit() because wolfSSL does not
use WOLFSSL_ENGINE.
\return SSL_SUCCESS If successfully set.
\return SSL_FAILURE If not successful.
\param ctx structure to initialize.
\param type type of hash to do, for example SHA.
\param impl engine to use. N/A for wolfSSL, can be NULL.
_Example_
\code
WOLFSSL_EVP_MD_CTX* md = NULL;
wolfCrypt_Init();
md = wolfSSL_EVP_MD_CTX_new();
if (md == NULL) {
printf("error setting md\n");
return -1;
}
printf("cipher md init ret = %d\n", wolfSSL_EVP_DigestInit_ex(md,
wolfSSL_EVP_sha1(), e));
//free resources
\endcode
\sa wolfSSL_EVP_MD_CTX_new
\sa wolfCrypt_Init
\sa wolfSSL_EVP_MD_CTX_free
*/
int wolfSSL_EVP_DigestInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
const WOLFSSL_EVP_MD* type,
WOLFSSL_ENGINE *impl);
/*!
\ingroup openSSL
\brief Function for initializing WOLFSSL_EVP_CIPHER_CTX. This function is a
wrapper for wolfSSL_CipherInit() because wolfSSL does not
use WOLFSSL_ENGINE.
\return SSL_SUCCESS If successfully set.
\return SSL_FAILURE If not successful.
\param ctx structure to initialize.
\param type type of encryption/decryption to do, for example AES.
\param impl engine to use. N/A for wolfSSL, can be NULL.
\param key key to set .
\param iv iv if needed by algorithm.
\param enc encryption (1) or decryption (0) flag.
_Example_
\code
WOLFSSL_EVP_CIPHER_CTX* ctx = NULL;
WOLFSSL_ENGINE* e = NULL;
unsigned char key[16];
unsigned char iv[12];
wolfCrypt_Init();
ctx = wolfSSL_EVP_CIPHER_CTX_new();
if (ctx == NULL) {
printf("issue creating ctx\n");
return -1;
}
printf("cipher init ex error ret = %d\n", wolfSSL_EVP_CipherInit_ex(NULL,
EVP_aes_128_ cbc(), e, key, iv, 1));
printf("cipher init ex success ret = %d\n", wolfSSL_EVP_CipherInit_ex(ctx,
EVP_aes_128_c bc(), e, key, iv, 1));
// free resources
\endcode
\sa wolfSSL_EVP_CIPHER_CTX_new
\sa wolfCrypt_Init
\sa wolfSSL_EVP_CIPHER_CTX_free
*/
int wolfSSL_EVP_CipherInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_ENGINE *impl,
const unsigned char* key,
const unsigned char* iv,
int enc);
/*!
\ingroup openSSL
\brief Function for initializing WOLFSSL_EVP_CIPHER_CTX. This function is a
wrapper for wolfSSL_EVP_CipherInit() because wolfSSL does not use
WOLFSSL_ENGINE. Sets encrypt flag to be encrypt.
\return SSL_SUCCESS If successfully set.
\return SSL_FAILURE If not successful.
\param ctx structure to initialize.
\param type type of encryption to do, for example AES.
\param impl engine to use. N/A for wolfSSL, can be NULL.
\param key key to use.
\param iv iv to use.
_Example_
\code
WOLFSSL_EVP_CIPHER_CTX* ctx = NULL;
wolfCrypt_Init();
ctx = wolfSSL_EVP_CIPHER_CTX_new();
if (ctx == NULL) {
printf("error setting ctx\n");
return -1;
}
printf("cipher ctx init ret = %d\n", wolfSSL_EVP_EncryptInit_ex(ctx,
wolfSSL_EVP_aes_128_cbc(), e, key, iv));
//free resources
\endcode
\sa wolfSSL_EVP_CIPHER_CTX_new
\sa wolfCrypt_Init
\sa wolfSSL_EVP_CIPHER_CTX_free
*/
int wolfSSL_EVP_EncryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_ENGINE *impl,
const unsigned char* key,
const unsigned char* iv);
/*!
\ingroup openSSL
\brief Function for initializing WOLFSSL_EVP_CIPHER_CTX. This function is a
wrapper for wolfSSL_EVP_CipherInit() because wolfSSL does not use
WOLFSSL_ENGINE. Sets encrypt flag to be decrypt.
\return SSL_SUCCESS If successfully set.
\return SSL_FAILURE If not successful.
\param ctx structure to initialize.
\param type type of encryption/decryption to do, for example AES.
\param impl engine to use. N/A for wolfSSL, can be NULL.
\param key key to set .
\param iv iv if needed by algorithm.
\param enc encryption (1) or decryption (0) flag.
_Example_
\code
WOLFSSL_EVP_CIPHER_CTX* ctx = NULL;
WOLFSSL_ENGINE* e = NULL;
unsigned char key[16];
unsigned char iv[12];
wolfCrypt_Init();
ctx = wolfSSL_EVP_CIPHER_CTX_new();
if (ctx == NULL) {
printf("issue creating ctx\n");
return -1;
}
printf("cipher init ex error ret = %d\n", wolfSSL_EVP_DecryptInit_ex(NULL,
EVP_aes_128_ cbc(), e, key, iv, 1));
printf("cipher init ex success ret = %d\n", wolfSSL_EVP_DecryptInit_ex(ctx,
EVP_aes_128_c bc(), e, key, iv, 1));
// free resources
\endcode
\sa wolfSSL_EVP_CIPHER_CTX_new
\sa wolfCrypt_Init
\sa wolfSSL_EVP_CIPHER_CTX_free
*/
int wolfSSL_EVP_DecryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_ENGINE *impl,
const unsigned char* key,
const unsigned char* iv);
/*!
\ingroup openSSL
\brief Function for encrypting/decrypting data. In buffer is added to be
encrypted or decrypted and out buffer holds the results. outl will be the
length of encrypted/decrypted information.
\return SSL_SUCCESS If successful.
\return SSL_FAILURE If not successful.
\param ctx structure to get cipher type from.
\param out buffer to hold output.
\param outl adjusted to be size of output.
\param in buffer to perform operation on.
\param inl length of input buffer.
_Example_
\code
WOLFSSL_EVP_CIPHER_CTX* ctx = NULL;
unsigned char out[100];
int outl;
unsigned char in[100];
int inl = 100;
ctx = wolfSSL_EVP_CIPHER_CTX_new();
// set up ctx
ret = wolfSSL_EVP_CipherUpdate(ctx, out, outl, in, inl);
// check ret value
// buffer out holds outl bytes of data
// free resources
\endcode
\sa wolfSSL_EVP_CIPHER_CTX_new
\sa wolfCrypt_Init
\sa wolfSSL_EVP_CIPHER_CTX_free
*/
int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
unsigned char *out, int *outl,
const unsigned char *in, int inl);
/*!
\ingroup openSSL
\brief This function performs the final cipher operations adding in
padding. If WOLFSSL_EVP_CIPH_NO_PADDING flag is set in
WOLFSSL_EVP_CIPHER_CTX structure then 1 is returned and no
encryption/decryption is done. If padding flag is seti padding is added and
encrypted when ctx is set to encrypt, padding values are checked when set
to decrypt.
\return 1 Returned on success.
\return 0 If encountering a failure.
\param ctx structure to decrypt/encrypt with.
\param out buffer for final decrypt/encrypt.
\param out1 size of out buffer when data has been added by function.
_Example_
\code
WOLFSSL_EVP_CIPHER_CTX* ctx;
int out1;
unsigned char out[64];
// create ctx
wolfSSL_EVP_CipherFinal(ctx, out, &out1);
\endcode
\sa wolfSSL_EVP_CIPHER_CTX_new
*/
int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
unsigned char *out, int *outl);
/*!
\ingroup openSSL
\brief Setter function for WOLFSSL_EVP_CIPHER_CTX structure key length.
\return SSL_SUCCESS If successfully set.
\return SSL_FAILURE If failed to set key length.
\param ctx structure to set key length.
\param keylen key length.
_Example_
\code
WOLFSSL_EVP_CIPHER_CTX* ctx;
int keylen;
// create ctx
wolfSSL_EVP_CIPHER_CTX_set_key_length(ctx, keylen);
\endcode
\sa wolfSSL_EVP_CIPHER_flags
*/
int wolfSSL_EVP_CIPHER_CTX_set_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx,
int keylen);
/*!
\ingroup openSSL
\brief This is a getter function for the ctx block size.
\return size Returns ctx->block_size.
\param ctx the cipher ctx to get block size of.
_Example_
\code
const WOLFSSL_CVP_CIPHER_CTX* ctx;
//set up ctx
printf(“block size = %d\n”, wolfSSL_EVP_CIPHER_CTX_block_size(ctx));
\endcode
\sa wolfSSL_EVP_CIPHER_block_size
*/
int wolfSSL_EVP_CIPHER_CTX_block_size(const WOLFSSL_EVP_CIPHER_CTX *ctx);
/*!
\ingroup openSSL
\brief This is a getter function for the block size of cipher.
\return size returns the block size.
\param cipher cipher to get block size of.
_Example_
\code
printf(“block size = %d\n”,
wolfSSL_EVP_CIPHER_block_size(wolfSSL_EVP_aes_256_ecb()));
\endcode
\sa wolfSSL_EVP_aes_256_ctr
*/
int wolfSSL_EVP_CIPHER_block_size(const WOLFSSL_EVP_CIPHER *cipher);
/*!
\ingroup openSSL
\brief Setter function for WOLFSSL_EVP_CIPHER_CTX structure.
\return none No returns.
\param ctx structure to set flag.
\param flag flag to set in structure.
_Example_
\code
WOLFSSL_EVP_CIPHER_CTX* ctx;
int flag;
// create ctx
wolfSSL_EVP_CIPHER_CTX_set_flags(ctx, flag);
\endcode
\sa wolfSSL_EVP_CIPHER_flags
\sa wolfSSL_EVP_CIPHER_CTX_flags
*/
void wolfSSL_EVP_CIPHER_CTX_set_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags);
/*!
\ingroup openSSL
\brief Clearing function for WOLFSSL_EVP_CIPHER_CTX structure.
\return none No returns.
\param ctx structure to clear flag.
\param flag flag value to clear in structure.
_Example_
\code
WOLFSSL_EVP_CIPHER_CTX* ctx;
int flag;
// create ctx
wolfSSL_EVP_CIPHER_CTX_clear_flags(ctx, flag);
\endcode
\sa wolfSSL_EVP_CIPHER_flags
\sa wolfSSL_EVP_CIPHER_CTX_flags
*/
void wolfSSL_EVP_CIPHER_CTX_clear_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags);
/*!
\ingroup openSSL
\brief Setter function for WOLFSSL_EVP_CIPHER_CTX structure to use padding.
\return SSL_SUCCESS If successfully set.
\return BAD_FUNC_ARG If null argument passed in.
\param ctx structure to set padding flag.
\param padding 0 for not setting padding, 1 for setting padding.
_Example_
\code
WOLFSSL_EVP_CIPHER_CTX* ctx;
// create ctx
wolfSSL_EVP_CIPHER_CTX_set_padding(ctx, 1);
\endcode
\sa wolfSSL_EVP_CIPHER_CTX_new
*/
int wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *c, int pad);
/*!
\ingroup openSSL
\brief Getter function for WOLFSSL_EVP_CIPHER_CTX structure. Deprecated v1.1.0
\return unsigned long of flags/mode.
\param ctx structure to get flag.
_Example_
\code
WOLFSSL_EVP_CIPHER_CTX* ctx;
unsigned long flags;
ctx = wolfSSL_EVP_CIPHER_CTX_new()
flags = wolfSSL_EVP_CIPHER_CTX_flags(ctx);
\endcode
\sa wolfSSL_EVP_CIPHER_CTX_new
\sa wolfSSL_EVP_CIPHER_flags
*/
unsigned long wolfSSL_EVP_CIPHER_CTX_flags(const WOLFSSL_EVP_CIPHER_CTX *ctx);

396
android/extern/wolfssl/doc/dox_comments/header_files/hash.h vendored Normal file
View File

@@ -0,0 +1,396 @@
/*!
\ingroup wolfCrypt
\brief This function will return the OID for the wc_HashType provided.
\return OID returns value greater than 0
\return HASH_TYPE_E hash type not supported.
\return BAD_FUNC_ARG one of the provided arguments is incorrect.
\param hash_type A hash type from the “enum wc_HashType” such
as “WC_HASH_TYPE_SHA256”.
_Example_
\code
enum wc_HashType hash_type = WC_HASH_TYPE_SHA256;
int oid = wc_HashGetOID(hash_type);
if (oid > 0) {
// Success
}
\endcode
\sa wc_HashGetDigestSize
\sa wc_Hash
*/
int wc_HashGetOID(enum wc_HashType hash_type);
/*!
\ingroup wolfCrypt
\brief This function returns the size of the digest (output) for a
hash_type. The returns size is used to make sure the output buffer
provided to wc_Hash is large enough.
\return Success A positive return value indicates the digest size
for the hash.
\return Error Returns HASH_TYPE_E if hash_type is not supported.
\return Failure Returns BAD_FUNC_ARG if an invalid hash_type was used.
\param hash_type A hash type from the “enum wc_HashType” such as
“WC_HASH_TYPE_SHA256”.
_Example_
\code
int hash_len = wc_HashGetDigestSize(hash_type);
if (hash_len <= 0) {
WOLFSSL_MSG("Invalid hash type/len");
return BAD_FUNC_ARG;
}
\endcode
\sa wc_Hash
*/
int wc_HashGetDigestSize(enum wc_HashType hash_type);
/*!
\ingroup wolfCrypt
\brief This function performs a hash on the provided data buffer
and returns it in the hash buffer provided.
\return 0 Success, else error (such as BAD_FUNC_ARG or BUFFER_E).
\param hash_type A hash type from the “enum wc_HashType”
such as “WC_HASH_TYPE_SHA256”.
\param data Pointer to buffer containing the data to hash.
\param data_len Length of the data buffer.
\param hash Pointer to buffer used to output the final hash to.
\param hash_len Length of the hash buffer.
_Example_
\code
enum wc_HashType hash_type = WC_HASH_TYPE_SHA256;
int hash_len = wc_HashGetDigestSize(hash_type);
if (hash_len > 0) {
int ret = wc_Hash(hash_type, data, data_len, hash_data, hash_len);
if(ret == 0) {
// Success
}
}
\endcode
\sa wc_HashGetDigestSize
*/
int wc_Hash(enum wc_HashType hash_type,
const byte* data, word32 data_len,
byte* hash, word32 hash_len);
/*!
\ingroup MD5
\brief Convenience function, handles all the hashing and places the
result into hash.
\return 0 Returned upon successfully hashing the data.
\return Memory_E memory error, unable to allocate memory. This is only
possible with the small stack option enabled.
\param data the data to hash
\param len the length of data
\param hash Byte array to hold hash value.
_Example_
\code
const byte* data;
word32 data_len;
byte* hash;
int ret;
...
ret = wc_Md5Hash(data, data_len, hash);
if (ret != 0) {
// Md5 Hash Failure Case.
}
\endcode
\sa wc_Md5Hash
\sa wc_Md5Final
\sa wc_InitMd5
*/
int wc_Md5Hash(const byte* data, word32 len, byte* hash);
/*!
\ingroup SHA
\brief Convenience function, handles all the hashing and places the
result into hash.
\return 0 Returned upon successfully ….
\return Memory_E memory error, unable to allocate memory. This is only
possible with the small stack option enabled.
\param data the data to hash
\param len the length of data
\param hash Byte array to hold hash value.
_Example_
\code
none
\endcode
\sa wc_ShaHash
\sa wc_ShaFinal
\sa wc_InitSha
*/
int wc_ShaHash(const byte* data, word32 len, byte* hash);
/*!
\ingroup SHA
\brief Convenience function, handles all the hashing and places the
result into hash.
\return 0 Success
\return <0 Error
\param data the data to hash
\param len the length of data
\param hash Byte array to hold hash value.
_Example_
\code
none
\endcode
\sa wc_InitSha224
\sa wc_Sha224Update
\sa wc_Sha224Final
*/
int wc_Sha224Hash(const byte* data, word32 len, byte* hash);
/*!
\ingroup SHA
\brief Convenience function, handles all the hashing and places the
result into hash.
\return 0 Returned upon successfully …
\return Memory_E memory error, unable to allocate memory. This is only
possible with the small stack option enabled.
\param data the data to hash
\param len the length of data
\param hash Byte array to hold hash value.
_Example_
\code
none
\endcode
\sa wc_Sha256Hash
\sa wc_Sha256Final
\sa wc_InitSha256
*/
int wc_Sha256Hash(const byte* data, word32 len, byte* hash);
/*!
\ingroup SHA
\brief Convenience function, handles all the hashing and places the
result into hash.
\return 0 Returned upon successfully hashing the data
\return Memory_E memory error, unable to allocate memory. This is only
possible with the small stack option enabled.
\param data the data to hash
\param len the length of data
\param hash Byte array to hold hash value.
_Example_
\code
none
\endcode
\sa wc_Sha384Hash
\sa wc_Sha384Final
\sa wc_InitSha384
*/
int wc_Sha384Hash(const byte* data, word32 len, byte* hash);
/*!
\ingroup SHA
\brief Convenience function, handles all the hashing and places the
result into hash.
\return 0 Returned upon successfully hashing the inputted data
\return Memory_E memory error, unable to allocate memory. This is only
possible with the small stack option enabled.
\param data the data to hash
\param len the length of data
\param hash Byte array to hold hash value.
_Example_
\code
none
\endcode
\sa wc_Sha512Hash
\sa wc_Sha512Final
\sa wc_InitSha512
*/
int wc_Sha512Hash(const byte* data, word32 len, byte* hash);
/*!
\ingroup SHA
\brief Convenience function, handles all the hashing and places the
result into hash.
\return 0 Returned upon successfully hashing the data
\return Memory_E memory error, unable to allocate memory. This is only
possible with the small stack option enabled.
\param data the data to hash
\param len the length of data
\param hash Byte array to hold hash value.
_Example_
\code
none
\endcode
\sa wc_InitSha3_224
\sa wc_Sha3_224_Update
\sa wc_Sha3_224_Final
*/
int wc_Sha3_224Hash(const byte* data, word32 len, byte* hash);
/*!
\ingroup SHA
\brief Convenience function, handles all the hashing and places the
result into hash.
\return 0 Returned upon successfully hashing the data
\return Memory_E memory error, unable to allocate memory. This is only
possible with the small stack option enabled.
\param data the data to hash
\param len the length of data
\param hash Byte array to hold hash value.
_Example_
\code
none
\endcode
\sa wc_InitSha3_256
\sa wc_Sha3_256_Update
\sa wc_Sha3_256_Final
*/
int wc_Sha3_256Hash(const byte* data, word32 len, byte* hash);
/*!
\ingroup SHA
\brief Convenience function, handles all the hashing and places the
result into hash.
\return 0 Returned upon successfully hashing the data
\return Memory_E memory error, unable to allocate memory. This is only
possible with the small stack option enabled.
\param data the data to hash
\param len the length of data
\param hash Byte array to hold hash value.
_Example_
\code
none
\endcode
\sa wc_InitSha3_384
\sa wc_Sha3_384_Update
\sa wc_Sha3_384_Final
*/
int wc_Sha3_384Hash(const byte* data, word32 len, byte* hash);
/*!
\ingroup SHA
\brief Convenience function, handles all the hashing and places the
result into hash.
\return 0 Returned upon successfully hashing the inputted data
\return Memory_E memory error, unable to allocate memory. This is only
possible with the small stack option enabled.
\param data the data to hash
\param len the length of data
\param hash Byte array to hold hash value.
_Example_
\code
none
\endcode
\sa wc_InitSha3_512
\sa wc_Sha3_512_Update
\sa wc_Sha3_512_Final
*/
int wc_Sha3_512Hash(const byte* data, word32 len, byte* hash);
/*!
\ingroup SHA
\brief Convenience function, handles all the hashing and places the
result into hash.
\return 0 Returned upon successfully hashing the inputted data
\return Memory_E memory error, unable to allocate memory. This is only
possible with the small stack option enabled.
\param data the data to hash
\param len the length of data
\param hash Byte array to hold hash value.
_Example_
\code
none
\endcode
\sa wc_InitShake128
\sa wc_Shake128_Update
\sa wc_Shake128_Final
*/
int wc_Shake128Hash(const byte* data, word32 len, byte* hash);
/*!
\ingroup SHA
\brief Convenience function, handles all the hashing and places the
result into hash.
\return 0 Returned upon successfully hashing the inputted data
\return Memory_E memory error, unable to allocate memory. This is only
possible with the small stack option enabled.
\param data the data to hash
\param len the length of data
\param hash Byte array to hold hash value.
_Example_
\code
none
\endcode
\sa wc_InitShake256
\sa wc_Shake256_Update
\sa wc_Shake256_Final
*/
int wc_Shake256Hash(const byte* data, word32 len, byte* hash);

172
android/extern/wolfssl/doc/dox_comments/header_files/hmac.h vendored Normal file
View File

@@ -0,0 +1,172 @@
/*!
\ingroup HMAC
\brief This function initializes an Hmac object, setting its
encryption type, key and HMAC length.
\return 0 Returned on successfully initializing the Hmac object
\return BAD_FUNC_ARG Returned if the input type is invalid (see type param)
\return MEMORY_E Returned if there is an error allocating memory for the
structure to use for hashing
\return HMAC_MIN_KEYLEN_E May be returned when using a FIPS implementation
and the key length specified is shorter than the minimum acceptable
FIPS standard
\param hmac pointer to the Hmac object to initialize
\param type type specifying which encryption method the Hmac object
should use. Valid options are: WC_MD5, WC_SHA, WC_SHA256, WC_SHA384,
WC_SHA512, WC_SHA3_224, WC_SHA3_256, WC_SHA3_384 or WC_SHA3_512
\param key pointer to a buffer containing the key with which to
initialize the Hmac object
\param length length of the key
_Example_
\code
Hmac hmac;
byte key[] = { // initialize with key to use for encryption };
if (wc_HmacSetKey(&hmac, WC_MD5, key, sizeof(key)) != 0) {
// error initializing Hmac object
}
\endcode
\sa wc_HmacUpdate
\sa wc_HmacFinal
*/
int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz);
/*!
\ingroup HMAC
\brief This function updates the message to authenticate using HMAC.
It should be called after the Hmac object has been initialized with
wc_HmacSetKey. This function may be called multiple times to update
the message to hash. After calling wc_HmacUpdate as desired, one should
call wc_HmacFinal to obtain the final authenticated message tag.
\return 0 Returned on successfully updating the message to authenticate
\return MEMORY_E Returned if there is an error allocating memory for
use with a hashing algorithm
\param hmac pointer to the Hmac object for which to update the message
\param msg pointer to the buffer containing the message to append
\param length length of the message to append
_Example_
\code
Hmac hmac;
byte msg[] = { // initialize with message to authenticate };
byte msg2[] = { // initialize with second half of message };
// initialize hmac
if( wc_HmacUpdate(&hmac, msg, sizeof(msg)) != 0) {
// error updating message
}
if( wc_HmacUpdate(&hmac, msg2, sizeof(msg)) != 0) {
// error updating with second message
}
\endcode
\sa wc_HmacSetKey
\sa wc_HmacFinal
*/
int wc_HmacUpdate(Hmac* hmac, const byte* in, word32 sz);
/*!
\ingroup HMAC
\brief This function computes the final hash of an Hmac object's message.
\return 0 Returned on successfully computing the final hash
\return MEMORY_E Returned if there is an error allocating memory for
use with a hashing algorithm
\param hmac pointer to the Hmac object for which to calculate the
final hash
\param hash pointer to the buffer in which to store the final hash.
Should have room available as required by the hashing algorithm chosen
_Example_
\code
Hmac hmac;
byte hash[MD5_DIGEST_SIZE];
// initialize hmac with MD5 as type
// wc_HmacUpdate() with messages
if (wc_HmacFinal(&hmac, hash) != 0) {
// error computing hash
}
\endcode
\sa wc_HmacSetKey
\sa wc_HmacUpdate
*/
int wc_HmacFinal(Hmac* hmac, byte* out);
/*!
\ingroup HMAC
\brief This function returns the largest HMAC digest size available
based on the configured cipher suites.
\return Success Returns the largest HMAC digest size available based
on the configured cipher suites
\param none No parameters.
_Example_
\code
int maxDigestSz = wolfSSL_GetHmacMaxSize();
\endcode
\sa none
*/
int wolfSSL_GetHmacMaxSize(void);
/*!
\ingroup HMAC
\brief This function provides access to a HMAC Key Derivation Function
(HKDF). It utilizes HMAC to convert inKey, with an optional salt and
optional info into a derived key, which it stores in out. The hash type
defaults to MD5 if 0 or NULL is given.
\return 0 Returned upon successfully generating a key with the given inputs
\return BAD_FUNC_ARG Returned if an invalid hash type is given (see type param)
\return MEMORY_E Returned if there is an error allocating memory
\return HMAC_MIN_KEYLEN_E May be returned when using a FIPS implementation
and the key length specified is shorter than the minimum acceptable FIPS
standard
\param type hash type to use for the HKDF. Valid types are: WC_MD5, WC_SHA,
WC_SHA256, WC_SHA384, WC_SHA512, WC_SHA3_224, WC_SHA3_256, WC_SHA3_384 or
WC_SHA3_512
\param inKey pointer to the buffer containing the key to use for KDF
\param inKeySz length of the input key
\param salt pointer to a buffer containing an optional salt. Use NULL
instead if not using a salt
\param saltSz length of the salt. Use 0 if not using a salt
\param info pointer to a buffer containing optional additional info.
Use NULL if not appending extra info
\param infoSz length of additional info. Use 0 if not using additional info
\param out pointer to the buffer in which to store the derived key
\param outSz space available in the output buffer to store the
generated key
_Example_
\code
byte key[] = { // initialize with key };
byte salt[] = { // initialize with salt };
byte derivedKey[MAX_DIGEST_SIZE];
int ret = wc_HKDF(WC_SHA512, key, sizeof(key), salt, sizeof(salt),
NULL, 0, derivedKey, sizeof(derivedKey));
if ( ret != 0 ) {
// error generating derived key
}
\endcode
\sa wc_HmacSetKey
*/
int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
const byte* salt, word32 saltSz,
const byte* info, word32 infoSz,
byte* out, word32 outSz);

465
android/extern/wolfssl/doc/dox_comments/header_files/iotsafe.h vendored Normal file
View File

@@ -0,0 +1,465 @@
/*!
\ingroup IoTSafe
\brief This function enables the IoT-Safe support on the given context.
\param ctx pointer to the WOLFSSL_CTX object on which the IoT-safe support must be enabled
\return 0 on success
\return WC_HW_E on hardware error
_Example_
\code
WOLFSSL_CTX *ctx;
ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
if (!ctx)
return NULL;
wolfSSL_CTX_iotsafe_enable(ctx);
\endcode
\sa wolfSSL_iotsafe_on
\sa wolfIoTSafe_SetCSIM_read_cb
\sa wolfIoTSafe_SetCSIM_write_cb
*/
int wolfSSL_CTX_iotsafe_enable(WOLFSSL_CTX *ctx);
/*!
\ingroup IoTSafe
\brief This function connects the IoT-Safe TLS callbacks to the given SSL session.
\brief This should be called to connect a SSL session to IoT-Safe applet when the
ID of the slots are one-byte long.
If IoT-SAFE slots have an ID of two or more bytes, \ref wolfSSL_iotsafe_on_ex "wolfSSL_iotsafe_on_ex()"
should be used instead.
\param ssl pointer to the WOLFSSL object where the callbacks will be enabled
\param privkey_id id of the iot-safe applet slot containing the private key for the host
\param ecdh_keypair_slot id of the iot-safe applet slot to store the ECDH keypair
\param peer_pubkey_slot id of the iot-safe applet slot to store the other endpoint's public key for ECDH
\param peer_cert_slot id of the iot-safe applet slot to store the other endpoint's public key for verification
\return 0 upon success
\return NOT_COMPILED_IN if HAVE_PK_CALLBACKS is disabled
\return BAD_FUNC_ARG if the ssl pointer is invalid
_Example_
\code
// Define key ids for IoT-Safe
#define PRIVKEY_ID 0x02
#define ECDH_KEYPAIR_ID 0x03
#define PEER_PUBKEY_ID 0x04
#define PEER_CERT_ID 0x05
// Create new ssl session
WOLFSSL *ssl;
ssl = wolfSSL_new(ctx);
if (!ssl)
return NULL;
// Enable IoT-Safe and associate key slots
ret = wolfSSL_CTX_iotsafe_enable(ctx);
if (ret == 0) {
ret = wolfSSL_iotsafe_on(ssl, PRIVKEY_ID, ECDH_KEYPAIR_ID, PEER_PUBKEY_ID, PEER_CERT_ID);
}
\endcode
\sa wolfSSL_iotsafe_on_ex
\sa wolfSSL_CTX_iotsafe_enable
*/
int wolfSSL_iotsafe_on(WOLFSSL *ssl, byte privkey_id,
byte ecdh_keypair_slot, byte peer_pubkey_slot, byte peer_cert_slot);
/*!
\ingroup IoTSafe
\brief This function connects the IoT-Safe TLS callbacks to the given SSL session.
This is equivalent to \ref wolfSSL_iotsafe_on "wolfSSL_iotsafe_on" except that the IDs for the IoT-SAFE
slots can be passed by reference, and the length of the ID fields can be specified via
the parameter "id_size".
\param ssl pointer to the WOLFSSL object where the callbacks will be enabled
\param privkey_id pointer to the id of the iot-safe applet slot containing the private key for the host
\param ecdh_keypair_slot pointer to the id of the iot-safe applet slot to store the ECDH keypair
\param peer_pubkey_slot pointer to the of id the iot-safe applet slot to store the other endpoint's public key for ECDH
\param peer_cert_slot pointer to the id of the iot-safe applet slot to store the other endpoint's public key for verification
\param id_size size of each slot ID
\return 0 upon success
\return NOT_COMPILED_IN if HAVE_PK_CALLBACKS is disabled
\return BAD_FUNC_ARG if the ssl pointer is invalid
_Example_
\code
// Define key ids for IoT-Safe (16 bit, little endian)
#define PRIVKEY_ID 0x0201
#define ECDH_KEYPAIR_ID 0x0301
#define PEER_PUBKEY_ID 0x0401
#define PEER_CERT_ID 0x0501
#define ID_SIZE (sizeof(word16))
word16 privkey = PRIVKEY_ID,
ecdh_keypair = ECDH_KEYPAIR_ID,
peer_pubkey = PEER_PUBKEY_ID,
peer_cert = PEER_CERT_ID;
// Create new ssl session
WOLFSSL *ssl;
ssl = wolfSSL_new(ctx);
if (!ssl)
return NULL;
// Enable IoT-Safe and associate key slots
ret = wolfSSL_CTX_iotsafe_enable(ctx);
if (ret == 0) {
ret = wolfSSL_CTX_iotsafe_on_ex(ssl, &privkey, &ecdh_keypair, &peer_pubkey, &peer_cert, ID_SIZE);
}
\endcode
\sa wolfSSL_iotsafe_on
\sa wolfSSL_CTX_iotsafe_enable
*/
int wolfSSL_iotsafe_on_ex(WOLFSSL *ssl, byte *privkey_id,
byte *ecdh_keypair_slot, byte *peer_pubkey_slot, byte *peer_cert_slot, word16 id_size);
/*!
\ingroup IoTSafe
\brief Associates a read callback for the AT+CSIM commands. This input function is
usually associated to a read event of a UART channel communicating with the modem.
The read callback associated is global and changes for all the contexts that use
IoT-safe support at the same time.
\param rf Read callback associated to a UART read event. The callback function takes
two arguments (buf, len) and return the number of characters read, up to len. When a
newline is encountered, the callback should return the number of characters received
so far, including the newline character.
_Example_
\code
// USART read function, defined elsewhere
int usart_read(char *buf, int len);
wolfIoTSafe_SetCSIM_read_cb(usart_read);
\endcode
\sa wolfIoTSafe_SetCSIM_write_cb
*/
void wolfIoTSafe_SetCSIM_read_cb(wolfSSL_IOTSafe_CSIM_read_cb rf);
/*!
\ingroup IoTSafe
\brief Associates a write callback for the AT+CSIM commands. This output function is
usually associated to a write event on a UART channel communicating with the modem.
The write callback associated is global and changes for all the contexts that use
IoT-safe support at the same time.
\param rf Write callback associated to a UART write event. The callback function takes
two arguments (buf, len) and return the number of characters written, up to len.
_Example_
\code
// USART write function, defined elsewhere
int usart_write(const char *buf, int len);
wolfIoTSafe_SetCSIM_write_cb(usart_write);
\endcode
\sa wolfIoTSafe_SetCSIM_read_cb
*/
void wolfIoTSafe_SetCSIM_write_cb(wolfSSL_IOTSafe_CSIM_write_cb wf);
/*!
\ingroup IoTSafe
\brief Generate a random buffer of given size, using the IoT-Safe function
GetRandom. This function is automatically used by the wolfCrypt RNG object.
\param out the buffer where the random sequence of bytes is stored.
\param sz the size of the random sequence to generate, in bytes
\return 0 upon success
*/
int wolfIoTSafe_GetRandom(unsigned char* out, word32 sz);
/*!
\ingroup IoTSafe
\brief Import a certificate stored in a file on IoT-Safe applet, and
store it locally in memory. Works with one-byte file ID field.
\param id The file id in the IoT-Safe applet where the certificate is stored
\param output the buffer where the certificate will be imported
\param sz the maximum size available in the buffer output
\return the length of the certificate imported
\return < 0 in case of failure
_Example_
\code
#define CRT_CLIENT_FILE_ID 0x03
unsigned char cert_buffer[2048];
// Get the certificate into the buffer
cert_buffer_size = wolfIoTSafe_GetCert(CRT_CLIENT_FILE_ID, cert_buffer, 2048);
if (cert_buffer_size < 1) {
printf("Bad cli cert\n");
return -1;
}
printf("Loaded Client certificate from IoT-Safe, size = %lu\n", cert_buffer_size);
// Use the certificate buffer as identity for the TLS client context
if (wolfSSL_CTX_use_certificate_buffer(cli_ctx, cert_buffer,
cert_buffer_size, SSL_FILETYPE_ASN1) != SSL_SUCCESS) {
printf("Cannot load client cert\n");
return -1;
}
printf("Client certificate successfully imported.\n");
\endcode
*/
int wolfIoTSafe_GetCert(uint8_t id, unsigned char *output, unsigned long sz);
/*!
\ingroup IoTSafe
\brief Import a certificate stored in a file on IoT-Safe applet, and
store it locally in memory. Equivalent to \ref wolfIoTSafe_GetCert "wolfIoTSafe_GetCert",
except that it can be invoked with a file ID of two or more bytes.
\param id Pointer to the file id in the IoT-Safe applet where the certificate is stored
\param id_sz Size of the file id in bytes
\param output the buffer where the certificate will be imported
\param sz the maximum size available in the buffer output
\return the length of the certificate imported
\return < 0 in case of failure
_Example_
\code
#define CRT_CLIENT_FILE_ID 0x0302
#define ID_SIZE (sizeof(word16))
unsigned char cert_buffer[2048];
word16 client_file_id = CRT_CLIENT_FILE_ID;
// Get the certificate into the buffer
cert_buffer_size = wolfIoTSafe_GetCert_ex(&client_file_id, ID_SIZE, cert_buffer, 2048);
if (cert_buffer_size < 1) {
printf("Bad cli cert\n");
return -1;
}
printf("Loaded Client certificate from IoT-Safe, size = %lu\n", cert_buffer_size);
// Use the certificate buffer as identity for the TLS client context
if (wolfSSL_CTX_use_certificate_buffer(cli_ctx, cert_buffer,
cert_buffer_size, SSL_FILETYPE_ASN1) != SSL_SUCCESS) {
printf("Cannot load client cert\n");
return -1;
}
printf("Client certificate successfully imported.\n");
\endcode
*/
int wolfIoTSafe_GetCert_ex(uint8_t *id, uint16_t id_sz, unsigned char *output, unsigned long sz);
/*!
\ingroup IoTSafe
\brief Import an ECC 256-bit public key, stored in the IoT-Safe applet, into an ecc_key
object.
\param key the ecc_key object that will contain the key imported from the IoT-Safe applet
\param id The key id in the IoT-Safe applet where the public key is stored
\return 0 upon success
\return < 0 in case of failure
\sa wc_iotsafe_ecc_export_public
\sa wc_iotsafe_ecc_export_private
*/
int wc_iotsafe_ecc_import_public(ecc_key *key, byte key_id);
/*!
\ingroup IoTSafe
\brief Export an ECC 256-bit public key, from ecc_key object to a writable public-key slot into the IoT-Safe applet.
\param key the ecc_key object containing the key to be exported
\param id The key id in the IoT-Safe applet where the public key will be stored
\return 0 upon success
\return < 0 in case of failure
\sa wc_iotsafe_ecc_import_public_ex
\sa wc_iotsafe_ecc_export_private
*/
int wc_iotsafe_ecc_export_public(ecc_key *key, byte key_id);
/*!
\ingroup IoTSafe
\brief Export an ECC 256-bit public key, from ecc_key object to a writable public-key slot into the IoT-Safe applet.
Equivalent to \ref wc_iotsafe_ecc_import_public "wc_iotsafe_ecc_import_public",
except that it can be invoked with a key ID of two or more bytes.
\param key the ecc_key object containing the key to be exported
\param id The pointer to the key id in the IoT-Safe applet where the public key will be stored
\param id_size The key id size
\return 0 upon success
\return < 0 in case of failure
\sa wc_iotsafe_ecc_import_public
\sa wc_iotsafe_ecc_export_private
*/
int wc_iotsafe_ecc_import_public_ex(ecc_key *key, byte *key_id, word16 id_size);
/*!
\ingroup IoTSafe
\brief Export an ECC 256-bit key, from ecc_key object to a writable private-key slot into the IoT-Safe applet.
\param key the ecc_key object containing the key to be exported
\param id The key id in the IoT-Safe applet where the private key will be stored
\return 0 upon success
\return < 0 in case of failure
\sa wc_iotsafe_ecc_export_private_ex
\sa wc_iotsafe_ecc_import_public
\sa wc_iotsafe_ecc_export_public
*/
int wc_iotsafe_ecc_export_private(ecc_key *key, byte key_id);
/*!
\ingroup IoTSafe
\brief Export an ECC 256-bit key, from ecc_key object to a writable private-key slot into the IoT-Safe applet.
Equivalent to \ref wc_iotsafe_ecc_export_private "wc_iotsafe_ecc_export_private",
except that it can be invoked with a key ID of two or more bytes.
\param key the ecc_key object containing the key to be exported
\param id The pointer to the key id in the IoT-Safe applet where the private key will be stored
\param id_size The key id size
\return 0 upon success
\return < 0 in case of failure
\sa wc_iotsafe_ecc_export_private
\sa wc_iotsafe_ecc_import_public
\sa wc_iotsafe_ecc_export_public
*/
int wc_iotsafe_ecc_export_private_ex(ecc_key *key, byte *key_id, word16 id_size);
/*!
\ingroup IoTSafe
\brief Sign a pre-computed 256-bit HASH, using a private key previously stored, or pre-provisioned,
in the IoT-Safe applet.
\param in pointer to the buffer containing the message hash to sign
\param inlen length of the message hash to sign
\param out buffer in which to store the generated signature
\param outlen max length of the output buffer. Will store the bytes
\param id key id in the IoT-Safe applet for the slot containing the private key to sign the payload
written to out upon successfully generating a message signature
\return 0 upon success
\return < 0 in case of failure
\sa wc_iotsafe_ecc_sign_hash_ex
\sa wc_iotsafe_ecc_verify_hash
\sa wc_iotsafe_ecc_gen_k
*/
int wc_iotsafe_ecc_sign_hash(byte *in, word32 inlen, byte *out, word32 *outlen, byte key_id);
/*!
\ingroup IoTSafe
\brief Sign a pre-computed 256-bit HASH, using a private key previously stored, or pre-provisioned,
in the IoT-Safe applet. Equivalent to \ref wc_iotsafe_ecc_sign_hash "wc_iotsafe_ecc_sign_hash",
except that it can be invoked with a key ID of two or more bytes.
\param in pointer to the buffer containing the message hash to sign
\param inlen length of the message hash to sign
\param out buffer in which to store the generated signature
\param outlen max length of the output buffer. Will store the bytes
\param id pointer to a key id in the IoT-Safe applet for the slot containing the private key to sign the payload
written to out upon successfully generating a message signature
\param id_size The key id size
\return 0 upon success
\return < 0 in case of failure
\sa wc_iotsafe_ecc_sign_hash
\sa wc_iotsafe_ecc_verify_hash
\sa wc_iotsafe_ecc_gen_k
*/
int wc_iotsafe_ecc_sign_hash_ex(byte *in, word32 inlen, byte *out, word32 *outlen, byte *key_id, word16 id_size);
/*!
\ingroup IoTSafe
\brief Verify an ECC signature against a pre-computed 256-bit HASH, using a public key previously stored, or pre-provisioned,
in the IoT-Safe applet. Result is written to res. 1 is valid, 0 is invalid.
Note: Do not use the return value to test for valid. Only use res.
\return 0 upon success (even if the signature is not valid)
\return < 0 in case of failure.
\param sig buffer containing the signature to verify
\param hash The hash (message digest) that was signed
\param hashlen The length of the hash (octets)
\param res Result of signature, 1==valid, 0==invalid
\param key_id The id of the slot where the public ECC key is stored in the IoT-Safe applet
\sa wc_iotsafe_ecc_verify_hash_ex
\sa wc_iotsafe_ecc_sign_hash
\sa wc_iotsafe_ecc_gen_k
*/
int wc_iotsafe_ecc_verify_hash(byte *sig, word32 siglen, byte *hash, word32 hashlen, int *res, byte key_id);
/*!
\ingroup IoTSafe
\brief Verify an ECC signature against a pre-computed 256-bit HASH, using a public key previously stored, or pre-provisioned,
in the IoT-Safe applet. Result is written to res. 1 is valid, 0 is invalid.
Note: Do not use the return value to test for valid. Only use res.
Equivalent to \ref wc_iotsafe_ecc_verify_hash "wc_iotsafe_ecc_verify_hash",
except that it can be invoked with a key ID of two or more bytes.
\return 0 upon success (even if the signature is not valid)
\return < 0 in case of failure.
\param sig buffer containing the signature to verify
\param hash The hash (message digest) that was signed
\param hashlen The length of the hash (octets)
\param res Result of signature, 1==valid, 0==invalid
\param key_id The id of the slot where the public ECC key is stored in the IoT-Safe applet
\param id_size The key id size
\sa wc_iotsafe_ecc_verify_hash
\sa wc_iotsafe_ecc_sign_hash
\sa wc_iotsafe_ecc_gen_k
*/
int wc_iotsafe_ecc_verify_hash_ex(byte *sig, word32 siglen, byte *hash, word32 hashlen, int *res, byte *key_id, word16 id_size);
/*!
\ingroup IoTSafe
\brief Generate an ECC 256-bit keypair and store it in a (writable) slot into the IoT-Safe applet.
\param key_id The id of the slot where the ECC key pair is stored in the IoT-Safe applet.
\return 0 upon success
\return < 0 in case of failure.
\sa wc_iotsafe_ecc_gen_k_ex
\sa wc_iotsafe_ecc_sign_hash
\sa wc_iotsafe_ecc_verify_hash
*/
int wc_iotsafe_ecc_gen_k(byte key_id);
/*!
\ingroup IoTSafe
\brief Generate an ECC 256-bit keypair and store it in a (writable) slot into the IoT-Safe applet.
Equivalent to \ref wc_iotsafe_ecc_gen_k "wc_iotsafe_ecc_gen_k",
except that it can be invoked with a key ID of two or more bytes.
\param key_id The id of the slot where the ECC key pair is stored in the IoT-Safe applet.
\param id_size The key id size
\return 0 upon success
\return < 0 in case of failure.
\sa wc_iotsafe_ecc_gen_k
\sa wc_iotsafe_ecc_sign_hash_ex
\sa wc_iotsafe_ecc_verify_hash_ex
*/
int wc_iotsafe_ecc_gen_k(byte key_id);

78
android/extern/wolfssl/doc/dox_comments/header_files/logging.h vendored Normal file
View File

@@ -0,0 +1,78 @@
/*!
\ingroup Logging
\brief This function registers a logging callback that will be used to
handle the wolfSSL log message. By default, if the system supports it
fprintf() to stderr is used but by using this function anything
can be done by the user.
\return Success If successful this function will return 0.
\return BAD_FUNC_ARG is the error that will be returned if a function
pointer is not provided.
\param log_function function to register as a logging callback.
Function signature must follow the above prototype.
_Example_
\code
int ret = 0;
// Logging callback prototype
void MyLoggingCallback(const int logLevel, const char* const logMessage);
// Register the custom logging callback with wolfSSL
ret = wolfSSL_SetLoggingCb(MyLoggingCallback);
if (ret != 0) {
// failed to set logging callback
}
void MyLoggingCallback(const int logLevel, const char* const logMessage)
{
// custom logging function
}
\endcode
\sa wolfSSL_Debugging_ON
\sa wolfSSL_Debugging_OFF
*/
int wolfSSL_SetLoggingCb(wolfSSL_Logging_cb log_function);
/*!
\ingroup Debug
\brief If logging has been enabled at build time this function turns on
logging at runtime. To enable logging at build time use --enable-debug
or define DEBUG_WOLFSSL.
\return 0 upon success.
\return NOT_COMPILED_IN is the error that will be returned if logging
isnt enabled for this build.
\param none No parameters.
_Example_
\code
wolfSSL_Debugging_ON();
\endcode
\sa wolfSSL_Debugging_OFF
\sa wolfSSL_SetLoggingCb
*/
int wolfSSL_Debugging_ON(void);
/*!
\ingroup Debug
\brief This function turns off runtime logging messages. If theyre
already off, no action is taken.
\return none No returns.
\param none No parameters.
_Example_
\code
wolfSSL_Debugging_OFF();
\endcode
\sa wolfSSL_Debugging_ON
\sa wolfSSL_SetLoggingCb
*/
void wolfSSL_Debugging_OFF(void);

116
android/extern/wolfssl/doc/dox_comments/header_files/md2.h vendored Normal file
View File

@@ -0,0 +1,116 @@
/*!
\ingroup MD2
\brief This function initializes md2. This is automatically
called by wc_Md2Hash.
\return 0 Returned upon successfully initializing
\param md2 pointer to the md2 structure to use for encryption
_Example_
\code
md2 md2[1];
if ((ret = wc_InitMd2(md2)) != 0) {
WOLFSSL_MSG("wc_Initmd2 failed");
}
else {
wc_Md2Update(md2, data, len);
wc_Md2Final(md2, hash);
}
\endcode
\sa wc_Md2Hash
\sa wc_Md2Update
\sa wc_Md2Final
*/
void wc_InitMd2(Md2*);
/*!
\ingroup MD2
\brief Can be called to continually hash the provided byte
array of length len.
\return 0 Returned upon successfully adding the data to the digest.
\param md2 pointer to the md2 structure to use for encryption
\param data the data to be hashed
\param len length of data to be hashed
_Example_
\code
md2 md2[1];
byte data[] = { }; // Data to be hashed
word32 len = sizeof(data);
if ((ret = wc_InitMd2(md2)) != 0) {
WOLFSSL_MSG("wc_Initmd2 failed");
}
else {
wc_Md2Update(md2, data, len);
wc_Md2Final(md2, hash);
}
\endcode
\sa wc_Md2Hash
\sa wc_Md2Final
\sa wc_InitMd2
*/
void wc_Md2Update(Md2* md2, const byte* data, word32 len);
/*!
\ingroup MD2
\brief Finalizes hashing of data. Result is placed into hash.
\return 0 Returned upon successfully finalizing.
\param md2 pointer to the md2 structure to use for encryption
\param hash Byte array to hold hash value.
_Example_
\code
md2 md2[1];
byte data[] = { }; // Data to be hashed
word32 len = sizeof(data);
if ((ret = wc_InitMd2(md2)) != 0) {
WOLFSSL_MSG("wc_Initmd2 failed");
}
else {
wc_Md2Update(md2, data, len);
wc_Md2Final(md2, hash);
}
\endcode
\sa wc_Md2Hash
\sa wc_Md2Final
\sa wc_InitMd2
*/
void wc_Md2Final(Md2* md2, byte* hash);
/*!
\ingroup MD2
\brief Convenience function, handles all the hashing and places
the result into hash.
\return 0 Returned upon successfully hashing the data.
\return Memory_E memory error, unable to allocate memory. This is only
possible with the small stack option enabled.
\param data the data to hash
\param len the length of data
\param hash Byte array to hold hash value.
_Example_
\code
none
\endcode
\sa wc_Md2Hash
\sa wc_Md2Final
\sa wc_InitMd2
*/
int wc_Md2Hash(const byte* data, word32 len, byte* hash);

88
android/extern/wolfssl/doc/dox_comments/header_files/md4.h vendored Normal file
View File

@@ -0,0 +1,88 @@
/*!
\ingroup MD4
\brief This function initializes md4. This is automatically
called by wc_Md4Hash.
\return 0 Returned upon successfully initializing
\param md4 pointer to the md4 structure to use for encryption
_Example_
\code
md4 md4[1];
if ((ret = wc_InitMd4(md4)) != 0) {
WOLFSSL_MSG("wc_Initmd4 failed");
}
else {
wc_Md4Update(md4, data, len);
wc_Md4Final(md4, hash);
}
\endcode
\sa wc_Md4Hash
\sa wc_Md4Update
\sa wc_Md4Final
*/
void wc_InitMd4(Md4*);
/*!
\ingroup MD4
\brief Can be called to continually hash the provided byte array
of length len.
\return 0 Returned upon successfully adding the data to the digest.
\param md4 pointer to the md4 structure to use for encryption
\param data the data to be hashed
\param len length of data to be hashed
_Example_
\code
md4 md4[1];
byte data[] = { }; // Data to be hashed
word32 len = sizeof(data);
if ((ret = wc_InitMd4(md4)) != 0) {
WOLFSSL_MSG("wc_Initmd4 failed");
}
else {
wc_Md4Update(md4, data, len);
wc_Md4Final(md4, hash);
}
\endcode
\sa wc_Md4Hash
\sa wc_Md4Final
\sa wc_InitMd4
*/
void wc_Md4Update(Md4* md4, const byte* data, word32 len);
/*!
\ingroup MD4
\brief Finalizes hashing of data. Result is placed into hash.
\return 0 Returned upon successfully finalizing.
\param md4 pointer to the md4 structure to use for encryption
\param hash Byte array to hold hash value.
_Example_
\code
md4 md4[1];
if ((ret = wc_InitMd4(md4)) != 0) {
WOLFSSL_MSG("wc_Initmd4 failed");
}
else {
wc_Md4Update(md4, data, len);
wc_Md4Final(md4, hash);
}
\endcode
\sa wc_Md4Hash
\sa wc_Md4Final
\sa wc_InitMd4
*/
void wc_Md4Final(Md4* md4, byte* hash);

180
android/extern/wolfssl/doc/dox_comments/header_files/md5.h vendored Normal file
View File

@@ -0,0 +1,180 @@
/*!
\ingroup MD5
\brief This function initializes md5. This is automatically
called by wc_Md5Hash.
\return 0 Returned upon successfully initializing.
\return BAD_FUNC_ARG Returned if the Md5 structure is passed
as a NULL value.
\param md5 pointer to the md5 structure to use for encryption
_Example_
\code
Md5 md5;
byte* hash;
if ((ret = wc_InitMd5(&md5)) != 0) {
WOLFSSL_MSG("wc_Initmd5 failed");
}
else {
ret = wc_Md5Update(&md5, data, len);
if (ret != 0) {
// Md5 Update Failure Case.
}
ret = wc_Md5Final(&md5, hash);
if (ret != 0) {
// Md5 Final Failure Case.
}
}
\endcode
\sa wc_Md5Hash
\sa wc_Md5Update
\sa wc_Md5Final
*/
int wc_InitMd5(wc_Md5*);
/*!
\ingroup MD5
\brief Can be called to continually hash the provided byte array of
length len.
\return 0 Returned upon successfully adding the data to the digest.
\return BAD_FUNC_ARG Returned if the Md5 structure is NULL or if
data is NULL and len is greater than zero. The function should
not return an error if the data parameter is NULL and len is zero.
\param md5 pointer to the md5 structure to use for encryption
\param data the data to be hashed
\param len length of data to be hashed
_Example_
\code
Md5 md5;
byte data[] = { Data to be hashed };
word32 len = sizeof(data);
if ((ret = wc_InitMd5(&md5)) != 0) {
WOLFSSL_MSG("wc_Initmd5 failed");
}
else {
ret = wc_Md5Update(&md5, data, len);
if (ret != 0) {
// Md5 Update Error Case.
}
ret = wc_Md5Final(&md5, hash);
if (ret != 0) {
// Md5 Final Error Case.
}
}
\endcode
\sa wc_Md5Hash
\sa wc_Md5Final
\sa wc_InitMd5
*/
int wc_Md5Update(wc_Md5* md5, const byte* data, word32 len);
/*!
\ingroup MD5
\brief Finalizes hashing of data. Result is placed into hash. Md5
Struct is reset. Note: This function will also return the result
of calling IntelQaSymMd5() in the case that HAVE_INTEL_QA is defined.
\return 0 Returned upon successfully finalizing.
\return BAD_FUNC_ARG Returned if the Md5 structure or hash pointer
is passed in NULL.
\param md5 pointer to the md5 structure to use for encryption
\param hash Byte array to hold hash value.
_Example_
\code
md5 md5[1];
byte data[] = { Data to be hashed };
word32 len = sizeof(data);
if ((ret = wc_InitMd5(md5)) != 0) {
WOLFSSL_MSG("wc_Initmd5 failed");
}
else {
ret = wc_Md5Update(md5, data, len);
if (ret != 0) {
// Md5 Update Failure Case.
}
ret = wc_Md5Final(md5, hash);
if (ret != 0) {
// Md5 Final Failure Case.
}
}
\endcode
\sa wc_Md5Hash
\sa wc_InitMd5
\sa wc_Md5GetHash
*/
int wc_Md5Final(wc_Md5* md5, byte* hash);
/*!
\ingroup MD5
\brief Resets the Md5 structure. Note: this is only supported if
you have WOLFSSL_TI_HASH defined.
\return none No returns.
\param md5 Pointer to the Md5 structure to be reset.
_Example_
\code
Md5 md5;
byte data[] = { Data to be hashed };
word32 len = sizeof(data);
if ((ret = wc_InitMd5(&md5)) != 0) {
WOLFSSL_MSG("wc_InitMd5 failed");
}
else {
wc_Md5Update(&md5, data, len);
wc_Md5Final(&md5, hash);
wc_Md5Free(&md5);
}
\endcode
\sa wc_InitMd5
\sa wc_Md5Update
\sa wc_Md5Final
*/
void wc_Md5Free(wc_Md5*);
/*!
\ingroup MD5
\brief Gets hash data. Result is placed into hash. Md5 struct
is not reset.
\return none No returns
\param md5 pointer to the md5 structure to use for encryption.
\param hash Byte array to hold hash value.
_Example_
\code
md5 md5[1];
if ((ret = wc_InitMd5(md5)) != 0) {
WOLFSSL_MSG("wc_Initmd5 failed");
}
else {
wc_Md5Update(md5, data, len);
wc_Md5GetHash(md5, hash);
}
\endcode
\sa wc_Md5Hash
\sa wc_Md5Final
\sa wc_InitMd5
*/
int wc_Md5GetHash(wc_Md5* md5, byte* hash);

219
android/extern/wolfssl/doc/dox_comments/header_files/memory.h vendored Normal file
View File

@@ -0,0 +1,219 @@
/*!
\ingroup Memory
\brief This function is similar to malloc(), but calls the memory
allocation function which wolfSSL has been configured to use. By default,
wolfSSL uses malloc(). This can be changed using the wolfSSL memory
abstraction layer - see wolfSSL_SetAllocators(). Note wolfSSL_Malloc is not
called directly by wolfSSL, but instead called by macro XMALLOC.
For the default build only the size argument exists. If using
WOLFSSL_STATIC_MEMORY build then heap and type arguments are included.
\return pointer If successful, this function returns a pointer to
allocated memory.
\return error If there is an error, NULL will be returned.
\param size size, in bytes, of the memory to allocate
\param heap heap hint to use for memory. Can be NULL
\param type dynamic type (see DYNAMIC_TYPE_ list in types.h)
_Example_
\code
int* tenInts = (int*)wolfSSL_Malloc(sizeof(int)*10);
\endcode
\sa wolfSSL_Free
\sa wolfSSL_Realloc
\sa wolfSSL_SetAllocators
\sa XMALLOC
\sa XFREE
\sa XREALLOC
*/
void* wolfSSL_Malloc(size_t size, void* heap, int type);
/*!
\ingroup Memory
\brief This function is similar to free(), but calls the memory free
function which wolfSSL has been configured to use. By default, wolfSSL
uses free(). This can be changed using the wolfSSL memory abstraction
layer - see wolfSSL_SetAllocators(). Note wolfSSL_Free is not
called directly by wolfSSL, but instead called by macro XFREE.
For the default build only the ptr argument exists. If using
WOLFSSL_STATIC_MEMORY build then heap and type arguments are included.
\return none No returns.
\param ptr pointer to the memory to be freed.
\param heap heap hint to use for memory. Can be NULL
\param type dynamic type (see DYNAMIC_TYPE_ list in types.h)
_Example_
\code
int* tenInts = (int*)wolfSSL_Malloc(sizeof(int)*10);
// process data as desired
...
if(tenInts) {
wolfSSL_Free(tenInts);
}
\endcode
\sa wolfSSL_Alloc
\sa wolfSSL_Realloc
\sa wolfSSL_SetAllocators
\sa XMALLOC
\sa XFREE
\sa XREALLOC
*/
void wolfSSL_Free(void *ptr, void* heap, int type);
/*!
\ingroup Memory
\brief This function is similar to realloc(), but calls the memory
re-allocation function which wolfSSL has been configured to use.
By default, wolfSSL uses realloc(). This can be changed using the
wolfSSL memory abstraction layer - see wolfSSL_SetAllocators().
Note wolfSSL_Realloc is not called directly by wolfSSL, but instead called
by macro XREALLOC. For the default build only the size argument exists.
If using WOLFSSL_STATIC_MEMORY build then heap and type arguments are included.
\return pointer If successful, this function returns a pointer to
re-allocated memory. This may be the same pointer as ptr, or a
new pointer location.
\return Null If there is an error, NULL will be returned.
\param ptr pointer to the previously-allocated memory, to be reallocated.
\param size number of bytes to allocate.
\param heap heap hint to use for memory. Can be NULL
\param type dynamic type (see DYNAMIC_TYPE_ list in types.h)
_Example_
\code
int* tenInts = (int*)wolfSSL_Malloc(sizeof(int)*10);
int* twentyInts = (int*)wolfSSL_Realloc(tenInts, sizeof(int)*20);
\endcode
\sa wolfSSL_Free
\sa wolfSSL_Malloc
\sa wolfSSL_SetAllocators
\sa XMALLOC
\sa XFREE
\sa XREALLOC
*/
void* wolfSSL_Realloc(void *ptr, size_t size, void* heap, int type);
/*!
\ingroup Memory
\brief This function registers the allocation functions used by wolfSSL.
By default, if the system supports it, malloc/free and realloc are used.
Using this function allows the user at runtime to install their own
memory handlers.
\return Success If successful this function will return 0.
\return BAD_FUNC_ARG is the error that will be returned if a
function pointer is not provided.
\param malloc_function memory allocation function for wolfSSL to use.
Function signature must match wolfSSL_Malloc_cb prototype, above.
\param free_function memory free function for wolfSSL to use. Function
signature must match wolfSSL_Free_cb prototype, above.
\param realloc_function memory re-allocation function for wolfSSL to use.
Function signature must match wolfSSL_Realloc_cb prototype, above.
_Example_
\code
static void* MyMalloc(size_t size)
{
// custom malloc function
}
static void MyFree(void* ptr)
{
// custom free function
}
static void* MyRealloc(void* ptr, size_t size)
{
// custom realloc function
}
// Register custom memory functions with wolfSSL
int ret = wolfSSL_SetAllocators(MyMalloc, MyFree, MyRealloc);
if (ret != 0) {
// failed to set memory functions
}
\endcode
\sa none
*/
int wolfSSL_SetAllocators(wolfSSL_Malloc_cb,
wolfSSL_Free_cb,
wolfSSL_Realloc_cb);
/*!
\ingroup Memory
\brief This function is available when static memory feature is used
(--enable-staticmemory). It gives the optimum buffer size for memory
“buckets”. This allows for a way to compute buffer size so that no
extra unused memory is left at the end after it has been partitioned.
The returned value, if positive, is the computed buffer size to use.
\return Success On successfully completing buffer size calculations a
positive value is returned. This returned value is for optimum buffer size.
\return Failure All negative values are considered to be error cases.
\param buffer pointer to buffer
\param size size of buffer
\param type desired type of memory ie WOLFMEM_GENERAL or WOLFMEM_IO_POOL
_Example_
\code
byte buffer[1000];
word32 size = sizeof(buffer);
int optimum;
optimum = wolfSSL_StaticBufferSz(buffer, size, WOLFMEM_GENERAL);
if (optimum < 0) { //handle error case }
printf(“The optimum buffer size to make use of all memory is %d\n”,
optimum);
...
\endcode
\sa wolfSSL_Malloc
\sa wolfSSL_Free
*/
int wolfSSL_StaticBufferSz(byte* buffer, word32 sz, int flag);
/*!
\ingroup Memory
\brief This function is available when static memory feature is used
(--enable-staticmemory). It gives the size of padding needed for each
partition of memory. This padding size will be the size needed to
contain a memory management structure along with any extra for
memory alignment.
\return On successfully memory padding calculation the return value will
be a positive value
\return All negative values are considered error cases.
\param none No parameters.
_Example_
\code
int padding;
padding = wolfSSL_MemoryPaddingSz();
if (padding < 0) { //handle error case }
printf(“The padding size needed for each \”bucket\” of memory is %d\n”,
padding);
// calculation of buffer for IO POOL size is number of buckets
// times (padding + WOLFMEM_IO_SZ)
...
\endcode
\sa wolfSSL_Malloc
\sa wolfSSL_Free
*/
int wolfSSL_MemoryPaddingSz(void);

34
android/extern/wolfssl/doc/dox_comments/header_files/pem.h vendored Normal file
View File

@@ -0,0 +1,34 @@
/*!
\ingroup openSSL
\brief This function writes a key into a WOLFSSL_BIO structure
in PEM format.
\return SSL_SUCCESS upon success.
\return SSL_FAILURE upon failure.
\param bio WOLFSSL_BIO structure to get PEM buffer from.
\param key key to convert to PEM format.
\param cipher EVP cipher structure.
\param passwd password.
\param len length of password.
\param cb password callback.
\param arg optional argument.
_Example_
\code
WOLFSSL_BIO* bio;
WOLFSSL_EVP_PKEY* key;
int ret;
// create bio and setup key
ret = wolfSSL_PEM_write_bio_PrivateKey(bio, key, NULL, NULL, 0, NULL, NULL);
//check ret value
\endcode
\sa wolfSSL_PEM_read_bio_X509_AUX
*/
int wolfSSL_PEM_write_bio_PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key,
const WOLFSSL_EVP_CIPHER* cipher,
unsigned char* passwd, int len,
wc_pem_password_cb* cb, void* arg);

43
android/extern/wolfssl/doc/dox_comments/header_files/pkcs11.h vendored Normal file
View File

@@ -0,0 +1,43 @@
/*!
\ingroup PKCS11
*/
int wc_Pkcs11_Initialize(Pkcs11Dev* dev, const char* library,
void* heap);
/*!
\ingroup PKCS11
*/
void wc_Pkcs11_Finalize(Pkcs11Dev* dev);
/*!
\ingroup PKCS11
*/
int wc_Pkcs11Token_Init(Pkcs11Token* token, Pkcs11Dev* dev,
int slotId, const char* tokenName, const unsigned char *userPin,
int userPinSz);
/*!
\ingroup PKCS11
*/
void wc_Pkcs11Token_Final(Pkcs11Token* token);
/*!
\ingroup PKCS11
*/
int wc_Pkcs11Token_Open(Pkcs11Token* token, int readWrite);
/*!
\ingroup PKCS11
*/
void wc_Pkcs11Token_Close(Pkcs11Token* token);
/*!
\ingroup PKCS11
*/
int wc_Pkcs11StoreKey(Pkcs11Token* token, int type, int clear,
/*!
\ingroup PKCS11
*/
int wc_Pkcs11_CryptoDevCb(int devId, wc_CryptoInfo* info,
void* ctx);

613
android/extern/wolfssl/doc/dox_comments/header_files/pkcs7.h vendored Normal file
View File

@@ -0,0 +1,613 @@
/*!
\ingroup PKCS7
\brief This function initializes a PKCS7 structure with a DER-formatted
certificate. To initialize an empty PKCS7 structure, one can pass in a NULL
cert and 0 for certSz.
\return 0 Returned on successfully initializing the PKCS7 structure
\return MEMORY_E Returned if there is an error allocating memory
with XMALLOC
\return ASN_PARSE_E Returned if there is an error parsing the cert header
\return ASN_OBJECT_ID_E Returned if there is an error parsing the
encryption type from the cert
\return ASN_EXPECT_0_E Returned if there is a formatting error in the
encryption specification of the cert file
\return ASN_BEFORE_DATE_E Returned if the date is before the certificate
start date
\return ASN_AFTER_DATE_E Returned if the date is after the certificate
expiration date
\return ASN_BITSTR_E Returned if there is an error parsing a bit string
from the certificate
\return ECC_CURVE_OID_E Returned if there is an error parsing the ECC
key from the certificate
\return ASN_UNKNOWN_OID_E Returned if the certificate is using an unknown
key object id
\return ASN_VERSION_E Returned if the ALLOW_V1_EXTENSIONS option is not
defined and the certificate is a V1 or V2 certificate
\return BAD_FUNC_ARG Returned if there is an error processing the
certificate extension
\return ASN_CRIT_EXT_E Returned if an unfamiliar critical extension is
encountered in processing the certificate
\return ASN_SIG_OID_E Returned if the signature encryption type is not
the same as the encryption type of the certificate in the provided file
\return ASN_SIG_CONFIRM_E Returned if confirming the certification
signature fails
\return ASN_NAME_INVALID_E Returned if the certificates name is not
permitted by the CA name constraints
\return ASN_NO_SIGNER_E Returned if there is no CA signer to verify
the certificates authenticity
\param pkcs7 pointer to the PKCS7 structure in which to
store the decoded cert
\param cert pointer to a buffer containing a DER formatted ASN.1
certificate with which to initialize the PKCS7 structure
\param certSz size of the certificate buffer
_Example_
\code
PKCS7 pkcs7;
byte derBuff[] = { }; // initialize with DER-encoded certificate
if ( wc_PKCS7_InitWithCert(&pkcs7, derBuff, sizeof(derBuff)) != 0 ) {
// error parsing certificate into pkcs7 format
}
\endcode
\sa wc_PKCS7_Free
*/
int wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz);
/*!
\ingroup PKCS7
\brief This function releases any memory allocated by a PKCS7 initializer.
\return none No returns.
\param pkcs7 pointer to the PKCS7 structure to free
_Example_
\code
PKCS7 pkcs7;
// initialize and use PKCS7 object
wc_PKCS7_Free(pkcs7);
\endcode
\sa wc_PKCS7_InitWithCert
*/
void wc_PKCS7_Free(PKCS7* pkcs7);
/*!
\ingroup PKCS7
\brief This function builds the PKCS7 data content type, encoding the
PKCS7 structure into a buffer containing a parsable PKCS7 data packet.
\return Success On successfully encoding the PKCS7 data into the buffer,
returns the index parsed up to in the PKCS7 structure. This index also
corresponds to the bytes written to the output buffer.
\return BUFFER_E Returned if the given buffer is not large enough to hold
the encoded certificate
\param pkcs7 pointer to the PKCS7 structure to encode
\param output pointer to the buffer in which to store the encoded
certificate
\param outputSz size available in the output buffer
_Example_
\code
PKCS7 pkcs7;
int ret;
byte derBuff[] = { }; // initialize with DER-encoded certificate
byte pkcs7Buff[FOURK_BUF];
wc_PKCS7_InitWithCert(&pkcs7, derBuff, sizeof(derBuff));
// update message and data to encode
pkcs7.privateKey = key;
pkcs7.privateKeySz = keySz;
pkcs7.content = data;
pkcs7.contentSz = dataSz;
... etc.
ret = wc_PKCS7_EncodeData(&pkcs7, pkcs7Buff, sizeof(pkcs7Buff));
if ( ret != 0 ) {
// error encoding into output buffer
}
\endcode
\sa wc_PKCS7_InitWithCert
*/
int wc_PKCS7_EncodeData(PKCS7* pkcs7, byte* output,
word32 outputSz);
/*!
\ingroup PKCS7
\brief This function builds the PKCS7 signed data content type, encoding
the PKCS7 structure into a buffer containing a parsable PKCS7
signed data packet.
\return Success On successfully encoding the PKCS7 data into the buffer,
returns the index parsed up to in the PKCS7 structure. This index also
corresponds to the bytes written to the output buffer.
\return BAD_FUNC_ARG Returned if the PKCS7 structure is missing one or
more required elements to generate a signed data packet
\return MEMORY_E Returned if there is an error allocating memory
\return PUBLIC_KEY_E Returned if there is an error parsing the public key
\return RSA_BUFFER_E Returned if buffer error, output too small or input
too large
\return BUFFER_E Returned if the given buffer is not large enough to hold
the encoded certificate
\return MP_INIT_E may be returned if there is an error generating
the signature
\return MP_READ_E may be returned if there is an error generating
the signature
\return MP_CMP_E may be returned if there is an error generating
the signature
\return MP_INVMOD_E may be returned if there is an error generating
the signature
\return MP_EXPTMOD_E may be returned if there is an error generating
the signature
\return MP_MOD_E may be returned if there is an error generating
the signature
\return MP_MUL_E may be returned if there is an error generating
the signature
\return MP_ADD_E may be returned if there is an error generating
the signature
\return MP_MULMOD_E may be returned if there is an error generating
the signature
\return MP_TO_E may be returned if there is an error generating
the signature
\return MP_MEM may be returned if there is an error generating the signature
\param pkcs7 pointer to the PKCS7 structure to encode
\param output pointer to the buffer in which to store the
encoded certificate
\param outputSz size available in the output buffer
_Example_
\code
PKCS7 pkcs7;
int ret;
byte data[] = {}; // initialize with data to sign
byte derBuff[] = { }; // initialize with DER-encoded certificate
byte pkcs7Buff[FOURK_BUF];
wc_PKCS7_InitWithCert(&pkcs7, derBuff, sizeof(derBuff));
// update message and data to encode
pkcs7.privateKey = key;
pkcs7.privateKeySz = keySz;
pkcs7.content = data;
pkcs7.contentSz = dataSz;
pkcs7.hashOID = SHAh;
pkcs7.rng = &rng;
... etc.
ret = wc_PKCS7_EncodeSignedData(&pkcs7, pkcs7Buff, sizeof(pkcs7Buff));
if ( ret != 0 ) {
// error encoding into output buffer
}
wc_PKCS7_Free(&pkcs7);
\endcode
\sa wc_PKCS7_InitWithCert
\sa wc_PKCS7_VerifySignedData
*/
int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7,
byte* output, word32 outputSz);
/*!
\ingroup PKCS7
\brief This function builds the PKCS7 signed data content type, encoding
the PKCS7 structure into a header and footer buffer containing a parsable PKCS7
signed data packet. This does not include the content.
A hash must be computed and provided for the data
\return 0=Success
\return BAD_FUNC_ARG Returned if the PKCS7 structure is missing one or
more required elements to generate a signed data packet
\return MEMORY_E Returned if there is an error allocating memory
\return PUBLIC_KEY_E Returned if there is an error parsing the public key
\return RSA_BUFFER_E Returned if buffer error, output too small or input
too large
\return BUFFER_E Returned if the given buffer is not large enough to hold
the encoded certificate
\return MP_INIT_E may be returned if there is an error generating
the signature
\return MP_READ_E may be returned if there is an error generating
the signature
\return MP_CMP_E may be returned if there is an error generating
the signature
\return MP_INVMOD_E may be returned if there is an error generating
the signature
\return MP_EXPTMOD_E may be returned if there is an error generating
the signature
\return MP_MOD_E may be returned if there is an error generating
the signature
\return MP_MUL_E may be returned if there is an error generating
the signature
\return MP_ADD_E may be returned if there is an error generating
the signature
\return MP_MULMOD_E may be returned if there is an error generating
the signature
\return MP_TO_E may be returned if there is an error generating
the signature
\return MP_MEM may be returned if there is an error generating the signature
\param pkcs7 pointer to the PKCS7 structure to encode
\param hashBuf pointer to computed hash for the content data
\param hashSz size of the digest
\param outputHead pointer to the buffer in which to store the
encoded certificate header
\param outputHeadSz pointer populated with size of output header buffer
and returns actual size
\param outputFoot pointer to the buffer in which to store the
encoded certificate footer
\param outputFootSz pointer populated with size of output footer buffer
and returns actual size
_Example_
\code
PKCS7 pkcs7;
int ret;
byte derBuff[] = { }; // initialize with DER-encoded certificate
byte data[] = {}; // initialize with data to sign
byte pkcs7HeadBuff[FOURK_BUF/2];
byte pkcs7FootBuff[FOURK_BUF/2];
word32 pkcs7HeadSz = (word32)sizeof(pkcs7HeadBuff);
word32 pkcs7FootSz = (word32)sizeof(pkcs7HeadBuff);
enum wc_HashType hashType = WC_HASH_TYPE_SHA;
byte hashBuf[WC_MAX_DIGEST_SIZE];
word32 hashSz = wc_HashGetDigestSize(hashType);
wc_PKCS7_InitWithCert(&pkcs7, derBuff, sizeof(derBuff));
// update message and data to encode
pkcs7.privateKey = key;
pkcs7.privateKeySz = keySz;
pkcs7.content = NULL;
pkcs7.contentSz = dataSz;
pkcs7.hashOID = SHAh;
pkcs7.rng = &rng;
... etc.
// calculate hash for content
ret = wc_HashInit(&hash, hashType);
if (ret == 0) {
ret = wc_HashUpdate(&hash, hashType, data, sizeof(data));
if (ret == 0) {
ret = wc_HashFinal(&hash, hashType, hashBuf);
}
wc_HashFree(&hash, hashType);
}
ret = wc_PKCS7_EncodeSignedData_ex(&pkcs7, hashBuf, hashSz, pkcs7HeadBuff,
&pkcs7HeadSz, pkcs7FootBuff, &pkcs7FootSz);
if ( ret != 0 ) {
// error encoding into output buffer
}
wc_PKCS7_Free(&pkcs7);
\endcode
\sa wc_PKCS7_InitWithCert
\sa wc_PKCS7_VerifySignedData_ex
*/
int wc_PKCS7_EncodeSignedData_ex(PKCS7* pkcs7, const byte* hashBuf,
word32 hashSz, byte* outputHead, word32* outputHeadSz, byte* outputFoot,
word32* outputFootSz);
/*!
\ingroup PKCS7
\brief This function takes in a transmitted PKCS7 signed data message,
extracts the certificate list and certificate revocation list, and then
verifies the signature. It stores the extracted content in the given
PKCS7 structure.
\return 0 Returned on successfully extracting the information
from the message
\return BAD_FUNC_ARG Returned if one of the input parameters is invalid
\return ASN_PARSE_E Returned if there is an error parsing from the
given pkiMsg
\return PKCS7_OID_E Returned if the given pkiMsg is not a signed data type
\return ASN_VERSION_E Returned if the PKCS7 signer info is not version 1
\return MEMORY_E Returned if there is an error allocating memory
\return PUBLIC_KEY_E Returned if there is an error parsing the public key
\return RSA_BUFFER_E Returned if buffer error, output too small or
input too large
\return BUFFER_E Returned if the given buffer is not large enough to
hold the encoded certificate
\return MP_INIT_E may be returned if there is an error generating
the signature
\return MP_READ_E may be returned if there is an error generating
the signature
\return MP_CMP_E may be returned if there is an error generating
the signature
\return MP_INVMOD_E may be returned if there is an error generating
the signature
\return MP_EXPTMOD_E may be returned if there is an error generating
the signature
\return MP_MOD_E may be returned if there is an error generating
the signature
\return MP_MUL_E may be returned if there is an error generating
the signature
\return MP_ADD_E may be returned if there is an error generating
the signature
\return MP_MULMOD_E may be returned if there is an error generating
the signature
\return MP_TO_E may be returned if there is an error generating
the signature
\return MP_MEM may be returned if there is an error generating the signature
\param pkcs7 pointer to the PKCS7 structure in which to store the parsed
certificates
\param pkiMsg pointer to the buffer containing the signed message to verify
and decode
\param pkiMsgSz size of the signed message
_Example_
\code
PKCS7 pkcs7;
int ret;
byte pkcs7Buff[] = {}; // the PKCS7 signature
wc_PKCS7_InitWithCert(&pkcs7, NULL, 0);
// update message and data to encode
pkcs7.privateKey = key;
pkcs7.privateKeySz = keySz;
pkcs7.content = data;
pkcs7.contentSz = dataSz;
... etc.
ret = wc_PKCS7_VerifySignedData(&pkcs7, pkcs7Buff, sizeof(pkcs7Buff));
if ( ret != 0 ) {
// error encoding into output buffer
}
wc_PKCS7_Free(&pkcs7);
\endcode
\sa wc_PKCS7_InitWithCert
\sa wc_PKCS7_EncodeSignedData
*/
int wc_PKCS7_VerifySignedData(PKCS7* pkcs7,
byte* pkiMsg, word32 pkiMsgSz);
/*!
\ingroup PKCS7
\brief This function takes in a transmitted PKCS7 signed data message as
hash/header/footer, then extracts the certificate list and certificate
revocation list, and then verifies the signature. It stores the extracted
content in the given PKCS7 structure.
\return 0 Returned on successfully extracting the information
from the message
\return BAD_FUNC_ARG Returned if one of the input parameters is invalid
\return ASN_PARSE_E Returned if there is an error parsing from the
given pkiMsg
\return PKCS7_OID_E Returned if the given pkiMsg is not a signed data type
\return ASN_VERSION_E Returned if the PKCS7 signer info is not version 1
\return MEMORY_E Returned if there is an error allocating memory
\return PUBLIC_KEY_E Returned if there is an error parsing the public key
\return RSA_BUFFER_E Returned if buffer error, output too small or
input too large
\return BUFFER_E Returned if the given buffer is not large enough to
hold the encoded certificate
\return MP_INIT_E may be returned if there is an error generating
the signature
\return MP_READ_E may be returned if there is an error generating
the signature
\return MP_CMP_E may be returned if there is an error generating
the signature
\return MP_INVMOD_E may be returned if there is an error generating
the signature
\return MP_EXPTMOD_E may be returned if there is an error generating
the signature
\return MP_MOD_E may be returned if there is an error generating
the signature
\return MP_MUL_E may be returned if there is an error generating
the signature
\return MP_ADD_E may be returned if there is an error generating
the signature
\return MP_MULMOD_E may be returned if there is an error generating
the signature
\return MP_TO_E may be returned if there is an error generating
the signature
\return MP_MEM may be returned if there is an error generating the signature
\param pkcs7 pointer to the PKCS7 structure in which to store the parsed
certificates
\param hashBuf pointer to computed hash for the content data
\param hashSz size of the digest
\param pkiMsgHead pointer to the buffer containing the signed message header
to verify and decode
\param pkiMsgHeadSz size of the signed message header
\param pkiMsgFoot pointer to the buffer containing the signed message footer
to verify and decode
\param pkiMsgFootSz size of the signed message footer
_Example_
\code
PKCS7 pkcs7;
int ret;
byte data[] = {}; // initialize with data to sign
byte pkcs7HeadBuff[] = {}; // initialize with PKCS7 header
byte pkcs7FootBuff[] = {}; // initialize with PKCS7 footer
enum wc_HashType hashType = WC_HASH_TYPE_SHA;
byte hashBuf[WC_MAX_DIGEST_SIZE];
word32 hashSz = wc_HashGetDigestSize(hashType);
wc_PKCS7_InitWithCert(&pkcs7, NULL, 0);
// update message and data to encode
pkcs7.privateKey = key;
pkcs7.privateKeySz = keySz;
pkcs7.content = NULL;
pkcs7.contentSz = dataSz;
pkcs7.rng = &rng;
... etc.
// calculate hash for content
ret = wc_HashInit(&hash, hashType);
if (ret == 0) {
ret = wc_HashUpdate(&hash, hashType, data, sizeof(data));
if (ret == 0) {
ret = wc_HashFinal(&hash, hashType, hashBuf);
}
wc_HashFree(&hash, hashType);
}
ret = wc_PKCS7_VerifySignedData_ex(&pkcs7, hashBuf, hashSz, pkcs7HeadBuff,
sizeof(pkcs7HeadBuff), pkcs7FootBuff, sizeof(pkcs7FootBuff));
if ( ret != 0 ) {
// error encoding into output buffer
}
wc_PKCS7_Free(&pkcs7);
\endcode
\sa wc_PKCS7_InitWithCert
\sa wc_PKCS7_EncodeSignedData_ex
*/
int wc_PKCS7_VerifySignedData_ex(PKCS7* pkcs7, const byte* hashBuf,
word32 hashSz, byte* pkiMsgHead, word32 pkiMsgHeadSz, byte* pkiMsgFoot,
word32 pkiMsgFootSz);
/*!
\ingroup PKCS7
\brief This function builds the PKCS7 enveloped data content type, encoding
the PKCS7 structure into a buffer containing a parsable PKCS7 enveloped
data packet.
\return Success Returned on successfully encoding the message in enveloped
data format, returns the size written to the output buffer
\return BAD_FUNC_ARG: Returned if one of the input parameters is invalid,
or if the PKCS7 structure is missing required elements
\return ALGO_ID_E Returned if the PKCS7 structure is using an unsupported
algorithm type. Currently, only DESb and DES3b are supported
\return BUFFER_E Returned if the given output buffer is too small to store
the output data
\return MEMORY_E Returned if there is an error allocating memory
\return RNG_FAILURE_E Returned if there is an error initializing the random
number generator for encryption
\return DRBG_FAILED Returned if there is an error generating numbers with
the random number generator used for encryption
\param pkcs7 pointer to the PKCS7 structure to encode
\param output pointer to the buffer in which to store the encoded
certificate
\param outputSz size available in the output buffer
_Example_
\code
PKCS7 pkcs7;
int ret;
byte derBuff[] = { }; // initialize with DER-encoded certificate
byte pkcs7Buff[FOURK_BUF];
wc_PKCS7_InitWithCert(&pkcs7, derBuff, sizeof(derBuff));
// update message and data to encode
pkcs7.privateKey = key;
pkcs7.privateKeySz = keySz;
pkcs7.content = data;
pkcs7.contentSz = dataSz;
... etc.
ret = wc_PKCS7_EncodeEnvelopedData(&pkcs7, pkcs7Buff, sizeof(pkcs7Buff));
if ( ret != 0 ) {
// error encoding into output buffer
}
\endcode
\sa wc_PKCS7_InitWithCert
\sa wc_PKCS7_DecodeEnvelopedData
*/
int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7,
byte* output, word32 outputSz);
/*!
\ingroup PKCS7
\brief This function unwraps and decrypts a PKCS7 enveloped data content
type, decoding the message into output. It uses the private key of the
PKCS7 object passed in to decrypt the message.
\return On successfully extracting the information from the message,
returns the bytes written to output
\return BAD_FUNC_ARG Returned if one of the input parameters is invalid
\return ASN_PARSE_E Returned if there is an error parsing from the
given pkiMsg
\return PKCS7_OID_E Returned if the given pkiMsg is not an enveloped
data type
\return ASN_VERSION_E Returned if the PKCS7 signer info is not version 0
\return MEMORY_E Returned if there is an error allocating memory
\return ALGO_ID_E Returned if the PKCS7 structure is using an unsupported
algorithm type. Currently, only DESb and DES3b are supported for
encryption, with RSAk for signature generation
\return PKCS7_RECIP_E Returned if there is no recipient found in the
enveloped data that matches the recipient provided
\return RSA_BUFFER_E Returned if there is an error during RSA signature
verification due to buffer error, output too small or input too large.
\return MP_INIT_E may be returned if there is an error during signature
verification
\return MP_READ_E may be returned if there is an error during signature
verification
\return MP_CMP_E may be returned if there is an error during signature
verification
\return MP_INVMOD_E may be returned if there is an error during signature
verification
\return MP_EXPTMOD_E may be returned if there is an error during signature
verification
\return MP_MOD_E may be returned if there is an error during signature
verification
\return MP_MUL_E may be returned if there is an error during signature
verification
\return MP_ADD_E may be returned if there is an error during signature
verification
\return MP_MULMOD_E may be returned if there is an error during signature
verification
\return MP_TO_E may be returned if there is an error during signature
verification
\return MP_MEM may be returned if there is an error during signature
verification
\param pkcs7 pointer to the PKCS7 structure containing the private key with
which to decode the enveloped data package
\param pkiMsg pointer to the buffer containing the enveloped data package
\param pkiMsgSz size of the enveloped data package
\param output pointer to the buffer in which to store the decoded message
\param outputSz size available in the output buffer
_Example_
\code
PKCS7 pkcs7;
byte received[] = { }; // initialize with received enveloped message
byte decoded[FOURK_BUF];
int decodedSz;
// initialize pkcs7 with certificate
// update key
pkcs7.privateKey = key;
pkcs7.privateKeySz = keySz;
decodedSz = wc_PKCS7_DecodeEnvelopedData(&pkcs7, received,
sizeof(received),decoded, sizeof(decoded));
if ( decodedSz != 0 ) {
// error decoding message
}
\endcode
\sa wc_PKCS7_InitWithCert
\sa wc_PKCS7_EncodeEnvelopedData
*/
int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
word32 pkiMsgSz, byte* output,
word32 outputSz);

139
android/extern/wolfssl/doc/dox_comments/header_files/poly1305.h vendored Normal file
View File

@@ -0,0 +1,139 @@
/*!
\ingroup Poly1305
\brief This function sets the key for a Poly1305 context structure,
initializing it for hashing. Note: A new key should be set after
generating a message hash with wc_Poly1305Final to ensure security.
\return 0 Returned on successfully setting the key and initializing
the Poly1305 structure
\return BAD_FUNC_ARG Returned if the given key is not 32 bytes long,
or the Poly1305 context is NULL
\param ctx pointer to a Poly1305 structure to initialize
\param key pointer to the buffer containing the key to use for hashing
\param keySz size of the key in the buffer. Should be 32 bytes
_Example_
\code
Poly1305 enc;
byte key[] = { initialize with 32 byte key to use for hashing };
wc_Poly1305SetKey(&enc, key, sizeof(key));
\endcode
\sa wc_Poly1305Update
\sa wc_Poly1305Final
*/
int wc_Poly1305SetKey(Poly1305* poly1305, const byte* key,
word32 kySz);
/*!
\ingroup Poly1305
\brief This function updates the message to hash with the
Poly1305 structure.
\return 0 Returned on successfully updating the message to hash
\return BAD_FUNC_ARG Returned if the Poly1305 structure is NULL
\param ctx pointer to a Poly1305 structure for which to update
the message to hash
\param m pointer to the buffer containing the message which should
be added to the hash
\param bytes size of the message to hash
_Example_
\code
Poly1305 enc;
byte key[] = { }; // initialize with 32 byte key to use for encryption
byte msg[] = { }; // initialize with message to hash
wc_Poly1305SetKey(&enc, key, sizeof(key));
if( wc_Poly1305Update(key, msg, sizeof(msg)) != 0 ) {
// error updating message to hash
}
\endcode
\sa wc_Poly1305SetKey
\sa wc_Poly1305Final
*/
int wc_Poly1305Update(Poly1305* poly1305, const byte* m, word32 bytes);
/*!
\ingroup Poly1305
\brief This function calculates the hash of the input messages
and stores the result in mac. After this is called, the key
should be reset.
\return 0 Returned on successfully computing the final MAC
\return BAD_FUNC_ARG Returned if the Poly1305 structure is NULL
\param ctx pointer to a Poly1305 structure with which to generate the MAC
\param mac pointer to the buffer in which to store the MAC.
Should be POLY1305_DIGEST_SIZE (16 bytes) wide
_Example_
\code
Poly1305 enc;
byte mac[POLY1305_DIGEST_SIZE]; // space for a 16 byte mac
byte key[] = { }; // initialize with 32 byte key to use for encryption
byte msg[] = { }; // initialize with message to hash
wc_Poly1305SetKey(&enc, key, sizeof(key));
wc_Poly1305Update(key, msg, sizeof(msg));
if ( wc_Poly1305Final(&enc, mac) != 0 ) {
// error computing final MAC
}
\endcode
\sa wc_Poly1305SetKey
\sa wc_Poly1305Update
*/
int wc_Poly1305Final(Poly1305* poly1305, byte* tag);
/*!
\ingroup Poly1305
\brief Takes in an initialized Poly1305 struct that has a key
loaded and creates a MAC (tag) using recent TLS AEAD padding scheme.
\return 0 Success
\return BAD_FUNC_ARG Returned if ctx, input, or tag is null or if
additional is null and addSz is greater than 0 or if tagSz is less
than WC_POLY1305_MAC_SZ.
\param ctx Initialized Poly1305 struct to use
\param additional Additional data to use
\param addSz Size of additional buffer
\param input Input buffer to create tag from
\param sz Size of input buffer
\param tag Buffer to hold created tag
\param tagSz Size of input tag buffer (must be at least
WC_POLY1305_MAC_SZ(16))
_Example_
\code
Poly1305 ctx;
byte key[] = { }; // initialize with 32 byte key to use for hashing
byte additional[] = { }; // initialize with additional data
byte msg[] = { }; // initialize with message
byte tag[16];
wc_Poly1305SetKey(&ctx, key, sizeof(key));
if(wc_Poly1305_MAC(&ctx, additional, sizeof(additional), (byte*)msg,
sizeof(msg), tag, sizeof(tag)) != 0)
{
// Handle the error
}
\endcode
\sa wc_Poly1305SetKey
\sa wc_Poly1305Update
\sa wcPoly1305Final
*/
int wc_Poly1305_MAC(Poly1305* ctx, byte* additional, word32 addSz,
byte* input, word32 sz, byte* tag, word32 tagSz);

96
android/extern/wolfssl/doc/dox_comments/header_files/psa.h vendored Normal file
View File

@@ -0,0 +1,96 @@
/*!
\ingroup PSA
\brief This function enables PSA support on the given context.
\param ctx pointer to the WOLFSSL_CTX object on which the PSA support must be enabled
\return WOLFSSL_SUCCESS on success
\return BAD_FUNC_ARG if ctx == NULL
_Example_
\code
WOLFSSL_CTX *ctx;
ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
if (!ctx)
return NULL;
ret = wolfSSL_CTX_psa_enable(ctx);
if (ret != WOLFSSL_SUCCESS)
printf("can't enable PSA on ctx");
\endcode
\sa wolfSSL_set_psa_ctx
*/
int wolfSSL_CTX_psa_enable(WOLFSSL_CTX *ctx);
/*!
\ingroup PSA
\brief This function setup the PSA context for the given SSL session
\param ssl pointer to the WOLFSSL where the ctx will be enabled
\param ctx pointer to a struct psa_ssl_ctx (must be unique for a ssl session)
\return WOLFSSL_SUCCESS on success
\return BAD_FUNC_ARG if ssl or ctx are NULL
This function setup the PSA context for the TLS callbacks to the given SSL
session. At the end of the session, the resources used by the context
should be freed using wolfSSL_free_psa_ctx().
_Example_
\code
// Create new ssl session
WOLFSSL *ssl;
struct psa_ssl_ctx psa_ctx = { 0 };
ssl = wolfSSL_new(ctx);
if (!ssl)
return NULL;
// setup PSA context
ret = wolfSSL_set_psa_ctx(ssl, ctx);
\endcode
\sa wolfSSL_psa_set_private_key_id
\sa wolfSSL_psa_free_psa_ctx
*/
int wolfSSL_set_psa_ctx(WOLFSSL *ssl, struct psa_ssl_ctx *ctx);
/*!
\ingroup PSA
\brief This function releases the resources used by a PSA context
\param ctx pointer to a struct psa_ssl_ctx
\sa wolfSSL_set_psa_ctx
*/
void wolfSSL_free_psa_ctx(struct psa_ssl_ctx *ctx);
/*!
\ingroup PSA
\brief This function set the private key used by an SSL session
\param ctx pointer to a struct psa_ssl_ctx
\param id PSA id of the key to be used as private key
_Example_
\code
// Create new ssl session
WOLFSSL *ssl;
struct psa_ssl_ctx psa_ctx = { 0 };
psa_key_id_t key_id;
// key provisioning already done
get_private_key_id(&key_id);
ssl = wolfSSL_new(ctx);
if (!ssl)
return NULL;
wolfSSL_psa_set_private_key_id(&psa_ctx, key_id);
wolfSSL_set_psa_ctx(ssl, ctx);
\endcode
\sa wolfSSL_set_psa_ctx
*/
int wolfSSL_psa_set_private_key_id(struct psa_ssl_ctx *ctx,
psa_key_id_t id);

170
android/extern/wolfssl/doc/dox_comments/header_files/pwdbased.h vendored Normal file
View File

@@ -0,0 +1,170 @@
/*!
\ingroup Password
\brief This function implements the Password Based Key Derivation
Function 1 (PBKDF1), converting an input password with a concatenated salt
into a more secure key, which it stores in output. It allows the user to
select between SHA and MD5 as hash functions.
\return 0 Returned on successfully deriving a key from the input password
\return BAD_FUNC_ARG Returned if there is an invalid hash type given
(valid type are: MD5 and SHA), iterations is less than 1, or the key
length (kLen) requested is greater than the hash length of the provided hash
\return MEMORY_E Returned if there is an error allocating memory for a
SHA or MD5 object
\param output pointer to the buffer in which to store the generated key.
Should be at least kLen long
\param passwd pointer to the buffer containing the password to use for
the key derivation
\param pLen length of the password to use for key derivation
\param salt pointer to the buffer containing the salt to use for
key derivation
\param sLen length of the salt
\param iterations number of times to process the hash
\param kLen desired length of the derived key. Should not be longer
than the digest size of the hash chosen
\param hashType the hashing algorithm to use. Valid choices are WC_MD5 and WC_SHA
_Example_
\code
int ret;
byte key[WC_MD5_DIGEST_SIZE];
byte pass[] = { }; // initialize with password
byte salt[] = { }; // initialize with salt
ret = wc_PBKDF1(key, pass, sizeof(pass), salt, sizeof(salt), 1000,
sizeof(key), WC_MD5);
if ( ret != 0 ) {
// error deriving key from password
}
\endcode
\sa wc_PBKDF2
\sa wc_PKCS12_PBKDF
*/
int wc_PBKDF1(byte* output, const byte* passwd, int pLen,
const byte* salt, int sLen, int iterations, int kLen,
int typeH);
/*!
\ingroup Password
\brief This function implements the Password Based Key Derivation
Function 2 (PBKDF2), converting an input password with a concatenated
salt into a more secure key, which it stores in output. It allows the user
to select any of the supported HMAC hash functions, including: WC_MD5,
WC_SHA, WC_SHA256, WC_SHA384, WC_SHA512, WC_SHA3_224, WC_SHA3_256,
WC_SHA3_384 or WC_SHA3_512
\return 0 Returned on successfully deriving a key from the input password
\return BAD_FUNC_ARG Returned if there is an invalid hash type given or
iterations is less than 1
\return MEMORY_E Returned if there is an allocating memory for
the HMAC object
\param output pointer to the buffer in which to store the generated key.
Should be kLen long
\param passwd pointer to the buffer containing the password to use for
the key derivation
\param pLen length of the password to use for key derivation
\param salt pointer to the buffer containing the salt to use for
key derivation
\param sLen length of the salt
\param iterations number of times to process the hash
\param kLen desired length of the derived key
\param hashType the hashing algorithm to use. Valid choices are: WC_MD5,
WC_SHA, WC_SHA256, WC_SHA384, WC_SHA512, WC_SHA3_224, WC_SHA3_256,
WC_SHA3_384 or WC_SHA3_512
_Example_
\code
int ret;
byte key[64];
byte pass[] = { }; // initialize with password
byte salt[] = { }; // initialize with salt
ret = wc_PBKDF2(key, pass, sizeof(pass), salt, sizeof(salt), 2048, sizeof(key),
WC_SHA512);
if ( ret != 0 ) {
// error deriving key from password
}
\endcode
\sa wc_PBKDF1
\sa wc_PKCS12_PBKDF
*/
int wc_PBKDF2(byte* output, const byte* passwd, int pLen,
const byte* salt, int sLen, int iterations, int kLen,
int typeH);
/*!
\ingroup Password
\brief This function implements the Password Based Key Derivation Function
(PBKDF) described in RFC 7292 Appendix B. This function converts an input
password with a concatenated salt into a more secure key, which it stores
in output. It allows the user to select any of the supported HMAC hash
functions, including: WC_MD5, WC_SHA, WC_SHA256, WC_SHA384, WC_SHA512,
WC_SHA3_224, WC_SHA3_256, WC_SHA3_384 or WC_SHA3_512
\return 0 Returned on successfully deriving a key from the input password
\return BAD_FUNC_ARG Returned if there is an invalid hash type given,
iterations is less than 1, or the key length (kLen) requested is greater
than the hash length of the provided hash
\return MEMORY_E Returned if there is an allocating memory
\return MP_INIT_E may be returned if there is an error during key generation
\return MP_READ_E may be returned if there is an error during key generation
\return MP_CMP_E may be returned if there is an error during key generation
\return MP_INVMOD_E may be returned if there is an error during
key generation
\return MP_EXPTMOD_E may be returned if there is an error during
key generation
\return MP_MOD_E may be returned if there is an error during key generation
\return MP_MUL_E may be returned if there is an error during key generation
\return MP_ADD_E may be returned if there is an error during key generation
\return MP_MULMOD_E may be returned if there is an error during
key generation
\return MP_TO_E may be returned if there is an error during key generation
\return MP_MEM may be returned if there is an error during key generation
\param output pointer to the buffer in which to store the generated key.
Should be kLen long
\param passwd pointer to the buffer containing the password to use for
the key derivation
\param pLen length of the password to use for key derivation
\param salt pointer to the buffer containing the salt to use
for key derivation
\param sLen length of the salt
\param iterations number of times to process the hash
\param kLen desired length of the derived key
\param hashType the hashing algorithm to use. Valid choices are: WC_MD5,
WC_SHA, WC_SHA256, WC_SHA384, WC_SHA512, WC_SHA3_224, WC_SHA3_256,
WC_SHA3_384 or WC_SHA3_512
\param id this is a byte identifier indicating the purpose of key
generation. It is used to diversify the key output, and should be
assigned as follows: ID=1: pseudorandom bits are to be used as key
material for performing encryption or decryption. ID=2: pseudorandom
bits are to be used an IV (Initial Value) for encryption or decryption.
ID=3: pseudorandom bits are to be used as an integrity key for MACing.
_Example_
\code
int ret;
byte key[64];
byte pass[] = { }; // initialize with password
byte salt[] = { }; // initialize with salt
ret = wc_PKCS512_PBKDF(key, pass, sizeof(pass), salt, sizeof(salt), 2048,
sizeof(key), WC_SHA512, 1);
if ( ret != 0 ) {
// error deriving key from password
}
\endcode
\sa wc_PBKDF1
\sa wc_PBKDF2
*/
int wc_PKCS12_PBKDF(byte* output, const byte* passwd, int pLen,
const byte* salt, int sLen, int iterations,
int kLen, int typeH, int purpose);

606
android/extern/wolfssl/doc/dox_comments/header_files/quic.h vendored Normal file
View File

@@ -0,0 +1,606 @@
/*!
\ingroup QUIC
\brief Callback invoked when secrets are generated during a handshake.
Since QUIC protocol handlers perform the en-/decryption of packets, they
need the negotiated secrets for the levels early_data/handshake/application.
The callback will be invoked several times during a handshake. Either both
or only the read or write secret might be provided. This does not mean the
given encryption level is already in effect.
\return 1 on success, 0 on failure.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param level - the encryption level the secrets are for
\param read_secret - the secret used in decryption at the given level, may be NULL.
\param write_secret - the secret used in encryption at the given level, may be NULL.
\param secret_len - the length of the secret
\sa wolfSSL_set_quic_method
*/
int (*set_encryption_secrets)(WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level,
const uint8_t *read_secret,
const uint8_t *write_secret, size_t secret_len);
/*!
\ingroup QUIC
\brief Callback invoked for forwarding handshake CRYPTO data to peer.
The data forwarded this way is not encrypted. It is the job of the QUIC
protocol implementation to do this. Which secrets are to be used
is determined by the encryption level specified.
This callback may be invoked several times during handshake or post handshake
processing. The data may cover a complete CRYPTO record, but may also
be partial. However, the callback will have received all records data before
using another encryption level.
\return 1 on success, 0 on failure.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param level - the encryption level to use for encrypting the data
\param data - the data itself
\param len - the length of the data
\sa wolfSSL_set_quic_method
*/
int (*add_handshake_data)(WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level,
const uint8_t *data, size_t len);
/*!
\ingroup QUIC
\brief Callback invoked for advisory flushing of the data to send.
\return 1 on success, 0 on failure.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\sa wolfSSL_set_quic_method
*/
int (*flush_flight)(WOLFSSL *ssl);
/*!
\ingroup QUIC
\brief Callback invoked when an SSL alert happened during processing.
\return 1 on success, 0 on failure.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param level - the encryption level in effect when the alert happened
\param alert - the error
\sa wolfSSL_set_quic_method
*/
int (*send_alert)(WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level, uint8_t alert);
/*!
\ingroup QUIC
\brief Activate QUIC protocol for a WOLFSSL_CTX and all derived WOLFSSL instances
by providing the four callbacks required. The CTX needs to be a TLSv1.3 one.
The passed quic_method needs to have a lifetime outlasting the SSL instances.
It is not copied. All callbacks need to be provided.
\return WOLFSSL_SUCCESS If successful.
\param ctx - a pointer to a WOLFSSL_CTX structure, created using wolfSSL_CTX_new().
\param quic_method - the callback structure
\sa wolfSSL_is_quic
\sa wolfSSL_set_quic_method
*/
int wolfSSL_CTX_set_quic_method(WOLFSSL_CTX *ctx, const WOLFSSL_QUIC_METHOD *quic_method);
/*!
\ingroup QUIC
\brief Activate QUIC protocol for a WOLFSSL instance by providing the
four callbacks required. The WOLFSSL needs to be a TLSv1.3 one.
The passed quic_method needs to have a lifetime outlasting the SSL instance.
It is not copied. All callbacks need to be provided.
\return WOLFSSL_SUCCESS If successful.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param quic_method - the callback structure
\sa wolfSSL_is_quic
\sa wolfSSL_CTX_set_quic_method
*/
int wolfSSL_set_quic_method(WOLFSSL *ssl, const WOLFSSL_QUIC_METHOD *quic_method);
/*!
\ingroup QUIC
\brief Check if QUIC has been activated in a WOLFSSL instance.
\return 1 if WOLFSSL is using QUIC.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\sa wolfSSL_CTX_quic_method
\sa wolfSSL_CTX_set_quic_method
*/
int wolfSSL_is_quic(WOLFSSL *ssl);
/*!
\ingroup QUIC
\brief Determine the encryption level for reads currently in use. Meaningful only when
the WOLFSSL instance is using QUIC.
Note that the effective level is always a parameter when passing data back and
forth. Data from a peer might arrive at other levels than reported via this
function.
\return encryption level.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\sa wolfSSL_quic_write_level
*/
WOLFSSL_ENCRYPTION_LEVEL wolfSSL_quic_read_level(const WOLFSSL *ssl);
/*!
\ingroup QUIC
\brief Determine the encryption level for writes currently in use. Meaningful only when
the WOLFSSL instance is using QUIC.
Note that the effective level is always a parameter when passing data back and
forth. Data from a peer might arrive at other levels than reported via this
function.
\return encryption level.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\sa wolfSSL_quic_read_level
*/
WOLFSSL_ENCRYPTION_LEVEL wolfSSL_quic_write_level(const WOLFSSL *ssl);
/*!
\ingroup QUIC
\brief Configure which QUIC version shall be used. Without calling this,
the WOLFSSL will offer both (draft-27 and v1) to a server, resp. accept
both from a client and negotiate the most recent one.
\return WOLFSSL_SUCCESS If successful.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param use_legacy - true if draft-27 shall be used, 0 if only QUICv1 is used.
\sa wolfSSL_set_quic_transport_version
*/
void wolfSSL_set_quic_use_legacy_codepoint(WOLFSSL *ssl, int use_legacy);
/*!
\ingroup QUIC
\brief Configure which QUIC version shall be used.
\return WOLFSSL_SUCCESS If successful.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param version - the TLS Extension defined for the QUIC version.
\sa wolfSSL_set_quic_use_legacy_codepoint
*/
void wolfSSL_set_quic_transport_version(WOLFSSL *ssl, int version);
/*!
\ingroup QUIC
\brief Get the configured QUIC version.
\return TLS Extension of configured version.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\sa wolfSSL_set_quic_use_legacy_codepoint
\sa wolfSSL_set_quic_transport_version
*/
int wolfSSL_get_quic_transport_version(const WOLFSSL *ssl);
/*!
\ingroup QUIC
\brief Set the QUIC transport parameters to use.
\return WOLFSSL_SUCCESS If successful.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param params - the parameter bytes to use
·param params_len - the length of the parameters
\sa wolfSSL_set_quic_use_legacy_codepoint
\sa wolfSSL_set_quic_transport_version
*/
int wolfSSL_set_quic_transport_params(WOLFSSL *ssl, const uint8_t *params, size_t params_len);
/*!
\ingroup QUIC
\brief Get the negotiated QUIC transport version. This will only give
meaningful results when called after the respective TLS extensions have
been seen from the peer.
\return the negotiated version or -1.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\sa wolfSSL_set_quic_use_legacy_codepoint
\sa wolfSSL_set_quic_transport_version
*/
int wolfSSL_get_peer_quic_transport_version(const WOLFSSL *ssl);
/*!
\ingroup QUIC
\brief Get the negotiated QUIC transport parameters. This will only give
meaningful results when called after the respective TLS extensions have
been seen from the peer.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param out_params - the parameters sent be the peer, set to NULL if not available.
\param out_params_len - the length of the parameters sent be the peer, set to 0 if not available
\sa wolfSSL_get_peer_quic_transport_version
*/
void wolfSSL_get_peer_quic_transport_params(const WOLFSSL *ssl, const uint8_t **out_params, size_t *out_params_len);
/*!
\ingroup QUIC
\brief Configure if Early Data is enabled. Intended for servers to signal
this to clients.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param enabled - != 0 iff early data is enabled
*/
void wolfSSL_set_quic_early_data_enabled(WOLFSSL *ssl, int enabled);
/*!
\ingroup QUIC
\brief Get advice on the amount of data that shall be "in flight", e.g. unacknowledged
at the given encryption level. This is the amount of data the WOLFSSL instance
is prepared to buffer.
\return the recommend max data in flight
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param level - the encryption level to inquire about
*/
size_t wolfSSL_quic_max_handshake_flight_len(const WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level);
/*!
\ingroup QUIC
\brief Pass decrypted CRYPTO data to the WOLFSSL instance for further processing.
The encryption level between calls is only every allowed to increase and it is
also checked that data records are complete before a change in encryption
level is accepted.
\return WOLFSSL_SUCCESS If successful.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param level - the level the data was encrypted at
\param data - the data itself
\param len - the length of the data
\sa wolfSSL_process_quic_post_handshake
\sa wolfSSL_quic_read_write
\sa wolfSSL_accept
\sa wolfSSL_connect
*/
int wolfSSL_provide_quic_data(WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level, const uint8_t *data, size_t len);
/*!
\ingroup QUIC
\brief Process any CRYPTO records that have been provided after the handshake
has completed. Will fail if called before that.
\return WOLFSSL_SUCCESS If successful.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\sa wolfSSL_provide_quic_data
\sa wolfSSL_quic_read_write
\sa wolfSSL_accept
\sa wolfSSL_connect
*/
WOLFSSL_API int wolfSSL_process_quic_post_handshake(WOLFSSL *ssl);
/*!
\ingroup QUIC
\brief Process any CRYPTO records that have been provided during or after the handshake.
Will progress the handshake if not already complete and otherwise work like
wolfSSL_process_quic_post_handshake().
\return WOLFSSL_SUCCESS If successful.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\sa wolfSSL_provide_quic_data
\sa wolfSSL_quic_read_write
\sa wolfSSL_accept
\sa wolfSSL_connect
*/
int wolfSSL_quic_read_write(WOLFSSL *ssl);
/*!
\ingroup QUIC
\brief Get the AEAD cipher negotiated in the TLS handshake.
\return negotiated cipher or NULL if not determined.
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\sa wolfSSL_quic_aead_is_gcm
\sa wolfSSL_quic_aead_is_ccm
\sa wolfSSL_quic_aead_is_chacha20
\sa wolfSSL_quic_get_aead_tag_len
\sa wolfSSL_quic_get_md
\sa wolfSSL_quic_get_hp
\sa wolfSSL_quic_crypt_new
\sa wolfSSL_quic_aead_encrypt
\sa wolfSSL_quic_aead_decrypt
*/
const WOLFSSL_EVP_CIPHER *wolfSSL_quic_get_aead(WOLFSSL *ssl);
/*!
\ingroup QUIC
\brief Check if the AEAD cipher is GCM.
\return != 0 iff the AEAD cipher is GCM.
\param cipher - the cipher
\sa wolfSSL_quic_get_aead
\sa wolfSSL_quic_aead_is_ccm
\sa wolfSSL_quic_aead_is_chacha20
\sa wolfSSL_quic_get_aead_tag_len
\sa wolfSSL_quic_get_md
\sa wolfSSL_quic_get_hp
\sa wolfSSL_quic_crypt_new
\sa wolfSSL_quic_aead_encrypt
\sa wolfSSL_quic_aead_decrypt
*/
int wolfSSL_quic_aead_is_gcm(const WOLFSSL_EVP_CIPHER *aead_cipher);
/*!
\ingroup QUIC
\brief Check if the AEAD cipher is CCM.
\return != 0 iff the AEAD cipher is CCM.
\param cipher - the cipher
\sa wolfSSL_quic_get_aead
\sa wolfSSL_quic_aead_is_gcm
\sa wolfSSL_quic_aead_is_chacha20
\sa wolfSSL_quic_get_aead_tag_len
\sa wolfSSL_quic_get_md
\sa wolfSSL_quic_get_hp
\sa wolfSSL_quic_crypt_new
\sa wolfSSL_quic_aead_encrypt
\sa wolfSSL_quic_aead_decrypt
*/
int wolfSSL_quic_aead_is_ccm(const WOLFSSL_EVP_CIPHER *aead_cipher);
/*!
\ingroup QUIC
\brief Check if the AEAD cipher is CHACHA20.
\return != 0 iff the AEAD cipher is CHACHA20.
\param cipher - the cipher
\sa wolfSSL_quic_get_aead
\sa wolfSSL_quic_aead_is_ccm
\sa wolfSSL_quic_aead_is_gcm
\sa wolfSSL_quic_get_aead_tag_len
\sa wolfSSL_quic_get_md
\sa wolfSSL_quic_get_hp
\sa wolfSSL_quic_crypt_new
\sa wolfSSL_quic_aead_encrypt
\sa wolfSSL_quic_aead_decrypt
*/
int wolfSSL_quic_aead_is_chacha20(const WOLFSSL_EVP_CIPHER *aead_cipher);
/*!
\ingroup QUIC
\brief Determine the tag length for the AEAD cipher.
\return tag length of AEAD cipher.
\param cipher - the cipher
\sa wolfSSL_quic_get_aead
*/
WOLFSSL_API size_t wolfSSL_quic_get_aead_tag_len(const WOLFSSL_EVP_CIPHER *aead_cipher);
/*!
\ingroup QUIC
\brief Determine the message digest negotiated in the TLS handshake.
\return the message digest negotiated in the TLS handshake
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\sa wolfSSL_quic_get_aead
\sa wolfSSL_quic_get_hp
*/
WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_quic_get_md(WOLFSSL *ssl);
/*!
\ingroup QUIC
\brief Determine the header protection cipher negotiated in the TLS handshake.
\return the header protection cipher negotiated in the TLS handshake
\param ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
\sa wolfSSL_quic_get_aead
\sa wolfSSL_quic_get_md
*/
const WOLFSSL_EVP_CIPHER *wolfSSL_quic_get_hp(WOLFSSL *ssl);
/*!
\ingroup QUIC
\brief Create a cipher context for en-/decryption.
\return the created context or NULL in case of errors.
\param cipher - the cipher to use in the context.
\param key - the key to use in the context.
\param iv - the iv to use in the context.
\param encrypt - != 0 if for encryption, otherwise decryption
\sa wolfSSL_quic_get_aead
\sa wolfSSL_quic_get_hp
\sa wolfSSL_quic_aead_encrypt
\sa wolfSSL_quic_aead_decrypt
*/
WOLFSSL_EVP_CIPHER_CTX *wolfSSL_quic_crypt_new(const WOLFSSL_EVP_CIPHER *cipher,
const uint8_t *key, const uint8_t *iv, int encrypt);
/*!
\ingroup QUIC
\brief Encrypt the plain text in the given context.
\return WOLFSSL_SUCCESS If successful.
\param dest - destination where encrypted data is to be written
\param aead_ctx - the cipher context to use
\param plain - the plain data to encrypt
\param plainlen - the length of the plain data
\param iv - the iv to use
\param aad - the add to use
\param aadlen - the length of the aad
\sa wolfSSL_quic_get_aead
\sa wolfSSL_quic_get_hp
\sa wolfSSL_quic_crypt_new
\sa wolfSSL_quic_aead_decrypt
*/
int wolfSSL_quic_aead_encrypt(uint8_t *dest, WOLFSSL_EVP_CIPHER_CTX *aead_ctx,
const uint8_t *plain, size_t plainlen,
const uint8_t *iv, const uint8_t *aad, size_t aadlen);
/*!
\ingroup QUIC
\brief Decrypt the cipher text in the given context.
\return WOLFSSL_SUCCESS If successful.
\param dest - destination where plain text is to be written
\param ctx - the cipher context to use
\param enc - the encrypted data to decrypt
\param envlen - the length of the encrypted data
\param iv - the iv to use
\param aad - the add to use
\param aadlen - the length of the aad
\sa wolfSSL_quic_get_aead
\sa wolfSSL_quic_get_hp
\sa wolfSSL_quic_crypt_new
\sa wolfSSL_quic_aead_encrypt
*/
int wolfSSL_quic_aead_decrypt(uint8_t *dest, WOLFSSL_EVP_CIPHER_CTX *ctx,
const uint8_t *enc, size_t enclen,
const uint8_t *iv, const uint8_t *aad, size_t aadlen);
/*!
\ingroup QUIC
\brief Extract a pseudo random key.
\return WOLFSSL_SUCCESS If successful.
\param dest - destination where key is to be written
\param md - message digest to use
\param secret - the secret to use
\param secretlen - the length of the secret
\param salt - the salt to use
\param saltlen - the length of the salt
\sa wolfSSL_quic_hkdf_expand
\sa wolfSSL_quic_hkdf
*/
int wolfSSL_quic_hkdf_extract(uint8_t *dest, const WOLFSSL_EVP_MD *md,
const uint8_t *secret, size_t secretlen,
const uint8_t *salt, size_t saltlen);
/*!
\ingroup QUIC
\brief Expand a pseudo random key into a new key.
\return WOLFSSL_SUCCESS If successful.
\param dest - destination where key is to be written
\param destlen - length of the key to expand
\param md - message digest to use
\param secret - the secret to use
\param secretlen - the length of the secret
\param info - the info to use
\param infolen - the length of the info
\sa wolfSSL_quic_hkdf_extract
\sa wolfSSL_quic_hkdf
*/
int wolfSSL_quic_hkdf_expand(uint8_t *dest, size_t destlen,
const WOLFSSL_EVP_MD *md,
const uint8_t *secret, size_t secretlen,
const uint8_t *info, size_t infolen);
/*!
\ingroup QUIC
\brief Expand and Extract a pseudo random key.
\return WOLFSSL_SUCCESS If successful.
\param dest - destination where key is to be written
\param destlen - length of the key
\param md - message digest to use
\param secret - the secret to use
\param secretlen - the length of the secret
\param salt - the salt to use
\param saltlen - the length of the salt
\param info - the info to use
\param infolen - the length of the info
\sa wolfSSL_quic_hkdf_extract
\sa wolfSSL_quic_hkdf_expand
*/
int wolfSSL_quic_hkdf(uint8_t *dest, size_t destlen,
const WOLFSSL_EVP_MD *md,
const uint8_t *secret, size_t secretlen,
const uint8_t *salt, size_t saltlen,
const uint8_t *info, size_t infolen);

328
android/extern/wolfssl/doc/dox_comments/header_files/random.h vendored Normal file
View File

@@ -0,0 +1,328 @@
/*!
\ingroup Random
\brief Init global Whitewood netRandom context
\return 0 Success
\return BAD_FUNC_ARG Either configFile is null or timeout is negative.
\return RNG_FAILURE_E There was a failure initializing the rng.
\param configFile Path to configuration file
\param hmac_cb Optional to create HMAC callback.
\param timeout A timeout duration.
_Example_
\code
char* config = "path/to/config/example.conf";
int time = // Some sufficient timeout value;
if (wc_InitNetRandom(config, NULL, time) != 0)
{
// Some error occurred
}
\endcode
\sa wc_FreeNetRandom
*/
int wc_InitNetRandom(const char* configFile, wnr_hmac_key hmac_cb, int timeout);
/*!
\ingroup Random
\brief Free global Whitewood netRandom context.
\return 0 Success
\return BAD_MUTEX_E Error locking mutex on wnr_mutex
\param none No returns.
_Example_
\code
int ret = wc_FreeNetRandom();
if(ret != 0)
{
// Handle the error
}
\endcode
\sa wc_InitNetRandom
*/
int wc_FreeNetRandom(void);
/*!
\ingroup Random
\brief Gets the seed (from OS) and key cipher for rng. rng->drbg
(deterministic random bit generator) allocated (should be deallocated
with wc_FreeRng). This is a blocking operation.
\return 0 on success.
\return MEMORY_E XMALLOC failed
\return WINCRYPT_E wc_GenerateSeed: failed to acquire context
\return CRYPTGEN_E wc_GenerateSeed: failed to get random
\return BAD_FUNC_ARG wc_RNG_GenerateBlock input is null or sz exceeds
MAX_REQUEST_LEN
\return DRBG_CONT_FIPS_E wc_RNG_GenerateBlock: Hash_gen returned
DRBG_CONT_FAILURE
\return RNG_FAILURE_E wc_RNG_GenerateBlock: Default error. rngs
status originally not ok, or set to DRBG_FAILED
\param rng random number generator to be initialized for use
with a seed and key cipher
_Example_
\code
RNG rng;
int ret;
#ifdef HAVE_CAVIUM
ret = wc_InitRngCavium(&rng, CAVIUM_DEV_ID);
if (ret != 0){
printf(“RNG Nitrox init for device: %d failed”, CAVIUM_DEV_ID);
return -1;
}
#endif
ret = wc_InitRng(&rng);
if (ret != 0){
printf(“RNG init failed”);
return -1;
}
\endcode
\sa wc_InitRngCavium
\sa wc_RNG_GenerateBlock
\sa wc_RNG_GenerateByte
\sa wc_FreeRng
\sa wc_RNG_HealthTest
*/
int wc_InitRng(WC_RNG*);
/*!
\ingroup Random
\brief Copies a sz bytes of pseudorandom data to output. Will
reseed rng if needed (blocking).
\return 0 on success
\return BAD_FUNC_ARG an input is null or sz exceeds MAX_REQUEST_LEN
\return DRBG_CONT_FIPS_E Hash_gen returned DRBG_CONT_FAILURE
\return RNG_FAILURE_E Default error. rngs status originally not
ok, or set to DRBG_FAILED
\param rng random number generator initialized with wc_InitRng
\param output buffer to which the block is copied
\param sz size of output in bytes
_Example_
\code
RNG rng;
int sz = 32;
byte block[sz];
int ret = wc_InitRng(&rng);
if (ret != 0) {
return -1; //init of rng failed!
}
ret = wc_RNG_GenerateBlock(&rng, block, sz);
if (ret != 0) {
return -1; //generating block failed!
}
\endcode
\sa wc_InitRngCavium, wc_InitRng
\sa wc_RNG_GenerateByte
\sa wc_FreeRng
\sa wc_RNG_HealthTest
*/
int wc_RNG_GenerateBlock(WC_RNG* rng, byte* b, word32 sz);
/*!
\ingroup Random
\brief Creates a new WC_RNG structure.
\return WC_RNG structure on success
\return NULL on error
\param heap pointer to a heap identifier
\param nonce pointer to the buffer containing the nonce
\param nonceSz length of the nonce
_Example_
\code
RNG rng;
byte nonce[] = { initialize nonce };
word32 nonceSz = sizeof(nonce);
wc_rng_new(&nonce, nonceSz, &heap);
\endcode
\sa wc_InitRng
\sa wc_rng_free
\sa wc_FreeRng
\sa wc_RNG_HealthTest
*/
WC_RNG* wc_rng_new(byte* nonce, word32 nonceSz, void* heap)
/*!
\ingroup Random
\brief Calls wc_RNG_GenerateBlock to copy a byte of pseudorandom
data to b. Will reseed rng if needed.
\return 0 on success
\return BAD_FUNC_ARG an input is null or sz exceeds MAX_REQUEST_LEN
\return DRBG_CONT_FIPS_E Hash_gen returned DRBG_CONT_FAILURE
\return RNG_FAILURE_E Default error. rngs status originally not
ok, or set to DRBG_FAILED
\param rng: random number generator initialized with wc_InitRng
\param b one byte buffer to which the block is copied
_Example_
\code
RNG rng;
int sz = 32;
byte b[1];
int ret = wc_InitRng(&rng);
if (ret != 0) {
return -1; //init of rng failed!
}
ret = wc_RNG_GenerateByte(&rng, b);
if (ret != 0) {
return -1; //generating block failed!
}
\endcode
\sa wc_InitRngCavium
\sa wc_InitRng
\sa wc_RNG_GenerateBlock
\sa wc_FreeRng
\sa wc_RNG_HealthTest
*/
int wc_RNG_GenerateByte(WC_RNG* rng, byte* b);
/*!
\ingroup Random
\brief Should be called when RNG no longer needed in order to securely
free drgb. Zeros and XFREEs rng-drbg.
\return 0 on success
\return BAD_FUNC_ARG rng or rng->drgb null
\return RNG_FAILURE_E Failed to deallocated drbg
\param rng random number generator initialized with wc_InitRng
_Example_
\code
RNG rng;
int ret = wc_InitRng(&rng);
if (ret != 0) {
return -1; //init of rng failed!
}
int ret = wc_FreeRng(&rng);
if (ret != 0) {
return -1; //free of rng failed!
}
\endcode
\sa wc_InitRngCavium
\sa wc_InitRng
\sa wc_RNG_GenerateBlock
\sa wc_RNG_GenerateByte,
\sa wc_RNG_HealthTest
*/
int wc_FreeRng(WC_RNG*);
/*!
\ingroup Random
\brief Should be called when RNG no longer needed in order to securely
free rng.
\param rng random number generator initialized with wc_InitRng
_Example_
\code
RNG rng;
byte nonce[] = { initialize nonce };
word32 nonceSz = sizeof(nonce);
rng = wc_rng_new(&nonce, nonceSz, &heap);
// use rng
wc_rng_free(&rng);
\endcode
\sa wc_InitRng
\sa wc_rng_new
\sa wc_FreeRng
\sa wc_RNG_HealthTest
*/
WC_RNG* wc_rng_free(WC_RNG* rng);
/*!
\ingroup Random
\brief Creates and tests functionality of drbg.
\return 0 on success
\return BAD_FUNC_ARG entropyA and output must not be null. If reseed
set entropyB must not be null
\return -1 test failed
\param int reseed: if set, will test reseed functionality
\param entropyA: entropy to instantiate drgb with
\param entropyASz: size of entropyA in bytes
\param entropyB: If reseed set, drbg will be reseeded with entropyB
\param entropyBSz: size of entropyB in bytes
\param output: initialized to random data seeded with entropyB if
seedrandom is set, and entropyA otherwise
\param outputSz: length of output in bytes
_Example_
\code
byte output[SHA256_DIGEST_SIZE * 4];
const byte test1EntropyB[] = ....; // test input for reseed false
const byte test1Output[] = ....; // testvector: expected output of
// reseed false
ret = wc_RNG_HealthTest(0, test1Entropy, sizeof(test1Entropy), NULL, 0,
output, sizeof(output));
if (ret != 0)
return -1;//healthtest without reseed failed
if (XMEMCMP(test1Output, output, sizeof(output)) != 0)
return -1; //compare to testvector failed: unexpected output
const byte test2EntropyB[] = ....; // test input for reseed
const byte test2Output[] = ....; // testvector expected output of reseed
ret = wc_RNG_HealthTest(1, test2EntropyA, sizeof(test2EntropyA),
test2EntropyB, sizeof(test2EntropyB),
output, sizeof(output));
if (XMEMCMP(test2Output, output, sizeof(output)) != 0)
return -1; //compare to testvector failed
\endcode
\sa wc_InitRngCavium
\sa wc_InitRng
\sa wc_RNG_GenerateBlock
\sa wc_RNG_GenerateByte
\sa wc_FreeRng
*/
int wc_RNG_HealthTest(int reseed,
const byte* entropyA, word32 entropyASz,
const byte* entropyB, word32 entropyBSz,
byte* output, word32 outputSz);

103
android/extern/wolfssl/doc/dox_comments/header_files/ripemd.h vendored Normal file
View File

@@ -0,0 +1,103 @@
/*!
\ingroup RIPEMD
\brief This function initializes a ripemd structure by initializing
ripemds digest, buffer, loLen and hiLen.
\return 0 returned on successful execution of the function. The RipeMd
structure is initialized.
\return BAD_FUNC_ARG returned if the RipeMd structure is NULL.
\param ripemd pointer to the ripemd structure to initialize
_Example_
\code
RipeMd md;
int ret;
ret = wc_InitRipeMd(&md);
if (ret != 0) {
// Failure case.
}
\endcode
\sa wc_RipeMdUpdate
\sa wc_RipeMdFinal
*/
int wc_InitRipeMd(RipeMd*);
/*!
\ingroup RIPEMD
\brief This function generates the RipeMd digest of the data input and
stores the result in the ripemd->digest buffer. After running
wc_RipeMdUpdate, one should compare the generated ripemd->digest to a
known authentication tag to verify the authenticity of a message.
\return 0 Returned on successful execution of the function.
\return BAD_FUNC_ARG Returned if the RipeMd structure is NULL or if data
is NULL and len is not zero. This function should execute if data is NULL
and len is 0.
\param ripemd: pointer to the ripemd structure to be initialized with
wc_InitRipeMd
\param data data to be hashed
\param len sizeof data in bytes
_Example_
\code
const byte* data; // The data to be hashed
....
RipeMd md;
int ret;
ret = wc_InitRipeMd(&md);
if (ret == 0) {
ret = wc_RipeMdUpdate(&md, plain, sizeof(plain));
if (ret != 0) {
// Failure case …
\endcode
\sa wc_InitRipeMd
\sa wc_RipeMdFinal
*/
int wc_RipeMdUpdate(RipeMd* ripemd, const byte* data, word32 len);
/*!
\ingroup RIPEMD
\brief This function copies the computed digest into hash. If there is a
partial unhashed block, this method will pad the block with 0s, and
include that blocks round in the digest before copying to hash. State
of ripemd is reset.
\return 0 Returned on successful execution of the function. The state of
the RipeMd structure has been reset.
\return BAD_FUNC_ARG Returned if the RipeMd structure or hash parameters
are NULL.
\param ripemd pointer to the ripemd structure to be initialized with
wc_InitRipeMd, and containing hashes from wc_RipeMdUpdate. State will
be reset
\param hash buffer to copy digest to. Should be RIPEMD_DIGEST_SIZE bytes
_Example_
\code
RipeMd md;
int ret;
byte digest[RIPEMD_DIGEST_SIZE];
const byte* data; // The data to be hashed
...
ret = wc_InitRipeMd(&md);
if (ret == 0) {
ret = wc_RipeMdUpdate(&md, plain, sizeof(plain));
if (ret != 0) {
// RipeMd Update Failure Case.
}
ret = wc_RipeMdFinal(&md, digest);
if (ret != 0) {
// RipeMd Final Failure Case.
}...
\endcode
\sa none
*/
int wc_RipeMdFinal(RipeMd* ripemd, byte* hash);

1559
android/extern/wolfssl/doc/dox_comments/header_files/rsa.h vendored Normal file
View File

File diff suppressed because it is too large Load Diff

143
android/extern/wolfssl/doc/dox_comments/header_files/sakke.h vendored Normal file
View File

@@ -0,0 +1,143 @@
/*!
\ingroup SAKKE_Setup
*/
int wc_InitSakkeKey(SakkeKey* key, void* heap, int devId);
/*!
\ingroup SAKKE_Setup
*/
int wc_InitSakkeKey_ex(SakkeKey* key, int keySize, int curveId,
void* heap, int devId);
/*!
\ingroup SAKKE_Setup
*/
void wc_FreeSakkeKey(SakkeKey* key);
/*!
\ingroup SAKKE_Setup
*/
int wc_MakeSakkeKey(SakkeKey* key, WC_RNG* rng);
/*!
\ingroup SAKKE_Setup
*/
int wc_MakeSakkePublicKey(SakkeKey* key, ecc_point* pub);
/*!
\ingroup SAKKE_RSK
*/
int wc_MakeSakkeRsk(SakkeKey* key, const byte* id, word16 idSz,
ecc_point* rsk);
/*!
\ingroup SAKKE_RSK
*/
int wc_ValidateSakkeRsk(SakkeKey* key, const byte* id, word16 idSz,
ecc_point* rsk, int* valid);
/*!
\ingroup SAKKE_RSK
*/
int wc_GenerateSakkeRskTable(const SakkeKey* key,
const ecc_point* rsk, byte* table, word32* len);
/*!
\ingroup SAKKE_Setup
*/
int wc_ExportSakkeKey(SakkeKey* key, byte* data, word32* sz);
/*!
\ingroup SAKKE_Setup
*/
int wc_ImportSakkeKey(SakkeKey* key, const byte* data, word32 sz);
/*!
\ingroup SAKKE_Setup
*/
int wc_ExportSakkePrivateKey(SakkeKey* key, byte* data, word32* sz);
/*!
\ingroup SAKKE_Setup
*/
int wc_ImportSakkePrivateKey(SakkeKey* key, const byte* data,
word32 sz);
/*!
\ingroup SAKKE_RSK
*/
int wc_EncodeSakkeRsk(const SakkeKey* key, ecc_point* rsk,
byte* out, word32* sz, int raw);
/*!
\ingroup SAKKE_RSK
*/
int wc_DecodeSakkeRsk(const SakkeKey* key, const byte* data,
word32 sz, ecc_point* rsk);
/*!
\ingroup SAKKE_RSK
*/
int wc_ImportSakkeRsk(SakkeKey* key, const byte* data, word32 sz);
/*!
\ingroup SAKKE_Setup
*/
int wc_ExportSakkePublicKey(SakkeKey* key, byte* data,
word32* sz, int raw);
/*!
\ingroup SAKKE_Setup
*/
int wc_ImportSakkePublicKey(SakkeKey* key, const byte* data,
word32 sz, int trusted);
/*!
\ingroup SAKKE_Operations
*/
int wc_GetSakkeAuthSize(SakkeKey* key, word16* authSz);
/*!
\ingroup SAKKE_Setup
*/
int wc_SetSakkeIdentity(SakkeKey* key, const byte* id, word16 idSz);
/*!
\ingroup SAKKE_Operations
*/
int wc_MakeSakkePointI(SakkeKey* key, const byte* id, word16 idSz);
/*!
\ingroup SAKKE_Operations
*/
int wc_GetSakkePointI(SakkeKey* key, byte* data, word32* sz);
/*!
\ingroup SAKKE_Operations
*/
int wc_SetSakkePointI(SakkeKey* key, const byte* id, word16 idSz,
const byte* data, word32 sz);
/*!
\ingroup SAKKE_Operations
*/
int wc_GenerateSakkePointITable(SakkeKey* key, byte* table,
word32* len);
/*!
\ingroup SAKKE_Operations
*/
int wc_SetSakkePointITable(SakkeKey* key, byte* table, word32 len);
/*!
\ingroup SAKKE_Operations
*/
int wc_ClearSakkePointITable(SakkeKey* key);
/*!
\ingroup SAKKE_Operations
*/
int wc_MakeSakkeEncapsulatedSSV(SakkeKey* key,
enum wc_HashType hashType, byte* ssv, word16 ssvSz, byte* auth,
word16* authSz);
/*!
\ingroup SAKKE_Operations
*/
int wc_GenerateSakkeSSV(SakkeKey* key, WC_RNG* rng, byte* ssv,
word16* ssvSz);
/*!
\ingroup SAKKE_RSK
*/
int wc_SetSakkeRsk(SakkeKey* key, const ecc_point* rsk, byte* table,
word32 len);
/*!
\ingroup SAKKE_Operations
*/
int wc_DeriveSakkeSSV(SakkeKey* key, enum wc_HashType hashType,
byte* ssv, word16 ssvSz, const byte* auth,
word16 authSz);

145
android/extern/wolfssl/doc/dox_comments/header_files/sha.h vendored Normal file
View File

@@ -0,0 +1,145 @@
/*!
\ingroup SHA
\brief This function initializes SHA. This is automatically called
by wc_ShaHash.
\return 0 Returned upon successfully initializing
\param sha pointer to the sha structure to use for encryption
_Example_
\code
Sha sha[1];
if ((ret = wc_InitSha(sha)) != 0) {
WOLFSSL_MSG("wc_InitSha failed");
}
else {
wc_ShaUpdate(sha, data, len);
wc_ShaFinal(sha, hash);
}
\endcode
\sa wc_ShaHash
\sa wc_ShaUpdate
\sa wc_ShaFinal
*/
int wc_InitSha(wc_Sha*);
/*!
\ingroup SHA
\brief Can be called to continually hash the provided byte array of
length len.
\return 0 Returned upon successfully adding the data to the digest.
\param sha pointer to the sha structure to use for encryption
\param data the data to be hashed
\param len length of data to be hashed
_Example_
\code
Sha sha[1];
byte data[] = { // Data to be hashed };
word32 len = sizeof(data);
if ((ret = wc_InitSha(sha)) != 0) {
WOLFSSL_MSG("wc_InitSha failed");
}
else {
wc_ShaUpdate(sha, data, len);
wc_ShaFinal(sha, hash);
}
\endcode
\sa wc_ShaHash
\sa wc_ShaFinal
\sa wc_InitSha
*/
int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len);
/*!
\ingroup SHA
\brief Finalizes hashing of data. Result is placed into hash.
Resets state of sha struct.
\return 0 Returned upon successfully finalizing.
\param sha pointer to the sha structure to use for encryption
\param hash Byte array to hold hash value.
_Example_
\code
Sha sha[1];
byte data[] = { Data to be hashed };
word32 len = sizeof(data);
if ((ret = wc_InitSha(sha)) != 0) {
WOLFSSL_MSG("wc_InitSha failed");
}
else {
wc_ShaUpdate(sha, data, len);
wc_ShaFinal(sha, hash);
}
\endcode
\sa wc_ShaHash
\sa wc_InitSha
\sa wc_ShaGetHash
*/
int wc_ShaFinal(wc_Sha* sha, byte* hash);
/*!
\ingroup SHA
\brief Used to clean up memory used by an initialized Sha struct.
Note: this is only supported if you have WOLFSSL_TI_HASH defined.
\return No returns.
\param sha Pointer to the Sha struct to free.
_Example_
\code
Sha sha;
wc_InitSha(&sha);
// Use sha
wc_ShaFree(&sha);
\endcode
\sa wc_InitSha
\sa wc_ShaUpdate
\sa wc_ShaFinal
*/
void wc_ShaFree(wc_Sha*);
/*!
\ingroup SHA
\brief Gets hash data. Result is placed into hash. Does not reset state
of sha struct.
\return 0 Returned upon successfully finalizing.
\param sha pointer to the sha structure to use for encryption
\param hash Byte array to hold hash value.
_Example_
\code
Sha sha[1];
if ((ret = wc_InitSha(sha)) != 0) {
WOLFSSL_MSG("wc_InitSha failed");
}
else {
wc_ShaUpdate(sha, data, len);
wc_ShaGetHash(sha, hash);
}
\endcode
\sa wc_ShaHash
\sa wc_ShaFinal
\sa wc_InitSha
*/
int wc_ShaGetHash(wc_Sha* sha, byte* hash);

246
android/extern/wolfssl/doc/dox_comments/header_files/sha256.h vendored Normal file
View File

@@ -0,0 +1,246 @@
/*!
\ingroup SHA
\brief This function initializes SHA256. This is automatically
called by wc_Sha256Hash.
\return 0 Returned upon successfully initializing
\param sha256 pointer to the sha256 structure to use for encryption
_Example_
\code
Sha256 sha256[1];
if ((ret = wc_InitSha256(sha256)) != 0) {
WOLFSSL_MSG("wc_InitSha256 failed");
}
else {
wc_Sha256Update(sha256, data, len);
wc_Sha256Final(sha256, hash);
}
\endcode
\sa wc_Sha256Hash
\sa wc_Sha256Update
\sa wc_Sha256Final
*/
int wc_InitSha256(wc_Sha256*);
/*!
\ingroup SHA
\brief Can be called to continually hash the provided byte
array of length len.
\return 0 Returned upon successfully adding the data to the digest.
\param sha256 pointer to the sha256 structure to use for encryption
\param data the data to be hashed
\param len length of data to be hashed
_Example_
\code
Sha256 sha256[1];
byte data[] = { Data to be hashed };
word32 len = sizeof(data);
if ((ret = wc_InitSha256(sha256)) != 0) {
WOLFSSL_MSG("wc_InitSha256 failed");
}
else {
wc_Sha256Update(sha256, data, len);
wc_Sha256Final(sha256, hash);
}
\endcode
\sa wc_Sha256Hash
\sa wc_Sha256Final
\sa wc_InitSha256
*/
int wc_Sha256Update(wc_Sha256* sha, const byte* data, word32 len);
/*!
\ingroup SHA
\brief Finalizes hashing of data. Result is placed into hash.
Resets state of sha256 struct.
\return 0 Returned upon successfully finalizing.
\param sha256 pointer to the sha256 structure to use for encryption
\param hash Byte array to hold hash value.
_Example_
\code
Sha256 sha256[1];
byte data[] = { Data to be hashed };
word32 len = sizeof(data);
if ((ret = wc_InitSha256(sha256)) != 0) {
WOLFSSL_MSG("wc_InitSha256 failed");
}
else {
wc_Sha256Update(sha256, data, len);
wc_Sha256Final(sha256, hash);
}
\endcode
\sa wc_Sha256Hash
\sa wc_Sha256GetHash
\sa wc_InitSha256
*/
int wc_Sha256Final(wc_Sha256* sha256, byte* hash);
/*!
\ingroup SHA
\brief Resets the Sha256 structure. Note: this is only supported
if you have WOLFSSL_TI_HASH defined.
\return none No returns.
\param sha256 Pointer to the sha256 structure to be freed.
_Example_
\code
Sha256 sha256;
byte data[] = { Data to be hashed };
word32 len = sizeof(data);
if ((ret = wc_InitSha256(&sha256)) != 0) {
WOLFSSL_MSG("wc_InitSha256 failed");
}
else {
wc_Sha256Update(&sha256, data, len);
wc_Sha256Final(&sha256, hash);
wc_Sha256Free(&sha256);
}
\endcode
\sa wc_InitSha256
\sa wc_Sha256Update
\sa wc_Sha256Final
*/
void wc_Sha256Free(wc_Sha256*);
/*!
\ingroup SHA
\brief Gets hash data. Result is placed into hash. Does not
reset state of sha256 struct.
\return 0 Returned upon successfully finalizing.
\param sha256 pointer to the sha256 structure to use for encryption
\param hash Byte array to hold hash value.
_Example_
\code
Sha256 sha256[1];
if ((ret = wc_InitSha256(sha256)) != 0) {
WOLFSSL_MSG("wc_InitSha256 failed");
}
else {
wc_Sha256Update(sha256, data, len);
wc_Sha256GetHash(sha256, hash);
}
\endcode
\sa wc_Sha256Hash
\sa wc_Sha256Final
\sa wc_InitSha256
*/
int wc_Sha256GetHash(wc_Sha256* sha256, byte* hash);
/*!
\ingroup SHA
\brief Used to initialize a Sha224 struct.
\return 0 Success
\return 1 Error returned because sha224 is null.
\param sha224 Pointer to a Sha224 struct to initialize.
_Example_
\code
Sha224 sha224;
if(wc_InitSha224(&sha224) != 0)
{
// Handle error
}
\endcode
\sa wc_Sha224Hash
\sa wc_Sha224Update
\sa wc_Sha224Final
*/
int wc_InitSha224(wc_Sha224*);
/*!
\ingroup SHA
\brief Can be called to continually hash the provided byte array
of length len.
\return 0 Success
\return 1 Error returned if function fails.
\return BAD_FUNC_ARG Error returned if sha224 or data is null.
\param sha224 Pointer to the Sha224 structure to use for encryption.
\param data Data to be hashed.
\param len Length of data to be hashed.
_Example_
\code
Sha224 sha224;
byte data[] = { /* Data to be hashed };
word32 len = sizeof(data);
if ((ret = wc_InitSha224(&sha224)) != 0) {
WOLFSSL_MSG("wc_InitSha224 failed");
}
else {
wc_Sha224Update(&sha224, data, len);
wc_Sha224Final(&sha224, hash);
}
\endcode
\sa wc_InitSha224
\sa wc_Sha224Final
\sa wc_Sha224Hash
*/
int wc_Sha224Update(wc_Sha224* sha224, const byte* data, word32 len);
/*!
\ingroup SHA
\brief Finalizes hashing of data. Result is placed into hash.
Resets state of sha224 struct.
\return 0 Success
\return <0 Error
\param sha224 pointer to the sha224 structure to use for encryption
\param hash Byte array to hold hash value.
_Example_
\code
Sha224 sha224;
byte data[] = { /* Data to be hashed };
word32 len = sizeof(data);
if ((ret = wc_InitSha224(&sha224)) != 0) {
WOLFSSL_MSG("wc_InitSha224 failed");
}
else {
wc_Sha224Update(&sha224, data, len);
wc_Sha224Final(&sha224, hash);
}
\endcode
\sa wc_InitSha224
\sa wc_Sha224Hash
\sa wc_Sha224Update
*/
int wc_Sha224Final(wc_Sha224* sha224, byte* hash);

1249
android/extern/wolfssl/doc/dox_comments/header_files/sha3.h vendored Normal file
View File

File diff suppressed because it is too large Load Diff

183
android/extern/wolfssl/doc/dox_comments/header_files/sha512.h vendored Normal file
View File

@@ -0,0 +1,183 @@
/*!
\ingroup SHA
\brief This function initializes SHA512. This is automatically called
by wc_Sha512Hash.
\return 0 Returned upon successfully initializing
\param sha512 pointer to the sha512 structure to use for encryption
_Example_
\code
Sha512 sha512[1];
if ((ret = wc_InitSha512(sha512)) != 0) {
WOLFSSL_MSG("wc_InitSha512 failed");
}
else {
wc_Sha512Update(sha512, data, len);
wc_Sha512Final(sha512, hash);
}
\endcode
\sa wc_Sha512Hash
\sa wc_Sha512Update
\sa wc_Sha512Final
*/
int wc_InitSha512(wc_Sha512*);
/*!
\ingroup SHA
\brief Can be called to continually hash the provided byte array
of length len.
\return 0 Returned upon successfully adding the data to the digest.
\param sha512 pointer to the sha512 structure to use for encryption
\param data the data to be hashed
\param len length of data to be hashed
_Example_
\code
Sha512 sha512[1];
byte data[] = { Data to be hashed };
word32 len = sizeof(data);
if ((ret = wc_InitSha512(sha512)) != 0) {
WOLFSSL_MSG("wc_InitSha512 failed");
}
else {
wc_Sha512Update(sha512, data, len);
wc_Sha512Final(sha512, hash);
}
\endcode
\sa wc_Sha512Hash
\sa wc_Sha512Final
\sa wc_InitSha512
*/
int wc_Sha512Update(wc_Sha512* sha, const byte* data, word32 len);
/*!
\ingroup SHA
\brief Finalizes hashing of data. Result is placed into hash.
\return 0 Returned upon successfully finalizing the hash.
\param sha512 pointer to the sha512 structure to use for encryption
\param hash Byte array to hold hash value.
_Example_
\code
Sha512 sha512[1];
byte data[] = { Data to be hashed };
word32 len = sizeof(data);
if ((ret = wc_InitSha512(sha512)) != 0) {
WOLFSSL_MSG("wc_InitSha512 failed");
}
else {
wc_Sha512Update(sha512, data, len);
wc_Sha512Final(sha512, hash);
}
\endcode
\sa wc_Sha512Hash
\sa wc_Sha512Final
\sa wc_InitSha512
*/
int wc_Sha512Final(wc_Sha512* sha512, byte* hash);
/*!
\ingroup SHA
\brief This function initializes SHA384. This is automatically called
by wc_Sha384Hash.
\return 0 Returned upon successfully initializing
\param sha384 pointer to the sha384 structure to use for encryption
_Example_
\code
Sha384 sha384[1];
if ((ret = wc_InitSha384(sha384)) != 0) {
WOLFSSL_MSG("wc_InitSha384 failed");
}
else {
wc_Sha384Update(sha384, data, len);
wc_Sha384Final(sha384, hash);
}
\endcode
\sa wc_Sha384Hash
\sa wc_Sha384Update
\sa wc_Sha384Final
*/
int wc_InitSha384(wc_Sha384*);
/*!
\ingroup SHA
\brief Can be called to continually hash the provided byte array
of length len.
\return 0 Returned upon successfully adding the data to the digest.
\param sha384 pointer to the sha384 structure to use for encryption
\param data the data to be hashed
\param len length of data to be hashed
_Example_
\code
Sha384 sha384[1];
byte data[] = { Data to be hashed };
word32 len = sizeof(data);
if ((ret = wc_InitSha384(sha384)) != 0) {
WOLFSSL_MSG("wc_InitSha384 failed");
}
else {
wc_Sha384Update(sha384, data, len);
wc_Sha384Final(sha384, hash);
}
\endcode
\sa wc_Sha384Hash
\sa wc_Sha384Final
\sa wc_InitSha384
*/
int wc_Sha384Update(wc_Sha384* sha, const byte* data, word32 len);
/*!
\ingroup SHA
\brief Finalizes hashing of data. Result is placed into hash.
\return 0 Returned upon successfully finalizing.
\param sha384 pointer to the sha384 structure to use for encryption
\param hash Byte array to hold hash value.
_Example_
\code
Sha384 sha384[1];
byte data[] = { Data to be hashed };
word32 len = sizeof(data);
if ((ret = wc_InitSha384(sha384)) != 0) {
WOLFSSL_MSG("wc_InitSha384 failed");
}
else {
wc_Sha384Update(sha384, data, len);
wc_Sha384Final(sha384, hash);
}
\endcode
\sa wc_Sha384Hash
\sa wc_Sha384Final
\sa wc_InitSha384
*/
int wc_Sha384Final(wc_Sha384* sha384, byte* hash);

147
android/extern/wolfssl/doc/dox_comments/header_files/signature.h vendored Normal file
View File

@@ -0,0 +1,147 @@
/*!
\ingroup Signature
\brief This function returns the maximum size of the resulting signature.
\return Returns SIG_TYPE_E if sig_type is not supported. Returns
BAD_FUNC_ARG if sig_type was invalid. A positive return value indicates
the maximum size of a signature.
\param sig_type A signature type enum value such as
WC_SIGNATURE_TYPE_ECC or WC_SIGNATURE_TYPE_RSA.
\param key Pointer to a key structure such as ecc_key or RsaKey.
\param key_len Size of the key structure.
_Example_
\code
// Get signature length
enum wc_SignatureType sig_type = WC_SIGNATURE_TYPE_ECC;
ecc_key eccKey;
word32 sigLen;
wc_ecc_init(&eccKey);
sigLen = wc_SignatureGetSize(sig_type, &eccKey, sizeof(eccKey));
if (sigLen > 0) {
// Success
}
\endcode
\sa wc_HashGetDigestSize
\sa wc_SignatureGenerate
\sa wc_SignatureVerify
*/
int wc_SignatureGetSize(enum wc_SignatureType sig_type,
const void* key, word32 key_len);
/*!
\ingroup Signature
\brief This function validates a signature by hashing the data and
using the resulting hash and key to verify the signature.
\return 0 Success
\return SIG_TYPE_E -231, signature type not enabled/ available
\return BAD_FUNC_ARG -173, bad function argument provided
\return BUFFER_E -132, output buffer too small or input too large.
\param hash_type A hash type from the “enum wc_HashType” such as
“WC_HASH_TYPE_SHA256”.
\param sig_type A signature type enum value such as
WC_SIGNATURE_TYPE_ECC or WC_SIGNATURE_TYPE_RSA.
\param data Pointer to buffer containing the data to hash.
\param data_len Length of the data buffer.
\param sig Pointer to buffer to output signature.
\param sig_len Length of the signature output buffer.
\param key Pointer to a key structure such as ecc_key or RsaKey.
\param key_len Size of the key structure.
_Example_
\code
int ret;
ecc_key eccKey;
// Import the public key
wc_ecc_init(&eccKey);
ret = wc_ecc_import_x963(eccPubKeyBuf, eccPubKeyLen, &eccKey);
// Perform signature verification using public key
ret = wc_SignatureVerify(
WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_ECC,
fileBuf, fileLen,
sigBuf, sigLen,
&eccKey, sizeof(eccKey));
printf("Signature Verification: %s
(%d)\n", (ret == 0) ? "Pass" : "Fail", ret);
wc_ecc_free(&eccKey);
\endcode
\sa wc_SignatureGetSize
\sa wc_SignatureGenerate
*/
int wc_SignatureVerify(
enum wc_HashType hash_type, enum wc_SignatureType sig_type,
const byte* data, word32 data_len,
const byte* sig, word32 sig_len,
const void* key, word32 key_len);
/*!
\ingroup Signature
\brief This function generates a signature from the data using a
key. It first creates a hash of the data then signs the hash using the key.
\return 0 Success
\return SIG_TYPE_E -231, signature type not enabled/ available
\return BAD_FUNC_ARG -173, bad function argument provided
\return BUFFER_E -132, output buffer too small or input too large.
\param hash_type A hash type from the “enum wc_HashType”
such as “WC_HASH_TYPE_SHA256”.
\param sig_type A signature type enum value such as
WC_SIGNATURE_TYPE_ECC or WC_SIGNATURE_TYPE_RSA.
\param data Pointer to buffer containing the data to hash.
\param data_len Length of the data buffer.
\param sig Pointer to buffer to output signature.
\param sig_len Length of the signature output buffer.
\param key Pointer to a key structure such as ecc_key or RsaKey.
\param key_len Size of the key structure.
\param rng Pointer to an initialized RNG structure.
_Example_
\code
int ret;
WC_RNG rng;
ecc_key eccKey;
wc_InitRng(&rng);
wc_ecc_init(&eccKey);
// Generate key
ret = wc_ecc_make_key(&rng, 32, &eccKey);
// Get signature length and allocate buffer
sigLen = wc_SignatureGetSize(sig_type, &eccKey, sizeof(eccKey));
sigBuf = malloc(sigLen);
// Perform signature verification using public key
ret = wc_SignatureGenerate(
WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_ECC,
fileBuf, fileLen,
sigBuf, &sigLen,
&eccKey, sizeof(eccKey),
&rng);
printf("Signature Generation: %s
(%d)\n", (ret == 0) ? "Pass" : "Fail", ret);
free(sigBuf);
wc_ecc_free(&eccKey);
wc_FreeRng(&rng);
\endcode
\sa wc_SignatureGetSize
\sa wc_SignatureVerify
*/
int wc_SignatureGenerate(
enum wc_HashType hash_type, enum wc_SignatureType sig_type,
const byte* data, word32 data_len,
byte* sig, word32 *sig_len,
const void* key, word32 key_len,
WC_RNG* rng);

151
android/extern/wolfssl/doc/dox_comments/header_files/siphash.h vendored Normal file
View File

@@ -0,0 +1,151 @@
/*!
\ingroup SipHash
\brief This function initializes SipHash with a key for a MAC size.
\return 0 Returned upon successfully initializing
\return BAD_FUNC_ARG Returned when siphash or key is NULL
\return BAD_FUNC_ARG Returned when outSz is neither 8 nor 16
\param siphash pointer to the SipHash structure to use for MACing
\param key pointer to the 16-byte array
\param outSz number of bytes to output as MAC
_Example_
\code
SipHash siphash[1];
unsigned char key[16] = { ... };
byte macSz = 8; // 8 or 16
if ((ret = wc_InitSipHash(siphash, key, macSz)) != 0) {
WOLFSSL_MSG("wc_InitSipHash failed");
}
else if ((ret = wc_SipHashUpdate(siphash, data, len)) != 0) {
WOLFSSL_MSG("wc_SipHashUpdate failed");
}
else if ((ret = wc_SipHashFinal(siphash, mac, macSz)) != 0) {
WOLFSSL_MSG("wc_SipHashFinal failed");
}
\endcode
\sa wc_SipHash
\sa wc_SipHashUpdate
\sa wc_SipHashFinal
*/
int wc_InitSipHash(SipHash* siphash, const unsigned char* key,
unsigned char outSz);
/*!
\ingroup SipHash
\brief Can be called to continually hash the provided byte
array of length len.
\return 0 Returned upon successfully adding the data to the MAC
\return BAD_FUNC_ARG Returned when siphash is NULL
\return BAD_FUNC_ARG Returned when in is NULL and inSz is not zero
\param siphash pointer to the SipHash structure to use for MACing
\param in the data to be MACed
\param inSz size of data to be MACed
_Example_
\code
SipHash siphash[1];
byte data[] = { Data to be MACed };
word32 len = sizeof(data);
if ((ret = wc_InitSipHash(siphash, key, macSz)) != 0) {
WOLFSSL_MSG("wc_InitSipHash failed");
}
else if ((ret = wc_SipHashUpdate(siphash, data, len)) != 0) {
WOLFSSL_MSG("wc_SipHashUpdate failed");
}
else if ((ret = wc_SipHashFinal(siphash, mac, macSz)) != 0) {
WOLFSSL_MSG("wc_SipHashFinal failed");
}
\endcode
\sa wc_SipHash
\sa wc_InitSipHash
\sa wc_SipHashFinal
*/
int wc_SipHashUpdate(SipHash* siphash, const unsigned char* in,
word32 inSz);
/*!
\ingroup SipHash
\brief Finalizes MACing of data. Result is placed into out.
\return 0 Returned upon successfully finalizing.
\return BAD_FUNC_ARG Returned when siphash of out is NULL
\return BAD_FUNC_ARG Returned when outSz is not the same as the initialized
value
\param siphash pointer to the SipHash structure to use for MACing
\param out Byte array to hold MAC value
\param outSz number of bytes to output as MAC
_Example_
\code
SipHash siphash[1];
byte mac[8] = { ... }; // 8 or 16 bytes
byte macSz = sizeof(mac);
if ((ret = wc_InitSipHash(siphash, key, macSz)) != 0) {
WOLFSSL_MSG("wc_InitSipHash failed");
}
else if ((ret = wc_SipHashUpdate(siphash, data, len)) != 0) {
WOLFSSL_MSG("wc_SipHashUpdate failed");
}
else if ((ret = wc_SipHashFinal(siphash, mac, macSz)) != 0) {
WOLFSSL_MSG("wc_SipHashFinal failed");
}
\endcode
\sa wc_SipHash
\sa wc_InitSipHash
\sa wc_SipHashUpdate
*/
int wc_SipHashFinal(SipHash* siphash, unsigned char* out,
unsigned char outSz);
/*!
\ingroup SipHash
\brief This function one-shots the data using SipHash to calculate a MAC
based on the key.
\return 0 Returned upon successfully MACing
\return BAD_FUNC_ARG Returned when key or out is NULL
\return BAD_FUNC_ARG Returned when in is NULL and inSz is not zero
\return BAD_FUNC_ARG Returned when outSz is neither 8 nor 16
\param key pointer to the 16-byte array
\param in the data to be MACed
\param inSz size of data to be MACed
\param out Byte array to hold MAC value
\param outSz number of bytes to output as MAC
_Example_
\code
unsigned char key[16] = { ... };
byte data[] = { Data to be MACed };
word32 len = sizeof(data);
byte mac[8] = { ... }; // 8 or 16 bytes
byte macSz = sizeof(mac);
if ((ret = wc_SipHash(key, data, len, mac, macSz)) != 0) {
WOLFSSL_MSG("wc_SipHash failed");
}
\endcode
\sa wc_InitSipHash
\sa wc_SipHashUpdate
\sa wc_SipHashFinal
*/
int wc_SipHash(const unsigned char* key, const unsigned char* in,
word32 inSz, unsigned char* out, unsigned char outSz);

507
android/extern/wolfssl/doc/dox_comments/header_files/srp.h vendored Normal file
View File

@@ -0,0 +1,507 @@
/*!
\ingroup SRP
\brief Initializes the Srp struct for usage.
\return 0 on success.
\return BAD_FUNC_ARG Returns when there's an issue with the arguments such
as srp being null or SrpSide not being SRP_CLIENT_SIDE or SRP_SERVER_SIDE.
\return NOT_COMPILED_IN Returns when a type is passed as an argument but
hasn't been configured in the wolfCrypt build.
\return <0 on error.
\param srp the Srp structure to be initialized.
\param type the hash type to be used.
\param side the side of the communication.
_Example_
\code
Srp srp;
if (wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE) != 0)
{
// Initialization error
}
else
{
wc_SrpTerm(&srp);
}
\endcode
\sa wc_SrpTerm
\sa wc_SrpSetUsername
*/
int wc_SrpInit(Srp* srp, SrpType type, SrpSide side);
/*!
\ingroup SRP
\brief Releases the Srp struct resources after usage.
\return none No returns.
\param srp Pointer to the Srp structure to be terminated.
_Example_
\code
Srp srp;
wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE);
// Use srp
wc_SrpTerm(&srp)
\endcode
\sa wc_SrpInit
*/
void wc_SrpTerm(Srp* srp);
/*!
\ingroup SRP
\brief Sets the username. This function MUST be called after wc_SrpInit.
\return 0 Username set successfully.
\return BAD_FUNC_ARG: Return if srp or username is null.
\return MEMORY_E: Returns if there is an issue allocating memory
for srp->user
\return < 0: Error.
\param srp the Srp structure.
\param username the buffer containing the username.
\param size the username size in bytes
_Example_
\code
Srp srp;
byte username[] = "user";
word32 usernameSize = 4;
wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE);
if(wc_SrpSetUsername(&srp, username, usernameSize) != 0)
{
// Error occurred setting username.
}
wc_SrpTerm(&srp);
\endcode
\sa wc_SrpInit
\sa wc_SrpSetParams
\sa wc_SrpTerm
*/
int wc_SrpSetUsername(Srp* srp, const byte* username, word32 size);
/*!
\ingroup SRP
\brief Sets the srp parameters based on the username.. Must be called
after wc_SrpSetUsername.
\return 0 Success
\return BAD_FUNC_ARG Returns if srp, N, g, or salt is null or if nSz < gSz.
\return SRP_CALL_ORDER_E Returns if wc_SrpSetParams is called before
wc_SrpSetUsername.
\return <0 Error
\param srp the Srp structure.
\param N the Modulus. N = 2q+1, [q, N] are primes.
\param nSz the N size in bytes.
\param g the Generator modulo N.
\param gSz the g size in bytes
\param salt a small random salt. Specific for each username.
\param saltSz the salt size in bytes
_Example_
\code
Srp srp;
byte username[] = "user";
word32 usernameSize = 4;
byte N[] = { }; // Contents of byte array N
byte g[] = { }; // Contents of byte array g
byte salt[] = { }; // Contents of byte array salt
wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE);
wc_SrpSetUsername(&srp, username, usernameSize);
if(wc_SrpSetParams(&srp, N, sizeof(N), g, sizeof(g), salt,
sizeof(salt)) != 0)
{
// Error setting params
}
wc_SrpTerm(&srp);
\endcode
\sa wc_SrpInit
\sa wc_SrpSetUsername
\sa wc_SrpTerm
*/
int wc_SrpSetParams(Srp* srp, const byte* N, word32 nSz,
const byte* g, word32 gSz,
const byte* salt, word32 saltSz);
/*!
\ingroup SRP
\brief Sets the password. Setting the password does not persists the
clear password data in the srp structure. The client calculates
x = H(salt + H(user:pswd)) and stores it in the auth field. This function
MUST be called after wc_SrpSetParams and is CLIENT SIDE ONLY.
\return 0 Success
\return BAD_FUNC_ARG Returns if srp or password is null or if srp->side
is not set to SRP_CLIENT_SIDE.
\return SRP_CALL_ORDER_E Returns when wc_SrpSetPassword is called out
of order.
\return <0 Error
\param srp The Srp structure.
\param password The buffer containing the password.
\param size The size of the password in bytes.
_Example_
\code
Srp srp;
byte username[] = "user";
word32 usernameSize = 4;
byte password[] = "password";
word32 passwordSize = 8;
byte N[] = { }; // Contents of byte array N
byte g[] = { }; // Contents of byte array g
byte salt[] = { }; // Contents of byte array salt
wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE);
wc_SrpSetUsername(&srp, username, usernameSize);
wc_SrpSetParams(&srp, N, sizeof(N), g, sizeof(g), salt, sizeof(salt));
if(wc_SrpSetPassword(&srp, password, passwordSize) != 0)
{
// Error setting password
}
wc_SrpTerm(&srp);
\endcode
\sa wc_SrpInit
\sa wc_SrpSetUsername
\sa wc_SrpSetParams
*/
int wc_SrpSetPassword(Srp* srp, const byte* password, word32 size);
/*!
\ingroup SRP
\brief Sets the verifier. This function MUST be called after
wc_SrpSetParams and is SERVER SIDE ONLY.
\return 0 Success
\return BAD_FUNC_ARG Returned if srp or verifier is null or
srp->side is not SRP_SERVER_SIDE.
\return <0 Error
\param srp The Srp structure.
\param verifier The structure containing the verifier.
\param size The verifier size in bytes.
_Example_
\code
Srp srp;
byte username[] = "user";
word32 usernameSize = 4;
byte N[] = { }; // Contents of byte array N
byte g[] = { }; // Contents of byte array g
byte salt[] = { }; // Contents of byte array salt
wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_SERVER_SIDE);
wc_SrpSetUsername(&srp, username, usernameSize);
wc_SrpSetParams(&srp, N, sizeof(N), g, sizeof(g), salt, sizeof(salt))
byte verifier[] = { }; // Contents of some verifier
if(wc_SrpSetVerifier(&srp, verifier, sizeof(verifier)) != 0)
{
// Error setting verifier
}
wc_SrpTerm(&srp);
\endcode
\sa wc_SrpInit
\sa wc_SrpSetParams
\sa wc_SrpGetVerifier
*/
int wc_SrpSetVerifier(Srp* srp, const byte* verifier, word32 size);
/*!
\ingroup SRP
\brief Gets the verifier. The client calculates the verifier
with v = g ^ x % N.
This function MAY be called after wc_SrpSetPassword and
is CLIENT SIDE ONLY.
\return 0 Success
\return BAD_FUNC_ARG Returned if srp, verifier or size is null
or if srp->side is not SRP_CLIENT_SIDE.
\return SRP_CALL_ORDER_E Returned if wc_SrpGetVerifier is called
out of order.
\return <0 Error
\param srp The Srp structure.
\param verifier The buffer to write the verifier.
\param size Buffer size in bytes. Updated with the verifier size.
_Example_
\code
Srp srp;
byte username[] = "user";
word32 usernameSize = 4;
byte password[] = "password";
word32 passwordSize = 8;
byte N[] = { }; // Contents of byte array N
byte g[] = { }; // Contents of byte array g
byte salt[] = { }; // Contents of byte array salt
byte v[64];
word32 vSz = 0;
vSz = sizeof(v);
wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE);
wc_SrpSetUsername(&srp, username, usernameSize);
wc_SrpSetParams(&srp, N, sizeof(N), g, sizeof(g), salt, sizeof(salt))
wc_SrpSetPassword(&srp, password, passwordSize)
if( wc_SrpGetVerifier(&srp, v, &vSz ) != 0)
{
// Error getting verifier
}
wc_SrpTerm(&srp);
\endcode
\sa wc_SrpSetVerifier
\sa wc_SrpSetPassword
*/
int wc_SrpGetVerifier(Srp* srp, byte* verifier, word32* size);
/*!
\ingroup SRP
\brief Sets the private ephemeral value. The private ephemeral value
is known as:
a at the client side. a = random()
b at the server side. b = random()
This function is handy for unit test cases or if the developer wants
to use an external
random source to set the ephemeral value. This function MAY be called
before wc_SrpGetPublic.
\return 0 Success
\return BAD_FUNC_ARG Returned if srp, private, or size is null.
\return SRP_CALL_ORDER_E Returned if wc_SrpSetPrivate is called out
of order.
\return <0 Error
\param srp the Srp structure.
\param priv the ephemeral value.
\param size the private size in bytes.
_Example_
\code
Srp srp;
byte username[] = "user";
word32 usernameSize = 4;
byte N[] = { }; // Contents of byte array N
byte g[] = { }; // Contents of byte array g
byte salt[] = { }; // Contents of byte array salt
byte verifier = { }; // Contents of some verifier
wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_SERVER_SIDE);
wc_SrpSetUsername(&srp, username, usernameSize);
wc_SrpSetParams(&srp, N, sizeof(N), g, sizeof(g), salt, sizeof(salt))
wc_SrpSetVerifier(&srp, verifier, sizeof(verifier))
byte b[] = { }; // Some ephemeral value
if( wc_SrpSetPrivate(&srp, b, sizeof(b)) != 0)
{
// Error setting private ephemeral
}
wc_SrpTerm(&srp);
\endcode
\sa wc_SrpGetPublic
*/
int wc_SrpSetPrivate(Srp* srp, const byte* priv, word32 size);
/*!
\ingroup SRP
\brief Gets the public ephemeral value. The public ephemeral value
is known as:
A at the client side. A = g ^ a % N
B at the server side. B = (k * v + (g ˆ b % N)) % N
This function MUST be called after wc_SrpSetPassword or wc_SrpSetVerifier.
The function wc_SrpSetPrivate may be called before wc_SrpGetPublic.
\return 0 Success
\return BAD_FUNC_ARG Returned if srp, pub, or size is null.
\return SRP_CALL_ORDER_E Returned if wc_SrpGetPublic is called out
of order.
\return BUFFER_E Returned if size < srp.N.
\return <0 Error
\param srp the Srp structure.
\param pub the buffer to write the public ephemeral value.
\param size the the buffer size in bytes. Will be updated with
the ephemeral value size.
_Example_
\code
Srp srp;
byte username[] = "user";
word32 usernameSize = 4;
byte password[] = "password";
word32 passwordSize = 8;
byte N[] = { }; // Contents of byte array N
byte g[] = { }; // Contents of byte array g
byte salt[] = { }; // Contents of byte array salt
wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE);
wc_SrpSetUsername(&srp, username, usernameSize);
wc_SrpSetParams(&srp, N, sizeof(N), g, sizeof(g), salt, sizeof(salt));
wc_SrpSetPassword(&srp, password, passwordSize)
byte public[64];
word32 publicSz = 0;
if( wc_SrpGetPublic(&srp, public, &publicSz) != 0)
{
// Error getting public ephemeral
}
wc_SrpTerm(&srp);
\endcode
\sa wc_SrpSetPrivate
\sa wc_SrpSetPassword
\sa wc_SrpSetVerifier
*/
int wc_SrpGetPublic(Srp* srp, byte* pub, word32* size);
/*!
\ingroup SRP
\brief Computes the session key. The key can be accessed at
srp->key after success.
\return 0 Success
\return BAD_FUNC_ARG Returned if srp, clientPubKey, or serverPubKey
or if clientPubKeySz or serverPubKeySz is 0.
\return SRP_CALL_ORDER_E Returned if wc_SrpComputeKey is called out
of order.
\return <0 Error
\param srp the Srp structure.
\param clientPubKey the client's public ephemeral value.
\param clientPubKeySz the client's public ephemeral value size.
\param serverPubKey the server's public ephemeral value.
\param serverPubKeySz the server's public ephemeral value size.
_Example_
\code
Srp server;
byte username[] = "user";
word32 usernameSize = 4;
byte password[] = "password";
word32 passwordSize = 8;
byte N[] = { }; // Contents of byte array N
byte g[] = { }; // Contents of byte array g
byte salt[] = { }; // Contents of byte array salt
byte verifier[] = { }; // Contents of some verifier
byte serverPubKey[] = { }; // Contents of server pub key
word32 serverPubKeySize = sizeof(serverPubKey);
byte clientPubKey[64];
word32 clientPubKeySize = 64;
wc_SrpInit(&server, SRP_TYPE_SHA, SRP_SERVER_SIDE);
wc_SrpSetUsername(&server, username, usernameSize);
wc_SrpSetParams(&server, N, sizeof(N), g, sizeof(g), salt, sizeof(salt));
wc_SrpSetVerifier(&server, verifier, sizeof(verifier));
wc_SrpGetPublic(&server, serverPubKey, &serverPubKeySize);
wc_SrpComputeKey(&server, clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySize)
wc_SrpTerm(&server);
\endcode
\sa wc_SrpGetPublic
*/
int wc_SrpComputeKey(Srp* srp,
byte* clientPubKey, word32 clientPubKeySz,
byte* serverPubKey, word32 serverPubKeySz);
/*!
\ingroup SRP
\brief Gets the proof. This function MUST be called after wc_SrpComputeKey.
\return 0 Success
\return BAD_FUNC_ARG Returns if srp, proof, or size is null.
\return BUFFER_E Returns if size is less than the hash size of srp->type.
\return <0 Error
\param srp the Srp structure.
\param proof the peers proof.
\param size the proof size in bytes.
_Example_
\code
Srp cli;
byte clientProof[SRP_MAX_DIGEST_SIZE];
word32 clientProofSz = SRP_MAX_DIGEST_SIZE;
// Initialize Srp following steps from previous examples
if (wc_SrpGetProof(&cli, clientProof, &clientProofSz) != 0)
{
// Error getting proof
}
\endcode
\sa wc_SrpComputeKey
*/
int wc_SrpGetProof(Srp* srp, byte* proof, word32* size);
/*!
\ingroup SRP
\brief Verifies the peers proof. This function MUST be called before
wc_SrpGetSessionKey.
\return 0 Success
\return <0 Error
\param srp the Srp structure.
\param proof the peers proof.
\param size the proof size in bytes.
_Example_
\code
Srp cli;
Srp srv;
byte clientProof[SRP_MAX_DIGEST_SIZE];
word32 clientProofSz = SRP_MAX_DIGEST_SIZE;
// Initialize Srp following steps from previous examples
// First get the proof
wc_SrpGetProof(&cli, clientProof, &clientProofSz)
if (wc_SrpVerifyPeersProof(&srv, clientProof, clientProofSz) != 0)
{
// Error verifying proof
}
\endcode
\sa wc_SrpGetSessionKey
\sa wc_SrpGetProof
\sa wc_SrpTerm
*/
int wc_SrpVerifyPeersProof(Srp* srp, byte* proof, word32 size);

14601
android/extern/wolfssl/doc/dox_comments/header_files/ssl.h vendored Normal file
View File

File diff suppressed because it is too large Load Diff

29
android/extern/wolfssl/doc/dox_comments/header_files/tfm.h vendored Normal file
View File

@@ -0,0 +1,29 @@
/*!
\ingroup Math
\brief This function checks the runtime fastmath settings for the maximum
size of an integer. It is important when a user is using a wolfCrypt
library independently, as the FP_SIZE must match for each library in order
for math to work correctly. This check is defined as
CheckFastMathSettings(), which simply compares CheckRunTimeFastMath
and FP_SIZE, returning 0 if there is a mismatch, or 1 if they match.
\return FP_SIZE Returns FP_SIZE, corresponding to the max size
available for the math library.
\param none No parameters.
_Example_
\code
if (CheckFastMathSettings() != 1) {
return err_sys("Build vs. runtime fastmath FP_MAX_BITS mismatch\n");
}
// This is converted by the preprocessor to:
// if ( (CheckRunTimeFastMath() == FP_SIZE) != 1) {
// and confirms that the fast math settings match
// the compile time settings
\endcode
\sa CheckRunTimeSettings
*/
word32 CheckRunTimeFastMath(void);

172
android/extern/wolfssl/doc/dox_comments/header_files/types.h vendored Normal file
View File

@@ -0,0 +1,172 @@
/*!
\ingroup Memory
\brief This is not actually a function, but rather a preprocessor macro,
which allows the user to substitute in their own malloc, realloc, and free
functions in place of the standard C memory functions.
To use external memory functions, define XMALLOC_USER. This will cause the
memory functions to be replaced by external functions of the form:
extern void *XMALLOC(size_t n, void* heap, int type);
extern void *XREALLOC(void *p, size_t n, void* heap, int type);
extern void XFREE(void *p, void* heap, int type);
To use the basic C memory functions in place of wolfSSL_Malloc,
wolfSSL_Realloc, wolfSSL_Free, define NO_WOLFSSL_MEMORY. This
will replace the memory functions with:
#define XMALLOC(s, h, t) ((void)h, (void)t, malloc((s)))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));}
#define XREALLOC(p, n, h, t) realloc((p), (n))
If none of these options are selected, the system will default to use
the wolfSSL memory functions. A user can set custom memory functions
through callback hooks, (see wolfSSL_Malloc,
wolfSSL_Realloc, wolfSSL_Free). This option will replace the
memory functions with:
#define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s)))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp));}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n))
\return pointer Return a pointer to allocated memory on success
\return NULL on failure
\param s size of memory to allocate
\param h (used by custom XMALLOC function) pointer to the heap to use
\param t memory allocation types for user hints. See enum in types.h
_Example_
\code
int* tenInts = XMALLOC(sizeof(int)*10, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (tenInts == NULL) {
// error allocating space
return MEMORY_E;
}
\endcode
\sa wolfSSL_Malloc
\sa wolfSSL_Realloc
\sa wolfSSL_Free
\sa wolfSSL_SetAllocators
*/
void* XMALLOC(size_t n, void* heap, int type);
/*!
\ingroup Memory
\brief This is not actually a function, but rather a preprocessor macro,
which allows the user to substitute in their own malloc, realloc, and
free functions in place of the standard C memory functions.
To use external memory functions, define XMALLOC_USER. This will cause the
memory functions to be replaced by external functions of the form:
extern void *XMALLOC(size_t n, void* heap, int type);
extern void *XREALLOC(void *p, size_t n, void* heap, int type);
extern void XFREE(void *p, void* heap, int type);
To use the basic C memory functions in place of wolfSSL_Malloc,
wolfSSL_Realloc, wolfSSL_Free, define NO_WOLFSSL_MEMORY. This will
replace the memory functions with:
#define XMALLOC(s, h, t) ((void)h, (void)t, malloc((s)))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));}
#define XREALLOC(p, n, h, t) realloc((p), (n))
If none of these options are selected, the system will default to
use the wolfSSL memory functions. A user can set custom memory
functions through callback hooks, (see wolfSSL_Malloc,
wolfSSL_Realloc, wolfSSL_Free). This option will replace
the memory functions with:
#define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s)))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp));}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n))
\return Return a pointer to allocated memory on success
\return NULL on failure
\param p pointer to the address to reallocate
\param n size of memory to allocate
\param h (used by custom XREALLOC function) pointer to the heap to use
\param t memory allocation types for user hints. See enum in types.h
_Example_
\code
int* tenInts = (int*)XMALLOC(sizeof(int)*10, NULL, DYNAMIC_TYPE_TMP_BUFFER);
int* twentyInts = (int*)XREALLOC(tenInts, sizeof(int)*20, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
\endcode
\sa wolfSSL_Malloc
\sa wolfSSL_Realloc
\sa wolfSSL_Free
\sa wolfSSL_SetAllocators
*/
void* XREALLOC(void *p, size_t n, void* heap, int type);
/*!
\ingroup Memory
\brief This is not actually a function, but rather a preprocessor macro,
which allows the user to substitute in their own malloc, realloc, and
free functions in place of the standard C memory functions.
To use external memory functions, define XMALLOC_USER. This will cause
the memory functions to be replaced by external functions of the form:
extern void *XMALLOC(size_t n, void* heap, int type);
extern void *XREALLOC(void *p, size_t n, void* heap, int type);
extern void XFREE(void *p, void* heap, int type);
To use the basic C memory functions in place of wolfSSL_Malloc,
wolfSSL_Realloc, wolfSSL_Free, define NO_WOLFSSL_MEMORY. This
will replace the memory functions with:
#define XMALLOC(s, h, t) ((void)h, (void)t, malloc((s)))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));}
#define XREALLOC(p, n, h, t) realloc((p), (n))
If none of these options are selected, the system will default to use
the wolfSSL memory functions. A user can set custom memory functions
through callback hooks, (see wolfSSL_Malloc, wolfSSL_Realloc,
wolfSSL_Free). This option will replace the memory functions with:
#define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s)))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp));}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n))
\return none No returns.
\param p pointer to the address to free
\param h (used by custom XFREE function) pointer to the heap to use
\param t memory allocation types for user hints. See enum in types.h
_Example_
\code
int* tenInts = XMALLOC(sizeof(int) * 10, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (tenInts == NULL) {
// error allocating space
return MEMORY_E;
}
\endcode
\sa wolfSSL_Malloc
\sa wolfSSL_Realloc
\sa wolfSSL_Free
\sa wolfSSL_SetAllocators
*/
void XFREE(void *p, void* heap, int type);
/*!
\ingroup Math
\brief This function checks the compile time class settings. It is
important when a user is using a wolfCrypt library independently, as
the settings must match between libraries for math to work correctly.
This check is defined as CheckCtcSettings(), which simply compares
CheckRunTimeSettings and CTC_SETTINGS, returning 0 if there is a
mismatch, or 1 if they match.
\return settings Returns the runtime CTC_SETTINGS (Compile Time Settings)
\param none No Parameters.
_Example_
\code
if (CheckCtcSettings() != 1) {
return err_sys("Build vs. runtime math mismatch\n");
}
// This is converted by the preprocessor to:
// if ( (CheckCtcSettings() == CTC_SETTINGS) != 1) {
// and will compare whether the compile time class settings
// match the current settings
\endcode
\sa CheckRunTimeFastMath
*/
word32 CheckRunTimeSettings(void);

212
android/extern/wolfssl/doc/dox_comments/header_files/wc_encrypt.h vendored Normal file
View File

@@ -0,0 +1,212 @@
/*!
\ingroup AES
\brief Decrypts a cipher from the input buffer in, and places the
resulting plain text in the output buffer out using cipher block
chaining with AES. This function does not require an AES structure
to be initialized. Instead, it takes in a key and an iv
(initialization vector) and uses these to initialize an
AES object and then decrypt the cipher text.
\return 0 On successfully decrypting message
\return BAD_ALIGN_E Returned on block align error
\return BAD_FUNC_ARG Returned if key length is invalid or AES object
is null during AesSetIV
\return MEMORY_E Returned if WOLFSSL_SMALL_STACK is enabled and
XMALLOC fails to instantiate an AES object.
\param out pointer to the output buffer in which to store the plain
text of the decrypted message
\param in pointer to the input buffer containing cipher text to be
decrypted
\param inSz size of input message
\param key 16, 24, or 32 byte secret key for decryption
\param keySz size of key used for decryption
_Example_
\code
int ret = 0;
byte key[] = { some 16, 24, or 32 byte key };
byte iv[] = { some 16 byte iv };
byte cipher[AES_BLOCK_SIZE * n]; //n being a positive integer making
cipher some multiple of 16 bytes
// fill cipher with cipher text
byte plain [AES_BLOCK_SIZE * n];
if ((ret = wc_AesCbcDecryptWithKey(plain, cipher, AES_BLOCK_SIZE, key,
AES_BLOCK_SIZE, iv)) != 0 ) {
// Decrypt Error
}
\endcode
\sa wc_AesSetKey
\sa wc_AesSetIV
\sa wc_AesCbcEncrypt
\sa wc_AesCbcDecrypt
*/
int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz,
const byte* iv);
/*!
\ingroup 3DES
\brief This function decrypts the input ciphertext, in, and stores the
resulting plaintext in the output buffer, out. It uses DES encryption
with cipher block chaining (CBC) mode. This function is a substitute
for wc_Des_CbcDecrypt, allowing the user to decrypt a message without
directly instantiating a Des structure.
\return 0 Returned upon successfully decrypting the given ciphertext
\return MEMORY_E Returned if there is an error allocating space for a
Des structure
\param out pointer to the buffer in which to store the decrypted plaintext
\param in pointer to the input buffer containing the encrypted ciphertext
\param sz length of the ciphertext to decrypt
\param key pointer to the buffer containing the 8 byte key to use for
decryption
\param iv pointer to the buffer containing the 8 byte iv to use for
decryption. If no iv is provided, the iv defaults to 0
_Example_
\code
int ret;
byte key[] = { // initialize with 8 byte key };
byte iv[] = { // initialize with 8 byte iv };
byte cipher[] = { // initialize with ciphertext };
byte decoded[sizeof(cipher)];
if ( wc_Des_CbcDecryptWithKey(decoded, cipher, sizeof(cipher), key,
iv) != 0) {
// error decrypting message
}
\endcode
\sa wc_Des_CbcDecrypt
*/
int wc_Des_CbcDecryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
/*!
\ingroup 3DES
\brief This function encrypts the input plaintext, in, and stores the
resulting ciphertext in the output buffer, out. It uses DES encryption
with cipher block chaining (CBC) mode. This function is a substitute
for wc_Des_CbcEncrypt, allowing the user to encrypt a message without
directly instantiating a Des structure.
\return 0 Returned after successfully encrypting data.
\return MEMORY_E Returned if there's an error allocating memory for a
Des structure.
\return <0 Returned on any error during encryption.
\param out Final encrypted data
\param in Data to be encrypted, must be padded to Des block size.
\param sz Size of input buffer.
\param key Pointer to the key to use for encryption.
\param iv Initialization vector
_Example_
\code
byte key[] = { // initialize with 8 byte key };
byte iv[] = { // initialize with 8 byte iv };
byte in[] = { // Initialize with plaintext };
byte out[sizeof(in)];
if ( wc_Des_CbcEncryptWithKey(&out, in, sizeof(in), key, iv) != 0)
{
// error encrypting message
}
\endcode
\sa wc_Des_CbcDecryptWithKey
\sa wc_Des_CbcEncrypt
*/
int wc_Des_CbcEncryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
/*!
\ingroup 3DES
\brief This function encrypts the input plaintext, in, and stores
the resulting ciphertext in the output buffer, out. It uses Triple
DES (3DES) encryption with cipher block chaining (CBC) mode. This
function is a substitute for wc_Des3_CbcEncrypt, allowing the user
to encrypt a message without directly instantiating a Des3 structure.
\return 0 Returned after successfully encrypting data.
\return MEMORY_E Returned if there's an error allocating memory for
a Des structure.
\return <0 Returned on any error during encryption.
\param out Final encrypted data
\param in Data to be encrypted, must be padded to Des block size.
\param sz Size of input buffer.
\param key Pointer to the key to use for encryption.
\param iv Initialization vector
_Example_
\code
byte key[] = { // initialize with 8 byte key };
byte iv[] = { // initialize with 8 byte iv };
byte in[] = { // Initialize with plaintext };
byte out[sizeof(in)];
if ( wc_Des3_CbcEncryptWithKey(&out, in, sizeof(in), key, iv) != 0)
{
// error encrypting message
}
\endcode
\sa wc_Des3_CbcDecryptWithKey
\sa wc_Des_CbcEncryptWithKey
\sa wc_Des_CbcDecryptWithKey
*/
int wc_Des3_CbcEncryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
/*!
\ingroup 3DES
\brief This function decrypts the input ciphertext, in, and stores
the resulting plaintext in the output buffer, out. It uses Triple
Des (3DES) encryption with cipher block chaining (CBC) mode. This
function is a substitute for wc_Des3_CbcDecrypt, allowing the user
to decrypt a message without directly instantiating a Des3 structure.
\return 0 Returned upon successfully decrypting the given ciphertext
\return MEMORY_E Returned if there is an error allocating space for
a Des structure
\param out pointer to the buffer in which to store the decrypted plaintext
\param in pointer to the input buffer containing the encrypted ciphertext
\param sz length of the ciphertext to decrypt
\param key pointer to the buffer containing the 24 byte key to use
for decryption
\param iv pointer to the buffer containing the 8 byte iv to use for
decryption. If no iv is provided, the iv defaults to 0
_Example_
\code
int ret;
byte key[] = { // initialize with 24 byte key };
byte iv[] = { // initialize with 8 byte iv };
byte cipher[] = { // initialize with ciphertext };
byte decoded[sizeof(cipher)];
if ( wc_Des3_CbcDecryptWithKey(decoded, cipher, sizeof(cipher),
key, iv) != 0) {
// error decrypting message
}
\endcode
\sa wc_Des3_CbcDecrypt
*/
int wc_Des3_CbcDecryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);

43
android/extern/wolfssl/doc/dox_comments/header_files/wc_port.h vendored Normal file
View File

@@ -0,0 +1,43 @@
/*!
\ingroup wolfCrypt
\brief Used to initialize resources used by wolfCrypt.
\return 0 upon success.
\return <0 upon failure of init resources.
\param none No parameters.
_Example_
\code
...
if (wolfCrypt_Init() != 0) {
WOLFSSL_MSG("Error with wolfCrypt_Init call");
}
\endcode
\sa wolfCrypt_Cleanup
*/
int wolfCrypt_Init(void);
/*!
\ingroup wolfCrypt
\brief Used to clean up resources used by wolfCrypt.
\return 0 upon success.
\return <0 upon failure of cleaning up resources.
\param none No parameters.
_Example_
\code
...
if (wolfCrypt_Cleanup() != 0) {
WOLFSSL_MSG("Error with wolfCrypt_Cleanup call");
}
\endcode
\sa wolfCrypt_Init
*/
int wolfCrypt_Cleanup(void);

577
android/extern/wolfssl/doc/dox_comments/header_files/wolfio.h vendored Normal file
View File

@@ -0,0 +1,577 @@
/*!
\brief This function is the receive embedded callback.
\return Success This function returns the number of bytes read.
\return WOLFSSL_CBIO_ERR_WANT_READ returned with a “Would block” message
if the last error was SOCKET_EWOULDBLCOK or SOCKET_EAGAIN.
\return WOLFSSL_CBIO_ERR_TIMEOUT returned with a “Socket timeout” message.
\return WOLFSSL_CBIO_ERR_CONN_RST returned with a “Connection reset”
message if the last error was SOCKET_ECONNRESET.
\return WOLFSSL_CBIO_ERR_ISR returned with a “Socket interrupted” message
if the last error was SOCKET_EINTR.
\return WOLFSSL_CBIO_ERR_WANT_READ returned with a “Connection refused”
message if the last error was SOCKET_ECONNREFUSED.
\return WOLFSSL_CBIO_ERR_CONN_CLOSE returned with a “Connection aborted”
message if the last error was SOCKET_ECONNABORTED.
\return WOLFSSL_CBIO_ERR_GENERAL returned with a “General error” message
if the last error was not specified.
\param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param buf a char pointer representation of the buffer.
\param sz the size of the buffer.
\param ctx a void pointer to user registered context. In the default case
the ctx is a socket descriptor pointer.
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
WOLFSSL* ssl = wolfSSL_new(ctx);
char* buf;
int sz;
void* ctx;
int bytesRead = EmbedReceive(ssl, buf, sz, ctx);
if(bytesRead <= 0){
// There were no bytes read. Failure case.
}
\endcode
\sa EmbedSend
\sa wolfSSL_CTX_SetIORecv
\sa wolfSSL_SSLSetIORecv
*/
int EmbedReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx);
/*!
\brief This function is the send embedded callback.
\return Success This function returns the number of bytes sent.
\return WOLFSSL_CBIO_ERR_WANT_WRITE returned with a “Would block” message
if the last error was SOCKET_EWOULDBLOCK or SOCKET_EAGAIN.
\return WOLFSSL_CBIO_ERR_CONN_RST returned with a “Connection reset”
message if the last error was SOCKET_ECONNRESET.
\return WOLFSSL_CBIO_ERR_ISR returned with a “Socket interrupted” message
if the last error was SOCKET_EINTR.
\return WOLFSSL_CBIO_ERR_CONN_CLOSE returned with a “Socket EPIPE” message
if the last error was SOCKET_EPIPE.
\return WOLFSSL_CBIO_ERR_GENERAL returned with a “General error” message
if the last error was not specified.
\param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param buf a char pointer representing the buffer.
\param sz the size of the buffer.
\param ctx a void pointer to user registered context.
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
char* buf;
int sz;
void* ctx;
int dSent = EmbedSend(ssl, buf, sz, ctx);
if(dSent <= 0){
// No byes sent. Failure case.
}
\endcode
\sa EmbedReceive
\sa wolfSSL_CTX_SetIOSend
\sa wolfSSL_SSLSetIOSend
*/
int EmbedSend(WOLFSSL* ssl, char* buf, int sz, void* ctx);
/*!
\brief This function is the receive embedded callback.
\return Success This function returns the nb bytes read if the execution
was successful.
\return WOLFSSL_CBIO_ERR_WANT_READ if the connection refused or if a
would block error was thrown in the function.
\return WOLFSSL_CBIO_ERR_TIMEOUT returned if the socket timed out.
\return WOLFSSL_CBIO_ERR_CONN_RST returned if the connection reset.
\return WOLFSSL_CBIO_ERR_ISR returned if the socket was interrupted.
\return WOLFSSL_CBIO_ERR_GENERAL returned if there was a general error.
\param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param buf a constant char pointer to the buffer.
\param sz an int type representing the size of the buffer.
\param ctx a void pointer to the WOLFSSL_CTX context.
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
WOLFSSL* ssl = WOLFSSL_new(ctx);
char* buf;
int sz = sizeof(buf)/sizeof(char);
(void*)ctx;
int nb = EmbedReceiveFrom(ssl, buf, sz, ctx);
if(nb > 0){
// nb is the number of bytes written and is positive
}
\endcode
\sa EmbedSendTo
\sa wolfSSL_CTX_SetIORecv
\sa wolfSSL_SSLSetIORecv
\sa wolfSSL_dtls_get_current_timeout
*/
int EmbedReceiveFrom(WOLFSSL* ssl, char* buf, int sz, void*);
/*!
\brief This function is the send embedded callback.
\return Success This function returns the number of bytes sent.
\return WOLFSSL_CBIO_ERR_WANT_WRITE returned with a “Would Block” message
if the last error was either SOCKET_EWOULDBLOCK or SOCKET_EAGAIN error.
\return WOLFSSL_CBIO_ERR_CONN_RST returned with a “Connection reset”
message if the last error was SOCKET_ECONNRESET.
\return WOLFSSL_CBIO_ERR_ISR returned with a “Socket interrupted” message
if the last error was SOCKET_EINTR.
\return WOLFSSL_CBIO_ERR_CONN_CLOSE returned with a “Socket EPIPE” message
if the last error was WOLFSSL_CBIO_ERR_CONN_CLOSE.
\return WOLFSSL_CBIO_ERR_GENERAL returned with a “General error” message
if the last error was not specified.
\param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param buf a char pointer representing the buffer.
\param sz the size of the buffer.
\param ctx a void pointer to the user registered context. The default case
is a WOLFSSL_DTLS_CTX structure.
_Example_
\code
WOLFSSL* ssl;
char* buf;
int sz;
void* ctx;
int sEmbed = EmbedSendto(ssl, buf, sz, ctx);
if(sEmbed <= 0){
// No bytes sent. Failure case.
}
\endcode
\sa EmbedReceiveFrom
\sa wolfSSL_CTX_SetIOSend
\sa wolfSSL_SSLSetIOSend
*/
int EmbedSendTo(WOLFSSL* ssl, char* buf, int sz, void* ctx);
/*!
\brief This function is the DTLS Generate Cookie callback.
\return Success This function returns the number of bytes copied
into the buffer.
\return GEN_COOKIE_E returned if the getpeername failed in
EmbedGenerateCookie.
\param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param buf byte pointer representing the buffer. It is the destination
from XMEMCPY().
\param sz the size of the buffer.
\param ctx a void pointer to user registered context.
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
WOLFSSL* ssl = wolfSSL_new(ctx);
byte buffer[BUFFER_SIZE];
int sz = sizeof(buffer)/sizeof(byte);
void* ctx;
int ret = EmbedGenerateCookie(ssl, buffer, sz, ctx);
if(ret > 0){
// EmbedGenerateCookie code block for success
}
\endcode
\sa wolfSSL_CTX_SetGenCookie
*/
int EmbedGenerateCookie(WOLFSSL* ssl, unsigned char* buf,
int sz, void*);
/*!
\brief This function frees the response buffer.
\return none No returns.
\param ctx a void pointer to heap hint.
\param resp a byte pointer representing the response.
_Example_
\code
void* ctx;
byte* resp; // Response buffer.
EmbedOcspRespFree(ctx, resp);
\endcode
\sa wolfSSL_CertManagerSetOCSP_Cb
\sa wolfSSL_CertManagerEnableOCSPStapling
\sa wolfSSL_CertManagerEnableOCSP
*/
void EmbedOcspRespFree(void* ctx, byte* resp);
/*!
\brief This function registers a receive callback for wolfSSL to get input
data. By default, wolfSSL uses EmbedReceive() as the callback which uses
the systems TCP recv() function. The user can register a function to get
input from memory, some other network module, or from anywhere. Please see
the EmbedReceive() function in src/io.c as a guide for how the function
should work and for error codes. In particular, IO_ERR_WANT_READ should
be returned for non blocking receive when no data is ready.
\return none no Returns.
\param ctx pointer to the SSL context, created with wolfSSL_CTX_new().
\param callback function to be registered as the receive callback for the
wolfSSL context, ctx. The signature of this function must follow that as
shown above in the Synopsis section.
_Example_
\code
WOLFSSL_CTX* ctx = 0;
// Receive callback prototype
int MyEmbedReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx);
// Register the custom receive callback with wolfSSL
wolfSSL_CTX_SetIORecv(ctx, MyEmbedReceive);
int MyEmbedReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx)
{
// custom EmbedReceive function
}
\endcode
\sa wolfSSL_CTX_SetIOSend
\sa wolfSSL_SetIOReadCtx
\sa wolfSSL_SetIOWriteCtx
*/
void wolfSSL_CTX_SetIORecv(WOLFSSL_CTX* ctx, CallbackIORecv CBIORecv);
/*!
\brief This function registers a context for the SSL sessions receive
callback function. By default, wolfSSL sets the file descriptor passed to
wolfSSL_set_fd() as the context when wolfSSL is using the systems TCP
library. If youve registered your own receive callback you may want to set
a specific context for the session. For example, if youre using memory
buffers the context may be a pointer to a structure describing where and
how to access the memory buffers.
\return none No returns.
\param ssl pointer to the SSL session, created with wolfSSL_new().
\param rctx pointer to the context to be registered with the SSL sessions
(ssl) receive callback function.
_Example_
\code
int sockfd;
WOLFSSL* ssl = 0;
...
// Manually setting the socket fd as the receive CTX, for example
wolfSSL_SetIOReadCtx(ssl, &sockfd);
...
\endcode
\sa wolfSSL_CTX_SetIORecv
\sa wolfSSL_CTX_SetIOSend
\sa wolfSSL_SetIOWriteCtx
*/
void wolfSSL_SetIOReadCtx( WOLFSSL* ssl, void *ctx);
/*!
\brief This function registers a context for the SSL sessions send
callback function. By default, wolfSSL sets the file descriptor passed to
wolfSSL_set_fd() as the context when wolfSSL is using the systems TCP
library. If youve registered your own send callback you may want to set a
specific context for the session. For example, if youre using memory
buffers the context may be a pointer to a structure describing where and
how to access the memory buffers.
\return none No returns.
\param ssl pointer to the SSL session, created with wolfSSL_new().
\param wctx pointer to the context to be registered with the SSL sessions
(ssl) send callback function.
_Example_
\code
int sockfd;
WOLFSSL* ssl = 0;
...
// Manually setting the socket fd as the send CTX, for example
wolfSSL_SetIOWriteCtx(ssl, &sockfd);
...
\endcode
\sa wolfSSL_CTX_SetIORecv
\sa wolfSSL_CTX_SetIOSend
\sa wolfSSL_SetIOReadCtx
*/
void wolfSSL_SetIOWriteCtx(WOLFSSL* ssl, void *ctx);
/*!
\ingroup IO
\brief This function returns the IOCB_ReadCtx member of the WOLFSSL struct.
\return pointer This function returns a void pointer to the IOCB_ReadCtx
member of the WOLFSSL structure.
\return NULL returned if the WOLFSSL struct is NULL.
\param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
void* ioRead;
...
ioRead = wolfSSL_GetIOReadCtx(ssl);
if(ioRead == NULL){
// Failure case. The ssl object was NULL.
}
\endcode
\sa wolfSSL_GetIOWriteCtx
\sa wolfSSL_SetIOReadFlags
\sa wolfSSL_SetIOWriteCtx
\sa wolfSSL_SetIOReadCtx
\sa wolfSSL_CTX_SetIOSend
*/
void* wolfSSL_GetIOReadCtx( WOLFSSL* ssl);
/*!
\ingroup IO
\brief This function returns the IOCB_WriteCtx member of the WOLFSSL structure.
\return pointer This function returns a void pointer to the IOCB_WriteCtx
member of the WOLFSSL structure.
\return NULL returned if the WOLFSSL struct is NULL.
\param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
_Example_
\code
WOLFSSL* ssl;
void* ioWrite;
...
ioWrite = wolfSSL_GetIOWriteCtx(ssl);
if(ioWrite == NULL){
// The function returned NULL.
}
\endcode
\sa wolfSSL_GetIOReadCtx
\sa wolfSSL_SetIOWriteCtx
\sa wolfSSL_SetIOReadCtx
\sa wolfSSL_CTX_SetIOSend
*/
void* wolfSSL_GetIOWriteCtx(WOLFSSL* ssl);
/*!
\brief This function sets the flags for the receive callback to use for
the given SSL session. The receive callback could be either the default
wolfSSL EmbedReceive callback, or a custom callback specified by the user
(see wolfSSL_CTX_SetIORecv). The default flag value is set internally by
wolfSSL to the value of 0. The default wolfSSL receive callback uses the
recv() function to receive data from the socket. From the recv() man page:
“The flags argument to a recv() function is formed by or'ing one or more
of the values: MSG_OOB process out-of-band data, MSG_PEEK peek at incoming
message, MSG_WAITALL wait for full request or error. The MSG_OOB flag
requests receipt of out-of-band data that would not be received in the
normal data stream. Some protocols place expedited data at the head of
the normal data queue, and thus this flag cannot be used with such
protocols. The MSG_PEEK flag causes the receive operation to return
data from the beginning of the receive queue without removing that data
from the queue. Thus, a subsequent receive call will return the same data.
The MSG_WAITALL flag requests that the operation block until the full
request is satisfied. However, the call may still return less data than
requested if a signal is caught, an error or disconnect occurs, or the next
data to be received is of a different type than that returned.”
\return none No returns.
\param ssl pointer to the SSL session, created with wolfSSL_new().
\param flags value of the I/O read flags for the specified SSL
session (ssl).
_Example_
\code
WOLFSSL* ssl = 0;
...
// Manually setting recv flags to 0
wolfSSL_SetIOReadFlags(ssl, 0);
...
\endcode
\sa wolfSSL_CTX_SetIORecv
\sa wolfSSL_CTX_SetIOSend
\sa wolfSSL_SetIOReadCtx
*/
void wolfSSL_SetIOReadFlags( WOLFSSL* ssl, int flags);
/*!
\brief This function sets the flags for the send callback to use for the
given SSL session. The send callback could be either the default wolfSSL
EmbedSend callback, or a custom callback specified by the user (see
wolfSSL_CTX_SetIOSend). The default flag value is set internally by wolfSSL
to the value of 0. The default wolfSSL send callback uses the send()
function to send data from the socket. From the send() man page: “The
flags parameter may include one or more of the following:
#define MSG_OOB 0x1 // process out-of-band data,
#define MSG_DONTROUTE 0x4 // bypass routing, use direct interface.
The flag MSG_OOB is used to send ``out-of-band'' data on sockets that
support this notion (e.g. SOCK_STREAM); the underlying protocol must also
support ``out-of-band'' data. MSG_DONTROUTE is usually used only by
diagnostic or routing programs.”
\return none No returns.
\param ssl pointer to the SSL session, created with wolfSSL_new().
\param flags value of the I/O send flags for the specified SSL session (ssl).
_Example_
\code
WOLFSSL* ssl = 0;
...
// Manually setting send flags to 0
wolfSSL_SetIOWriteFlags(ssl, 0);
...
\endcode
\sa wolfSSL_CTX_SetIORecv
\sa wolfSSL_CTX_SetIOSend
\sa wolfSSL_SetIOReadCtx
*/
void wolfSSL_SetIOWriteFlags(WOLFSSL* ssl, int flags);
/*!
\ingroup IO
\brief This function sets the nxSocket and nxWait members of the nxCtx
struct within the WOLFSSL structure.
\return none No returns.
\param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param nxSocket a pointer to type NX_TCP_SOCKET that is set to the
nxSocket member of the nxCTX structure.
\param waitOption a ULONG type that is set to the nxWait member of
the nxCtx structure.
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
NX_TCP_SOCKET* nxSocket;
ULONG waitOption;
if(ssl != NULL || nxSocket != NULL || waitOption <= 0){
wolfSSL_SetIO_NetX(ssl, nxSocket, waitOption);
} else {
// You need to pass in good parameters.
}
\endcode
\sa set_fd
\sa NetX_Send
\sa NetX_Receive
*/
void wolfSSL_SetIO_NetX(WOLFSSL* ssl, NX_TCP_SOCKET* nxsocket,
ULONG waitoption);
/*!
\brief This function sets the callback for the CBIOCookie member of the
WOLFSSL_CTX structure. The CallbackGenCookie type is a function pointer
and has the signature: int (*CallbackGenCookie)(WOLFSSL* ssl, unsigned
char* buf, int sz, void* ctx);
\return none No returns.
\param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param cb a CallbackGenCookie type function pointer with the signature
of CallbackGenCookie.
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
WOLFSSL* ssl = wolfSSL_new(ctx);
int SetGenCookieCB(WOLFSSL* ssl, unsigned char* buf, int sz, void* ctx){
// Callback function body.
}
wolfSSL_CTX_SetGenCookie(ssl->ctx, SetGenCookieCB);
\endcode
\sa CallbackGenCookie
*/
void wolfSSL_CTX_SetGenCookie(WOLFSSL_CTX* ctx, CallbackGenCookie cb);
/*!
\ingroup Setup
\brief This function returns the IOCB_CookieCtx member of the
WOLFSSL structure.
\return pointer The function returns a void pointer value stored in
the IOCB_CookieCtx.
\return NULL if the WOLFSSL struct is NULL
\param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
WOLFSSL* ssl = wolfSSL_new(ctx);
void* cookie;
...
cookie = wolfSSL_GetCookieCtx(ssl);
if(cookie != NULL){
// You have the cookie
}
\endcode
\sa wolfSSL_SetCookieCtx
\sa wolfSSL_CTX_SetGenCookie
*/
void* wolfSSL_GetCookieCtx(WOLFSSL* ssl);
/*!
\ingroup Setup
\brief This function sets up the ISO-TP context if wolfSSL, for use when
wolfSSL is compiled with WOLFSSL_ISOTP
\return 0 on success, WOLFSSL_CBIO_ERR_GENERAL on failure
\param ssl the wolfSSL context
\param ctx a user created ISOTP context which this function initializes
\param recv_fn a user CAN bus receive callback
\param send_fn a user CAN bus send callback
\param delay_fn a user microsecond granularity delay function
\param receive_delay a set amount of microseconds to delay each CAN bus
packet
\param receive_buffer a user supplied buffer to receive data, recommended
that is allocated to ISOTP_DEFAULT_BUFFER_SIZE bytes
\param receive_buffer_size - The size of receive_buffer
\param arg an arbitrary pointer sent to recv_fn and send_fn
_Example_
\code
struct can_info can_con_info;
isotp_wolfssl_ctx isotp_ctx;
char *receive_buffer = malloc(ISOTP_DEFAULT_BUFFER_SIZE);
WOLFSSL_CTX* ctx = wolfSSL_CTX_new(method);
WOLFSSL* ssl = wolfSSL_new(ctx);
...
wolfSSL_SetIO_ISOTP(ssl, &isotp_ctx, can_receive, can_send, can_delay, 0,
receive_buffer, ISOTP_DEFAULT_BUFFER_SIZE, &can_con_info);
\endcode
*/
int wolfSSL_SetIO_ISOTP(WOLFSSL *ssl, isotp_wolfssl_ctx *ctx,
can_recv_fn recv_fn, can_send_fn send_fn, can_delay_fn delay_fn,
word32 receive_delay, char *receive_buffer, int receive_buffer_size,
void *arg);