zte's code,first commit
Change-Id: I9a04da59e459a9bc0d67f101f700d9d7dc8d681b
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/aes.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/aes.h
new file mode 100644
index 0000000..21908ac
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/aes.h
@@ -0,0 +1,505 @@
+/* aes.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/aes.h
+*/
+/*
+
+DESCRIPTION
+This library provides the interfaces to the Advanced Encryption Standard (AES)
+for encrypting and decrypting data. AES is the standard known for a symmetric
+block cipher mechanism that uses n-bit binary string parameter key with 128-bits,
+192-bits, and 256-bits of key sizes.
+
+*/
+#ifndef WOLF_CRYPT_AES_H
+#define WOLF_CRYPT_AES_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifndef NO_AES
+
+#if defined(HAVE_FIPS) && \
+ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
+ #include <wolfssl/wolfcrypt/fips.h>
+#endif /* HAVE_FIPS_VERSION >= 2 */
+
+/* included for fips @wc_fips */
+#if defined(HAVE_FIPS) && \
+ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
+#include <cyassl/ctaocrypt/aes.h>
+#if defined(CYASSL_AES_COUNTER) && !defined(WOLFSSL_AES_COUNTER)
+ #define WOLFSSL_AES_COUNTER
+#endif
+#if !defined(WOLFSSL_AES_DIRECT) && defined(CYASSL_AES_DIRECT)
+ #define WOLFSSL_AES_DIRECT
+#endif
+#endif
+
+#ifndef WC_NO_RNG
+ #include <wolfssl/wolfcrypt/random.h>
+#endif
+#ifdef STM32_CRYPTO
+ #include <wolfssl/wolfcrypt/port/st/stm32.h>
+#endif
+
+#ifdef WOLFSSL_IMXRT_DCP
+ #include "fsl_dcp.h"
+#endif
+
+#ifdef WOLFSSL_XILINX_CRYPT
+#include "xsecure_aes.h"
+#endif
+
+#if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
+/* included for struct msghdr */
+#include <wolfssl/wolfcrypt/port/af_alg/wc_afalg.h>
+#endif
+
+#if defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)
+#include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
+#endif
+
+#ifdef WOLFSSL_SILABS_SE_ACCEL
+ #include <wolfssl/wolfcrypt/port/silabs/silabs_aes.h>
+#endif
+
+
+#if defined(HAVE_AESGCM) && !defined(WC_NO_RNG)
+ #include <wolfssl/wolfcrypt/random.h>
+#endif
+
+#if defined(WOLFSSL_CRYPTOCELL)
+ #include <wolfssl/wolfcrypt/port/arm/cryptoCell.h>
+#endif
+
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+ defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
+ #include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#ifndef WOLFSSL_AES_KEY_SIZE_ENUM
+#define WOLFSSL_AES_KEY_SIZE_ENUM
+/* these are required for FIPS and non-FIPS */
+enum {
+ AES_128_KEY_SIZE = 16, /* for 128 bit */
+ AES_192_KEY_SIZE = 24, /* for 192 bit */
+ AES_256_KEY_SIZE = 32, /* for 256 bit */
+
+ AES_IV_SIZE = 16, /* always block size */
+};
+#endif
+
+/* avoid redefinition of structs */
+#if !defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+#endif
+
+enum {
+ AES_ENC_TYPE = WC_CIPHER_AES, /* cipher unique type */
+ AES_ENCRYPTION = 0,
+ AES_DECRYPTION = 1,
+
+ AES_BLOCK_SIZE = 16,
+
+ KEYWRAP_BLOCK_SIZE = 8,
+
+ GCM_NONCE_MAX_SZ = 16, /* wolfCrypt's maximum nonce size allowed. */
+ GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */
+ GCM_NONCE_MIN_SZ = 8, /* wolfCrypt's minimum nonce size allowed. */
+ CCM_NONCE_MIN_SZ = 7,
+ CCM_NONCE_MAX_SZ = 13,
+ CTR_SZ = 4,
+ AES_IV_FIXED_SZ = 4,
+#ifdef WOLFSSL_AES_CFB
+ AES_CFB_MODE = 1,
+#endif
+#ifdef WOLFSSL_AES_OFB
+ AES_OFB_MODE = 2,
+#endif
+#ifdef WOLFSSL_AES_XTS
+ AES_XTS_MODE = 3,
+#endif
+
+#ifdef HAVE_PKCS11
+ AES_MAX_ID_LEN = 32,
+ AES_MAX_LABEL_LEN = 32,
+#endif
+};
+
+
+struct Aes {
+ /* AESNI needs key first, rounds 2nd, not sure why yet */
+ ALIGN16 word32 key[60];
+ word32 rounds;
+ int keylen;
+
+ ALIGN16 word32 reg[AES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
+ ALIGN16 word32 tmp[AES_BLOCK_SIZE / sizeof(word32)]; /* same */
+
+#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
+ word32 invokeCtr[2];
+ word32 nonceSz;
+#endif
+#ifdef HAVE_AESGCM
+ ALIGN16 byte H[AES_BLOCK_SIZE];
+#ifdef OPENSSL_EXTRA
+ word32 aadH[4]; /* additional authenticated data GHASH */
+ word32 aadLen; /* additional authenticated data len */
+#endif
+
+#ifdef GCM_TABLE
+ /* key-based fast multiplication table. */
+ ALIGN16 byte M0[256][AES_BLOCK_SIZE];
+#elif defined(GCM_TABLE_4BIT)
+ #if defined(BIG_ENDIAN_ORDER) || defined(WC_16BIT_CPU)
+ ALIGN16 byte M0[16][AES_BLOCK_SIZE];
+ #else
+ ALIGN16 byte M0[32][AES_BLOCK_SIZE];
+ #endif
+#endif /* GCM_TABLE */
+#ifdef HAVE_CAVIUM_OCTEON_SYNC
+ word32 y0;
+#endif
+#endif /* HAVE_AESGCM */
+#ifdef WOLFSSL_AESNI
+ byte use_aesni;
+#endif /* WOLFSSL_AESNI */
+#ifdef WOLF_CRYPTO_CB
+ int devId;
+ void* devCtx;
+#endif
+#ifdef HAVE_PKCS11
+ byte id[AES_MAX_ID_LEN];
+ int idLen;
+ char label[AES_MAX_LABEL_LEN];
+ int labelLen;
+#endif
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WC_ASYNC_DEV asyncDev;
+#endif /* WOLFSSL_ASYNC_CRYPT */
+#if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB) || \
+ defined(WOLFSSL_AES_OFB) || defined(WOLFSSL_AES_XTS)
+ word32 left; /* unused bytes left from last call */
+#endif
+#ifdef WOLFSSL_XILINX_CRYPT
+ XSecure_Aes xilAes;
+ XCsuDma dma;
+ word32 key_init[8];
+ word32 kup;
+#endif
+#if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
+ int alFd; /* server socket to bind to */
+ int rdFd; /* socket to read from */
+ struct msghdr msg;
+ int dir; /* flag for encrpyt or decrypt */
+#ifdef WOLFSSL_AFALG_XILINX_AES
+ word32 msgBuf[CMSG_SPACE(4) + CMSG_SPACE(sizeof(struct af_alg_iv) +
+ GCM_NONCE_MID_SZ)];
+#endif
+#endif
+#if defined(WOLF_CRYPTO_CB) || (defined(WOLFSSL_DEVCRYPTO) && \
+ (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))) || \
+ (defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES))
+ word32 devKey[AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE/sizeof(word32)]; /* raw key */
+#ifdef HAVE_CAVIUM_OCTEON_SYNC
+ int keySet;
+#endif
+#endif
+#if defined(WOLFSSL_DEVCRYPTO) && \
+ (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))
+ WC_CRYPTODEV ctx;
+#endif
+#if defined(WOLFSSL_CRYPTOCELL)
+ aes_context_t ctx;
+#endif
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+ defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
+ TSIP_AES_CTX ctx;
+#endif
+#if defined(WOLFSSL_IMXRT_DCP)
+ dcp_handle_t handle;
+#endif
+#if defined(WOLFSSL_SILABS_SE_ACCEL)
+ silabs_aes_t ctx;
+#endif
+ void* heap; /* memory hint to use */
+#ifdef WOLFSSL_AESGCM_STREAM
+#if !defined(WOLFSSL_SMALL_STACK) || defined(WOLFSSL_AESNI)
+ ALIGN16 byte streamData[5 * AES_BLOCK_SIZE];
+#else
+ byte* streamData;
+#endif
+ word32 aSz;
+ word32 cSz;
+ byte over;
+ byte aOver;
+ byte cOver;
+ byte gcmKeySet:1;
+ byte nonceSet:1;
+ byte ctrSet:1;
+#endif
+};
+
+#ifndef WC_AES_TYPE_DEFINED
+ typedef struct Aes Aes;
+ #define WC_AES_TYPE_DEFINED
+#endif
+
+#ifdef WOLFSSL_AES_XTS
+typedef struct XtsAes {
+ Aes aes;
+ Aes tweak;
+} XtsAes;
+#endif
+
+#ifdef HAVE_AESGCM
+typedef struct Gmac {
+ Aes aes;
+} Gmac;
+#endif /* HAVE_AESGCM */
+#endif /* HAVE_FIPS */
+
+
+/* Authenticate cipher function prototypes */
+typedef int (*wc_AesAuthEncryptFunc)(Aes* aes, byte* out,
+ const byte* in, word32 sz,
+ const byte* iv, word32 ivSz,
+ byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz);
+typedef int (*wc_AesAuthDecryptFunc)(Aes* aes, byte* out,
+ const byte* in, word32 sz,
+ const byte* iv, word32 ivSz,
+ const byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz);
+
+/* AES-CBC */
+WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len,
+ const byte* iv, int dir);
+WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv);
+
+#ifdef HAVE_AES_CBC
+WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz);
+WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz);
+#endif
+
+#ifdef WOLFSSL_AES_CFB
+WOLFSSL_API int wc_AesCfbEncrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz);
+WOLFSSL_API int wc_AesCfb1Encrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz);
+WOLFSSL_API int wc_AesCfb8Encrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz);
+#ifdef HAVE_AES_DECRYPT
+WOLFSSL_API int wc_AesCfbDecrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz);
+WOLFSSL_API int wc_AesCfb1Decrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz);
+WOLFSSL_API int wc_AesCfb8Decrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz);
+#endif /* HAVE_AES_DECRYPT */
+#endif /* WOLFSSL_AES_CFB */
+
+#ifdef WOLFSSL_AES_OFB
+WOLFSSL_API int wc_AesOfbEncrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz);
+#ifdef HAVE_AES_DECRYPT
+WOLFSSL_API int wc_AesOfbDecrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz);
+#endif /* HAVE_AES_DECRYPT */
+#endif /* WOLFSSL_AES_OFB */
+
+#ifdef HAVE_AES_ECB
+WOLFSSL_API int wc_AesEcbEncrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz);
+WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz);
+#endif
+
+/* AES-CTR */
+#ifdef WOLFSSL_AES_COUNTER
+ WOLFSSL_API int wc_AesCtrEncrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz);
+#endif
+/* AES-DIRECT */
+#if defined(WOLFSSL_AES_DIRECT)
+ WOLFSSL_API void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
+ WOLFSSL_API void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
+ WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
+ const byte* iv, int dir);
+#endif
+
+#ifdef HAVE_AESGCM
+#ifdef WOLFSSL_XILINX_CRYPT
+ WOLFSSL_API int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len,
+ word32 kup);
+#elif defined(WOLFSSL_AFALG_XILINX_AES)
+ WOLFSSL_LOCAL int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len,
+ word32 kup);
+#endif
+ WOLFSSL_API int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len);
+ WOLFSSL_API int wc_AesGcmEncrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz,
+ const byte* iv, word32 ivSz,
+ byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz);
+ WOLFSSL_API int wc_AesGcmDecrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz,
+ const byte* iv, word32 ivSz,
+ const byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz);
+#ifdef WOLFSSL_AESGCM_STREAM
+WOLFSSL_API int wc_AesGcmInit(Aes* aes, const byte* key, word32 len,
+ const byte* iv, word32 ivSz);
+
+WOLFSSL_API int wc_AesGcmEncryptInit(Aes* aes, const byte* key, word32 len,
+ const byte* iv, word32 ivSz);
+WOLFSSL_API int wc_AesGcmEncryptInit_ex(Aes* aes, const byte* key, word32 len,
+ byte* ivOut, word32 ivOutSz);
+WOLFSSL_API int wc_AesGcmEncryptUpdate(Aes* aes, byte* out, const byte* in,
+ word32 sz, const byte* authIn, word32 authInSz);
+WOLFSSL_API int wc_AesGcmEncryptFinal(Aes* aes, byte* authTag,
+ word32 authTagSz);
+
+WOLFSSL_API int wc_AesGcmDecryptInit(Aes* aes, const byte* key, word32 len,
+ const byte* iv, word32 ivSz);
+WOLFSSL_API int wc_AesGcmDecryptUpdate(Aes* aes, byte* out, const byte* in,
+ word32 sz, const byte* authIn, word32 authInSz);
+WOLFSSL_API int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag,
+ word32 authTagSz);
+#endif
+
+#ifndef WC_NO_RNG
+ WOLFSSL_API int wc_AesGcmSetExtIV(Aes* aes, const byte* iv, word32 ivSz);
+ WOLFSSL_API int wc_AesGcmSetIV(Aes* aes, word32 ivSz,
+ const byte* ivFixed, word32 ivFixedSz,
+ WC_RNG* rng);
+ WOLFSSL_API int wc_AesGcmEncrypt_ex(Aes* aes, byte* out,
+ const byte* in, word32 sz,
+ byte* ivOut, word32 ivOutSz,
+ byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz);
+#endif /* WC_NO_RNG */
+
+ WOLFSSL_API int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len);
+ WOLFSSL_API int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
+ const byte* authIn, word32 authInSz,
+ byte* authTag, word32 authTagSz);
+#ifndef WC_NO_RNG
+ WOLFSSL_API int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz,
+ const byte* authIn, word32 authInSz,
+ byte* authTag, word32 authTagSz, WC_RNG* rng);
+ WOLFSSL_API int wc_GmacVerify(const byte* key, word32 keySz,
+ const byte* iv, word32 ivSz,
+ const byte* authIn, word32 authInSz,
+ const byte* authTag, word32 authTagSz);
+#endif /* WC_NO_RNG */
+ WOLFSSL_LOCAL void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
+ word32 cSz, byte* s, word32 sSz);
+#endif /* HAVE_AESGCM */
+#ifdef HAVE_AESCCM
+ WOLFSSL_LOCAL int wc_AesCcmCheckTagSize(int sz);
+ WOLFSSL_API int wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz);
+ WOLFSSL_API int wc_AesCcmEncrypt(Aes* aes, byte* out,
+ const byte* in, word32 inSz,
+ const byte* nonce, word32 nonceSz,
+ byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz);
+ WOLFSSL_API int wc_AesCcmDecrypt(Aes* aes, byte* out,
+ const byte* in, word32 inSz,
+ const byte* nonce, word32 nonceSz,
+ const byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz);
+ WOLFSSL_API int wc_AesCcmSetNonce(Aes* aes,
+ const byte* nonce, word32 nonceSz);
+ WOLFSSL_API int wc_AesCcmEncrypt_ex(Aes* aes, byte* out,
+ const byte* in, word32 sz,
+ byte* ivOut, word32 ivOutSz,
+ byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz);
+#endif /* HAVE_AESCCM */
+#ifdef HAVE_AES_KEYWRAP
+ WOLFSSL_API int wc_AesKeyWrap(const byte* key, word32 keySz,
+ const byte* in, word32 inSz,
+ byte* out, word32 outSz,
+ const byte* iv);
+ WOLFSSL_API int wc_AesKeyWrap_ex(Aes *aes,
+ const byte* in, word32 inSz,
+ byte* out, word32 outSz,
+ const byte* iv);
+ WOLFSSL_API int wc_AesKeyUnWrap(const byte* key, word32 keySz,
+ const byte* in, word32 inSz,
+ byte* out, word32 outSz,
+ const byte* iv);
+ WOLFSSL_API int wc_AesKeyUnWrap_ex(Aes *aes,
+ const byte* in, word32 inSz,
+ byte* out, word32 outSz,
+ const byte* iv);
+#endif /* HAVE_AES_KEYWRAP */
+
+#ifdef WOLFSSL_AES_XTS
+
+WOLFSSL_API int wc_AesXtsSetKey(XtsAes* aes, const byte* key,
+ word32 len, int dir, void* heap, int devId);
+
+WOLFSSL_API int wc_AesXtsEncryptSector(XtsAes* aes, byte* out,
+ const byte* in, word32 sz, word64 sector);
+
+WOLFSSL_API int wc_AesXtsDecryptSector(XtsAes* aes, byte* out,
+ const byte* in, word32 sz, word64 sector);
+
+WOLFSSL_API int wc_AesXtsEncrypt(XtsAes* aes, byte* out,
+ const byte* in, word32 sz, const byte* i, word32 iSz);
+
+WOLFSSL_API int wc_AesXtsDecrypt(XtsAes* aes, byte* out,
+ const byte* in, word32 sz, const byte* i, word32 iSz);
+
+WOLFSSL_API int wc_AesXtsFree(XtsAes* aes);
+#endif
+
+WOLFSSL_API int wc_AesGetKeySize(Aes* aes, word32* keySize);
+
+WOLFSSL_API int wc_AesInit(Aes* aes, void* heap, int devId);
+#ifdef HAVE_PKCS11
+WOLFSSL_API int wc_AesInit_Id(Aes* aes, unsigned char* id, int len, void* heap,
+ int devId);
+WOLFSSL_API int wc_AesInit_Label(Aes* aes, const char* label, void* heap,
+ int devId);
+#endif
+WOLFSSL_API void wc_AesFree(Aes* aes);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+
+#endif /* NO_AES */
+#endif /* WOLF_CRYPT_AES_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/arc4.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/arc4.h
new file mode 100644
index 0000000..2d21f5c
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/arc4.h
@@ -0,0 +1,68 @@
+/* arc4.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/arc4.h
+*/
+
+#ifndef WOLF_CRYPT_ARC4_H
+#define WOLF_CRYPT_ARC4_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+#endif
+
+enum {
+ ARC4_ENC_TYPE = 4, /* cipher unique type */
+ ARC4_STATE_SIZE = 256,
+ RC4_KEY_SIZE = 16, /* always 128bit */
+};
+
+/* ARC4 encryption and decryption */
+typedef struct Arc4 {
+ byte x;
+ byte y;
+ byte state[ARC4_STATE_SIZE];
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WC_ASYNC_DEV asyncDev;
+#endif
+ void* heap;
+} Arc4;
+
+WOLFSSL_API int wc_Arc4Process(Arc4*, byte*, const byte*, word32);
+WOLFSSL_API int wc_Arc4SetKey(Arc4*, const byte*, word32);
+
+WOLFSSL_API int wc_Arc4Init(Arc4*, void*, int);
+WOLFSSL_API void wc_Arc4Free(Arc4*);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+
+#endif /* WOLF_CRYPT_ARC4_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/asn.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/asn.h
new file mode 100644
index 0000000..d46cbbd
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/asn.h
@@ -0,0 +1,1574 @@
+/* asn.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/asn.h
+*/
+
+/*
+
+DESCRIPTION
+This library provides the interface to Abstract Syntax Notation One (ASN.1) objects.
+ASN.1 is a standard interface description language for defining data structures
+that can be serialized and deserialized in a cross-platform way.
+
+*/
+#ifndef WOLF_CRYPT_ASN_H
+#define WOLF_CRYPT_ASN_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifndef NO_ASN
+
+
+#if !defined(NO_ASN_TIME) && defined(NO_TIME_H)
+ #define NO_ASN_TIME /* backwards compatibility with NO_TIME_H */
+#endif
+
+#include <wolfssl/wolfcrypt/integer.h>
+
+/* fips declare of RsaPrivateKeyDecode @wc_fips */
+#if defined(HAVE_FIPS) && !defined(NO_RSA) && \
+ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
+ #include <cyassl/ctaocrypt/rsa.h>
+#endif
+
+#ifndef NO_DH
+ #include <wolfssl/wolfcrypt/dh.h>
+#endif
+#ifndef NO_DSA
+ #include <wolfssl/wolfcrypt/dsa.h>
+#endif
+#ifndef NO_SHA
+ #include <wolfssl/wolfcrypt/sha.h>
+#endif
+#ifndef NO_MD5
+ #include <wolfssl/wolfcrypt/md5.h>
+#endif
+#include <wolfssl/wolfcrypt/sha256.h>
+#include <wolfssl/wolfcrypt/asn_public.h> /* public interface */
+
+#if defined(NO_SHA) && defined(NO_SHA256)
+ #define WC_SHA256_DIGEST_SIZE 32
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#ifndef EXTERNAL_SERIAL_SIZE
+ #define EXTERNAL_SERIAL_SIZE 32
+#endif
+
+enum {
+ ISSUER = 0,
+ SUBJECT = 1,
+
+ BEFORE = 0,
+ AFTER = 1
+};
+
+/* ASN Tags */
+enum ASN_Tags {
+ ASN_EOC = 0x00,
+ ASN_BOOLEAN = 0x01,
+ ASN_INTEGER = 0x02,
+ ASN_BIT_STRING = 0x03,
+ ASN_OCTET_STRING = 0x04,
+ ASN_TAG_NULL = 0x05,
+ ASN_OBJECT_ID = 0x06,
+ ASN_ENUMERATED = 0x0a,
+ ASN_UTF8STRING = 0x0c,
+ ASN_SEQUENCE = 0x10,
+ ASN_SET = 0x11,
+ ASN_PRINTABLE_STRING = 0x13,
+ ASN_IA5_STRING = 0x16,
+ ASN_UTC_TIME = 0x17,
+ ASN_OTHER_TYPE = 0x00,
+ ASN_RFC822_TYPE = 0x01,
+ ASN_DNS_TYPE = 0x02,
+ ASN_DIR_TYPE = 0x04,
+ ASN_URI_TYPE = 0x06, /* the value 6 is from GeneralName OID */
+ ASN_IP_TYPE = 0x07, /* the value 7 is from GeneralName OID */
+ ASN_GENERALIZED_TIME = 0x18,
+ CRL_EXTENSIONS = 0xa0,
+ ASN_EXTENSIONS = 0xa3,
+ ASN_LONG_LENGTH = 0x80,
+ ASN_INDEF_LENGTH = 0x80,
+
+ /* ASN_Flags - Bitmask */
+ ASN_CONSTRUCTED = 0x20,
+ ASN_APPLICATION = 0x40,
+ ASN_CONTEXT_SPECIFIC = 0x80,
+};
+
+#define ASN_UTC_TIME_SIZE 14
+#define ASN_GENERALIZED_TIME_SIZE 16
+#define ASN_GENERALIZED_TIME_MAX 68
+
+enum DN_Tags {
+ ASN_DN_NULL = 0x00,
+ ASN_COMMON_NAME = 0x03, /* CN */
+ ASN_SUR_NAME = 0x04, /* SN */
+ ASN_SERIAL_NUMBER = 0x05, /* serialNumber */
+ ASN_COUNTRY_NAME = 0x06, /* C */
+ ASN_LOCALITY_NAME = 0x07, /* L */
+ ASN_STATE_NAME = 0x08, /* ST */
+ ASN_ORG_NAME = 0x0a, /* O */
+ ASN_ORGUNIT_NAME = 0x0b, /* OU */
+ ASN_BUS_CAT = 0x0f, /* businessCategory */
+ ASN_EMAIL_NAME = 0x98, /* not oid number there is 97 in 2.5.4.0-97 */
+
+ /* pilot attribute types
+ * OID values of 0.9.2342.19200300.100.1.* */
+ ASN_USER_ID = 0x01, /* UID */
+ ASN_FAVOURITE_DRINK = 0x05, /* favouriteDrink */
+ ASN_DOMAIN_COMPONENT = 0x19 /* DC */
+};
+
+/* This is the size of the smallest possible PEM header and footer */
+extern const int pem_struct_min_sz;
+
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+typedef struct WOLFSSL_ObjectInfo {
+ int nid;
+ int id;
+ word32 type;
+ const char* sName;
+ const char* lName;
+} WOLFSSL_ObjectInfo;
+extern const size_t wolfssl_object_info_sz;
+extern const WOLFSSL_ObjectInfo wolfssl_object_info[];
+#endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) */
+
+/* DN Tag Strings */
+#define WOLFSSL_COMMON_NAME "/CN="
+#define WOLFSSL_LN_COMMON_NAME "/commonName="
+#define WOLFSSL_SUR_NAME "/SN="
+#define WOLFSSL_SERIAL_NUMBER "/serialNumber="
+#define WOLFSSL_COUNTRY_NAME "/C="
+#define WOLFSSL_LN_COUNTRY_NAME "/countryName="
+#define WOLFSSL_LOCALITY_NAME "/L="
+#define WOLFSSL_LN_LOCALITY_NAME "/localityName="
+#define WOLFSSL_STATE_NAME "/ST="
+#define WOLFSSL_LN_STATE_NAME "/stateOrProvinceName="
+#define WOLFSSL_ORG_NAME "/O="
+#define WOLFSSL_LN_ORG_NAME "/organizationName="
+#define WOLFSSL_ORGUNIT_NAME "/OU="
+#define WOLFSSL_LN_ORGUNIT_NAME "/organizationalUnitName="
+#define WOLFSSL_DOMAIN_COMPONENT "/DC="
+#define WOLFSSL_LN_DOMAIN_COMPONENT "/domainComponent="
+#define WOLFSSL_BUS_CAT "/businessCategory="
+#define WOLFSSL_JOI_C "/jurisdictionC="
+#define WOLFSSL_JOI_ST "/jurisdictionST="
+#define WOLFSSL_EMAIL_ADDR "/emailAddress="
+
+#define WOLFSSL_USER_ID "/UID="
+#define WOLFSSL_DOMAIN_COMPONENT "/DC="
+#define WOLFSSL_FAVOURITE_DRINK "/favouriteDrink="
+
+#if defined(WOLFSSL_APACHE_HTTPD)
+ /* otherName strings */
+ #define WOLFSSL_SN_MS_UPN "msUPN"
+ #define WOLFSSL_LN_MS_UPN "Microsoft User Principal Name"
+ #define WOLFSSL_MS_UPN_SUM 265
+ #define WOLFSSL_SN_DNS_SRV "id-on-dnsSRV"
+ #define WOLFSSL_LN_DNS_SRV "SRVName"
+ /* TLS features extension strings */
+ #define WOLFSSL_SN_TLS_FEATURE "tlsfeature"
+ #define WOLFSSL_LN_TLS_FEATURE "TLS Feature"
+ #define WOLFSSL_TLS_FEATURE_SUM 92
+#endif
+
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+/* NIDs */
+enum
+{
+ NID_undef = 0,
+ NID_netscape_cert_type = NID_undef,
+ NID_des = 66,
+ NID_des3 = 67,
+ NID_sha256 = 672,
+ NID_sha384 = 673,
+ NID_sha512 = 674,
+ NID_pkcs9_challengePassword = 54,
+ NID_hw_name_oid = 73,
+ NID_id_pkix_OCSP_basic = 74,
+ NID_any_policy = 75,
+ NID_anyExtendedKeyUsage = 76,
+ NID_givenName = 99,
+ NID_initials = 101,
+ NID_title = 106,
+ NID_description = 107,
+ NID_basic_constraints = 133,
+ NID_key_usage = 129, /* 2.5.29.15 */
+ NID_ext_key_usage = 151, /* 2.5.29.37 */
+ NID_subject_key_identifier = 128,
+ NID_authority_key_identifier = 149,
+ NID_private_key_usage_period = 130, /* 2.5.29.16 */
+ NID_subject_alt_name = 131,
+ NID_issuer_alt_name = 132,
+ NID_info_access = 69,
+ NID_sinfo_access = 79, /* id-pe 11 */
+ NID_name_constraints = 144, /* 2.5.29.30 */
+ NID_crl_distribution_points = 145, /* 2.5.29.31 */
+ NID_certificate_policies = 146,
+ NID_policy_mappings = 147,
+ NID_policy_constraints = 150,
+ NID_inhibit_any_policy = 168, /* 2.5.29.54 */
+ NID_tlsfeature = 1020, /* id-pe 24 */
+ NID_commonName = 0x03, /* matches ASN_COMMON_NAME in asn.h */
+ NID_buildingName = 1494,
+
+
+ NID_surname = 0x04, /* SN */
+ NID_serialNumber = 0x05, /* serialNumber */
+ NID_countryName = 0x06, /* C */
+ NID_localityName = 0x07, /* L */
+ NID_stateOrProvinceName = 0x08, /* ST */
+ NID_organizationName = 0x0a, /* O */
+ NID_organizationalUnitName = 0x0b, /* OU */
+ NID_jurisdictionCountryName = 0xc,
+ NID_jurisdictionStateOrProvinceName = 0xd,
+ NID_businessCategory = ASN_BUS_CAT,
+ NID_domainComponent = ASN_DOMAIN_COMPONENT,
+ NID_favouriteDrink = 462,
+ NID_userId = 458,
+ NID_emailAddress = 0x30, /* emailAddress */
+ NID_id_on_dnsSRV = 82, /* 1.3.6.1.5.5.7.8.7 */
+ NID_ms_upn = 265, /* 1.3.6.1.4.1.311.20.2.3 */
+
+ NID_X9_62_prime_field = 406 /* 1.2.840.10045.1.1 */
+};
+#endif /* OPENSSL_EXTRA */
+
+enum ECC_TYPES
+{
+ ECC_PREFIX_0 = 160,
+ ECC_PREFIX_1 = 161
+};
+
+#ifdef WOLFSSL_CERT_PIV
+ enum PIV_Tags {
+ ASN_PIV_CERT = 0x0A,
+ ASN_PIV_NONCE = 0x0B,
+ ASN_PIV_SIGNED_NONCE = 0x0C,
+
+ ASN_PIV_TAG_CERT = 0x70,
+ ASN_PIV_TAG_CERT_INFO = 0x71,
+ ASN_PIV_TAG_MSCUID = 0x72,
+ ASN_PIV_TAG_ERR_DET = 0xFE,
+
+ /* certificate info masks */
+ ASN_PIV_CERT_INFO_COMPRESSED = 0x03,
+ ASN_PIV_CERT_INFO_ISX509 = 0x04,
+ };
+#endif /* WOLFSSL_CERT_PIV */
+
+
+#define ASN_JOI_PREFIX_SZ 10
+#define ASN_JOI_PREFIX "\x2b\x06\x01\x04\x01\x82\x37\x3c\x02\x01"
+#define ASN_JOI_C 0x3
+#define ASN_JOI_ST 0x2
+
+#ifndef WC_ASN_NAME_MAX
+ #ifdef OPENSSL_EXTRA
+ #define WC_ASN_NAME_MAX 300
+ #else
+ #define WC_ASN_NAME_MAX 256
+ #endif
+#endif
+#define ASN_NAME_MAX WC_ASN_NAME_MAX
+
+enum Misc_ASN {
+ MAX_SALT_SIZE = 64, /* MAX PKCS Salt length */
+ MAX_IV_SIZE = 64, /* MAX PKCS Iv length */
+ ASN_BOOL_SIZE = 2, /* including type */
+ ASN_ECC_HEADER_SZ = 2, /* String type + 1 byte len */
+ ASN_ECC_CONTEXT_SZ = 2, /* Content specific type + 1 byte len */
+#ifdef NO_SHA
+ KEYID_SIZE = WC_SHA256_DIGEST_SIZE,
+#else
+ KEYID_SIZE = WC_SHA_DIGEST_SIZE,
+#endif
+ RSA_INTS = 8, /* RSA ints in private key */
+ DSA_PARAM_INTS = 3, /* DSA paramater ints */
+ DSA_INTS = 5, /* DSA ints in private key */
+ MIN_DATE_SIZE = 12,
+ MAX_DATE_SIZE = 32,
+ ASN_GEN_TIME_SZ = 15, /* 7 numbers * 2 + Zulu tag */
+#ifndef NO_RSA
+ MAX_ENCODED_SIG_SZ = 512,
+#elif defined(HAVE_ECC)
+ MAX_ENCODED_SIG_SZ = 140,
+#elif defined(HAVE_CURVE448)
+ MAX_ENCODED_SIG_SZ = 114,
+#else
+ MAX_ENCODED_SIG_SZ = 64,
+#endif
+ MAX_SIG_SZ = 256,
+ MAX_ALGO_SZ = 20,
+ MAX_SHORT_SZ = 6, /* asn int + byte len + 4 byte length */
+ MAX_SEQ_SZ = 5, /* enum(seq | con) + length(4) */
+ MAX_SET_SZ = 5, /* enum(set | con) + length(4) */
+ MAX_OCTET_STR_SZ = 5, /* enum(set | con) + length(4) */
+ MAX_EXP_SZ = 5, /* enum(contextspec|con|exp) + length(4) */
+ MAX_PRSTR_SZ = 5, /* enum(prstr) + length(4) */
+ MAX_VERSION_SZ = 5, /* enum + id + version(byte) + (header(2))*/
+ MAX_ENCODED_DIG_ASN_SZ= 9, /* enum(bit or octet) + length(4) */
+ MAX_ENCODED_DIG_SZ = 64 + MAX_ENCODED_DIG_ASN_SZ, /* asn header + sha512 */
+ MAX_RSA_INT_SZ = 517, /* RSA raw sz 4096 for bits + tag + len(4) */
+ MAX_DSA_INT_SZ = 389, /* DSA raw sz 3072 for bits + tag + len(4) */
+ MAX_NTRU_KEY_SZ = 610, /* NTRU 112 bit public key */
+ MAX_NTRU_ENC_SZ = 628, /* NTRU 112 bit DER public encoding */
+ MAX_LENGTH_SZ = 4, /* Max length size for DER encoding */
+ MAX_RSA_E_SZ = 16, /* Max RSA public e size */
+ MAX_CA_SZ = 32, /* Max encoded CA basic constraint length */
+ MAX_SN_SZ = 35, /* Max encoded serial number (INT) length */
+ MAX_DER_DIGEST_SZ = MAX_ENCODED_DIG_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ,
+ /* Maximum DER digest size */
+ MAX_DER_DIGEST_ASN_SZ = MAX_ENCODED_DIG_ASN_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ,
+ /* Maximum DER digest ASN header size */
+ /* Max X509 header length indicates the max length + 2 ('\n', '\0') */
+ MAX_X509_HEADER_SZ = (37 + 2), /* Maximum PEM Header/Footer Size */
+#ifdef WOLFSSL_CERT_GEN
+ #ifdef WOLFSSL_CERT_REQ
+ /* Max encoded cert req attributes length */
+ MAX_ATTRIB_SZ = MAX_SEQ_SZ * 3 + (11 + MAX_SEQ_SZ) * 2 +
+ MAX_PRSTR_SZ + CTC_NAME_SIZE, /* 11 is the OID size */
+ #endif
+ #if defined(WOLFSSL_ALT_NAMES) || defined(WOLFSSL_CERT_EXT)
+ MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + CTC_MAX_ALT_SIZE,
+ #else
+ MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + MAX_CA_SZ,
+ #endif
+ /* Max total extensions, id + len + others */
+#endif
+#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || \
+ defined(HAVE_PKCS7) || defined(OPENSSL_EXTRA_X509_SMALL)
+ MAX_OID_SZ = 32, /* Max DER length of OID*/
+ MAX_OID_STRING_SZ = 64, /* Max string length representation of OID*/
+#endif
+#ifdef WOLFSSL_CERT_EXT
+ MAX_KID_SZ = 45, /* Max encoded KID length (SHA-256 case) */
+ MAX_KEYUSAGE_SZ = 18, /* Max encoded Key Usage length */
+ MAX_EXTKEYUSAGE_SZ = 12 + (6 * (8 + 2)) +
+ CTC_MAX_EKU_OID_SZ, /* Max encoded ExtKeyUsage
+ (SEQ/LEN + OBJID + OCTSTR/LEN + SEQ +
+ (6 * (SEQ + OID))) */
+ MAX_CERTPOL_NB = CTC_MAX_CERTPOL_NB,/* Max number of Cert Policy */
+ MAX_CERTPOL_SZ = CTC_MAX_CERTPOL_SZ,
+#endif
+ MAX_AIA_SZ = 2, /* Max Authority Info Access extension size*/
+ OCSP_NONCE_EXT_SZ = 35, /* OCSP Nonce Extension size */
+ MAX_OCSP_EXT_SZ = 58, /* Max OCSP Extension length */
+ MAX_OCSP_NONCE_SZ = 16, /* OCSP Nonce size */
+ EIGHTK_BUF = 8192, /* Tmp buffer size */
+ MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2,
+ /* use bigger NTRU size */
+#ifdef WOLFSSL_ENCRYPTED_KEYS
+ HEADER_ENCRYPTED_KEY_SIZE = 88,/* Extra header size for encrypted key */
+#else
+ HEADER_ENCRYPTED_KEY_SIZE = 0,
+#endif
+ TRAILING_ZERO = 1, /* Used for size of zero pad */
+ ASN_TAG_SZ = 1, /* single byte ASN.1 tag */
+ MIN_VERSION_SZ = 3, /* Min bytes needed for GetMyVersion */
+ MAX_X509_VERSION = 3, /* Max X509 version allowed */
+ MIN_X509_VERSION = 0, /* Min X509 version allowed */
+ WOLFSSL_X509_V1 = 0,
+ WOLFSSL_X509_V2 = 1,
+ WOLFSSL_X509_V3 = 2,
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \
+ defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
+ defined(OPENSSL_EXTRA) || defined(HAVE_PKCS7)
+ MAX_TIME_STRING_SZ = 25, /* Max length of formatted time string */
+#endif
+
+ PKCS5_SALT_SZ = 8,
+
+ PEM_LINE_SZ = 64, /* Length of Base64 encoded line, not including new line */
+ PEM_LINE_LEN = PEM_LINE_SZ + 12, /* PEM line max + fudge */
+};
+
+#ifndef WC_MAX_NAME_ENTRIES
+ /* entries added to x509 name struct */
+ #define WC_MAX_NAME_ENTRIES 13
+#endif
+#define MAX_NAME_ENTRIES WC_MAX_NAME_ENTRIES
+
+
+enum Oid_Types {
+ oidHashType = 0,
+ oidSigType = 1,
+ oidKeyType = 2,
+ oidCurveType = 3,
+ oidBlkType = 4,
+ oidOcspType = 5,
+ oidCertExtType = 6,
+ oidCertAuthInfoType = 7,
+ oidCertPolicyType = 8,
+ oidCertAltNameType = 9,
+ oidCertKeyUseType = 10,
+ oidKdfType = 11,
+ oidKeyWrapType = 12,
+ oidCmsKeyAgreeType = 13,
+ oidPBEType = 14,
+ oidHmacType = 15,
+ oidCompressType = 16,
+ oidCertNameType = 17,
+ oidTlsExtType = 18,
+ oidCrlExtType = 19,
+ oidCsrAttrType = 20,
+ oidIgnoreType
+};
+
+
+enum Hash_Sum {
+ MD2h = 646,
+ MD5h = 649,
+ SHAh = 88,
+ SHA224h = 417,
+ SHA256h = 414,
+ SHA384h = 415,
+ SHA512h = 416,
+ SHA3_224h = 420,
+ SHA3_256h = 421,
+ SHA3_384h = 422,
+ SHA3_512h = 423
+};
+
+
+#if !defined(NO_DES3) || !defined(NO_AES)
+enum Block_Sum {
+#ifdef WOLFSSL_AES_128
+ AES128CBCb = 414,
+ AES128GCMb = 418,
+ AES128CCMb = 419,
+#endif
+#ifdef WOLFSSL_AES_192
+ AES192CBCb = 434,
+ AES192GCMb = 438,
+ AES192CCMb = 439,
+#endif
+#ifdef WOLFSSL_AES_256
+ AES256CBCb = 454,
+ AES256GCMb = 458,
+ AES256CCMb = 459,
+#endif
+#ifndef NO_DES3
+ DESb = 69,
+ DES3b = 652
+#endif
+};
+#endif /* !NO_DES3 || !NO_AES */
+
+
+enum Key_Sum {
+ DSAk = 515,
+ RSAk = 645,
+ NTRUk = 274,
+ ECDSAk = 518,
+ ED25519k = 256,
+ ED448k = 257,
+ DHk = 647, /* dhKeyAgreement OID: 1.2.840.113549.1.3.1 */
+};
+
+#if !defined(NO_AES) || defined(HAVE_PKCS7)
+enum KeyWrap_Sum {
+#ifdef WOLFSSL_AES_128
+ AES128_WRAP = 417,
+#endif
+#ifdef WOLFSSL_AES_192
+ AES192_WRAP = 437,
+#endif
+#ifdef WOLFSSL_AES_256
+ AES256_WRAP = 457,
+#endif
+#ifdef HAVE_PKCS7
+ PWRI_KEK_WRAP = 680 /*id-alg-PWRI-KEK, 1.2.840.113549.1.9.16.3.9 */
+#endif
+};
+#endif /* !NO_AES || PKCS7 */
+
+enum Key_Agree {
+ dhSinglePass_stdDH_sha1kdf_scheme = 464,
+ dhSinglePass_stdDH_sha224kdf_scheme = 188,
+ dhSinglePass_stdDH_sha256kdf_scheme = 189,
+ dhSinglePass_stdDH_sha384kdf_scheme = 190,
+ dhSinglePass_stdDH_sha512kdf_scheme = 191,
+};
+
+
+
+enum KDF_Sum {
+ PBKDF2_OID = 660
+};
+
+
+enum HMAC_Sum {
+ HMAC_SHA224_OID = 652,
+ HMAC_SHA256_OID = 653,
+ HMAC_SHA384_OID = 654,
+ HMAC_SHA512_OID = 655,
+ HMAC_SHA3_224_OID = 426,
+ HMAC_SHA3_256_OID = 427,
+ HMAC_SHA3_384_OID = 428,
+ HMAC_SHA3_512_OID = 429
+};
+
+
+enum Extensions_Sum {
+ BASIC_CA_OID = 133, /* 2.5.29.19 */
+ ALT_NAMES_OID = 131, /* 2.5.29.17 */
+ CRL_DIST_OID = 145, /* 2.5.29.31 */
+ AUTH_INFO_OID = 69, /* 1.3.6.1.5.5.7.1.1 */
+ AUTH_KEY_OID = 149, /* 2.5.29.35 */
+ SUBJ_KEY_OID = 128, /* 2.5.29.14 */
+ CERT_POLICY_OID = 146, /* 2.5.29.32 */
+ KEY_USAGE_OID = 129, /* 2.5.29.15 */
+ INHIBIT_ANY_OID = 168, /* 2.5.29.54 */
+ EXT_KEY_USAGE_OID = 151, /* 2.5.29.37 */
+ NAME_CONS_OID = 144, /* 2.5.29.30 */
+ PRIV_KEY_USAGE_PERIOD_OID = 130, /* 2.5.29.16 */
+ SUBJECT_INFO_ACCESS = 79, /* 1.3.6.1.5.5.7.1.11 */
+ POLICY_MAP_OID = 147, /* 2.5.29.33 */
+ POLICY_CONST_OID = 150, /* 2.5.29.36 */
+ ISSUE_ALT_NAMES_OID = 132, /* 2.5.29.18 */
+ TLS_FEATURE_OID = 92, /* 1.3.6.1.5.5.7.1.24 */
+ NETSCAPE_CT_OID = 753, /* 2.16.840.1.113730.1.1 */
+ OCSP_NOCHECK_OID = 121 /* 1.3.6.1.5.5.7.48.1.5
+ id-pkix-ocsp-nocheck */
+};
+
+enum CertificatePolicy_Sum {
+ CP_ANY_OID = 146 /* id-ce 32 0 */
+};
+
+enum SepHardwareName_Sum {
+ HW_NAME_OID = 79 /* 1.3.6.1.5.5.7.8.4 from RFC 4108*/
+};
+
+enum AuthInfo_Sum {
+ AIA_OCSP_OID = 116, /* 1.3.6.1.5.5.7.48.1 */
+ AIA_CA_ISSUER_OID = 117 /* 1.3.6.1.5.5.7.48.2 */
+};
+
+enum ExtKeyUsage_Sum { /* From RFC 5280 */
+ EKU_ANY_OID = 151, /* 2.5.29.37.0, anyExtendedKeyUsage */
+ EKU_SERVER_AUTH_OID = 71, /* 1.3.6.1.5.5.7.3.1, id-kp-serverAuth */
+ EKU_CLIENT_AUTH_OID = 72, /* 1.3.6.1.5.5.7.3.2, id-kp-clientAuth */
+ EKU_CODESIGNING_OID = 73, /* 1.3.6.1.5.5.7.3.3, id-kp-codeSigning */
+ EKU_EMAILPROTECT_OID = 74, /* 1.3.6.1.5.5.7.3.4, id-kp-emailProtection */
+ EKU_TIMESTAMP_OID = 78, /* 1.3.6.1.5.5.7.3.8, id-kp-timeStamping */
+ EKU_OCSP_SIGN_OID = 79 /* 1.3.6.1.5.5.7.3.9, id-kp-OCSPSigning */
+};
+
+#ifdef HAVE_LIBZ
+enum CompressAlg_Sum {
+ ZLIBc = 679 /* 1.2.840.113549.1.9.16.3.8, id-alg-zlibCompress */
+};
+#endif
+
+enum VerifyType {
+ NO_VERIFY = 0,
+ VERIFY = 1,
+ VERIFY_CRL = 2,
+ VERIFY_OCSP = 3,
+ VERIFY_NAME = 4,
+ VERIFY_SKIP_DATE = 5,
+ VERIFY_OCSP_CERT = 6,
+};
+
+#ifdef WOLFSSL_CERT_EXT
+enum KeyIdType {
+ SKID_TYPE = 0,
+ AKID_TYPE = 1
+};
+#endif
+
+#ifdef WOLFSSL_CERT_REQ
+enum CsrAttrType {
+ CHALLENGE_PASSWORD_OID = 659,
+ SERIAL_NUMBER_OID = 94,
+ EXTENSION_REQUEST_OID = 666,
+};
+#endif
+
+/* Key usage extension bits (based on RFC 5280) */
+#define KEYUSE_DIGITAL_SIG 0x0080
+#define KEYUSE_CONTENT_COMMIT 0x0040
+#define KEYUSE_KEY_ENCIPHER 0x0020
+#define KEYUSE_DATA_ENCIPHER 0x0010
+#define KEYUSE_KEY_AGREE 0x0008
+#define KEYUSE_KEY_CERT_SIGN 0x0004
+#define KEYUSE_CRL_SIGN 0x0002
+#define KEYUSE_ENCIPHER_ONLY 0x0001
+#define KEYUSE_DECIPHER_ONLY 0x8000
+
+/* Extended Key Usage bits (internal mapping only) */
+#define EXTKEYUSE_USER 0x80
+#define EXTKEYUSE_OCSP_SIGN 0x40
+#define EXTKEYUSE_TIMESTAMP 0x20
+#define EXTKEYUSE_EMAILPROT 0x10
+#define EXTKEYUSE_CODESIGN 0x08
+#define EXTKEYUSE_CLIENT_AUTH 0x04
+#define EXTKEYUSE_SERVER_AUTH 0x02
+#define EXTKEYUSE_ANY 0x01
+
+typedef struct DNS_entry DNS_entry;
+
+struct DNS_entry {
+ DNS_entry* next; /* next on DNS list */
+ int type; /* i.e. ASN_DNS_TYPE */
+ int len; /* actual DNS len */
+ char* name; /* actual DNS name */
+};
+
+
+typedef struct Base_entry Base_entry;
+
+struct Base_entry {
+ Base_entry* next; /* next on name base list */
+ char* name; /* actual name base */
+ int nameSz; /* name length */
+ byte type; /* Name base type (DNS or RFC822) */
+};
+
+
+enum SignatureState {
+ SIG_STATE_BEGIN,
+ SIG_STATE_HASH,
+ SIG_STATE_KEY,
+ SIG_STATE_DO,
+ SIG_STATE_CHECK,
+};
+
+
+#ifdef HAVE_PK_CALLBACKS
+#ifdef HAVE_ECC
+ typedef int (*wc_CallbackEccVerify)(
+ const unsigned char* sig, unsigned int sigSz,
+ const unsigned char* hash, unsigned int hashSz,
+ const unsigned char* keyDer, unsigned int keySz,
+ int* result, void* ctx);
+#endif
+#ifndef NO_RSA
+ typedef int (*wc_CallbackRsaVerify)(
+ unsigned char* sig, unsigned int sigSz,
+ unsigned char** out,
+ const unsigned char* keyDer, unsigned int keySz,
+ void* ctx);
+#endif
+#endif /* HAVE_PK_CALLBACKS */
+
+struct SignatureCtx {
+ void* heap;
+ byte* digest;
+#ifndef NO_RSA
+ byte* out;
+#endif
+#if !(defined(NO_RSA) && defined(NO_DSA))
+ byte* sigCpy;
+#endif
+#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) || \
+ !defined(NO_DSA)
+ int verify;
+#endif
+ union {
+ #ifndef NO_RSA
+ struct RsaKey* rsa;
+ #endif
+ #ifndef NO_DSA
+ struct DsaKey* dsa;
+ #endif
+ #ifdef HAVE_ECC
+ struct ecc_key* ecc;
+ #endif
+ #ifdef HAVE_ED25519
+ struct ed25519_key* ed25519;
+ #endif
+ #ifdef HAVE_ED448
+ struct ed448_key* ed448;
+ #endif
+ void* ptr;
+ } key;
+ int devId;
+ int state;
+ int typeH;
+ int digestSz;
+ word32 keyOID;
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WC_ASYNC_DEV* asyncDev;
+ void* asyncCtx;
+#endif
+
+#ifdef HAVE_PK_CALLBACKS
+#ifdef HAVE_ECC
+ wc_CallbackEccVerify pkCbEcc;
+ void* pkCtxEcc;
+#endif
+#ifndef NO_RSA
+ wc_CallbackRsaVerify pkCbRsa;
+ void* pkCtxRsa;
+#endif
+#endif /* HAVE_PK_CALLBACKS */
+#ifndef NO_RSA
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
+ byte verifyByTSIP;
+ word32 certBegin;
+ word32 pubkey_n_start;
+ word32 pubkey_n_len;
+ word32 pubkey_e_start;
+ word32 pubkey_e_len;
+#endif
+#endif
+};
+
+enum CertSignState {
+ CERTSIGN_STATE_BEGIN,
+ CERTSIGN_STATE_DIGEST,
+ CERTSIGN_STATE_ENCODE,
+ CERTSIGN_STATE_DO,
+};
+
+struct CertSignCtx {
+ byte* sig;
+ byte* digest;
+ #ifndef NO_RSA
+ byte* encSig;
+ int encSigSz;
+ #endif
+ int state; /* enum CertSignState */
+};
+
+#ifndef WOLFSSL_MAX_PATH_LEN
+ /* RFC 5280 Section 6.1.2. "Initialization" - item (k) defines
+ * (k) max_path_length: this integer is initialized to "n", is
+ * decremented for each non-self-issued certificate in the path,
+ * and may be reduced to the value in the path length constraint
+ * field within the basic constraints extension of a CA
+ * certificate.
+ *
+ * wolfSSL has arbitrarily selected the value 127 for "n" in the above
+ * description. Users can modify the maximum path length by setting
+ * WOLFSSL_MAX_PATH_LEN to a preferred value at build time
+ */
+ #define WOLFSSL_MAX_PATH_LEN 127
+#endif
+
+typedef struct DecodedCert DecodedCert;
+typedef struct Signer Signer;
+#ifdef WOLFSSL_TRUST_PEER_CERT
+typedef struct TrustedPeerCert TrustedPeerCert;
+#endif /* WOLFSSL_TRUST_PEER_CERT */
+typedef struct SignatureCtx SignatureCtx;
+typedef struct CertSignCtx CertSignCtx;
+
+
+struct DecodedCert {
+ const byte* publicKey;
+ word32 pubKeySize;
+ int pubKeyStored;
+ word32 certBegin; /* offset to start of cert */
+ word32 sigIndex; /* offset to start of signature */
+ word32 sigLength; /* length of signature */
+ word32 signatureOID; /* sum of algorithm object id */
+ word32 keyOID; /* sum of key algo object id */
+ int version; /* cert version, 1 or 3 */
+ DNS_entry* altNames; /* alt names list of dns entries */
+#ifndef IGNORE_NAME_CONSTRAINTS
+ DNS_entry* altEmailNames; /* alt names list of RFC822 entries */
+ DNS_entry* altDirNames; /* alt names list of DIR entries */
+ Base_entry* permittedNames; /* Permitted name bases */
+ Base_entry* excludedNames; /* Excluded name bases */
+#endif /* IGNORE_NAME_CONSTRAINTS */
+ byte subjectHash[KEYID_SIZE]; /* hash of all Names */
+ byte issuerHash[KEYID_SIZE]; /* hash of all Names */
+#ifdef HAVE_OCSP
+ byte subjectKeyHash[KEYID_SIZE]; /* hash of the public Key */
+ byte issuerKeyHash[KEYID_SIZE]; /* hash of the public Key */
+#endif /* HAVE_OCSP */
+ const byte* signature; /* not owned, points into raw cert */
+ char* subjectCN; /* CommonName */
+ int subjectCNLen; /* CommonName Length */
+ char subjectCNEnc; /* CommonName Encoding */
+ char issuer[ASN_NAME_MAX]; /* full name including common name */
+ char subject[ASN_NAME_MAX]; /* full name including common name */
+ int verify; /* Default to yes, but could be off */
+ const byte* source; /* byte buffer holder cert, NOT owner */
+ word32 srcIdx; /* current offset into buffer */
+ word32 maxIdx; /* max offset based on init size */
+ void* heap; /* for user memory overrides */
+ byte serial[EXTERNAL_SERIAL_SIZE]; /* raw serial number */
+ int serialSz; /* raw serial bytes stored */
+ const byte* extensions; /* not owned, points into raw cert */
+ int extensionsSz; /* length of cert extensions */
+ word32 extensionsIdx; /* if want to go back and parse later */
+ const byte* extAuthInfo; /* Authority Information Access URI */
+ int extAuthInfoSz; /* length of the URI */
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
+ const byte* extAuthInfoCaIssuer; /* Authority Info Access caIssuer URI */
+ int extAuthInfoCaIssuerSz; /* length of the caIssuer URI */
+#endif
+ const byte* extCrlInfo; /* CRL Distribution Points */
+ int extCrlInfoSz; /* length of the URI */
+ byte extSubjKeyId[KEYID_SIZE]; /* Subject Key ID */
+ byte extAuthKeyId[KEYID_SIZE]; /* Authority Key ID */
+ byte pathLength; /* CA basic constraint path length */
+ byte maxPathLen; /* max_path_len see RFC 5280 section
+ * 6.1.2 "Initialization" - (k) for
+ * description of max_path_len */
+ byte policyConstSkip; /* Policy Constraints skip certs value */
+ word16 extKeyUsage; /* Key usage bitfield */
+ byte extExtKeyUsage; /* Extended Key usage bitfield */
+
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+ const byte* extExtKeyUsageSrc;
+ word32 extExtKeyUsageSz;
+ word32 extExtKeyUsageCount;
+ const byte* extAuthKeyIdSrc;
+ word32 extAuthKeyIdSz;
+ const byte* extSubjKeyIdSrc;
+ word32 extSubjKeyIdSz;
+#endif
+
+#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)
+ word32 pkCurveOID; /* Public Key's curve OID */
+#endif /* HAVE_ECC */
+ const byte* beforeDate;
+ int beforeDateLen;
+ const byte* afterDate;
+ int afterDateLen;
+#if defined(HAVE_PKCS7) || defined(WOLFSSL_CERT_EXT)
+ const byte* issuerRaw; /* pointer to issuer inside source */
+ int issuerRawLen;
+#endif
+#if !defined(IGNORE_NAME_CONSTRAINTS) || defined(WOLFSSL_CERT_EXT)
+ const byte* subjectRaw; /* pointer to subject inside source */
+ int subjectRawLen;
+#endif
+#if defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_CERT_EXT)
+ /* easy access to subject info for other sign */
+ char* subjectSN;
+ int subjectSNLen;
+ char subjectSNEnc;
+ char* subjectC;
+ int subjectCLen;
+ char subjectCEnc;
+ char* subjectL;
+ int subjectLLen;
+ char subjectLEnc;
+ char* subjectST;
+ int subjectSTLen;
+ char subjectSTEnc;
+ char* subjectO;
+ int subjectOLen;
+ char subjectOEnc;
+ char* subjectOU;
+ int subjectOULen;
+ char subjectOUEnc;
+ char* subjectSND;
+ int subjectSNDLen;
+ char subjectSNDEnc;
+#ifdef WOLFSSL_CERT_EXT
+ char* subjectBC;
+ int subjectBCLen;
+ char subjectBCEnc;
+ char* subjectJC;
+ int subjectJCLen;
+ char subjectJCEnc;
+ char* subjectJS;
+ int subjectJSLen;
+ char subjectJSEnc;
+#endif
+ char* subjectEmail;
+ int subjectEmailLen;
+#endif /* WOLFSSL_CERT_GEN */
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+ /* WOLFSSL_X509_NAME structures (used void* to avoid including ssl.h) */
+ void* issuerName;
+ void* subjectName;
+#endif /* OPENSSL_EXTRA */
+#ifdef WOLFSSL_SEP
+ int deviceTypeSz;
+ byte* deviceType;
+ int hwTypeSz;
+ byte* hwType;
+ int hwSerialNumSz;
+ byte* hwSerialNum;
+#endif /* WOLFSSL_SEP */
+#ifdef WOLFSSL_CERT_EXT
+ char extCertPolicies[MAX_CERTPOL_NB][MAX_CERTPOL_SZ];
+ int extCertPoliciesNb;
+#endif /* defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_CERT_EXT) */
+
+#ifdef WOLFSSL_CERT_REQ
+ /* CSR attributes */
+ char* cPwd; /* challengePassword */
+ int cPwdLen;
+ char* sNum; /* Serial Number */
+ int sNumLen;
+#endif /* WOLFSSL_CERT_REQ */
+
+ Signer* ca;
+#ifndef NO_CERTS
+ SignatureCtx sigCtx;
+#endif
+#ifdef WOLFSSL_RENESAS_TSIP
+ byte* tsip_encRsaKeyIdx;
+#endif
+
+ int badDate;
+ int criticalExt;
+
+ /* Option Bits */
+ byte subjectCNStored : 1; /* have we saved a copy we own */
+ byte extSubjKeyIdSet : 1; /* Set when the SKID was read from cert */
+ byte extAuthKeyIdSet : 1; /* Set when the AKID was read from cert */
+#ifndef IGNORE_NAME_CONSTRAINTS
+ byte extNameConstraintSet : 1;
+#endif
+ byte isCA : 1; /* CA basic constraint true */
+ byte pathLengthSet : 1; /* CA basic const path length set */
+ byte weOwnAltNames : 1; /* altNames haven't been given to copy */
+ byte extKeyUsageSet : 1;
+ byte extExtKeyUsageSet : 1; /* Extended Key Usage set */
+#ifdef HAVE_OCSP
+ byte ocspNoCheckSet : 1; /* id-pkix-ocsp-nocheck set */
+#endif
+ byte extCRLdistSet : 1;
+ byte extAuthInfoSet : 1;
+ byte extBasicConstSet : 1;
+ byte extPolicyConstSet : 1;
+ byte extPolicyConstRxpSet : 1; /* requireExplicitPolicy set */
+ byte extPolicyConstIpmSet : 1; /* inhibitPolicyMapping set */
+ byte extSubjAltNameSet : 1;
+ byte inhibitAnyOidSet : 1;
+ byte selfSigned : 1; /* Indicates subject and issuer are same */
+#if defined(WOLFSSL_SEP) || defined(WOLFSSL_QT)
+ byte extCertPolicySet : 1;
+#endif
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+ byte extCRLdistCrit : 1;
+ byte extAuthInfoCrit : 1;
+ byte extBasicConstCrit : 1;
+ byte extPolicyConstCrit : 1;
+ byte extSubjAltNameCrit : 1;
+ byte extAuthKeyIdCrit : 1;
+ #ifndef IGNORE_NAME_CONSTRAINTS
+ byte extNameConstraintCrit : 1;
+ #endif
+ byte extSubjKeyIdCrit : 1;
+ byte extKeyUsageCrit : 1;
+ byte extExtKeyUsageCrit : 1;
+#endif /* OPENSSL_EXTRA */
+#if defined(WOLFSSL_SEP) || defined(WOLFSSL_QT)
+ byte extCertPolicyCrit : 1;
+#endif
+#ifdef WOLFSSL_CERT_REQ
+ byte isCSR : 1; /* Do we intend on parsing a CSR? */
+#endif
+};
+
+/* ASN Encoded Name field */
+typedef struct EncodedName {
+ int nameLen; /* actual string value length */
+ int totalLen; /* total encoded length */
+ int type; /* type of name */
+ int used; /* are we actually using this one */
+ byte encoded[CTC_NAME_SIZE * 2]; /* encoding */
+} EncodedName;
+
+#ifdef NO_SHA
+ #define SIGNER_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
+#else
+ #define SIGNER_DIGEST_SIZE WC_SHA_DIGEST_SIZE
+#endif
+
+/* CA Signers */
+/* if change layout change PERSIST_CERT_CACHE functions too */
+struct Signer {
+ word32 pubKeySize;
+ word32 keyOID; /* key type */
+ word16 keyUsage;
+ byte maxPathLen;
+ byte pathLength;
+ byte pathLengthSet : 1;
+ byte selfSigned : 1;
+ const byte* publicKey;
+ int nameLen;
+ char* name; /* common name */
+#ifndef IGNORE_NAME_CONSTRAINTS
+ Base_entry* permittedNames;
+ Base_entry* excludedNames;
+#endif /* IGNORE_NAME_CONSTRAINTS */
+ byte subjectNameHash[SIGNER_DIGEST_SIZE];
+ /* sha hash of names in certificate */
+ #ifndef NO_SKID
+ byte subjectKeyIdHash[SIGNER_DIGEST_SIZE];
+ /* sha hash of names in certificate */
+ #endif
+ #ifdef HAVE_OCSP
+ byte subjectKeyHash[KEYID_SIZE];
+ #endif
+#ifdef WOLFSSL_SIGNER_DER_CERT
+ DerBuffer* derCert;
+#endif
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
+ word32 cm_idx;
+#endif
+ Signer* next;
+};
+
+
+#ifdef WOLFSSL_TRUST_PEER_CERT
+/* used for having trusted peer certs rather then CA */
+struct TrustedPeerCert {
+ int nameLen;
+ char* name; /* common name */
+ #ifndef IGNORE_NAME_CONSTRAINTS
+ Base_entry* permittedNames;
+ Base_entry* excludedNames;
+ #endif /* IGNORE_NAME_CONSTRAINTS */
+ byte subjectNameHash[SIGNER_DIGEST_SIZE];
+ /* sha hash of names in certificate */
+ #ifndef NO_SKID
+ byte subjectKeyIdHash[SIGNER_DIGEST_SIZE];
+ /* sha hash of names in certificate */
+ #endif
+ word32 sigLen;
+ byte* sig;
+ struct TrustedPeerCert* next;
+};
+#endif /* WOLFSSL_TRUST_PEER_CERT */
+
+
+/* for testing or custom openssl wrappers */
+#if defined(WOLFSSL_TEST_CERT) || defined(OPENSSL_EXTRA) || \
+ defined(OPENSSL_EXTRA_X509_SMALL)
+ #define WOLFSSL_ASN_API WOLFSSL_API
+#else
+ #define WOLFSSL_ASN_API WOLFSSL_LOCAL
+#endif
+
+#ifdef HAVE_SMIME
+#define MIME_HEADER_ASCII_MIN 33
+#define MIME_HEADER_ASCII_MAX 126
+
+typedef struct MimeParam MimeParam;
+typedef struct MimeHdr MimeHdr;
+
+struct MimeParam
+{
+ MimeParam* next;
+ char* attribute;
+ char* value;
+};
+
+struct MimeHdr
+{
+ MimeHdr* next;
+ MimeParam* params;
+ char* name;
+ char* body;
+};
+
+typedef enum MimeTypes
+{
+ MIME_HDR,
+ MIME_PARAM
+} MimeTypes;
+
+typedef enum MimeStatus
+{
+ MIME_NAMEATTR,
+ MIME_BODYVAL
+} MimeStatus;
+#endif /* HAVE_SMIME */
+
+
+WOLFSSL_LOCAL int CalcHashId(const byte* data, word32 len, byte* hash);
+WOLFSSL_LOCAL int GetName(DecodedCert* cert, int nameType, int maxIdx);
+
+WOLFSSL_ASN_API int wc_BerToDer(const byte* ber, word32 berSz, byte* der,
+ word32* derSz);
+
+WOLFSSL_ASN_API void FreeAltNames(DNS_entry*, void*);
+#ifndef IGNORE_NAME_CONSTRAINTS
+ WOLFSSL_ASN_API void FreeNameSubtrees(Base_entry*, void*);
+#endif /* IGNORE_NAME_CONSTRAINTS */
+WOLFSSL_ASN_API void InitDecodedCert(DecodedCert*, const byte*, word32, void*);
+WOLFSSL_ASN_API void FreeDecodedCert(DecodedCert*);
+WOLFSSL_ASN_API int ParseCert(DecodedCert*, int type, int verify, void* cm);
+
+WOLFSSL_LOCAL int DecodePolicyOID(char *o, word32 oSz,
+ const byte *in, word32 inSz);
+WOLFSSL_LOCAL int EncodePolicyOID(byte *out, word32 *outSz,
+ const char *in, void* heap);
+WOLFSSL_API int CheckCertSignature(const byte*,word32,void*,void* cm);
+WOLFSSL_LOCAL int CheckCertSignaturePubKey(const byte* cert, word32 certSz,
+ void* heap, const byte* pubKey, word32 pubKeySz, int pubKeyOID);
+#ifdef WOLFSSL_CERT_REQ
+WOLFSSL_LOCAL int CheckCSRSignaturePubKey(const byte* cert, word32 certSz, void* heap,
+ const byte* pubKey, word32 pubKeySz, int pubKeyOID);
+#endif /* WOLFSSL_CERT_REQ */
+WOLFSSL_LOCAL int AddSignature(byte* buf, int bodySz, const byte* sig, int sigSz,
+ int sigAlgoType);
+WOLFSSL_LOCAL int ParseCertRelative(DecodedCert*,int type,int verify,void* cm);
+WOLFSSL_LOCAL int DecodeToKey(DecodedCert*, int verify);
+WOLFSSL_LOCAL int wc_GetPubX509(DecodedCert* cert, int verify, int* badDate);
+
+WOLFSSL_LOCAL const byte* OidFromId(word32 id, word32 type, word32* oidSz);
+WOLFSSL_LOCAL Signer* MakeSigner(void*);
+WOLFSSL_LOCAL void FreeSigner(Signer*, void*);
+WOLFSSL_LOCAL void FreeSignerTable(Signer**, int, void*);
+#ifdef WOLFSSL_TRUST_PEER_CERT
+WOLFSSL_LOCAL void FreeTrustedPeer(TrustedPeerCert*, void*);
+WOLFSSL_LOCAL void FreeTrustedPeerTable(TrustedPeerCert**, int, void*);
+#endif /* WOLFSSL_TRUST_PEER_CERT */
+
+WOLFSSL_ASN_API int ToTraditional(byte* buffer, word32 length);
+WOLFSSL_ASN_API int ToTraditional_ex(byte* buffer, word32 length,
+ word32* algId);
+WOLFSSL_LOCAL int ToTraditionalInline(const byte* input, word32* inOutIdx,
+ word32 length);
+WOLFSSL_LOCAL int ToTraditionalInline_ex(const byte* input, word32* inOutIdx,
+ word32 length, word32* algId);
+WOLFSSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*,int,
+ word32* algId);
+WOLFSSL_ASN_API int UnTraditionalEnc(byte* key, word32 keySz, byte* out,
+ word32* outSz, const char* password, int passwordSz, int vPKCS,
+ int vAlgo, byte* salt, word32 saltSz, int itt, WC_RNG* rng, void* heap);
+WOLFSSL_ASN_API int TraditionalEnc(byte* key, word32 keySz, byte* out,
+ word32* outSz, const char* password, int passwordSz, int vPKCS,
+ int vAlgo, int encAlgId, byte* salt, word32 saltSz, int itt,
+ WC_RNG* rng, void* heap);
+WOLFSSL_LOCAL int DecryptContent(byte* input, word32 sz,const char* psw,int pswSz);
+WOLFSSL_LOCAL int EncryptContent(byte* input, word32 sz, byte* out, word32* outSz,
+ const char* password,int passwordSz, int vPKCS, int vAlgo,
+ byte* salt, word32 saltSz, int itt, WC_RNG* rng, void* heap);
+WOLFSSL_LOCAL int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID,
+ word32* oidSz, int* algoID, void* heap);
+
+typedef struct tm wolfssl_tm;
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA) || \
+ defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
+WOLFSSL_LOCAL int GetTimeString(byte* date, int format, char* buf, int len);
+#endif
+#if !defined(NO_ASN_TIME) && defined(HAVE_PKCS7)
+WOLFSSL_LOCAL int GetAsnTimeString(void* currTime, byte* buf, word32 len);
+#endif
+WOLFSSL_LOCAL int ExtractDate(const unsigned char* date, unsigned char format,
+ wolfssl_tm* certTime, int* idx);
+WOLFSSL_LOCAL int DateGreaterThan(const struct tm* a, const struct tm* b);
+WOLFSSL_LOCAL int wc_ValidateDate(const byte* date, byte format, int dateType);
+WOLFSSL_LOCAL int wc_OBJ_sn2nid(const char *sn);
+
+WOLFSSL_LOCAL int wc_EncodeName(EncodedName* name, const char* nameStr,
+ char nameType, byte type);
+WOLFSSL_LOCAL int wc_EncodeNameCanonical(EncodedName* name, const char* nameStr,
+ char nameType, byte type);
+/* ASN.1 helper functions */
+#ifdef WOLFSSL_CERT_GEN
+WOLFSSL_ASN_API int SetName(byte* output, word32 outputSz, CertName* name);
+WOLFSSL_LOCAL const char* GetOneCertName(CertName* name, int idx);
+WOLFSSL_LOCAL byte GetCertNameId(int idx);
+#endif
+WOLFSSL_LOCAL int GetShortInt(const byte* input, word32* inOutIdx, int* number,
+ word32 maxIdx);
+WOLFSSL_LOCAL int SetShortInt(byte* input, word32* inOutIdx, word32 number,
+ word32 maxIdx);
+
+WOLFSSL_LOCAL const char* GetSigName(int oid);
+WOLFSSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len,
+ word32 maxIdx);
+WOLFSSL_LOCAL int GetLength_ex(const byte* input, word32* inOutIdx, int* len,
+ word32 maxIdx, int check);
+WOLFSSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len,
+ word32 maxIdx);
+WOLFSSL_LOCAL int GetSequence_ex(const byte* input, word32* inOutIdx, int* len,
+ word32 maxIdx, int check);
+WOLFSSL_LOCAL int GetOctetString(const byte* input, word32* inOutIdx, int* len,
+ word32 maxIdx);
+WOLFSSL_LOCAL int CheckBitString(const byte* input, word32* inOutIdx, int* len,
+ word32 maxIdx, int zeroBits, byte* unusedBits);
+WOLFSSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len,
+ word32 maxIdx);
+WOLFSSL_LOCAL int GetSet_ex(const byte* input, word32* inOutIdx, int* len,
+ word32 maxIdx, int check);
+WOLFSSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx,
+ int* version, word32 maxIdx);
+WOLFSSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
+ word32 maxIdx);
+#ifdef HAVE_OID_ENCODING
+ WOLFSSL_LOCAL int EncodeObjectId(const word16* in, word32 inSz,
+ byte* out, word32* outSz);
+#endif
+#ifdef HAVE_OID_DECODING
+ WOLFSSL_LOCAL int DecodeObjectId(const byte* in, word32 inSz,
+ word16* out, word32* outSz);
+#endif
+WOLFSSL_LOCAL int GetASNObjectId(const byte* input, word32* inOutIdx, int* len,
+ word32 maxIdx);
+WOLFSSL_LOCAL int SetObjectId(int len, byte* output);
+WOLFSSL_LOCAL int GetObjectId(const byte* input, word32* inOutIdx, word32* oid,
+ word32 oidType, word32 maxIdx);
+WOLFSSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid,
+ word32 oidType, word32 maxIdx);
+WOLFSSL_LOCAL int GetASNTag(const byte* input, word32* idx, byte* tag,
+ word32 inputSz);
+WOLFSSL_LOCAL word32 SetLength(word32 length, byte* output);
+WOLFSSL_LOCAL word32 SetSequence(word32 len, byte* output);
+WOLFSSL_LOCAL word32 SetOctetString(word32 len, byte* output);
+WOLFSSL_LOCAL int SetASNInt(int len, byte firstByte, byte* output);
+WOLFSSL_LOCAL word32 SetBitString(word32 len, byte unusedBits, byte* output);
+WOLFSSL_LOCAL word32 SetImplicit(byte tag,byte number,word32 len,byte* output);
+WOLFSSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output);
+WOLFSSL_LOCAL word32 SetSet(word32 len, byte* output);
+WOLFSSL_LOCAL word32 SetAlgoID(int algoOID,byte* output,int type,int curveSz);
+WOLFSSL_LOCAL int SetMyVersion(word32 version, byte* output, int header);
+WOLFSSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output,
+ word32 outputSz, int maxSnSz);
+WOLFSSL_LOCAL int GetSerialNumber(const byte* input, word32* inOutIdx,
+ byte* serial, int* serialSz, word32 maxIdx);
+WOLFSSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,
+ int maxIdx);
+WOLFSSL_LOCAL int wc_CheckPrivateKeyCert(const byte* key, word32 keySz, DecodedCert* der);
+WOLFSSL_LOCAL int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
+ const byte* pubKey, word32 pubKeySz, enum Key_Sum ks);
+WOLFSSL_LOCAL int StoreDHparams(byte* out, word32* outLen, mp_int* p, mp_int* g);
+WOLFSSL_LOCAL int FlattenAltNames( byte*, word32, const DNS_entry*);
+
+#ifdef HAVE_ECC
+ /* ASN sig helpers */
+ WOLFSSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r,
+ mp_int* s);
+ WOLFSSL_LOCAL int StoreECC_DSA_Sig_Bin(byte* out, word32* outLen,
+ const byte* r, word32 rLen, const byte* s, word32 sLen);
+ WOLFSSL_LOCAL int DecodeECC_DSA_Sig_Bin(const byte* sig, word32 sigLen,
+ byte* r, word32* rLen, byte* s, word32* sLen);
+#endif
+#if defined(HAVE_ECC) || !defined(NO_DSA)
+ WOLFSSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen,
+ mp_int* r, mp_int* s);
+#endif
+#if defined HAVE_ECC && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL))
+WOLFSSL_API int EccEnumToNID(int n);
+#endif
+
+WOLFSSL_LOCAL void InitSignatureCtx(SignatureCtx* sigCtx, void* heap, int devId);
+WOLFSSL_LOCAL void FreeSignatureCtx(SignatureCtx* sigCtx);
+
+#ifndef NO_CERTS
+
+WOLFSSL_LOCAL int wc_EncryptedInfoParse(EncryptedInfo* info,
+ const char** pBuffer, size_t bufSz);
+
+WOLFSSL_LOCAL int PemToDer(const unsigned char* buff, long sz, int type,
+ DerBuffer** pDer, void* heap, EncryptedInfo* info,
+ int* eccKey);
+WOLFSSL_LOCAL int AllocDer(DerBuffer** der, word32 length, int type, void* heap);
+WOLFSSL_LOCAL void FreeDer(DerBuffer** der);
+
+#endif /* !NO_CERTS */
+
+#ifdef HAVE_SMIME
+WOLFSSL_LOCAL int wc_MIME_parse_headers(char* in, int inLen, MimeHdr** hdrs);
+WOLFSSL_LOCAL int wc_MIME_header_strip(char* in, char** out, size_t start, size_t end);
+WOLFSSL_LOCAL int wc_MIME_create_header(char* name, char* body, MimeHdr** hdr);
+WOLFSSL_LOCAL int wc_MIME_create_parameter(char* attribute, char* value, MimeParam** param);
+WOLFSSL_LOCAL MimeHdr* wc_MIME_find_header_name(const char* name, MimeHdr* hdr);
+WOLFSSL_LOCAL MimeParam* wc_MIME_find_param_attr(const char* attribute, MimeParam* param);
+WOLFSSL_LOCAL char* wc_MIME_canonicalize(const char* line);
+WOLFSSL_LOCAL int wc_MIME_free_hdrs(MimeHdr* head);
+#endif /* HAVE_SMIME */
+
+#ifdef WOLFSSL_CERT_GEN
+
+enum cert_enums {
+#ifdef WOLFSSL_CERT_EXT
+ NAME_ENTRIES = 10,
+#else
+ NAME_ENTRIES = 9,
+#endif
+ JOINT_LEN = 2,
+ EMAIL_JOINT_LEN = 9,
+ PILOT_JOINT_LEN = 10,
+ RSA_KEY = 10,
+ NTRU_KEY = 11,
+ ECC_KEY = 12,
+ ED25519_KEY = 13,
+ ED448_KEY = 14,
+ DSA_KEY = 15
+};
+
+#endif /* WOLFSSL_CERT_GEN */
+
+
+
+/* for pointer use */
+typedef struct CertStatus CertStatus;
+
+#ifdef HAVE_OCSP
+
+enum Ocsp_Response_Status {
+ OCSP_SUCCESSFUL = 0, /* Response has valid confirmations */
+ OCSP_MALFORMED_REQUEST = 1, /* Illegal confirmation request */
+ OCSP_INTERNAL_ERROR = 2, /* Internal error in issuer */
+ OCSP_TRY_LATER = 3, /* Try again later */
+ OCSP_SIG_REQUIRED = 5, /* Must sign the request (4 is skipped) */
+ OCSP_UNAUTHROIZED = 6 /* Request unauthorized */
+};
+
+
+enum Ocsp_Cert_Status {
+ CERT_GOOD = 0,
+ CERT_REVOKED = 1,
+ CERT_UNKNOWN = 2
+};
+
+
+enum Ocsp_Sums {
+ OCSP_BASIC_OID = 117,
+ OCSP_NONCE_OID = 118
+};
+
+#ifdef OPENSSL_EXTRA
+enum Ocsp_Verify_Error {
+ OCSP_VERIFY_ERROR_NONE = 0,
+ OCSP_BAD_ISSUER = 1
+};
+#endif
+
+
+typedef struct OcspRequest OcspRequest;
+typedef struct OcspResponse OcspResponse;
+
+
+struct CertStatus {
+ CertStatus* next;
+
+ byte serial[EXTERNAL_SERIAL_SIZE];
+ int serialSz;
+#ifdef OPENSSL_EXTRA
+ WOLFSSL_ASN1_INTEGER* serialInt;
+#endif
+
+ int status;
+
+ byte thisDate[MAX_DATE_SIZE];
+ byte nextDate[MAX_DATE_SIZE];
+ byte thisDateFormat;
+ byte nextDateFormat;
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
+ WOLFSSL_ASN1_TIME thisDateParsed;
+ WOLFSSL_ASN1_TIME nextDateParsed;
+ byte* thisDateAsn;
+ byte* nextDateAsn;
+#endif
+
+ byte* rawOcspResponse;
+ word32 rawOcspResponseSz;
+};
+
+typedef struct OcspEntry OcspEntry;
+
+#ifdef NO_SHA
+#define OCSP_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
+#else
+#define OCSP_DIGEST_SIZE WC_SHA_DIGEST_SIZE
+#endif
+
+struct OcspEntry
+{
+ OcspEntry *next; /* next entry */
+ word32 hashAlgoOID; /* hash algo ID */
+ byte issuerHash[OCSP_DIGEST_SIZE]; /* issuer hash */
+ byte issuerKeyHash[OCSP_DIGEST_SIZE]; /* issuer public key hash */
+ CertStatus *status; /* OCSP response list */
+ int totalStatus; /* number on list */
+ byte* rawCertId; /* raw bytes of the CertID */
+ int rawCertIdSize; /* num bytes in raw CertID */
+ /* option bits - using 32-bit for alignment */
+ word32 ownStatus:1; /* do we need to free the status
+ * response list */
+ word32 isDynamic:1; /* was dynamically allocated */
+
+};
+
+/* TODO: Long-term, it would be helpful if we made this struct and other OCSP
+ structs conform to the ASN spec as described in RFC 6960. It will help
+ with readability and with implementing OpenSSL compatibility API
+ functions, because OpenSSL's OCSP data structures conform to the
+ RFC. */
+struct OcspResponse {
+ int responseStatus; /* return code from Responder */
+
+ byte* response; /* Pointer to beginning of OCSP Response */
+ word32 responseSz; /* length of the OCSP Response */
+
+ byte producedDate[MAX_DATE_SIZE];
+ /* Date at which this response was signed */
+ byte producedDateFormat; /* format of the producedDate */
+
+ byte* cert;
+ word32 certSz;
+
+ byte* sig; /* Pointer to sig in source */
+ word32 sigSz; /* Length in octets for the sig */
+ word32 sigOID; /* OID for hash used for sig */
+
+ OcspEntry* single; /* chain of OCSP single responses */
+
+ byte* nonce; /* pointer to nonce inside ASN.1 response */
+ int nonceSz; /* length of the nonce string */
+
+ byte* source; /* pointer to source buffer, not owned */
+ word32 maxIdx; /* max offset based on init size */
+
+#ifdef OPENSSL_EXTRA
+ int verifyError;
+#endif
+ void* heap;
+};
+
+
+struct OcspRequest {
+ byte issuerHash[KEYID_SIZE];
+ byte issuerKeyHash[KEYID_SIZE];
+ byte* serial; /* copy of the serial number in source cert */
+ int serialSz;
+#ifdef OPENSSL_EXTRA
+ WOLFSSL_ASN1_INTEGER* serialInt;
+#endif
+ byte* url; /* copy of the extAuthInfo in source cert */
+ int urlSz;
+
+ byte nonce[MAX_OCSP_NONCE_SZ];
+ int nonceSz;
+ void* heap;
+ void* ssl;
+};
+
+WOLFSSL_LOCAL void InitOcspResponse(OcspResponse*, OcspEntry*, CertStatus*, byte*, word32, void*);
+WOLFSSL_LOCAL void FreeOcspResponse(OcspResponse*);
+WOLFSSL_LOCAL int OcspResponseDecode(OcspResponse*, void*, void* heap, int);
+
+WOLFSSL_LOCAL int InitOcspRequest(OcspRequest*, DecodedCert*, byte, void*);
+WOLFSSL_LOCAL void FreeOcspRequest(OcspRequest*);
+WOLFSSL_LOCAL int EncodeOcspRequest(OcspRequest*, byte*, word32);
+WOLFSSL_LOCAL word32 EncodeOcspRequestExtensions(OcspRequest*, byte*, word32);
+
+
+WOLFSSL_LOCAL int CompareOcspReqResp(OcspRequest*, OcspResponse*);
+
+
+#endif /* HAVE_OCSP */
+
+
+/* for pointer use */
+typedef struct RevokedCert RevokedCert;
+
+#ifdef HAVE_CRL
+
+struct RevokedCert {
+ byte serialNumber[EXTERNAL_SERIAL_SIZE];
+ int serialSz;
+ RevokedCert* next;
+};
+
+typedef struct DecodedCRL DecodedCRL;
+
+struct DecodedCRL {
+ word32 certBegin; /* offset to start of cert */
+ word32 sigIndex; /* offset to start of signature */
+ word32 sigLength; /* length of signature */
+ word32 signatureOID; /* sum of algorithm object id */
+ byte* signature; /* pointer into raw source, not owned */
+ byte issuerHash[SIGNER_DIGEST_SIZE]; /* issuer name hash */
+ byte crlHash[SIGNER_DIGEST_SIZE]; /* raw crl data hash */
+ byte lastDate[MAX_DATE_SIZE]; /* last date updated */
+ byte nextDate[MAX_DATE_SIZE]; /* next update date */
+ byte lastDateFormat; /* format of last date */
+ byte nextDateFormat; /* format of next date */
+ RevokedCert* certs; /* revoked cert list */
+ int totalCerts; /* number on list */
+ void* heap;
+#ifndef NO_SKID
+ byte extAuthKeyIdSet;
+ byte extAuthKeyId[SIGNER_DIGEST_SIZE]; /* Authority Key ID */
+#endif
+};
+
+WOLFSSL_LOCAL void InitDecodedCRL(DecodedCRL*, void* heap);
+WOLFSSL_LOCAL int VerifyCRL_Signature(SignatureCtx* sigCtx,
+ const byte* toBeSigned, word32 tbsSz,
+ const byte* signature, word32 sigSz,
+ word32 signatureOID, Signer *ca,
+ void* heap);
+WOLFSSL_LOCAL int ParseCRL(DecodedCRL*, const byte* buff, word32 sz, void* cm);
+WOLFSSL_LOCAL void FreeDecodedCRL(DecodedCRL*);
+
+
+#endif /* HAVE_CRL */
+
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* !NO_ASN */
+
+
+#if !defined(NO_ASN) || !defined(NO_PWDBASED)
+
+#ifndef MAX_KEY_SIZE
+ #define MAX_KEY_SIZE 64 /* MAX PKCS Key length */
+#endif
+#ifndef MAX_UNICODE_SZ
+ #define MAX_UNICODE_SZ 256
+#endif
+
+enum PBESTypes {
+ PBE_MD5_DES = 0,
+ PBE_SHA1_RC4_128 = 1,
+ PBE_SHA1_DES = 2,
+ PBE_SHA1_DES3 = 3,
+ PBE_AES256_CBC = 4,
+ PBE_AES128_CBC = 5,
+ PBE_SHA1_40RC2_CBC = 6,
+
+ PBE_SHA1_RC4_128_SUM = 657,
+ PBE_SHA1_DES3_SUM = 659,
+ PBES2 = 13 /* algo ID */
+};
+
+enum PKCSTypes {
+ PKCS5v2 = 6, /* PKCS #5 v2.0 */
+ PKCS12v1 = 12, /* PKCS #12 */
+ PKCS5 = 5, /* PKCS oid tag */
+ PKCS8v0 = 0, /* default PKCS#8 version */
+};
+
+#endif /* !NO_ASN || !NO_PWDBASED */
+
+#endif /* WOLF_CRYPT_ASN_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/asn_public.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/asn_public.h
new file mode 100644
index 0000000..01af995
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/asn_public.h
@@ -0,0 +1,658 @@
+/* asn_public.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/asn_public.h
+*/
+
+/*
+DESCRIPTION
+This library defines the interface APIs for X509 certificates.
+
+*/
+#ifndef WOLF_CRYPT_ASN_PUBLIC_H
+#define WOLF_CRYPT_ASN_PUBLIC_H
+
+#include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/dsa.h>
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* guard on redeclaration */
+#ifndef WC_ECCKEY_TYPE_DEFINED
+ typedef struct ecc_key ecc_key;
+ #define WC_ECCKEY_TYPE_DEFINED
+#endif
+#ifndef WC_ED25519KEY_TYPE_DEFINED
+ typedef struct ed25519_key ed25519_key;
+ #define WC_ED25519KEY_TYPE_DEFINED
+#endif
+#ifndef WC_ED448KEY_TYPE_DEFINED
+ typedef struct ed448_key ed448_key;
+ #define WC_ED448KEY_TYPE_DEFINED
+#endif
+#ifndef WC_RSAKEY_TYPE_DEFINED
+ typedef struct RsaKey RsaKey;
+ #define WC_RSAKEY_TYPE_DEFINED
+#endif
+#ifndef WC_RNG_TYPE_DEFINED
+ typedef struct WC_RNG WC_RNG;
+ #define WC_RNG_TYPE_DEFINED
+#endif
+#ifndef WC_DH_TYPE_DEFINED
+ typedef struct DhKey DhKey;
+ #define WC_DH_TYPE_DEFINED
+#endif
+
+enum Ecc_Sum {
+ ECC_SECP112R1_OID = 182,
+ ECC_SECP112R2_OID = 183,
+ ECC_SECP128R1_OID = 204,
+ ECC_SECP128R2_OID = 205,
+ ECC_SECP160R1_OID = 184,
+ ECC_SECP160R2_OID = 206,
+ ECC_SECP160K1_OID = 185,
+ ECC_BRAINPOOLP160R1_OID = 98,
+ ECC_SECP192R1_OID = 520,
+ ECC_PRIME192V2_OID = 521,
+ ECC_PRIME192V3_OID = 522,
+ ECC_SECP192K1_OID = 207,
+ ECC_BRAINPOOLP192R1_OID = 100,
+ ECC_SECP224R1_OID = 209,
+ ECC_SECP224K1_OID = 208,
+ ECC_BRAINPOOLP224R1_OID = 102,
+ ECC_PRIME239V1_OID = 523,
+ ECC_PRIME239V2_OID = 524,
+ ECC_PRIME239V3_OID = 525,
+ ECC_SECP256R1_OID = 526,
+ ECC_SECP256K1_OID = 186,
+ ECC_BRAINPOOLP256R1_OID = 104,
+ ECC_X25519_OID = 365,
+ ECC_ED25519_OID = 256,
+ ECC_BRAINPOOLP320R1_OID = 106,
+ ECC_X448_OID = 362,
+ ECC_ED448_OID = 257,
+ ECC_SECP384R1_OID = 210,
+ ECC_BRAINPOOLP384R1_OID = 108,
+ ECC_BRAINPOOLP512R1_OID = 110,
+ ECC_SECP521R1_OID = 211,
+};
+
+
+/* Certificate file Type */
+enum CertType {
+ CERT_TYPE = 0,
+ PRIVATEKEY_TYPE,
+ DH_PARAM_TYPE,
+ DSA_PARAM_TYPE,
+ CRL_TYPE,
+ CA_TYPE,
+ ECC_PRIVATEKEY_TYPE,
+ DSA_PRIVATEKEY_TYPE,
+ CERTREQ_TYPE,
+ DSA_TYPE,
+ ECC_TYPE,
+ RSA_TYPE,
+ PUBLICKEY_TYPE,
+ RSA_PUBLICKEY_TYPE,
+ ECC_PUBLICKEY_TYPE,
+ TRUSTED_PEER_TYPE,
+ EDDSA_PRIVATEKEY_TYPE,
+ ED25519_TYPE,
+ ED448_TYPE,
+ PKCS12_TYPE,
+ PKCS8_PRIVATEKEY_TYPE,
+ PKCS8_ENC_PRIVATEKEY_TYPE,
+ DETECT_CERT_TYPE,
+ DH_PRIVATEKEY_TYPE,
+};
+
+
+/* Signature type, by OID sum */
+enum Ctc_SigType {
+ CTC_SHAwDSA = 517,
+ CTC_SHA256wDSA = 416,
+ CTC_MD2wRSA = 646,
+ CTC_MD5wRSA = 648,
+ CTC_SHAwRSA = 649,
+ CTC_SHAwECDSA = 520,
+ CTC_SHA224wRSA = 658,
+ CTC_SHA224wECDSA = 523,
+ CTC_SHA256wRSA = 655,
+ CTC_SHA256wECDSA = 524,
+ CTC_SHA384wRSA = 656,
+ CTC_SHA384wECDSA = 525,
+ CTC_SHA512wRSA = 657,
+ CTC_SHA512wECDSA = 526,
+
+ /* https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration */
+ CTC_SHA3_224wECDSA = 423,
+ CTC_SHA3_256wECDSA = 424,
+ CTC_SHA3_384wECDSA = 425,
+ CTC_SHA3_512wECDSA = 426,
+ CTC_SHA3_224wRSA = 427,
+ CTC_SHA3_256wRSA = 428,
+ CTC_SHA3_384wRSA = 429,
+ CTC_SHA3_512wRSA = 430,
+
+ CTC_ED25519 = 256,
+ CTC_ED448 = 257
+};
+
+enum Ctc_Encoding {
+ CTC_UTF8 = 0x0c, /* utf8 */
+ CTC_PRINTABLE = 0x13 /* printable */
+};
+
+#ifndef WC_CTC_NAME_SIZE
+ #define WC_CTC_NAME_SIZE 64
+#endif
+#ifndef WC_CTC_MAX_ALT_SIZE
+ #define WC_CTC_MAX_ALT_SIZE 16384
+#endif
+
+enum Ctc_Misc {
+ CTC_COUNTRY_SIZE = 2,
+ CTC_NAME_SIZE = WC_CTC_NAME_SIZE,
+ CTC_DATE_SIZE = 32,
+ CTC_MAX_ALT_SIZE = WC_CTC_MAX_ALT_SIZE, /* may be huge, default: 16384 */
+ CTC_SERIAL_SIZE = 20,
+ CTC_GEN_SERIAL_SZ = 16,
+#ifdef WOLFSSL_CERT_EXT
+ /* AKID could contains: hash + (Option) AuthCertIssuer,AuthCertSerialNum
+ * We support only hash */
+ CTC_MAX_SKID_SIZE = 32, /* SHA256_DIGEST_SIZE */
+ CTC_MAX_AKID_SIZE = 32, /* SHA256_DIGEST_SIZE */
+ CTC_MAX_CERTPOL_SZ = 64,
+ CTC_MAX_CERTPOL_NB = 2 /* Max number of Certificate Policy */
+#endif /* WOLFSSL_CERT_EXT */
+};
+
+/* DER buffer */
+typedef struct DerBuffer {
+ byte* buffer;
+ void* heap;
+ word32 length;
+ int type; /* enum CertType */
+ int dynType; /* DYNAMIC_TYPE_* */
+} DerBuffer;
+
+typedef struct WOLFSSL_ASN1_TIME {
+ unsigned char data[CTC_DATE_SIZE]; /* date bytes */
+ int length;
+ int type;
+} WOLFSSL_ASN1_TIME;
+
+enum {
+ IV_SZ = 32, /* max iv sz */
+ NAME_SZ = 80, /* max one line */
+
+ PEM_PASS_READ = 0,
+ PEM_PASS_WRITE = 1,
+};
+
+
+typedef int (pem_password_cb)(char* passwd, int sz, int rw, void* userdata);
+
+typedef struct EncryptedInfo {
+ pem_password_cb* passwd_cb;
+ void* passwd_userdata;
+
+ long consumed; /* tracks PEM bytes consumed */
+
+ int cipherType;
+ word32 keySz;
+ word32 ivSz; /* salt or encrypted IV size */
+
+ char name[NAME_SZ]; /* cipher name, such as "DES-CBC" */
+ byte iv[IV_SZ]; /* salt or encrypted IV */
+
+ word16 set:1; /* if encryption set */
+} EncryptedInfo;
+
+
+#define WOLFSSL_ASN1_INTEGER_MAX 20
+typedef struct WOLFSSL_ASN1_INTEGER {
+ /* size can be increased set at 20 for tag, length then to hold at least 16
+ * byte type */
+ unsigned char intData[WOLFSSL_ASN1_INTEGER_MAX];
+ /* ASN_INTEGER | LENGTH | hex of number */
+ unsigned char negative; /* negative number flag */
+
+ unsigned char* data;
+ unsigned int dataMax; /* max size of data buffer */
+ unsigned int isDynamic:1; /* flag for if data pointer dynamic (1 is yes 0 is no) */
+
+ int length;
+ int type;
+} WOLFSSL_ASN1_INTEGER;
+
+
+#if defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_CERT_EXT)
+#ifdef WOLFSSL_EKU_OID
+ #ifndef CTC_MAX_EKU_NB
+ #define CTC_MAX_EKU_NB 1
+ #endif
+ #ifndef CTC_MAX_EKU_OID_SZ
+ #define CTC_MAX_EKU_OID_SZ 30
+ #endif
+#else
+ #undef CTC_MAX_EKU_OID_SZ
+ #define CTC_MAX_EKU_OID_SZ 0
+#endif
+#endif /* WOLFSSL_CERT_GEN || WOLFSSL_CERT_EXT */
+
+#ifdef WOLFSSL_CERT_GEN
+
+#ifdef WOLFSSL_MULTI_ATTRIB
+#ifndef CTC_MAX_ATTRIB
+ #define CTC_MAX_ATTRIB 4
+#endif
+
+/* ASN Encoded Name field */
+typedef struct NameAttrib {
+ int sz; /* actual string value length */
+ int id; /* id of name */
+ int type; /* enc of name */
+ char value[CTC_NAME_SIZE]; /* name */
+} NameAttrib;
+#endif /* WOLFSSL_MULTI_ATTRIB */
+
+
+typedef struct CertName {
+ char country[CTC_NAME_SIZE];
+ char countryEnc;
+ char state[CTC_NAME_SIZE];
+ char stateEnc;
+ char locality[CTC_NAME_SIZE];
+ char localityEnc;
+ char sur[CTC_NAME_SIZE];
+ char surEnc;
+ char org[CTC_NAME_SIZE];
+ char orgEnc;
+ char unit[CTC_NAME_SIZE];
+ char unitEnc;
+ char commonName[CTC_NAME_SIZE];
+ char commonNameEnc;
+ char serialDev[CTC_NAME_SIZE];
+ char serialDevEnc;
+#ifdef WOLFSSL_CERT_EXT
+ char busCat[CTC_NAME_SIZE];
+ char busCatEnc;
+ char joiC[CTC_NAME_SIZE];
+ char joiCEnc;
+ char joiSt[CTC_NAME_SIZE];
+ char joiStEnc;
+#endif
+ char email[CTC_NAME_SIZE]; /* !!!! email has to be last !!!! */
+#ifdef WOLFSSL_MULTI_ATTRIB
+ NameAttrib name[CTC_MAX_ATTRIB];
+#endif
+} CertName;
+
+
+/* for user to fill for certificate generation */
+typedef struct Cert {
+ int version; /* x509 version */
+ byte serial[CTC_SERIAL_SIZE]; /* serial number */
+ int serialSz; /* serial size */
+ int sigType; /* signature algo type */
+ CertName issuer; /* issuer info */
+ int daysValid; /* validity days */
+ int selfSigned; /* self signed flag */
+ CertName subject; /* subject info */
+ int isCA; /* is this going to be a CA */
+ /* internal use only */
+ int bodySz; /* pre sign total size */
+ int keyType; /* public key type of subject */
+#ifdef WOLFSSL_ALT_NAMES
+ byte altNames[CTC_MAX_ALT_SIZE]; /* altNames copy */
+ int altNamesSz; /* altNames size in bytes */
+ byte beforeDate[CTC_DATE_SIZE]; /* before date copy */
+ int beforeDateSz; /* size of copy */
+ byte afterDate[CTC_DATE_SIZE]; /* after date copy */
+ int afterDateSz; /* size of copy */
+#endif
+#ifdef WOLFSSL_CERT_EXT
+ byte skid[CTC_MAX_SKID_SIZE]; /* Subject Key Identifier */
+ int skidSz; /* SKID size in bytes */
+ byte akid[CTC_MAX_AKID_SIZE]; /* Authority Key Identifier */
+ int akidSz; /* AKID size in bytes */
+ word16 keyUsage; /* Key Usage */
+ byte extKeyUsage; /* Extended Key Usage */
+#ifdef WOLFSSL_EKU_OID
+ /* Extended Key Usage OIDs */
+ byte extKeyUsageOID[CTC_MAX_EKU_NB][CTC_MAX_EKU_OID_SZ];
+ byte extKeyUsageOIDSz[CTC_MAX_EKU_NB];
+#endif
+ char certPolicies[CTC_MAX_CERTPOL_NB][CTC_MAX_CERTPOL_SZ];
+ word16 certPoliciesNb; /* Number of Cert Policy */
+#endif
+#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || \
+ defined(WOLFSSL_CERT_REQ)
+ byte issRaw[sizeof(CertName)]; /* raw issuer info */
+ byte sbjRaw[sizeof(CertName)]; /* raw subject info */
+#endif
+#ifdef WOLFSSL_CERT_REQ
+ char challengePw[CTC_NAME_SIZE];
+ int challengePwPrintableString; /* encode as PrintableString */
+#endif
+ void* decodedCert; /* internal DecodedCert allocated from heap */
+ byte* der; /* Pointer to buffer of current DecodedCert cache */
+ void* heap; /* heap hint */
+} Cert;
+
+
+/* Initialize and Set Certificate defaults:
+ version = 3 (0x2)
+ serial = 0 (Will be randomly generated)
+ sigType = SHA_WITH_RSA
+ issuer = blank
+ daysValid = 500
+ selfSigned = 1 (true) use subject as issuer
+ subject = blank
+ isCA = 0 (false)
+ keyType = RSA_KEY (default)
+*/
+WOLFSSL_API int wc_InitCert(Cert*);
+WOLFSSL_API int wc_MakeCert_ex(Cert* cert, byte* derBuffer, word32 derSz,
+ int keyType, void* key, WC_RNG* rng);
+WOLFSSL_API int wc_MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
+ ecc_key*, WC_RNG*);
+#ifdef WOLFSSL_CERT_REQ
+ WOLFSSL_API int wc_MakeCertReq_ex(Cert*, byte* derBuffer, word32 derSz,
+ int, void*);
+ WOLFSSL_API int wc_MakeCertReq(Cert*, byte* derBuffer, word32 derSz,
+ RsaKey*, ecc_key*);
+#endif
+WOLFSSL_API int wc_SignCert_ex(int requestSz, int sType, byte* buffer,
+ word32 buffSz, int keyType, void* key,
+ WC_RNG* rng);
+WOLFSSL_API int wc_SignCert(int requestSz, int sigType, byte* derBuffer,
+ word32 derSz, RsaKey*, ecc_key*, WC_RNG*);
+WOLFSSL_API int wc_MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
+ WC_RNG*);
+WOLFSSL_API int wc_SetIssuer(Cert*, const char*);
+WOLFSSL_API int wc_SetSubject(Cert*, const char*);
+#ifdef WOLFSSL_ALT_NAMES
+ WOLFSSL_API int wc_SetAltNames(Cert*, const char*);
+#endif
+
+#ifdef WOLFSSL_CERT_GEN_CACHE
+WOLFSSL_API void wc_SetCert_Free(Cert* cert);
+#endif
+
+WOLFSSL_API int wc_SetIssuerBuffer(Cert*, const byte*, int);
+WOLFSSL_API int wc_SetSubjectBuffer(Cert*, const byte*, int);
+WOLFSSL_API int wc_SetAltNamesBuffer(Cert*, const byte*, int);
+WOLFSSL_API int wc_SetDatesBuffer(Cert*, const byte*, int);
+
+#ifndef NO_ASN_TIME
+WOLFSSL_API int wc_GetCertDates(Cert* cert, struct tm* before,
+ struct tm* after);
+#endif
+
+#ifdef WOLFSSL_CERT_EXT
+WOLFSSL_API int wc_SetAuthKeyIdFromPublicKey_ex(Cert *cert, int keyType,
+ void* key);
+WOLFSSL_API int wc_SetAuthKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey,
+ ecc_key *eckey);
+WOLFSSL_API int wc_SetAuthKeyIdFromCert(Cert *cert, const byte *der, int derSz);
+WOLFSSL_API int wc_SetAuthKeyId(Cert *cert, const char* file);
+WOLFSSL_API int wc_SetSubjectKeyIdFromPublicKey_ex(Cert *cert, int keyType,
+ void* key);
+WOLFSSL_API int wc_SetSubjectKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey,
+ ecc_key *eckey);
+WOLFSSL_API int wc_SetSubjectKeyId(Cert *cert, const char* file);
+WOLFSSL_API int wc_GetSubjectRaw(byte **subjectRaw, Cert *cert);
+WOLFSSL_API int wc_SetSubjectRaw(Cert* cert, const byte* der, int derSz);
+WOLFSSL_API int wc_SetIssuerRaw(Cert* cert, const byte* der, int derSz);
+
+#ifdef HAVE_NTRU
+WOLFSSL_API int wc_SetSubjectKeyIdFromNtruPublicKey(Cert *cert, byte *ntruKey,
+ word16 ntruKeySz);
+#endif
+
+/* Set the KeyUsage.
+ * Value is a string separated tokens with ','. Accepted tokens are :
+ * digitalSignature,nonRepudiation,contentCommitment,keyCertSign,cRLSign,
+ * dataEncipherment,keyAgreement,keyEncipherment,encipherOnly and decipherOnly.
+ *
+ * nonRepudiation and contentCommitment are for the same usage.
+ */
+WOLFSSL_API int wc_SetKeyUsage(Cert *cert, const char *value);
+
+/* Set ExtendedKeyUsage
+ * Value is a string separated tokens with ','. Accepted tokens are :
+ * any,serverAuth,clientAuth,codeSigning,emailProtection,timeStamping,OCSPSigning
+ */
+WOLFSSL_API int wc_SetExtKeyUsage(Cert *cert, const char *value);
+
+
+#ifdef WOLFSSL_EKU_OID
+/* Set ExtendedKeyUsage with unique OID
+ * oid is expected to be in byte representation
+ */
+WOLFSSL_API int wc_SetExtKeyUsageOID(Cert *cert, const char *oid, word32 sz,
+ byte idx, void* heap);
+#endif /* WOLFSSL_EKU_OID */
+#endif /* WOLFSSL_CERT_EXT */
+
+ #ifdef HAVE_NTRU
+ WOLFSSL_API int wc_MakeNtruCert(Cert*, byte* derBuffer, word32 derSz,
+ const byte* ntruKey, word16 keySz,
+ WC_RNG*);
+ #endif
+
+#endif /* WOLFSSL_CERT_GEN */
+
+WOLFSSL_API int wc_GetDateInfo(const byte* certDate, int certDateSz,
+ const byte** date, byte* format, int* length);
+#ifndef NO_ASN_TIME
+WOLFSSL_API int wc_GetDateAsCalendarTime(const byte* date, int length,
+ byte format, struct tm* time);
+#endif
+
+#if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM)
+
+ WOLFSSL_API int wc_PemGetHeaderFooter(int type, const char** header,
+ const char** footer);
+
+#endif
+
+WOLFSSL_API int wc_AllocDer(DerBuffer** pDer, word32 length, int type, void* heap);
+WOLFSSL_API void wc_FreeDer(DerBuffer** pDer);
+
+#ifdef WOLFSSL_PEM_TO_DER
+ WOLFSSL_API int wc_PemToDer(const unsigned char* buff, long longSz, int type,
+ DerBuffer** pDer, void* heap, EncryptedInfo* info, int* eccKey);
+
+ WOLFSSL_API int wc_KeyPemToDer(const unsigned char*, int,
+ unsigned char*, int, const char*);
+ WOLFSSL_API int wc_CertPemToDer(const unsigned char*, int,
+ unsigned char*, int, int);
+#endif /* WOLFSSL_PEM_TO_DER */
+
+#if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER)
+ #ifndef NO_FILESYSTEM
+ WOLFSSL_API int wc_PemPubKeyToDer(const char* fileName,
+ unsigned char* derBuf, int derSz);
+ #endif
+
+ WOLFSSL_API int wc_PubKeyPemToDer(const unsigned char*, int,
+ unsigned char*, int);
+#endif /* WOLFSSL_CERT_EXT || WOLFSSL_PUB_PEM_TO_DER */
+
+#ifdef WOLFSSL_CERT_GEN
+ #ifndef NO_FILESYSTEM
+ WOLFSSL_API int wc_PemCertToDer(const char* fileName,
+ unsigned char* derBuf, int derSz);
+ #endif
+#endif /* WOLFSSL_CERT_GEN */
+
+#ifdef WOLFSSL_DER_TO_PEM
+ WOLFSSL_API int wc_DerToPem(const byte* der, word32 derSz, byte* output,
+ word32 outputSz, int type);
+ WOLFSSL_API int wc_DerToPemEx(const byte* der, word32 derSz, byte* output,
+ word32 outputSz, byte *cipherIno, int type);
+#endif
+
+#ifndef NO_RSA
+ #if !defined(HAVE_USER_RSA)
+ WOLFSSL_API int wc_RsaPublicKeyDecode_ex(const byte* input, word32* inOutIdx,
+ word32 inSz, const byte** n, word32* nSz, const byte** e, word32* eSz);
+ #endif
+ WOLFSSL_API int wc_RsaPublicKeyDerSize(RsaKey* key, int with_header);
+#endif
+
+#ifndef NO_DSA
+ /* DSA parameter DER helper functions */
+ WOLFSSL_API int wc_DsaParamsDecode(const byte* input, word32* inOutIdx,
+ DsaKey*, word32);
+ WOLFSSL_API int wc_DsaKeyToParamsDer(DsaKey* key, byte* output, word32 inLen);
+#endif
+
+#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
+WOLFSSL_LOCAL int wc_DhKeyToDer(DhKey* key, byte* output, word32* outSz, int exportPriv);
+WOLFSSL_API int wc_DhParamsToDer(DhKey* key, byte* out, word32* outSz);
+WOLFSSL_API int wc_DhPubKeyToDer(DhKey* key, byte* out, word32* outSz);
+WOLFSSL_API int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz);
+#endif
+
+#ifdef HAVE_ECC
+ /* private key helpers */
+ WOLFSSL_API int wc_EccPrivateKeyDecode(const byte*, word32*,
+ ecc_key*, word32);
+ WOLFSSL_API int wc_EccKeyToDer(ecc_key*, byte* output, word32 inLen);
+ WOLFSSL_API int wc_EccPrivateKeyToDer(ecc_key* key, byte* output,
+ word32 inLen);
+ WOLFSSL_API int wc_EccKeyDerSize(ecc_key*, int pub);
+ WOLFSSL_API int wc_EccPrivateKeyToPKCS8(ecc_key* key, byte* output,
+ word32* outLen);
+ WOLFSSL_API int wc_EccKeyToPKCS8(ecc_key* key, byte* output,
+ word32* outLen);
+
+ /* public key helper */
+ WOLFSSL_API int wc_EccPublicKeyDecode(const byte*, word32*,
+ ecc_key*, word32);
+ WOLFSSL_API int wc_EccPublicKeyToDer(ecc_key*, byte* output,
+ word32 inLen, int with_AlgCurve);
+ WOLFSSL_API int wc_EccPublicKeyDerSize(ecc_key*, int with_AlgCurve);
+#endif
+
+#ifdef HAVE_ED25519
+ /* private key helpers */
+ WOLFSSL_API int wc_Ed25519PrivateKeyDecode(const byte*, word32*,
+ ed25519_key*, word32);
+ WOLFSSL_API int wc_Ed25519KeyToDer(ed25519_key* key, byte* output,
+ word32 inLen);
+ WOLFSSL_API int wc_Ed25519PrivateKeyToDer(ed25519_key* key, byte* output,
+ word32 inLen);
+
+ /* public key helper */
+ WOLFSSL_API int wc_Ed25519PublicKeyDecode(const byte*, word32*,
+ ed25519_key*, word32);
+ #if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
+ WOLFSSL_API int wc_Ed25519PublicKeyToDer(ed25519_key*, byte* output,
+ word32 inLen, int with_AlgCurve);
+ #endif
+#endif
+
+#ifdef HAVE_ED448
+ /* private key helpers */
+ WOLFSSL_API int wc_Ed448PrivateKeyDecode(const byte*, word32*,
+ ed448_key*, word32);
+ WOLFSSL_API int wc_Ed448KeyToDer(ed448_key* key, byte* output,
+ word32 inLen);
+ WOLFSSL_API int wc_Ed448PrivateKeyToDer(ed448_key* key, byte* output,
+ word32 inLen);
+
+ /* public key helper */
+ WOLFSSL_API int wc_Ed448PublicKeyDecode(const byte*, word32*,
+ ed448_key*, word32);
+ #if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
+ WOLFSSL_API int wc_Ed448PublicKeyToDer(ed448_key*, byte* output,
+ word32 inLen, int with_AlgCurve);
+ #endif
+#endif
+
+/* DER encode signature */
+WOLFSSL_API word32 wc_EncodeSignature(byte* out, const byte* digest,
+ word32 digSz, int hashOID);
+WOLFSSL_API int wc_GetCTC_HashOID(int type);
+
+WOLFSSL_API int wc_GetPkcs8TraditionalOffset(byte* input,
+ word32* inOutIdx, word32 sz);
+WOLFSSL_API int wc_CreatePKCS8Key(byte* out, word32* outSz,
+ byte* key, word32 keySz, int algoID, const byte* curveOID,
+ word32 oidSz);
+WOLFSSL_API int wc_EncryptPKCS8Key(byte*, word32, byte*, word32*, const char*,
+ int, int, int, int, byte*, word32, int, WC_RNG*, void*);
+WOLFSSL_API int wc_DecryptPKCS8Key(byte*, word32, const char*, int);
+WOLFSSL_API int wc_CreateEncryptedPKCS8Key(byte*, word32, byte*, word32*,
+ const char*, int, int, int, int, byte*, word32, int, WC_RNG*, void*);
+
+#ifndef NO_ASN_TIME
+/* Time */
+/* Returns seconds (Epoch/UTC)
+ * timePtr: is "time_t", which is typically "long"
+ * Example:
+ long lTime;
+ rc = wc_GetTime(&lTime, (word32)sizeof(lTime));
+*/
+WOLFSSL_API int wc_GetTime(void* timePtr, word32 timeSize);
+#endif
+
+#ifdef WOLFSSL_ENCRYPTED_KEYS
+ WOLFSSL_API int wc_EncryptedInfoGet(EncryptedInfo* info,
+ const char* cipherInfo);
+#endif
+
+
+#ifdef WOLFSSL_CERT_PIV
+
+typedef struct _wc_CertPIV {
+ const byte* cert;
+ word32 certSz;
+ const byte* certErrDet;
+ word32 certErrDetSz;
+ const byte* nonce; /* Identiv Only */
+ word32 nonceSz; /* Identiv Only */
+ const byte* signedNonce; /* Identiv Only */
+ word32 signedNonceSz; /* Identiv Only */
+
+ /* flags */
+ word16 compression:2;
+ word16 isX509:1;
+ word16 isIdentiv:1;
+} wc_CertPIV;
+
+WOLFSSL_API int wc_ParseCertPIV(wc_CertPIV* cert, const byte* buf, word32 totalSz);
+#endif /* WOLFSSL_CERT_PIV */
+
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_ASN_PUBLIC_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/blake2-impl.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/blake2-impl.h
new file mode 100644
index 0000000..c6a4bec
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/blake2-impl.h
@@ -0,0 +1,155 @@
+/*
+ BLAKE2 reference source code package - reference C implementations
+
+ Written in 2012 by Samuel Neves <sneves@dei.uc.pt>
+
+ To the extent possible under law, the author(s) have dedicated all copyright
+ and related and neighboring rights to this software to the public domain
+ worldwide. This software is distributed without any warranty.
+
+ You should have received a copy of the CC0 Public Domain Dedication along with
+ this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
+*/
+/* blake2-impl.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+
+#ifndef WOLFCRYPT_BLAKE2_IMPL_H
+#define WOLFCRYPT_BLAKE2_IMPL_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+static WC_INLINE word32 load32( const void *src )
+{
+#if defined(LITTLE_ENDIAN_ORDER)
+ return *( word32 * )( src );
+#else
+ const byte *p = ( byte * )src;
+ word32 w = *p++;
+ w |= ( word32 )( *p++ ) << 8;
+ w |= ( word32 )( *p++ ) << 16;
+ w |= ( word32 )( *p++ ) << 24;
+ return w;
+#endif
+}
+
+static WC_INLINE word64 load64( const void *src )
+{
+#if defined(LITTLE_ENDIAN_ORDER)
+ return *( word64 * )( src );
+#else
+ const byte *p = ( byte * )src;
+ word64 w = *p++;
+ w |= ( word64 )( *p++ ) << 8;
+ w |= ( word64 )( *p++ ) << 16;
+ w |= ( word64 )( *p++ ) << 24;
+ w |= ( word64 )( *p++ ) << 32;
+ w |= ( word64 )( *p++ ) << 40;
+ w |= ( word64 )( *p++ ) << 48;
+ w |= ( word64 )( *p++ ) << 56;
+ return w;
+#endif
+}
+
+static WC_INLINE void store32( void *dst, word32 w )
+{
+#if defined(LITTLE_ENDIAN_ORDER)
+ *( word32 * )( dst ) = w;
+#else
+ byte *p = ( byte * )dst;
+ *p++ = ( byte )w; w >>= 8;
+ *p++ = ( byte )w; w >>= 8;
+ *p++ = ( byte )w; w >>= 8;
+ *p++ = ( byte )w;
+#endif
+}
+
+static WC_INLINE void store64( void *dst, word64 w )
+{
+#if defined(LITTLE_ENDIAN_ORDER) && !defined(WOLFSSL_GENERAL_ALIGNMENT)
+ *( word64 * )( dst ) = w;
+#else
+ byte *p = ( byte * )dst;
+ *p++ = ( byte )w; w >>= 8;
+ *p++ = ( byte )w; w >>= 8;
+ *p++ = ( byte )w; w >>= 8;
+ *p++ = ( byte )w; w >>= 8;
+ *p++ = ( byte )w; w >>= 8;
+ *p++ = ( byte )w; w >>= 8;
+ *p++ = ( byte )w; w >>= 8;
+ *p++ = ( byte )w;
+#endif
+}
+
+static WC_INLINE word64 load48( const void *src )
+{
+ const byte *p = ( const byte * )src;
+ word64 w = *p++;
+ w |= ( word64 )( *p++ ) << 8;
+ w |= ( word64 )( *p++ ) << 16;
+ w |= ( word64 )( *p++ ) << 24;
+ w |= ( word64 )( *p++ ) << 32;
+ w |= ( word64 )( *p++ ) << 40;
+ return w;
+}
+
+static WC_INLINE void store48( void *dst, word64 w )
+{
+ byte *p = ( byte * )dst;
+ *p++ = ( byte )w; w >>= 8;
+ *p++ = ( byte )w; w >>= 8;
+ *p++ = ( byte )w; w >>= 8;
+ *p++ = ( byte )w; w >>= 8;
+ *p++ = ( byte )w; w >>= 8;
+ *p++ = ( byte )w;
+}
+
+static WC_INLINE word32 rotl32( const word32 w, const unsigned c )
+{
+ return ( w << c ) | ( w >> ( 32 - c ) );
+}
+
+static WC_INLINE word64 rotl64( const word64 w, const unsigned c )
+{
+ return ( w << c ) | ( w >> ( 64 - c ) );
+}
+
+static WC_INLINE word32 rotr32( const word32 w, const unsigned c )
+{
+ return ( w >> c ) | ( w << ( 32 - c ) );
+}
+
+static WC_INLINE word64 rotr64( const word64 w, const unsigned c )
+{
+ return ( w >> c ) | ( w << ( 64 - c ) );
+}
+
+/* prevents compiler optimizing out memset() */
+static WC_INLINE void secure_zero_memory( void *v, word64 n )
+{
+ volatile byte *p = ( volatile byte * )v;
+
+ while( n-- ) *p++ = 0;
+}
+
+#endif /* WOLFCRYPT_BLAKE2_IMPL_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/blake2-int.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/blake2-int.h
new file mode 100644
index 0000000..be280db
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/blake2-int.h
@@ -0,0 +1,174 @@
+/*
+ BLAKE2 reference source code package - reference C implementations
+
+ Written in 2012 by Samuel Neves <sneves@dei.uc.pt>
+
+ To the extent possible under law, the author(s) have dedicated all copyright
+ and related and neighboring rights to this software to the public domain
+ worldwide. This software is distributed without any warranty.
+
+ You should have received a copy of the CC0 Public Domain Dedication along with
+ this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
+*/
+/* blake2-int.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+
+
+#ifndef WOLFCRYPT_BLAKE2_INT_H
+#define WOLFCRYPT_BLAKE2_INT_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#if defined(__cplusplus)
+ extern "C" {
+#endif
+
+ enum blake2s_constant
+ {
+ BLAKE2S_BLOCKBYTES = 64,
+ BLAKE2S_OUTBYTES = 32,
+ BLAKE2S_KEYBYTES = 32,
+ BLAKE2S_SALTBYTES = 8,
+ BLAKE2S_PERSONALBYTES = 8
+ };
+
+ enum blake2b_constant
+ {
+ BLAKE2B_BLOCKBYTES = 128,
+ BLAKE2B_OUTBYTES = 64,
+ BLAKE2B_KEYBYTES = 64,
+ BLAKE2B_SALTBYTES = 16,
+ BLAKE2B_PERSONALBYTES = 16
+ };
+
+#pragma pack(push, 1)
+ typedef struct __blake2s_param
+ {
+ byte digest_length; /* 1 */
+ byte key_length; /* 2 */
+ byte fanout; /* 3 */
+ byte depth; /* 4 */
+ word32 leaf_length; /* 8 */
+ byte node_offset[6];/* 14 */
+ byte node_depth; /* 15 */
+ byte inner_length; /* 16 */
+ /* byte reserved[0]; */
+ byte salt[BLAKE2B_SALTBYTES]; /* 24 */
+ byte personal[BLAKE2S_PERSONALBYTES]; /* 32 */
+ } blake2s_param;
+
+ typedef struct ALIGN32 __blake2s_state
+ {
+ word32 h[8];
+ word32 t[2];
+ word32 f[2];
+ byte buf[2 * BLAKE2S_BLOCKBYTES];
+ word32 buflen;
+ byte last_node;
+ } blake2s_state ;
+
+ typedef struct __blake2b_param
+ {
+ byte digest_length; /* 1 */
+ byte key_length; /* 2 */
+ byte fanout; /* 3 */
+ byte depth; /* 4 */
+ word32 leaf_length; /* 8 */
+ word64 node_offset; /* 16 */
+ byte node_depth; /* 17 */
+ byte inner_length; /* 18 */
+ byte reserved[14]; /* 32 */
+ byte salt[BLAKE2B_SALTBYTES]; /* 48 */
+ byte personal[BLAKE2B_PERSONALBYTES]; /* 64 */
+ } blake2b_param;
+
+ typedef struct ALIGN64 __blake2b_state
+ {
+ word64 h[8];
+ word64 t[2];
+ word64 f[2];
+ byte buf[2 * BLAKE2B_BLOCKBYTES];
+ word64 buflen;
+ byte last_node;
+ } blake2b_state;
+
+ typedef struct __blake2sp_state
+ {
+ blake2s_state S[8][1];
+ blake2s_state R[1];
+ byte buf[8 * BLAKE2S_BLOCKBYTES];
+ word32 buflen;
+ } blake2sp_state;
+
+ typedef struct __blake2bp_state
+ {
+ blake2b_state S[4][1];
+ blake2b_state R[1];
+ byte buf[4 * BLAKE2B_BLOCKBYTES];
+ word64 buflen;
+ } blake2bp_state;
+#pragma pack(pop)
+
+ /* Streaming API */
+ int blake2s_init( blake2s_state *S, const byte outlen );
+ int blake2s_init_key( blake2s_state *S, const byte outlen, const void *key, const byte keylen );
+ int blake2s_init_param( blake2s_state *S, const blake2s_param *P );
+ int blake2s_update( blake2s_state *S, const byte *in, word32 inlen );
+ int blake2s_final( blake2s_state *S, byte *out, byte outlen );
+
+ int blake2b_init( blake2b_state *S, const byte outlen );
+ int blake2b_init_key( blake2b_state *S, const byte outlen, const void *key, const byte keylen );
+ int blake2b_init_param( blake2b_state *S, const blake2b_param *P );
+ int blake2b_update( blake2b_state *S, const byte *in, word64 inlen );
+ int blake2b_final( blake2b_state *S, byte *out, byte outlen );
+
+ int blake2sp_init( blake2sp_state *S, const byte outlen );
+ int blake2sp_init_key( blake2sp_state *S, const byte outlen, const void *key, const byte keylen );
+ int blake2sp_update( blake2sp_state *S, const byte *in, word32 inlen );
+ int blake2sp_final( blake2sp_state *S, byte *out, byte outlen );
+
+ int blake2bp_init( blake2bp_state *S, const byte outlen );
+ int blake2bp_init_key( blake2bp_state *S, const byte outlen, const void *key, const byte keylen );
+ int blake2bp_update( blake2bp_state *S, const byte *in, word64 inlen );
+ int blake2bp_final( blake2bp_state *S, byte *out, byte outlen );
+
+ /* Simple API */
+ int blake2s( byte *out, const void *in, const void *key, const byte outlen, const word32 inlen, byte keylen );
+ int blake2b( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen );
+
+ int blake2sp( byte *out, const void *in, const void *key, const byte outlen, const word32 inlen, byte keylen );
+ int blake2bp( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen );
+
+ static WC_INLINE int blake2( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen )
+ {
+ return blake2b( out, in, key, outlen, inlen, keylen );
+ }
+
+
+
+#if defined(__cplusplus)
+ }
+#endif
+
+#endif /* WOLFCRYPT_BLAKE2_INT_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/blake2.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/blake2.h
new file mode 100644
index 0000000..cdcb066
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/blake2.h
@@ -0,0 +1,98 @@
+/* blake2.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/blake2.h
+*/
+
+#ifndef WOLF_CRYPT_BLAKE2_H
+#define WOLF_CRYPT_BLAKE2_H
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#if defined(HAVE_BLAKE2) || defined(HAVE_BLAKE2S)
+
+#include <wolfssl/wolfcrypt/blake2-int.h>
+
+/* call old functions if using fips for the sake of hmac @wc_fips */
+#ifdef HAVE_FIPS
+ /* Since hmac can call blake functions provide original calls */
+ #define wc_InitBlake2b InitBlake2b
+ #define wc_Blake2bUpdate Blake2bUpdate
+ #define wc_Blake2bFinal Blake2bFinal
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* in bytes, variable digest size up to 512 bits (64 bytes) */
+enum {
+#ifdef HAVE_BLAKE2B
+ BLAKE2B_ID = WC_HASH_TYPE_BLAKE2B,
+ BLAKE2B_256 = 32, /* 256 bit type, SSL default */
+#endif
+#ifdef HAVE_BLAKE2S
+ BLAKE2S_ID = WC_HASH_TYPE_BLAKE2S,
+ BLAKE2S_256 = 32 /* 256 bit type */
+#endif
+};
+
+
+#ifdef HAVE_BLAKE2B
+/* BLAKE2b digest */
+typedef struct Blake2b {
+ blake2b_state S[1]; /* our state */
+ word32 digestSz; /* digest size used on init */
+} Blake2b;
+#endif
+
+#ifdef HAVE_BLAKE2S
+/* BLAKE2s digest */
+typedef struct Blake2s {
+ blake2s_state S[1]; /* our state */
+ word32 digestSz; /* digest size used on init */
+} Blake2s;
+#endif
+
+
+#ifdef HAVE_BLAKE2B
+WOLFSSL_API int wc_InitBlake2b(Blake2b*, word32);
+WOLFSSL_API int wc_InitBlake2b_WithKey(Blake2b*, word32, const byte *, word32);
+WOLFSSL_API int wc_Blake2bUpdate(Blake2b*, const byte*, word32);
+WOLFSSL_API int wc_Blake2bFinal(Blake2b*, byte*, word32);
+#endif
+
+#ifdef HAVE_BLAKE2S
+WOLFSSL_API int wc_InitBlake2s(Blake2s*, word32);
+WOLFSSL_API int wc_InitBlake2s_WithKey(Blake2s*, word32, const byte *, word32);
+WOLFSSL_API int wc_Blake2sUpdate(Blake2s*, const byte*, word32);
+WOLFSSL_API int wc_Blake2sFinal(Blake2s*, byte*, word32);
+#endif
+
+
+#ifdef __cplusplus
+ }
+#endif
+
+#endif /* HAVE_BLAKE2 || HAVE_BLAKE2S */
+#endif /* WOLF_CRYPT_BLAKE2_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/camellia.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/camellia.h
new file mode 100644
index 0000000..7ef0270
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/camellia.h
@@ -0,0 +1,101 @@
+/* camellia.h ver 1.2.0
+ *
+ * Copyright (c) 2006,2007
+ * NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer as
+ * the first lines of this file unmodified.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* camellia.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/camellia.h
+*/
+
+
+#ifndef WOLF_CRYPT_CAMELLIA_H
+#define WOLF_CRYPT_CAMELLIA_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef HAVE_CAMELLIA
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+enum {
+ CAMELLIA_BLOCK_SIZE = 16
+};
+
+#define CAMELLIA_TABLE_BYTE_LEN 272
+#define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / sizeof(word32))
+
+typedef word32 KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN];
+
+typedef struct Camellia {
+ word32 keySz;
+ KEY_TABLE_TYPE key;
+ word32 reg[CAMELLIA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
+ word32 tmp[CAMELLIA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
+} Camellia;
+
+
+WOLFSSL_API int wc_CamelliaSetKey(Camellia* cam,
+ const byte* key, word32 len, const byte* iv);
+WOLFSSL_API int wc_CamelliaSetIV(Camellia* cam, const byte* iv);
+WOLFSSL_API int wc_CamelliaEncryptDirect(Camellia* cam, byte* out,
+ const byte* in);
+WOLFSSL_API int wc_CamelliaDecryptDirect(Camellia* cam, byte* out,
+ const byte* in);
+WOLFSSL_API int wc_CamelliaCbcEncrypt(Camellia* cam,
+ byte* out, const byte* in, word32 sz);
+WOLFSSL_API int wc_CamelliaCbcDecrypt(Camellia* cam,
+ byte* out, const byte* in, word32 sz);
+
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* HAVE_CAMELLIA */
+#endif /* WOLF_CRYPT_CAMELLIA_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/chacha.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/chacha.h
new file mode 100644
index 0000000..0d84c5b
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/chacha.h
@@ -0,0 +1,115 @@
+/* chacha.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+/*
+
+DESCRIPTION
+This library contains implementation for the ChaCha20 stream cipher.
+
+*/
+/*!
+ \file wolfssl/wolfcrypt/chacha.h
+*/
+
+
+#ifndef WOLF_CRYPT_CHACHA_H
+#define WOLF_CRYPT_CHACHA_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef HAVE_CHACHA
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/*
+Initialization vector starts at 13 with zero being the index origin of a matrix.
+Block counter is located at index 12.
+ 0 1 2 3
+ 4 5 6 7
+ 8 9 10 11
+ 12 13 14 15
+*/
+#define CHACHA_MATRIX_CNT_IV 12
+
+/* Size of the IV */
+#define CHACHA_IV_WORDS 3
+
+/* Size of IV in bytes*/
+#define CHACHA_IV_BYTES 12
+#ifdef HAVE_XCHACHA
+#define XCHACHA_NONCE_BYTES 24
+#endif
+
+/* Size of ChaCha chunks */
+#define CHACHA_CHUNK_WORDS 16
+#define CHACHA_CHUNK_BYTES (CHACHA_CHUNK_WORDS * sizeof(word32))
+
+#ifdef WOLFSSL_X86_64_BUILD
+#if defined(USE_INTEL_SPEEDUP) && !defined(NO_CHACHA_ASM)
+ #define USE_INTEL_CHACHA_SPEEDUP
+ #define HAVE_INTEL_AVX1
+#endif
+#endif
+
+enum {
+ CHACHA_ENC_TYPE = WC_CIPHER_CHACHA, /* cipher unique type */
+ CHACHA_MAX_KEY_SZ = 32,
+};
+
+typedef struct ChaCha {
+ word32 X[CHACHA_CHUNK_WORDS]; /* state of cipher */
+#ifdef HAVE_INTEL_AVX1
+ /* vpshufd reads 16 bytes but we only use bottom 4. */
+ byte extra[12];
+#endif
+ word32 left; /* number of bytes leftover */
+#if defined(USE_INTEL_CHACHA_SPEEDUP) || defined(WOLFSSL_ARMASM)
+ word32 over[CHACHA_CHUNK_WORDS];
+#endif
+} ChaCha;
+
+/**
+ * IV(nonce) changes with each record
+ * counter is for what value the block counter should start ... usually 0
+ */
+WOLFSSL_API int wc_Chacha_SetIV(ChaCha* ctx, const byte* inIv, word32 counter);
+
+WOLFSSL_API int wc_Chacha_Process(ChaCha* ctx, byte* cipher, const byte* plain,
+ word32 msglen);
+
+WOLFSSL_LOCAL void wc_Chacha_purge_current_block(ChaCha* ctx);
+
+WOLFSSL_API int wc_Chacha_SetKey(ChaCha* ctx, const byte* key, word32 keySz);
+
+#ifdef HAVE_XCHACHA
+WOLFSSL_API int wc_XChacha_SetKey(ChaCha *ctx, const byte *key, word32 keySz,
+ const byte *nonce, word32 nonceSz,
+ word32 counter);
+#endif
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* HAVE_CHACHA */
+#endif /* WOLF_CRYPT_CHACHA_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/chacha20_poly1305.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/chacha20_poly1305.h
new file mode 100644
index 0000000..44631bf
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/chacha20_poly1305.h
@@ -0,0 +1,157 @@
+/* chacha20_poly1305.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+/*
+
+DESCRIPTION
+This library contains implementation for the ChaCha20 stream cipher and
+the Poly1305 authenticator, both as as combined-mode,
+or Authenticated Encryption with Additional Data (AEAD) algorithm.
+
+*/
+
+/*!
+ \file wolfssl/wolfcrypt/chacha20_poly1305.h
+*/
+
+#ifndef WOLF_CRYPT_CHACHA20_POLY1305_H
+#define WOLF_CRYPT_CHACHA20_POLY1305_H
+
+#include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/chacha.h>
+#include <wolfssl/wolfcrypt/poly1305.h>
+
+#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#define CHACHA20_POLY1305_AEAD_KEYSIZE 32
+#define CHACHA20_POLY1305_AEAD_IV_SIZE 12
+#define CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE 16
+#define CHACHA20_POLY1305_MAX 4294967295U
+#define XCHACHA20_POLY1305_AEAD_NONCE_SIZE 24
+
+enum {
+ CHACHA20_POLY_1305_ENC_TYPE = 8, /* cipher unique type */
+
+ /* AEAD Cipher Direction */
+ CHACHA20_POLY1305_AEAD_DECRYPT = 0,
+ CHACHA20_POLY1305_AEAD_ENCRYPT = 1,
+
+ /* AEAD State */
+ CHACHA20_POLY1305_STATE_INIT = 0,
+ CHACHA20_POLY1305_STATE_READY = 1,
+ CHACHA20_POLY1305_STATE_AAD = 2,
+ CHACHA20_POLY1305_STATE_DATA = 3,
+};
+
+typedef struct ChaChaPoly_Aead {
+ ChaCha chacha;
+ Poly1305 poly;
+
+ word32 aadLen;
+ word32 dataLen;
+
+ byte state;
+ byte isEncrypt:1;
+} ChaChaPoly_Aead;
+
+
+/*
+ * The IV for this implementation is 96 bits to give the most flexibility.
+ *
+ * Some protocols may have unique per-invocation inputs that are not
+ * 96-bit in length. For example, IPsec may specify a 64-bit nonce. In
+ * such a case, it is up to the protocol document to define how to
+ * transform the protocol nonce into a 96-bit nonce, for example by
+ * concatenating a constant value.
+ */
+
+WOLFSSL_API
+int wc_ChaCha20Poly1305_Encrypt(
+ const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE],
+ const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE],
+ const byte* inAAD, const word32 inAADLen,
+ const byte* inPlaintext, const word32 inPlaintextLen,
+ byte* outCiphertext,
+ byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]);
+
+WOLFSSL_API
+int wc_ChaCha20Poly1305_Decrypt(
+ const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE],
+ const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE],
+ const byte* inAAD, const word32 inAADLen,
+ const byte* inCiphertext, const word32 inCiphertextLen,
+ const byte inAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE],
+ byte* outPlaintext);
+
+WOLFSSL_API
+int wc_ChaCha20Poly1305_CheckTag(
+ const byte authTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE],
+ const byte authTagChk[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]);
+
+
+
+/* Implementation of AEAD, which includes support for adding
+ data, then final calculation of authentication tag */
+WOLFSSL_API int wc_ChaCha20Poly1305_Init(ChaChaPoly_Aead* aead,
+ const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE],
+ const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE],
+ int isEncrypt);
+WOLFSSL_API int wc_ChaCha20Poly1305_UpdateAad(ChaChaPoly_Aead* aead,
+ const byte* inAAD, word32 inAADLen);
+WOLFSSL_API int wc_ChaCha20Poly1305_UpdateData(ChaChaPoly_Aead* aead,
+ const byte* inData, byte* outData, word32 dataLen);
+WOLFSSL_API int wc_ChaCha20Poly1305_Final(ChaChaPoly_Aead* aead,
+ byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]);
+
+#ifdef HAVE_XCHACHA
+
+WOLFSSL_API int wc_XChaCha20Poly1305_Init(
+ ChaChaPoly_Aead* aead,
+ const byte *ad, word32 ad_len,
+ const byte *inKey, word32 inKeySz,
+ const byte *inIV, word32 inIVSz,
+ int isEncrypt);
+
+WOLFSSL_API int wc_XChaCha20Poly1305_Encrypt(
+ byte *dst, const size_t dst_space,
+ const byte *src, const size_t src_len,
+ const byte *ad, const size_t ad_len,
+ const byte *nonce, const size_t nonce_len,
+ const byte *key, const size_t key_len);
+
+WOLFSSL_API int wc_XChaCha20Poly1305_Decrypt(
+ byte *dst, const size_t dst_space,
+ const byte *src, const size_t src_len,
+ const byte *ad, const size_t ad_len,
+ const byte *nonce, const size_t nonce_len,
+ const byte *key, const size_t key_len);
+
+#endif /* HAVE_XCHACHA */
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* HAVE_CHACHA && HAVE_POLY1305 */
+#endif /* WOLF_CRYPT_CHACHA20_POLY1305_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/cmac.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/cmac.h
new file mode 100644
index 0000000..9519af9
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/cmac.h
@@ -0,0 +1,113 @@
+/* cmac.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+#ifndef WOLF_CRYPT_CMAC_H
+#define WOLF_CRYPT_CMAC_H
+
+#include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/aes.h>
+
+#if !defined(NO_AES) && defined(WOLFSSL_CMAC)
+
+#if defined(HAVE_FIPS) && \
+ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
+ #include <wolfssl/wolfcrypt/fips.h>
+#endif /* HAVE_FIPS_VERSION >= 2 */
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* avoid redefinition of structs */
+#if !defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
+
+#ifndef WC_CMAC_TYPE_DEFINED
+ typedef struct Cmac Cmac;
+ #define WC_CMAC_TYPE_DEFINED
+#endif
+struct Cmac {
+ Aes aes;
+ byte buffer[AES_BLOCK_SIZE]; /* partially stored block */
+ byte digest[AES_BLOCK_SIZE]; /* running digest */
+ byte k1[AES_BLOCK_SIZE];
+ byte k2[AES_BLOCK_SIZE];
+ word32 bufferSz;
+ word32 totalSz;
+#ifdef WOLF_CRYPTO_CB
+ int devId;
+ void* devCtx;
+ #ifdef WOLFSSL_QNX_CAAM
+ byte ctx[32]; /* hold state for save and return */
+ word32 blackKey;
+ word32 keylen;
+ byte initialized;
+ #endif
+#endif
+};
+
+
+
+typedef enum CmacType {
+ WC_CMAC_AES = 1
+} CmacType;
+
+#define WC_CMAC_TAG_MAX_SZ AES_BLOCK_SIZE
+#define WC_CMAC_TAG_MIN_SZ (AES_BLOCK_SIZE/4)
+
+#endif /* HAVE_FIPS */
+
+WOLFSSL_API
+int wc_InitCmac(Cmac* cmac,
+ const byte* key, word32 keySz,
+ int type, void* unused);
+
+WOLFSSL_API
+int wc_InitCmac_ex(Cmac* cmac,
+ const byte* key, word32 keySz,
+ int type, void* unused, void* heap, int devId);
+
+WOLFSSL_API
+int wc_CmacUpdate(Cmac* cmac,
+ const byte* in, word32 inSz);
+WOLFSSL_API
+int wc_CmacFinal(Cmac* cmac,
+ byte* out, word32* outSz);
+
+WOLFSSL_API
+int wc_AesCmacGenerate(byte* out, word32* outSz,
+ const byte* in, word32 inSz,
+ const byte* key, word32 keySz);
+
+WOLFSSL_API
+int wc_AesCmacVerify(const byte* check, word32 checkSz,
+ const byte* in, word32 inSz,
+ const byte* key, word32 keySz);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+
+#endif /* NO_AES && WOLFSSL_CMAC */
+#endif /* WOLF_CRYPT_CMAC_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/coding.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/coding.h
new file mode 100644
index 0000000..bcc4c5b
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/coding.h
@@ -0,0 +1,90 @@
+/* coding.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/coding.h
+*/
+
+#ifndef WOLF_CRYPT_CODING_H
+#define WOLF_CRYPT_CODING_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+
+WOLFSSL_API int Base64_Decode(const byte* in, word32 inLen, byte* out,
+ word32* outLen);
+
+#if defined(OPENSSL_EXTRA) || defined(SESSION_CERTS) || defined(WOLFSSL_KEY_GEN) \
+ || defined(WOLFSSL_CERT_GEN) || defined(HAVE_WEBSERVER) || !defined(NO_DSA)
+ #ifndef WOLFSSL_BASE64_ENCODE
+ #define WOLFSSL_BASE64_ENCODE
+ #endif
+#endif
+
+
+#ifdef WOLFSSL_BASE64_ENCODE
+ enum Escaped {
+ WC_STD_ENC = 0, /* normal \n line ending encoding */
+ WC_ESC_NL_ENC, /* use escape sequence encoding */
+ WC_NO_NL_ENC /* no encoding at all */
+ }; /* Encoding types */
+
+ /* encode isn't */
+ WOLFSSL_API
+ int Base64_Encode(const byte* in, word32 inLen, byte* out,
+ word32* outLen);
+ WOLFSSL_API
+ int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out,
+ word32* outLen);
+ WOLFSSL_API
+ int Base64_Encode_NoNl(const byte* in, word32 inLen, byte* out,
+ word32* outLen);
+#endif
+
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
+ defined(HAVE_WEBSERVER) || defined(HAVE_FIPS) || \
+ defined(HAVE_ECC_CDH) || defined(HAVE_SELFTEST) || \
+ defined(WOLFSSL_ENCRYPTED_KEYS)
+ #ifndef WOLFSSL_BASE16
+ #define WOLFSSL_BASE16
+ #endif
+#endif
+
+#ifdef WOLFSSL_BASE16
+ WOLFSSL_API
+ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen);
+ WOLFSSL_API
+ int Base16_Encode(const byte* in, word32 inLen, byte* out, word32* outLen);
+#endif
+
+ WOLFSSL_LOCAL int Base64_SkipNewline(const byte* in, word32* inLen,
+ word32* outJ);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_CODING_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/compress.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/compress.h
new file mode 100644
index 0000000..985f1e0
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/compress.h
@@ -0,0 +1,60 @@
+/* compress.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/compress.h
+*/
+
+
+#ifndef WOLF_CRYPT_COMPRESS_H
+#define WOLF_CRYPT_COMPRESS_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef HAVE_LIBZ
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+
+#define COMPRESS_FIXED 1
+
+#define LIBZ_WINBITS_GZIP 16
+
+
+WOLFSSL_API int wc_Compress(byte*, word32, const byte*, word32, word32);
+WOLFSSL_API int wc_Compress_ex(byte* out, word32 outSz, const byte* in,
+ word32 inSz, word32 flags, word32 windowBits);
+WOLFSSL_API int wc_DeCompress(byte*, word32, const byte*, word32);
+WOLFSSL_API int wc_DeCompress_ex(byte* out, word32 outSz, const byte* in,
+ word32 inSz, int windowBits);
+WOLFSSL_API int wc_DeCompressDynamic(byte** out, int max, int memoryType,
+ const byte* in, word32 inSz, int windowBits, void* heap);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+
+#endif /* HAVE_LIBZ */
+#endif /* WOLF_CRYPT_COMPRESS_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/cpuid.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/cpuid.h
new file mode 100644
index 0000000..91a725b
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/cpuid.h
@@ -0,0 +1,72 @@
+/* cpuid.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+
+#ifndef WOLF_CRYPT_CPUID_H
+#define WOLF_CRYPT_CPUID_H
+
+
+#include <wolfssl/wolfcrypt/types.h>
+
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#if (defined(WOLFSSL_X86_64_BUILD) || defined(USE_INTEL_SPEEDUP) || \
+ defined(WOLFSSL_AESNI) || defined(WOLFSSL_SP_X86_64_ASM)) && \
+ !defined(WOLFSSL_NO_ASM)
+
+ #define CPUID_AVX1 0x0001
+ #define CPUID_AVX2 0x0002
+ #define CPUID_RDRAND 0x0004
+ #define CPUID_RDSEED 0x0008
+ #define CPUID_BMI2 0x0010 /* MULX, RORX */
+ #define CPUID_AESNI 0x0020
+ #define CPUID_ADX 0x0040 /* ADCX, ADOX */
+ #define CPUID_MOVBE 0x0080 /* Move and byte swap */
+
+ #define IS_INTEL_AVX1(f) ((f) & CPUID_AVX1)
+ #define IS_INTEL_AVX2(f) ((f) & CPUID_AVX2)
+ #define IS_INTEL_RDRAND(f) ((f) & CPUID_RDRAND)
+ #define IS_INTEL_RDSEED(f) ((f) & CPUID_RDSEED)
+ #define IS_INTEL_BMI2(f) ((f) & CPUID_BMI2)
+ #define IS_INTEL_AESNI(f) ((f) & CPUID_AESNI)
+ #define IS_INTEL_ADX(f) ((f) & CPUID_ADX)
+ #define IS_INTEL_MOVBE(f) ((f) & CPUID_MOVBE)
+
+ void cpuid_set_flags(void);
+ word32 cpuid_get_flags(void);
+
+ /* Public APIs to modify flags. */
+ WOLFSSL_API void cpuid_select_flags(word32 flags);
+ WOLFSSL_API void cpuid_set_flag(word32 flag);
+ WOLFSSL_API void cpuid_clear_flag(word32 flag);
+
+#endif
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+
+#endif /* WOLF_CRYPT_CPUID_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/cryptocb.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/cryptocb.h
new file mode 100644
index 0000000..7b17533
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/cryptocb.h
@@ -0,0 +1,425 @@
+/* cryptocb.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef _WOLF_CRYPTO_CB_H_
+#define _WOLF_CRYPTO_CB_H_
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* Defines the Crypto Callback interface version, for compatibility */
+/* Increment this when Crypto Callback interface changes are made */
+#define CRYPTO_CB_VER 2
+
+
+#ifdef WOLF_CRYPTO_CB
+
+#ifndef NO_RSA
+ #include <wolfssl/wolfcrypt/rsa.h>
+#endif
+#ifdef HAVE_ECC
+ #include <wolfssl/wolfcrypt/ecc.h>
+#endif
+#ifndef NO_AES
+ #include <wolfssl/wolfcrypt/aes.h>
+#endif
+#ifndef NO_SHA
+ #include <wolfssl/wolfcrypt/sha.h>
+#endif
+#ifndef NO_SHA256
+ #include <wolfssl/wolfcrypt/sha256.h>
+#endif
+#ifndef NO_HMAC
+ #include <wolfssl/wolfcrypt/hmac.h>
+#endif
+#ifndef WC_NO_RNG
+ #include <wolfssl/wolfcrypt/random.h>
+#endif
+#ifndef NO_DES3
+ #include <wolfssl/wolfcrypt/des3.h>
+#endif
+#ifdef WOLFSSL_CMAC
+ #include <wolfssl/wolfcrypt/cmac.h>
+#endif
+#ifdef HAVE_ED25519
+ #include <wolfssl/wolfcrypt/ed25519.h>
+#endif
+#ifdef HAVE_CURVE25519
+ #include <wolfssl/wolfcrypt/curve25519.h>
+#endif
+#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
+ #include <wolfssl/wolfcrypt/sha512.h>
+#endif
+
+/* Crypto Information Structure for callbacks */
+typedef struct wc_CryptoInfo {
+ int algo_type; /* enum wc_AlgoType */
+#if !defined(NO_RSA) || defined(HAVE_ECC)
+ struct {
+ int type; /* enum wc_PkType */
+ union {
+ #ifndef NO_RSA
+ struct {
+ const byte* in;
+ word32 inLen;
+ byte* out;
+ word32* outLen;
+ int type;
+ RsaKey* key;
+ WC_RNG* rng;
+ } rsa;
+ #ifdef WOLFSSL_KEY_GEN
+ struct {
+ RsaKey* key;
+ int size;
+ long e;
+ WC_RNG* rng;
+ } rsakg;
+ #endif
+ struct {
+ RsaKey* key;
+ const byte* pubKey;
+ word32 pubKeySz;
+ } rsa_check;
+ #endif
+ #ifdef HAVE_ECC
+ struct {
+ WC_RNG* rng;
+ int size;
+ ecc_key* key;
+ int curveId;
+ } eckg;
+ struct {
+ ecc_key* private_key;
+ ecc_key* public_key;
+ byte* out;
+ word32* outlen;
+ } ecdh;
+ struct {
+ const byte* in;
+ word32 inlen;
+ byte* out;
+ word32* outlen;
+ WC_RNG* rng;
+ ecc_key* key;
+ } eccsign;
+ struct {
+ const byte* sig;
+ word32 siglen;
+ const byte* hash;
+ word32 hashlen;
+ int* res;
+ ecc_key* key;
+ } eccverify;
+ struct {
+ ecc_key* key;
+ const byte* pubKey;
+ word32 pubKeySz;
+ } ecc_check;
+ #endif
+ #ifdef HAVE_CURVE25519
+ struct {
+ WC_RNG* rng;
+ int size;
+ curve25519_key* key;
+ int curveId;
+ } curve25519kg;
+ struct {
+ curve25519_key* private_key;
+ curve25519_key* public_key;
+ byte* out;
+ word32* outlen;
+ int endian;
+ } curve25519;
+ #endif
+ #ifdef HAVE_ED25519
+ struct {
+ WC_RNG* rng;
+ int size;
+ ed25519_key* key;
+ int curveId;
+ } ed25519kg;
+ struct {
+ const byte* in;
+ word32 inLen;
+ byte* out;
+ word32* outLen;
+ ed25519_key* key;
+ byte type;
+ const byte* context;
+ byte contextLen;
+ } ed25519sign;
+ struct {
+ const byte* sig;
+ word32 sigLen;
+ const byte* msg;
+ word32 msgLen;
+ int* res;
+ ed25519_key* key;
+ byte type;
+ const byte* context;
+ byte contextLen;
+ } ed25519verify;
+ #endif
+ };
+ } pk;
+#endif /* !NO_RSA || HAVE_ECC */
+#if !defined(NO_AES) || !defined(NO_DES3)
+ struct {
+ int type; /* enum wc_CipherType */
+ int enc;
+ union {
+ #ifdef HAVE_AESGCM
+ struct {
+ Aes* aes;
+ byte* out;
+ const byte* in;
+ word32 sz;
+ const byte* iv;
+ word32 ivSz;
+ byte* authTag;
+ word32 authTagSz;
+ const byte* authIn;
+ word32 authInSz;
+ } aesgcm_enc;
+ struct {
+ Aes* aes;
+ byte* out;
+ const byte* in;
+ word32 sz;
+ const byte* iv;
+ word32 ivSz;
+ const byte* authTag;
+ word32 authTagSz;
+ const byte* authIn;
+ word32 authInSz;
+ } aesgcm_dec;
+ #endif /* HAVE_AESGCM */
+ #ifdef HAVE_AES_CBC
+ struct {
+ Aes* aes;
+ byte* out;
+ const byte* in;
+ word32 sz;
+ } aescbc;
+ #endif /* HAVE_AES_CBC */
+ #ifndef NO_DES3
+ struct {
+ Des3* des;
+ byte* out;
+ const byte* in;
+ word32 sz;
+ } des3;
+ #endif
+ };
+ } cipher;
+#endif /* !NO_AES || !NO_DES3 */
+#if !defined(NO_SHA) || !defined(NO_SHA256) || \
+ defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
+ struct {
+ int type; /* enum wc_HashType */
+ const byte* in;
+ word32 inSz;
+ byte* digest;
+ union {
+ #ifndef NO_SHA
+ wc_Sha* sha1;
+ #endif
+ #ifndef NO_SHA256
+ wc_Sha256* sha256;
+ #endif
+ #ifdef WOLFSSL_SHA384
+ wc_Sha384* sha384;
+ #endif
+ #ifdef WOLFSSL_SHA512
+ wc_Sha512* sha512;
+ #endif
+ };
+ } hash;
+#endif /* !NO_SHA || !NO_SHA256 */
+#ifndef NO_HMAC
+ struct {
+ int macType; /* enum wc_HashType */
+ const byte* in;
+ word32 inSz;
+ byte* digest;
+ Hmac* hmac;
+ } hmac;
+#endif
+#ifndef WC_NO_RNG
+ struct {
+ WC_RNG* rng;
+ byte* out;
+ word32 sz;
+ } rng;
+ struct {
+ OS_Seed* os;
+ byte* seed;
+ word32 sz;
+ } seed;
+#endif
+#ifdef WOLFSSL_CMAC
+ struct {
+ Cmac* cmac;
+ void* ctx;
+ const byte* key;
+ const byte* in;
+ byte* out;
+ word32* outSz;
+ word32 keySz;
+ word32 inSz;
+ int type;
+ } cmac;
+#endif
+} wc_CryptoInfo;
+
+
+typedef int (*CryptoDevCallbackFunc)(int devId, wc_CryptoInfo* info, void* ctx);
+
+WOLFSSL_LOCAL void wc_CryptoCb_Init(void);
+WOLFSSL_LOCAL int wc_CryptoCb_GetDevIdAtIndex(int startIdx);
+WOLFSSL_API int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx);
+WOLFSSL_API void wc_CryptoCb_UnRegisterDevice(int devId);
+
+/* old function names */
+#define wc_CryptoDev_RegisterDevice wc_CryptoCb_RegisterDevice
+#define wc_CryptoDev_UnRegisterDevice wc_CryptoCb_UnRegisterDevice
+
+
+#ifndef NO_RSA
+WOLFSSL_LOCAL int wc_CryptoCb_Rsa(const byte* in, word32 inLen, byte* out,
+ word32* outLen, int type, RsaKey* key, WC_RNG* rng);
+
+#ifdef WOLFSSL_KEY_GEN
+WOLFSSL_LOCAL int wc_CryptoCb_MakeRsaKey(RsaKey* key, int size, long e,
+ WC_RNG* rng);
+#endif /* WOLFSSL_KEY_GEN */
+
+WOLFSSL_LOCAL int wc_CryptoCb_RsaCheckPrivKey(RsaKey* key, const byte* pubKey,
+ word32 pubKeySz);
+#endif /* !NO_RSA */
+
+#ifdef HAVE_ECC
+WOLFSSL_LOCAL int wc_CryptoCb_MakeEccKey(WC_RNG* rng, int keySize,
+ ecc_key* key, int curveId);
+
+WOLFSSL_LOCAL int wc_CryptoCb_Ecdh(ecc_key* private_key, ecc_key* public_key,
+ byte* out, word32* outlen);
+
+WOLFSSL_LOCAL int wc_CryptoCb_EccSign(const byte* in, word32 inlen, byte* out,
+ word32 *outlen, WC_RNG* rng, ecc_key* key);
+
+WOLFSSL_LOCAL int wc_CryptoCb_EccVerify(const byte* sig, word32 siglen,
+ const byte* hash, word32 hashlen, int* res, ecc_key* key);
+
+WOLFSSL_LOCAL int wc_CryptoCb_EccCheckPrivKey(ecc_key* key, const byte* pubKey,
+ word32 pubKeySz);
+#endif /* HAVE_ECC */
+
+#ifdef HAVE_CURVE25519
+WOLFSSL_LOCAL int wc_CryptoCb_Curve25519Gen(WC_RNG* rng, int keySize,
+ curve25519_key* key);
+
+WOLFSSL_LOCAL int wc_CryptoCb_Curve25519(curve25519_key* private_key,
+ curve25519_key* public_key, byte* out, word32* outlen, int endian);
+#endif /* HAVE_CURVE25519 */
+
+#ifdef HAVE_ED25519
+WOLFSSL_LOCAL int wc_CryptoCb_Ed25519Gen(WC_RNG* rng, int keySize,
+ ed25519_key* key);
+WOLFSSL_LOCAL int wc_CryptoCb_Ed25519Sign(const byte* in, word32 inLen,
+ byte* out, word32 *outLen, ed25519_key* key, byte type, const byte* context,
+ byte contextLen);
+WOLFSSL_LOCAL int wc_CryptoCb_Ed25519Verify(const byte* sig, word32 sigLen,
+ const byte* msg, word32 msgLen, int* res, ed25519_key* key, byte type,
+ const byte* context, byte contextLen);
+#endif /* HAVE_ED25519 */
+
+#ifndef NO_AES
+#ifdef HAVE_AESGCM
+WOLFSSL_LOCAL int wc_CryptoCb_AesGcmEncrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz, const byte* iv, word32 ivSz,
+ byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz);
+
+WOLFSSL_LOCAL int wc_CryptoCb_AesGcmDecrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz, const byte* iv, word32 ivSz,
+ const byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz);
+#endif /* HAVE_AESGCM */
+#ifdef HAVE_AES_CBC
+WOLFSSL_LOCAL int wc_CryptoCb_AesCbcEncrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz);
+WOLFSSL_LOCAL int wc_CryptoCb_AesCbcDecrypt(Aes* aes, byte* out,
+ const byte* in, word32 sz);
+#endif /* HAVE_AES_CBC */
+#endif /* !NO_AES */
+
+#ifndef NO_DES3
+WOLFSSL_LOCAL int wc_CryptoCb_Des3Encrypt(Des3* des3, byte* out,
+ const byte* in, word32 sz);
+WOLFSSL_LOCAL int wc_CryptoCb_Des3Decrypt(Des3* des3, byte* out,
+ const byte* in, word32 sz);
+#endif /* !NO_DES3 */
+
+#ifndef NO_SHA
+WOLFSSL_LOCAL int wc_CryptoCb_ShaHash(wc_Sha* sha, const byte* in,
+ word32 inSz, byte* digest);
+#endif /* !NO_SHA */
+
+#ifndef NO_SHA256
+WOLFSSL_LOCAL int wc_CryptoCb_Sha256Hash(wc_Sha256* sha256, const byte* in,
+ word32 inSz, byte* digest);
+#endif /* !NO_SHA256 */
+#ifdef WOLFSSL_SHA384
+WOLFSSL_LOCAL int wc_CryptoCb_Sha384Hash(wc_Sha384* sha384, const byte* in,
+ word32 inSz, byte* digest);
+#endif
+#ifdef WOLFSSL_SHA512
+WOLFSSL_LOCAL int wc_CryptoCb_Sha512Hash(wc_Sha512* sha512, const byte* in,
+ word32 inSz, byte* digest);
+#endif
+
+#ifndef NO_HMAC
+WOLFSSL_LOCAL int wc_CryptoCb_Hmac(Hmac* hmac, int macType, const byte* in,
+ word32 inSz, byte* digest);
+#endif /* !NO_HMAC */
+
+#ifndef WC_NO_RNG
+WOLFSSL_LOCAL int wc_CryptoCb_RandomBlock(WC_RNG* rng, byte* out, word32 sz);
+WOLFSSL_LOCAL int wc_CryptoCb_RandomSeed(OS_Seed* os, byte* seed, word32 sz);
+#endif
+
+#ifdef WOLFSSL_CMAC
+WOLFSSL_LOCAL int wc_CryptoCb_Cmac(Cmac* cmac, const byte* key, word32 keySz,
+ const byte* in, word32 inSz, byte* out, word32* outSz, int type,
+ void* ctx);
+#endif
+
+#endif /* WOLF_CRYPTO_CB */
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* _WOLF_CRYPTO_CB_H_ */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/curve25519.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/curve25519.h
new file mode 100644
index 0000000..3646667
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/curve25519.h
@@ -0,0 +1,182 @@
+/* curve25519.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/curve25519.h
+*/
+
+
+#ifndef WOLF_CRYPT_CURVE25519_H
+#define WOLF_CRYPT_CURVE25519_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef HAVE_CURVE25519
+
+#include <wolfssl/wolfcrypt/fe_operations.h>
+#include <wolfssl/wolfcrypt/random.h>
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#define CURVE25519_KEYSIZE 32
+
+#ifdef WOLFSSL_NAMES_STATIC
+typedef char curve25519_str[12];
+#else
+typedef const char* curve25519_str;
+#endif
+
+/* curve25519 set type */
+typedef struct {
+ int size; /* The size of the curve in octets */
+ curve25519_str name; /* name of this curve */
+} curve25519_set_type;
+
+
+/* ECC point, the internal structure is Little endian
+ * the mathematical functions used the endianness */
+typedef struct {
+ byte point[CURVE25519_KEYSIZE];
+ #ifdef FREESCALE_LTC_ECC
+ byte pointY[CURVE25519_KEYSIZE];
+ #endif
+} ECPoint;
+
+/* A CURVE25519 Key */
+typedef struct curve25519_key {
+ int idx; /* Index into the ecc_sets[] for the parameters of
+ this curve if -1, this key is using user supplied
+ curve in dp */
+ const curve25519_set_type* dp; /* domain parameters, either points to
+ curves (idx >= 0) or user supplied */
+ ECPoint p; /* public key */
+ ECPoint k; /* private key */
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WC_ASYNC_DEV asyncDev;
+#endif
+#if defined(WOLF_CRYPTO_CB)
+ int devId;
+#endif
+} curve25519_key;
+
+enum {
+ EC25519_LITTLE_ENDIAN=0,
+ EC25519_BIG_ENDIAN=1
+};
+
+WOLFSSL_API
+int wc_curve25519_make_pub(int public_size, byte* pub, int private_size,
+ const byte* priv);
+
+WOLFSSL_API
+int wc_curve25519_generic(int public_size, byte* pub,
+ int private_size, const byte* priv,
+ int basepoint_size, const byte* basepoint);
+
+WOLFSSL_API
+int wc_curve25519_make_priv(WC_RNG* rng, int keysize, byte* priv);
+
+WOLFSSL_API
+int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key);
+
+WOLFSSL_API
+int wc_curve25519_shared_secret(curve25519_key* private_key,
+ curve25519_key* public_key,
+ byte* out, word32* outlen);
+
+WOLFSSL_API
+int wc_curve25519_shared_secret_ex(curve25519_key* private_key,
+ curve25519_key* public_key,
+ byte* out, word32* outlen, int endian);
+
+WOLFSSL_API
+int wc_curve25519_init(curve25519_key* key);
+WOLFSSL_API
+int wc_curve25519_init_ex(curve25519_key* key, void* heap, int devId);
+
+WOLFSSL_API
+void wc_curve25519_free(curve25519_key* key);
+
+
+/* raw key helpers */
+WOLFSSL_API
+int wc_curve25519_import_private(const byte* priv, word32 privSz,
+ curve25519_key* key);
+WOLFSSL_API
+int wc_curve25519_import_private_ex(const byte* priv, word32 privSz,
+ curve25519_key* key, int endian);
+
+WOLFSSL_API
+int wc_curve25519_import_private_raw(const byte* priv, word32 privSz,
+ const byte* pub, word32 pubSz, curve25519_key* key);
+WOLFSSL_API
+int wc_curve25519_import_private_raw_ex(const byte* priv, word32 privSz,
+ const byte* pub, word32 pubSz,
+ curve25519_key* key, int endian);
+WOLFSSL_API
+int wc_curve25519_export_private_raw(curve25519_key* key, byte* out,
+ word32* outLen);
+WOLFSSL_API
+int wc_curve25519_export_private_raw_ex(curve25519_key* key, byte* out,
+ word32* outLen, int endian);
+
+WOLFSSL_API
+int wc_curve25519_import_public(const byte* in, word32 inLen,
+ curve25519_key* key);
+WOLFSSL_API
+int wc_curve25519_import_public_ex(const byte* in, word32 inLen,
+ curve25519_key* key, int endian);
+WOLFSSL_API
+int wc_curve25519_check_public(const byte* pub, word32 pubSz, int endian);
+
+WOLFSSL_API
+int wc_curve25519_export_public(curve25519_key* key, byte* out, word32* outLen);
+WOLFSSL_API
+int wc_curve25519_export_public_ex(curve25519_key* key, byte* out,
+ word32* outLen, int endian);
+
+WOLFSSL_API
+int wc_curve25519_export_key_raw(curve25519_key* key,
+ byte* priv, word32 *privSz,
+ byte* pub, word32 *pubSz);
+WOLFSSL_API
+int wc_curve25519_export_key_raw_ex(curve25519_key* key,
+ byte* priv, word32 *privSz,
+ byte* pub, word32 *pubSz,
+ int endian);
+/* size helper */
+WOLFSSL_API
+int wc_curve25519_size(curve25519_key* key);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* HAVE_CURVE25519 */
+#endif /* WOLF_CRYPT_CURVE25519_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/curve448.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/curve448.h
new file mode 100644
index 0000000..ba20594
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/curve448.h
@@ -0,0 +1,139 @@
+/* curve448.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Implemented to: RFC 7748 */
+
+
+#ifndef WOLF_CRYPT_CURVE448_H
+#define WOLF_CRYPT_CURVE448_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef HAVE_CURVE448
+
+#include <wolfssl/wolfcrypt/fe_448.h>
+#include <wolfssl/wolfcrypt/random.h>
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#define CURVE448_KEY_SIZE 56
+#define CURVE448_PUB_KEY_SIZE 56
+
+
+/* A CURVE448 Key */
+typedef struct curve448_key {
+ byte p[CURVE448_PUB_KEY_SIZE]; /* public key */
+ byte k[CURVE448_KEY_SIZE]; /* private key */
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WC_ASYNC_DEV asyncDev;
+#endif
+} curve448_key;
+
+enum {
+ EC448_LITTLE_ENDIAN = 0,
+ EC448_BIG_ENDIAN = 1
+};
+
+WOLFSSL_API
+int wc_curve448_make_key(WC_RNG* rng, int keysize, curve448_key* key);
+
+WOLFSSL_API
+int wc_curve448_shared_secret(curve448_key* private_key,
+ curve448_key* public_key,
+ byte* out, word32* outlen);
+
+WOLFSSL_API
+int wc_curve448_shared_secret_ex(curve448_key* private_key,
+ curve448_key* public_key,
+ byte* out, word32* outlen, int endian);
+
+WOLFSSL_API
+int wc_curve448_init(curve448_key* key);
+
+WOLFSSL_API
+void wc_curve448_free(curve448_key* key);
+
+
+/* raw key helpers */
+WOLFSSL_API
+int wc_curve448_import_private(const byte* priv, word32 privSz,
+ curve448_key* key);
+WOLFSSL_API
+int wc_curve448_import_private_ex(const byte* priv, word32 privSz,
+ curve448_key* key, int endian);
+
+WOLFSSL_API
+int wc_curve448_import_private_raw(const byte* priv, word32 privSz,
+ const byte* pub, word32 pubSz,
+ curve448_key* key);
+WOLFSSL_API
+int wc_curve448_import_private_raw_ex(const byte* priv, word32 privSz,
+ const byte* pub, word32 pubSz,
+ curve448_key* key, int endian);
+WOLFSSL_API
+int wc_curve448_export_private_raw(curve448_key* key, byte* out,
+ word32* outLen);
+WOLFSSL_API
+int wc_curve448_export_private_raw_ex(curve448_key* key, byte* out,
+ word32* outLen, int endian);
+
+WOLFSSL_API
+int wc_curve448_import_public(const byte* in, word32 inLen,
+ curve448_key* key);
+WOLFSSL_API
+int wc_curve448_import_public_ex(const byte* in, word32 inLen,
+ curve448_key* key, int endian);
+WOLFSSL_API
+int wc_curve448_check_public(const byte* pub, word32 pubSz, int endian);
+
+WOLFSSL_API
+int wc_curve448_export_public(curve448_key* key, byte* out, word32* outLen);
+WOLFSSL_API
+int wc_curve448_export_public_ex(curve448_key* key, byte* out,
+ word32* outLen, int endian);
+
+WOLFSSL_API
+int wc_curve448_export_key_raw(curve448_key* key,
+ byte* priv, word32 *privSz,
+ byte* pub, word32 *pubSz);
+WOLFSSL_API
+int wc_curve448_export_key_raw_ex(curve448_key* key,
+ byte* priv, word32 *privSz,
+ byte* pub, word32 *pubSz,
+ int endian);
+/* size helper */
+WOLFSSL_API
+int wc_curve448_size(curve448_key* key);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* HAVE_CURVE448 */
+#endif /* WOLF_CRYPT_CURVE448_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/des3.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/des3.h
new file mode 100644
index 0000000..b87737e
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/des3.h
@@ -0,0 +1,158 @@
+/* des3.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/des3.h
+*/
+
+#ifndef WOLF_CRYPT_DES3_H
+#define WOLF_CRYPT_DES3_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifndef NO_DES3
+
+#if defined(HAVE_FIPS) && \
+ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
+ #include <wolfssl/wolfcrypt/fips.h>
+#endif /* HAVE_FIPS_VERSION >= 2 */
+
+#if defined(HAVE_FIPS) && \
+ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
+/* included for fips @wc_fips */
+#include <cyassl/ctaocrypt/des3.h>
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* these are required for FIPS and non-FIPS */
+enum {
+ DES_KEY_SIZE = 8, /* des */
+ DES3_KEY_SIZE = 24, /* 3 des ede */
+ DES_IV_SIZE = 8, /* should be the same as DES_BLOCK_SIZE */
+};
+
+
+/* avoid redefinition of structs */
+#if !defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+#endif
+
+enum {
+ DES_ENC_TYPE = WC_CIPHER_DES, /* cipher unique type */
+ DES3_ENC_TYPE = WC_CIPHER_DES3, /* cipher unique type */
+
+ DES_BLOCK_SIZE = 8,
+ DES_KS_SIZE = 32, /* internal DES key buffer size */
+
+ DES_ENCRYPTION = 0,
+ DES_DECRYPTION = 1
+};
+
+#define DES_IVLEN 8
+#define DES_KEYLEN 8
+#define DES3_IVLEN 8
+#define DES3_KEYLEN 24
+
+
+#if defined(STM32_CRYPTO)
+enum {
+ DES_CBC = 0,
+ DES_ECB = 1
+};
+#endif
+
+
+/* DES encryption and decryption */
+typedef struct Des {
+ word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
+ word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */
+ word32 key[DES_KS_SIZE];
+} Des;
+
+
+/* DES3 encryption and decryption */
+struct Des3 {
+ word32 key[3][DES_KS_SIZE];
+ word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
+ word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WC_ASYNC_DEV asyncDev;
+#endif
+#if defined(WOLF_CRYPTO_CB) || \
+ (defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES))
+ word32 devKey[DES3_KEYLEN/sizeof(word32)]; /* raw key */
+#endif
+#ifdef WOLF_CRYPTO_CB
+ int devId;
+ void* devCtx;
+#endif
+ void* heap;
+};
+
+#ifndef WC_DES3_TYPE_DEFINED
+ typedef struct Des3 Des3;
+ #define WC_DES3_TYPE_DEFINED
+#endif
+#endif /* HAVE_FIPS */
+
+
+WOLFSSL_API int wc_Des_SetKey(Des* des, const byte* key,
+ const byte* iv, int dir);
+WOLFSSL_API void wc_Des_SetIV(Des* des, const byte* iv);
+WOLFSSL_API int wc_Des_CbcEncrypt(Des* des, byte* out,
+ const byte* in, word32 sz);
+WOLFSSL_API int wc_Des_CbcDecrypt(Des* des, byte* out,
+ const byte* in, word32 sz);
+WOLFSSL_API int wc_Des_EcbEncrypt(Des* des, byte* out,
+ const byte* in, word32 sz);
+WOLFSSL_API int wc_Des3_EcbEncrypt(Des3* des, byte* out,
+ const byte* in, word32 sz);
+
+/* ECB decrypt same process as encrypt but with decrypt key */
+#define wc_Des_EcbDecrypt wc_Des_EcbEncrypt
+#define wc_Des3_EcbDecrypt wc_Des3_EcbEncrypt
+
+WOLFSSL_API int wc_Des3_SetKey(Des3* des, const byte* key,
+ const byte* iv,int dir);
+WOLFSSL_API int wc_Des3_SetIV(Des3* des, const byte* iv);
+WOLFSSL_API int wc_Des3_CbcEncrypt(Des3* des, byte* out,
+ const byte* in,word32 sz);
+WOLFSSL_API int wc_Des3_CbcDecrypt(Des3* des, byte* out,
+ const byte* in,word32 sz);
+
+/* These are only required when using either:
+ static memory (WOLFSSL_STATIC_MEMORY) or asynchronous (WOLFSSL_ASYNC_CRYPT) */
+WOLFSSL_API int wc_Des3Init(Des3*, void*, int);
+WOLFSSL_API void wc_Des3Free(Des3*);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* NO_DES3 */
+#endif /* WOLF_CRYPT_DES3_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/dh.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/dh.h
new file mode 100644
index 0000000..1f53f31
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/dh.h
@@ -0,0 +1,146 @@
+/* dh.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/dh.h
+*/
+
+#ifndef WOLF_CRYPT_DH_H
+#define WOLF_CRYPT_DH_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifndef NO_DH
+
+#if defined(HAVE_FIPS) && \
+ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
+ #include <wolfssl/wolfcrypt/fips.h>
+#endif /* HAVE_FIPS_VERSION >= 2 */
+
+#include <wolfssl/wolfcrypt/integer.h>
+#include <wolfssl/wolfcrypt/random.h>
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+#endif
+
+typedef struct DhParams {
+#ifdef HAVE_FFDHE_Q
+ const byte* q;
+ word32 q_len;
+#endif /* HAVE_FFDHE_Q */
+ const byte* p;
+ word32 p_len;
+ const byte* g;
+ word32 g_len;
+} DhParams;
+
+/* Diffie-Hellman Key */
+struct DhKey {
+ mp_int p, g, q; /* group parameters */
+#ifdef WOLFSSL_DH_EXTRA
+ mp_int pub;
+ mp_int priv;
+#endif
+ void* heap;
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WC_ASYNC_DEV asyncDev;
+#endif
+};
+
+#ifndef WC_DH_TYPE_DEFINED
+ typedef struct DhKey DhKey;
+ #define WC_DH_TYPE_DEFINED
+#endif
+
+#ifdef HAVE_FFDHE_2048
+WOLFSSL_API const DhParams* wc_Dh_ffdhe2048_Get(void);
+#endif
+#ifdef HAVE_FFDHE_3072
+WOLFSSL_API const DhParams* wc_Dh_ffdhe3072_Get(void);
+#endif
+#ifdef HAVE_FFDHE_4096
+WOLFSSL_API const DhParams* wc_Dh_ffdhe4096_Get(void);
+#endif
+#ifdef HAVE_FFDHE_6144
+WOLFSSL_API const DhParams* wc_Dh_ffdhe6144_Get(void);
+#endif
+#ifdef HAVE_FFDHE_8192
+WOLFSSL_API const DhParams* wc_Dh_ffdhe8192_Get(void);
+#endif
+
+WOLFSSL_API int wc_InitDhKey(DhKey* key);
+WOLFSSL_API int wc_InitDhKey_ex(DhKey* key, void* heap, int devId);
+WOLFSSL_API int wc_FreeDhKey(DhKey* key);
+
+WOLFSSL_API int wc_DhGenerateKeyPair(DhKey* key, WC_RNG* rng, byte* priv,
+ word32* privSz, byte* pub, word32* pubSz);
+WOLFSSL_API int wc_DhAgree(DhKey* key, byte* agree, word32* agreeSz,
+ const byte* priv, word32 privSz, const byte* otherPub,
+ word32 pubSz);
+
+WOLFSSL_API int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key,
+ word32); /* wc_DhKeyDecode is in asn.c */
+
+WOLFSSL_API int wc_DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
+ word32 gSz);
+WOLFSSL_API int wc_DhSetKey_ex(DhKey* key, const byte* p, word32 pSz,
+ const byte* g, word32 gSz, const byte* q, word32 qSz);
+
+#ifdef WOLFSSL_DH_EXTRA
+WOLFSSL_API int wc_DhPublicKeyDecode(const byte* input, word32* inOutIdx,
+ DhKey* key, word32 inSz);
+WOLFSSL_API int wc_DhImportKeyPair(DhKey* key, const byte* priv, word32 privSz,
+ const byte* pub, word32 pubSz);
+WOLFSSL_API int wc_DhExportKeyPair(DhKey* key, byte* priv, word32* pPrivSz,
+ byte* pub, word32* pPubSz);
+WOLFSSL_LOCAL int wc_DhKeyCopy(DhKey* src, DhKey* dst);
+#endif
+WOLFSSL_API int wc_DhSetCheckKey(DhKey* key, const byte* p, word32 pSz,
+ const byte* g, word32 gSz, const byte* q, word32 qSz,
+ int trusted, WC_RNG* rng);
+WOLFSSL_API int wc_DhParamsLoad(const byte* input, word32 inSz, byte* p,
+ word32* pInOutSz, byte* g, word32* gInOutSz);
+WOLFSSL_API int wc_DhCheckPubKey(DhKey* key, const byte* pub, word32 pubSz);
+WOLFSSL_API int wc_DhCheckPubKey_ex(DhKey* key, const byte* pub, word32 pubSz,
+ const byte* prime, word32 primeSz);
+WOLFSSL_API int wc_DhCheckPubValue(const byte* prime, word32 primeSz,
+ const byte* pub, word32 pubSz);
+WOLFSSL_API int wc_DhCheckPrivKey(DhKey* key, const byte* priv, word32 pubSz);
+WOLFSSL_API int wc_DhCheckPrivKey_ex(DhKey* key, const byte* priv, word32 pubSz,
+ const byte* prime, word32 primeSz);
+WOLFSSL_API int wc_DhCheckKeyPair(DhKey* key, const byte* pub, word32 pubSz,
+ const byte* priv, word32 privSz);
+WOLFSSL_API int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh);
+WOLFSSL_API int wc_DhExportParamsRaw(DhKey* dh, byte* p, word32* pSz,
+ byte* q, word32* qSz, byte* g, word32* gSz);
+
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* NO_DH */
+#endif /* WOLF_CRYPT_DH_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/dsa.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/dsa.h
new file mode 100644
index 0000000..0bb00fb
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/dsa.h
@@ -0,0 +1,105 @@
+/* dsa.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/dsa.h
+*/
+
+#ifndef WOLF_CRYPT_DSA_H
+#define WOLF_CRYPT_DSA_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifndef NO_DSA
+
+#include <wolfssl/wolfcrypt/integer.h>
+#include <wolfssl/wolfcrypt/random.h>
+
+/* for DSA reverse compatibility */
+#define InitDsaKey wc_InitDsaKey
+#define FreeDsaKey wc_FreeDsaKey
+#define DsaSign wc_DsaSign
+#define DsaVerify wc_DsaVerify
+#define DsaPublicKeyDecode wc_DsaPublicKeyDecode
+#define DsaPrivateKeyDecode wc_DsaPrivateKeyDecode
+#define DsaKeyToDer wc_DsaKeyToDer
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+
+enum {
+ DSA_PUBLIC = 0,
+ DSA_PRIVATE = 1
+};
+
+enum {
+ DSA_HALF_SIZE = 20, /* r and s size */
+ DSA_SIG_SIZE = 40 /* signature size */
+};
+
+/* DSA */
+typedef struct DsaKey {
+ mp_int p, q, g, y, x;
+ int type; /* public or private */
+ void* heap; /* memory hint */
+} DsaKey;
+
+WOLFSSL_API int wc_InitDsaKey(DsaKey* key);
+WOLFSSL_API int wc_InitDsaKey_h(DsaKey* key, void* h);
+WOLFSSL_API void wc_FreeDsaKey(DsaKey* key);
+WOLFSSL_API int wc_DsaSign(const byte* digest, byte* out,
+ DsaKey* key, WC_RNG* rng);
+WOLFSSL_API int wc_DsaVerify(const byte* digest, const byte* sig,
+ DsaKey* key, int* answer);
+WOLFSSL_API int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx,
+ DsaKey*, word32);
+WOLFSSL_API int wc_DsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
+ DsaKey*, word32);
+WOLFSSL_API int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen);
+WOLFSSL_API int wc_SetDsaPublicKey(byte* output, DsaKey* key,
+ int outLen, int with_header);
+WOLFSSL_API int wc_DsaKeyToPublicDer(DsaKey* key, byte* output, word32 inLen);
+
+#ifdef WOLFSSL_KEY_GEN
+WOLFSSL_API int wc_MakeDsaKey(WC_RNG *rng, DsaKey *dsa);
+WOLFSSL_API int wc_MakeDsaParameters(WC_RNG *rng, int modulus_size, DsaKey *dsa);
+#endif
+
+/* raw export functions */
+WOLFSSL_API int wc_DsaImportParamsRaw(DsaKey* dsa, const char* p,
+ const char* q, const char* g);
+WOLFSSL_API int wc_DsaImportParamsRawCheck(DsaKey* dsa, const char* p,
+ const char* q, const char* g,
+ int trusted, WC_RNG* rng);
+WOLFSSL_API int wc_DsaExportParamsRaw(DsaKey* dsa, byte* p, word32* pSz,
+ byte* q, word32* qSz, byte* g,
+ word32* gSz);
+WOLFSSL_API int wc_DsaExportKeyRaw(DsaKey* dsa, byte* x, word32* xSz, byte* y,
+ word32* ySz);
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* NO_DSA */
+#endif /* WOLF_CRYPT_DSA_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/ecc.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/ecc.h
new file mode 100644
index 0000000..a0de8df
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/ecc.h
@@ -0,0 +1,874 @@
+/* ecc.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/ecc.h
+*/
+
+
+#ifndef WOLF_CRYPT_ECC_H
+#define WOLF_CRYPT_ECC_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef HAVE_ECC
+
+#if defined(HAVE_FIPS) && \
+ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
+ #include <wolfssl/wolfcrypt/fips.h>
+#endif /* HAVE_FIPS_VERSION >= 2 */
+
+#include <wolfssl/wolfcrypt/integer.h>
+#include <wolfssl/wolfcrypt/random.h>
+
+#ifdef HAVE_X963_KDF
+ #include <wolfssl/wolfcrypt/hash.h>
+#endif
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+ #ifdef WOLFSSL_CERT_GEN
+ #include <wolfssl/wolfcrypt/asn.h>
+ #endif
+#endif
+
+#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
+ #include <wolfssl/wolfcrypt/port/atmel/atmel.h>
+#endif /* WOLFSSL_ATECC508A */
+
+#if defined(WOLFSSL_CRYPTOCELL)
+ #include <wolfssl/wolfcrypt/port/arm/cryptoCell.h>
+#endif
+
+#ifdef WOLFSSL_SILABS_SE_ACCEL
+ #include <wolfssl/wolfcrypt/port/silabs/silabs_ecc.h>
+#endif
+
+#ifdef WOLFSSL_HAVE_SP_ECC
+ #include <wolfssl/wolfcrypt/sp_int.h>
+#endif
+
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+
+/* Enable curve B parameter if needed */
+#if defined(HAVE_COMP_KEY) || defined(ECC_CACHE_CURVE)
+ #ifndef USE_ECC_B_PARAM /* Allow someone to force enable */
+ #define USE_ECC_B_PARAM
+ #endif
+#endif
+
+
+/* Use this as the key->idx if a custom ecc_set is used for key->dp */
+#define ECC_CUSTOM_IDX (-1)
+
+
+/* Determine max ECC bits based on enabled curves */
+#if defined(WOLFCRYPT_HAVE_SAKKE)
+ #define MAX_ECC_BITS 1024
+#elif defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)
+ #define MAX_ECC_BITS 521
+#elif defined(HAVE_ECC512)
+ #define MAX_ECC_BITS 512
+#elif defined(HAVE_ECC384)
+ #define MAX_ECC_BITS 384
+#elif defined(HAVE_ECC320)
+ #define MAX_ECC_BITS 320
+#elif !defined(NO_ECC256)
+ #define MAX_ECC_BITS 256
+#elif defined(HAVE_ECC239)
+ #define MAX_ECC_BITS 239
+#elif defined(HAVE_ECC224)
+ #define MAX_ECC_BITS 224
+#elif defined(HAVE_ECC192)
+ #define MAX_ECC_BITS 192
+#elif defined(HAVE_ECC160)
+ #define MAX_ECC_BITS 160
+#elif defined(HAVE_ECC128)
+ #define MAX_ECC_BITS 128
+#elif defined(HAVE_ECC112)
+ #define MAX_ECC_BITS 112
+#endif
+
+/* calculate max ECC bytes */
+#if ((MAX_ECC_BITS * 2) % 8) == 0
+ #define MAX_ECC_BYTES (MAX_ECC_BITS / 8)
+#else
+ /* add byte if not aligned */
+ #define MAX_ECC_BYTES ((MAX_ECC_BITS / 8) + 1)
+#endif
+
+#ifndef ECC_MAX_PAD_SZ
+ /* ECC maximum padding size (when MSB is set extra byte required for R and S) */
+ #define ECC_MAX_PAD_SZ 2
+#endif
+
+enum {
+ ECC_PUBLICKEY = 1,
+ ECC_PRIVATEKEY = 2,
+ ECC_PRIVATEKEY_ONLY = 3,
+ ECC_MAXNAME = 16, /* MAX CURVE NAME LENGTH */
+ SIG_HEADER_SZ = 7, /* ECC signature header size (30 81 87 02 42 [R] 02 42 [S]) */
+ ECC_BUFSIZE = 257, /* for exported keys temp buffer */
+ ECC_MINSIZE = ECC_MIN_KEY_SZ/8, /* MIN Private Key size */
+#ifdef WOLFCRYPT_HAVE_SAKKE
+ ECC_MAXSIZE = 128, /* MAX Private Key size */
+ ECC_MAXSIZE_GEN = 128, /* MAX Buffer size required when generating ECC keys*/
+#else
+ ECC_MAXSIZE = 66, /* MAX Private Key size */
+ ECC_MAXSIZE_GEN = 74, /* MAX Buffer size required when generating ECC keys*/
+#endif
+ ECC_MAX_OID_LEN = 16,
+ ECC_MAX_SIG_SIZE= ((MAX_ECC_BYTES * 2) + ECC_MAX_PAD_SZ + SIG_HEADER_SZ),
+
+ /* max crypto hardware size */
+#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
+ ECC_MAX_CRYPTO_HW_SIZE = ATECC_KEY_SIZE, /* from port/atmel/atmel.h */
+ ECC_MAX_CRYPTO_HW_PUBKEY_SIZE = (ATECC_KEY_SIZE*2),
+#elif defined(PLUTON_CRYPTO_ECC)
+ ECC_MAX_CRYPTO_HW_SIZE = 32,
+#elif defined(WOLFSSL_SILABS_SE_ACCEL)
+ ECC_MAX_CRYPTO_HW_SIZE = 32,
+#elif defined(WOLFSSL_CRYPTOCELL)
+ #ifndef CRYPTOCELL_KEY_SIZE
+ CRYPTOCELL_KEY_SIZE = ECC_MAXSIZE,
+ #endif
+ ECC_MAX_CRYPTO_HW_SIZE = CRYPTOCELL_KEY_SIZE,
+#endif
+
+ /* point compression type */
+ ECC_POINT_COMP_EVEN = 0x02,
+ ECC_POINT_COMP_ODD = 0x03,
+ ECC_POINT_UNCOMP = 0x04,
+
+ /* Shamir's dual add constants */
+ SHAMIR_PRECOMP_SZ = 16,
+
+#ifdef WOLF_CRYPTO_CB
+ ECC_MAX_ID_LEN = 32,
+ ECC_MAX_LABEL_LEN = 32,
+#endif
+};
+
+/* Curve Types */
+typedef enum ecc_curve_id {
+ ECC_CURVE_INVALID = -1,
+ ECC_CURVE_DEF = 0, /* NIST or SECP */
+
+ /* NIST Prime Curves */
+ ECC_SECP192R1,
+ ECC_PRIME192V2,
+ ECC_PRIME192V3,
+ ECC_PRIME239V1,
+ ECC_PRIME239V2,
+ ECC_PRIME239V3,
+ ECC_SECP256R1,
+
+ /* SECP Curves */
+ ECC_SECP112R1,
+ ECC_SECP112R2,
+ ECC_SECP128R1,
+ ECC_SECP128R2,
+ ECC_SECP160R1,
+ ECC_SECP160R2,
+ ECC_SECP224R1,
+ ECC_SECP384R1,
+ ECC_SECP521R1,
+
+ /* Koblitz */
+ ECC_SECP160K1,
+ ECC_SECP192K1,
+ ECC_SECP224K1,
+ ECC_SECP256K1,
+
+ /* Brainpool Curves */
+ ECC_BRAINPOOLP160R1,
+ ECC_BRAINPOOLP192R1,
+ ECC_BRAINPOOLP224R1,
+ ECC_BRAINPOOLP256R1,
+ ECC_BRAINPOOLP320R1,
+ ECC_BRAINPOOLP384R1,
+ ECC_BRAINPOOLP512R1,
+
+ /* Twisted Edwards Curves */
+#ifdef HAVE_CURVE25519
+ ECC_X25519,
+#endif
+#ifdef HAVE_CURVE448
+ ECC_X448,
+#endif
+
+#ifdef WOLFCRYPT_HAVE_SAKKE
+ ECC_SAKKE_1,
+#endif
+
+#ifdef WOLFSSL_CUSTOM_CURVES
+ ECC_CURVE_CUSTOM,
+#endif
+ ECC_CURVE_MAX
+} ecc_curve_id;
+
+#ifdef HAVE_OID_ENCODING
+typedef word16 ecc_oid_t;
+#else
+typedef byte ecc_oid_t;
+ /* OID encoded with ASN scheme:
+ first element = (oid[0] * 40) + oid[1]
+ if any element > 127 then MSB 0x80 indicates additional byte */
+#endif
+
+
+#if !defined(WOLFSSL_ECC_CURVE_STATIC) && defined(USE_WINDOWS_API)
+ /* MSC does something different with the pointers to the arrays than GCC,
+ * and it causes the FIPS checksum to fail. In the case of windows builds,
+ * store everything as arrays instead of pointers to strings. */
+
+ #define WOLFSSL_ECC_CURVE_STATIC
+#endif
+
+/* ECC set type defined a GF(p) curve */
+#ifndef WOLFSSL_ECC_CURVE_STATIC
+typedef struct ecc_set_type {
+ int size; /* The size of the curve in octets */
+ int id; /* id of this curve */
+ const char* name; /* name of this curve */
+ const char* prime; /* prime that defines the field, curve is in (hex) */
+ const char* Af; /* fields A param (hex) */
+ const char* Bf; /* fields B param (hex) */
+ const char* order; /* order of the curve (hex) */
+ const char* Gx; /* x coordinate of the base point on curve (hex) */
+ const char* Gy; /* y coordinate of the base point on curve (hex) */
+ const ecc_oid_t* oid;
+ word32 oidSz;
+ word32 oidSum; /* sum of encoded OID bytes */
+ int cofactor;
+} ecc_set_type;
+#else
+#define MAX_ECC_NAME 16
+#define MAX_ECC_STRING ((MAX_ECC_BYTES * 2) + 1)
+ /* The values are stored as text strings. */
+
+typedef struct ecc_set_type {
+ int size; /* The size of the curve in octets */
+ int id; /* id of this curve */
+ const char name[MAX_ECC_NAME]; /* name of this curve */
+ const char prime[MAX_ECC_STRING]; /* prime that defines the field, curve is in (hex) */
+ const char Af[MAX_ECC_STRING]; /* fields A param (hex) */
+ const char Bf[MAX_ECC_STRING]; /* fields B param (hex) */
+ const char order[MAX_ECC_STRING]; /* order of the curve (hex) */
+ const char Gx[MAX_ECC_STRING]; /* x coordinate of the base point on curve (hex) */
+ const char Gy[MAX_ECC_STRING]; /* y coordinate of the base point on curve (hex) */
+ const ecc_oid_t oid[10];
+ word32 oidSz;
+ word32 oidSum; /* sum of encoded OID bytes */
+ int cofactor;
+} ecc_set_type;
+#endif
+
+
+#ifdef ALT_ECC_SIZE
+
+/* Note on ALT_ECC_SIZE:
+ * The fast math code uses an array of a fixed size to store the big integers.
+ * By default, the array is big enough for RSA keys. There is a size,
+ * FP_MAX_BITS which can be used to make the array smaller when one wants ECC
+ * but not RSA. Some people want fast math sized for both RSA and ECC, where
+ * ECC won't use as much as RSA. The flag ALT_ECC_SIZE switches in an alternate
+ * ecc_point structure that uses an alternate fp_int that has a shorter array
+ * of fp_digits.
+ *
+ * Now, without ALT_ECC_SIZE, the ecc_point has three single item arrays of
+ * mp_ints for the components of the point. With ALT_ECC_SIZE, the components
+ * of the point are pointers that are set to each of a three item array of
+ * alt_fp_ints. While an mp_int will have 4096 bits of digit inside the
+ * structure, the alt_fp_int will only have 512 bits for ECC 256-bit and
+ * 1056-bits for ECC 521-bit. A size value was added in the ALT case, as well,
+ * and is set by mp_init() and alt_fp_init(). The functions fp_zero() and
+ * fp_copy() use the size parameter. An int needs to be initialized before
+ * using it instead of just fp_zeroing it, the init will call zero. The
+ * FP_MAX_BITS_ECC defaults to calculating based on MAX_ECC_BITS, but
+ * can be set to change the number of bits used in the alternate FP_INT.
+ *
+ * The ALT_ECC_SIZE option only applies to stack based fast math USE_FAST_MATH.
+ */
+
+#ifndef USE_FAST_MATH
+ #error USE_FAST_MATH must be defined to use ALT_ECC_SIZE
+#endif
+#ifdef WOLFSSL_NO_MALLOC
+ #error ALT_ECC_SIZE cannot be used with no malloc (WOLFSSL_NO_MALLOC)
+#endif
+
+/* determine max bits required for ECC math */
+#ifndef FP_MAX_BITS_ECC
+ /* max bits rounded up by 8 then doubled */
+ /* (ROUND8(MAX_ECC_BITS) * 2) */
+ #define FP_MAX_BITS_ECC (2 * \
+ ((MAX_ECC_BITS + DIGIT_BIT - 1) / DIGIT_BIT) * DIGIT_BIT)
+
+ /* Note: For ECC verify only FP_MAX_BITS_ECC can be reduced to:
+ ROUND8(MAX_ECC_BITS) + ROUND8(DIGIT_BIT) */
+#endif
+
+/* verify alignment */
+#if FP_MAX_BITS_ECC % CHAR_BIT
+ #error FP_MAX_BITS_ECC must be a multiple of CHAR_BIT
+#endif
+
+/* determine buffer size */
+/* Add one to accommodate extra digit used by sp_mul(), sp_mulmod(), sp_sqr(), and sp_sqrmod(). */
+#define FP_SIZE_ECC ((FP_MAX_BITS_ECC/DIGIT_BIT) + 1)
+
+
+/* This needs to match the size of the fp_int struct, except the
+ * fp_digit array will be shorter. */
+typedef struct alt_fp_int {
+ int used, sign, size;
+ mp_digit dp[FP_SIZE_ECC];
+} alt_fp_int;
+#endif /* ALT_ECC_SIZE */
+
+#ifndef WC_ECCKEY_TYPE_DEFINED
+ typedef struct ecc_key ecc_key;
+ #define WC_ECCKEY_TYPE_DEFINED
+#endif
+
+
+/* A point on an ECC curve, stored in Jacobian format such that (x,y,z) =>
+ (x/z^2, y/z^3, 1) when interpreted as affine */
+typedef struct {
+#ifndef ALT_ECC_SIZE
+ mp_int x[1]; /* The x coordinate */
+ mp_int y[1]; /* The y coordinate */
+ mp_int z[1]; /* The z coordinate */
+#else
+ mp_int* x; /* The x coordinate */
+ mp_int* y; /* The y coordinate */
+ mp_int* z; /* The z coordinate */
+ alt_fp_int xyz[3];
+#endif
+#ifdef WOLFSSL_SMALL_STACK_CACHE
+ ecc_key* key;
+#endif
+} ecc_point;
+
+/* ECC Flags */
+enum {
+ WC_ECC_FLAG_NONE = 0x00,
+#ifdef HAVE_ECC_CDH
+ WC_ECC_FLAG_COFACTOR = 0x01,
+#endif
+ WC_ECC_FLAG_DEC_SIGN = 0x02,
+};
+
+/* ECC non-blocking */
+#ifdef WC_ECC_NONBLOCK
+ typedef struct ecc_nb_ctx {
+ #if defined(WOLFSSL_HAVE_SP_ECC) && defined(WOLFSSL_SP_NONBLOCK)
+ sp_ecc_ctx_t sp_ctx;
+ #else
+ /* build configuration not supported */
+ #error ECC non-blocking only supports SP (--enable-sp=nonblock)
+ #endif
+ } ecc_nb_ctx_t;
+#endif /* WC_ECC_NONBLOCK */
+
+
+/* An ECC Key */
+struct ecc_key {
+ int type; /* Public or Private */
+ int idx; /* Index into the ecc_sets[] for the parameters of
+ this curve if -1, this key is using user supplied
+ curve in dp */
+ int state;
+ word32 flags;
+ const ecc_set_type* dp; /* domain parameters, either points to NIST
+ curves (idx >= 0) or user supplied */
+#ifdef WOLFSSL_CUSTOM_CURVES
+ int deallocSet;
+#endif
+ void* heap; /* heap hint */
+ ecc_point pubkey; /* public key */
+ mp_int k; /* private key */
+
+#ifdef WOLFSSL_QNX_CAAM
+ word32 blackKey; /* address of key encrypted and in secure memory */
+ word32 securePubKey; /* address of public key in secure memory */
+ int partNum; /* partition number*/
+#endif
+#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
+ int slot; /* Key Slot Number (-1 unknown) */
+ byte pubkey_raw[ECC_MAX_CRYPTO_HW_PUBKEY_SIZE];
+#endif
+#if defined(PLUTON_CRYPTO_ECC) || defined(WOLF_CRYPTO_CB)
+ int devId;
+#endif
+#ifdef WOLFSSL_SILABS_SE_ACCEL
+ sl_se_command_context_t cmd_ctx;
+ sl_se_key_descriptor_t key;
+ /* Used for SiLabs "plaintext" with public X, public Y, and
+ * private D concatenated. These are respectively at offset `0`,
+ * offset `keysize`, and offset `2 * keysize`.
+ */
+ byte key_raw[3 * ECC_MAX_CRYPTO_HW_SIZE];
+#endif
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ mp_int* r; /* sign/verify temps */
+ mp_int* s;
+ WC_ASYNC_DEV asyncDev;
+ #ifdef HAVE_CAVIUM_V
+ mp_int* e; /* Sign, Verify and Shared Secret */
+ mp_int* signK;
+ #endif
+ #ifdef WOLFSSL_CERT_GEN
+ CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */
+ #endif
+#endif /* WOLFSSL_ASYNC_CRYPT */
+#ifdef WOLF_CRYPTO_CB
+ byte id[ECC_MAX_ID_LEN];
+ int idLen;
+ char label[ECC_MAX_LABEL_LEN];
+ int labelLen;
+#endif
+#if defined(WOLFSSL_CRYPTOCELL)
+ ecc_context_t ctx;
+#endif
+
+#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) || \
+ defined(WOLFSSL_ECDSA_DETERMINISTIC_K)
+ mp_int *sign_k;
+#endif
+#if defined(WOLFSSL_ECDSA_DETERMINISTIC_K)
+ byte deterministic:1;
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK_CACHE
+ mp_int* t1;
+ mp_int* t2;
+#ifdef ALT_ECC_SIZE
+ mp_int* x;
+ mp_int* y;
+ mp_int* z;
+#endif
+#endif
+
+#ifdef WOLFSSL_DSP
+ remote_handle64 handle;
+#endif
+#ifdef ECC_TIMING_RESISTANT
+ WC_RNG* rng;
+#endif
+#ifdef WC_ECC_NONBLOCK
+ ecc_nb_ctx_t* nb_ctx;
+#endif
+};
+
+
+WOLFSSL_ABI WOLFSSL_API ecc_key* wc_ecc_key_new(void*);
+WOLFSSL_ABI WOLFSSL_API void wc_ecc_key_free(ecc_key*);
+
+
+/* ECC predefined curve sets */
+extern const ecc_set_type ecc_sets[];
+extern const size_t ecc_sets_count;
+
+WOLFSSL_API
+const char* wc_ecc_get_name(int curve_id);
+
+#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A)
+
+#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
+ #define ECC_API WOLFSSL_API
+#else
+ #define ECC_API WOLFSSL_LOCAL
+#endif
+
+ECC_API int ecc_mul2add(ecc_point* A, mp_int* kA,
+ ecc_point* B, mp_int* kB,
+ ecc_point* C, mp_int* a, mp_int* modulus, void* heap);
+
+ECC_API int ecc_map(ecc_point*, mp_int*, mp_digit);
+ECC_API int ecc_map_ex(ecc_point*, mp_int*, mp_digit, int ct);
+ECC_API int ecc_projective_add_point(ecc_point* P, ecc_point* Q, ecc_point* R,
+ mp_int* a, mp_int* modulus, mp_digit mp);
+ECC_API int ecc_projective_dbl_point(ecc_point* P, ecc_point* R, mp_int* a,
+ mp_int* modulus, mp_digit mp);
+
+WOLFSSL_LOCAL
+int ecc_projective_add_point_safe(ecc_point* A, ecc_point* B, ecc_point* R,
+ mp_int* a, mp_int* modulus, mp_digit mp, int* infinity);
+WOLFSSL_LOCAL
+int ecc_projective_dbl_point_safe(ecc_point* P, ecc_point* R, mp_int* a,
+ mp_int* modulus, mp_digit mp);
+
+#endif
+
+WOLFSSL_API
+int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key);
+WOLFSSL_ABI WOLFSSL_API
+int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id);
+WOLFSSL_API
+int wc_ecc_make_key_ex2(WC_RNG* rng, int keysize, ecc_key* key, int curve_id,
+ int flags);
+WOLFSSL_API
+int wc_ecc_make_pub(ecc_key* key, ecc_point* pubOut);
+WOLFSSL_API
+int wc_ecc_make_pub_ex(ecc_key* key, ecc_point* pubOut, WC_RNG* rng);
+WOLFSSL_API
+int wc_ecc_check_key(ecc_key* key);
+WOLFSSL_API
+int wc_ecc_is_point(ecc_point* ecp, mp_int* a, mp_int* b, mp_int* prime);
+WOLFSSL_API
+int wc_ecc_get_generator(ecc_point* ecp, int curve_idx);
+
+#ifdef HAVE_ECC_DHE
+WOLFSSL_API
+int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
+ word32* outlen);
+WOLFSSL_LOCAL
+int wc_ecc_shared_secret_gen(ecc_key* private_key, ecc_point* point,
+ byte* out, word32 *outlen);
+WOLFSSL_API
+int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
+ byte* out, word32 *outlen);
+
+#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
+ defined(PLUTON_CRYPTO_ECC) || defined(WOLFSSL_CRYPTOCELL)
+#define wc_ecc_shared_secret_ssh wc_ecc_shared_secret
+#else
+#define wc_ecc_shared_secret_ssh wc_ecc_shared_secret_ex /* For backwards compat */
+#endif
+
+#endif /* HAVE_ECC_DHE */
+
+#ifdef HAVE_ECC_SIGN
+WOLFSSL_ABI WOLFSSL_API
+int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
+ WC_RNG* rng, ecc_key* key);
+WOLFSSL_API
+int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
+ ecc_key* key, mp_int *r, mp_int *s);
+#ifdef WOLFSSL_ECDSA_DETERMINISTIC_K
+WOLFSSL_API
+int wc_ecc_set_deterministic(ecc_key* key, byte flag);
+WOLFSSL_API
+int wc_ecc_gen_deterministic_k(const byte* hash, word32 hashSz,
+ enum wc_HashType hashType, mp_int* priv, mp_int* k, mp_int* order,
+ void* heap);
+#endif
+#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP)
+WOLFSSL_API
+int wc_ecc_sign_set_k(const byte* k, word32 klen, ecc_key* key);
+#endif
+#endif /* HAVE_ECC_SIGN */
+
+#ifdef HAVE_ECC_VERIFY
+WOLFSSL_API
+int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
+ word32 hashlen, int* stat, ecc_key* key);
+WOLFSSL_API
+int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
+ word32 hashlen, int* stat, ecc_key* key);
+#endif /* HAVE_ECC_VERIFY */
+
+WOLFSSL_API
+int wc_ecc_init(ecc_key* key);
+WOLFSSL_ABI WOLFSSL_API
+int wc_ecc_init_ex(ecc_key* key, void* heap, int devId);
+#ifdef WOLF_CRYPTO_CB
+WOLFSSL_API
+int wc_ecc_init_id(ecc_key* key, unsigned char* id, int len, void* heap,
+ int devId);
+WOLFSSL_API
+int wc_ecc_init_label(ecc_key* key, const char* label, void* heap, int devId);
+#endif
+#ifdef WOLFSSL_CUSTOM_CURVES
+WOLFSSL_LOCAL
+void wc_ecc_free_curve(const ecc_set_type* curve, void* heap);
+#endif
+WOLFSSL_ABI WOLFSSL_API
+int wc_ecc_free(ecc_key* key);
+WOLFSSL_API
+int wc_ecc_set_flags(ecc_key* key, word32 flags);
+WOLFSSL_API
+void wc_ecc_fp_free(void);
+WOLFSSL_LOCAL
+void wc_ecc_fp_init(void);
+#ifdef ECC_TIMING_RESISTANT
+WOLFSSL_API
+int wc_ecc_set_rng(ecc_key* key, WC_RNG* rng);
+#endif
+
+WOLFSSL_API
+int wc_ecc_set_curve(ecc_key* key, int keysize, int curve_id);
+
+WOLFSSL_API
+int wc_ecc_is_valid_idx(int n);
+WOLFSSL_API
+int wc_ecc_get_curve_idx(int curve_id);
+WOLFSSL_API
+int wc_ecc_get_curve_id(int curve_idx);
+#define wc_ecc_get_curve_name_from_id wc_ecc_get_name
+WOLFSSL_API
+int wc_ecc_get_curve_size_from_id(int curve_id);
+
+WOLFSSL_API
+int wc_ecc_get_curve_idx_from_name(const char* curveName);
+WOLFSSL_API
+int wc_ecc_get_curve_size_from_name(const char* curveName);
+WOLFSSL_API
+int wc_ecc_get_curve_id_from_name(const char* curveName);
+WOLFSSL_API
+int wc_ecc_get_curve_id_from_params(int fieldSize,
+ const byte* prime, word32 primeSz, const byte* Af, word32 AfSz,
+ const byte* Bf, word32 BfSz, const byte* order, word32 orderSz,
+ const byte* Gx, word32 GxSz, const byte* Gy, word32 GySz, int cofactor);
+WOLFSSL_API
+int wc_ecc_get_curve_id_from_dp_params(const ecc_set_type* dp);
+
+WOLFSSL_API
+int wc_ecc_get_curve_id_from_oid(const byte* oid, word32 len);
+
+WOLFSSL_API const ecc_set_type* wc_ecc_get_curve_params(int curve_idx);
+
+WOLFSSL_API
+ecc_point* wc_ecc_new_point(void);
+WOLFSSL_API
+ecc_point* wc_ecc_new_point_h(void* h);
+WOLFSSL_API
+void wc_ecc_del_point(ecc_point* p);
+WOLFSSL_API
+void wc_ecc_del_point_h(ecc_point* p, void* h);
+WOLFSSL_API
+void wc_ecc_forcezero_point(ecc_point* p);
+WOLFSSL_API
+int wc_ecc_copy_point(const ecc_point* p, ecc_point *r);
+WOLFSSL_API
+int wc_ecc_cmp_point(ecc_point* a, ecc_point *b);
+WOLFSSL_API
+int wc_ecc_point_is_at_infinity(ecc_point *p);
+WOLFSSL_API
+int wc_ecc_point_is_on_curve(ecc_point *p, int curve_idx);
+
+#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A)
+WOLFSSL_API
+int wc_ecc_mulmod(const mp_int* k, ecc_point *G, ecc_point *R,
+ mp_int* a, mp_int* modulus, int map);
+WOLFSSL_LOCAL
+int wc_ecc_mulmod_ex(const mp_int* k, ecc_point *G, ecc_point *R,
+ mp_int* a, mp_int* modulus, int map, void* heap);
+WOLFSSL_LOCAL
+int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
+ mp_int* modulus, mp_int* order, WC_RNG* rng, int map,
+ void* heap);
+#endif /* !WOLFSSL_ATECC508A */
+
+
+#ifdef HAVE_ECC_KEY_EXPORT
+/* ASN key helpers */
+WOLFSSL_API
+int wc_ecc_export_x963(ecc_key*, byte* out, word32* outLen);
+WOLFSSL_API
+int wc_ecc_export_x963_ex(ecc_key*, byte* out, word32* outLen, int compressed);
+ /* extended functionality with compressed option */
+#endif /* HAVE_ECC_KEY_EXPORT */
+
+#ifdef HAVE_ECC_KEY_IMPORT
+WOLFSSL_ABI WOLFSSL_API
+int wc_ecc_import_x963(const byte* in, word32 inLen, ecc_key* key);
+WOLFSSL_API
+int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
+ int curve_id);
+WOLFSSL_API
+int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
+ word32 pubSz, ecc_key* key);
+WOLFSSL_API
+int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
+ const byte* pub, word32 pubSz, ecc_key* key, int curve_id);
+WOLFSSL_API
+int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen);
+WOLFSSL_API
+int wc_ecc_rs_raw_to_sig(const byte* r, word32 rSz, const byte* s, word32 sSz,
+ byte* out, word32* outlen);
+WOLFSSL_API
+int wc_ecc_sig_to_rs(const byte* sig, word32 sigLen, byte* r, word32* rLen,
+ byte* s, word32* sLen);
+WOLFSSL_API
+int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy,
+ const char* d, const char* curveName);
+WOLFSSL_API
+int wc_ecc_import_raw_ex(ecc_key* key, const char* qx, const char* qy,
+ const char* d, int curve_id);
+WOLFSSL_API
+int wc_ecc_import_unsigned(ecc_key* key, byte* qx, byte* qy,
+ byte* d, int curve_id);
+#endif /* HAVE_ECC_KEY_IMPORT */
+
+#ifdef HAVE_ECC_KEY_EXPORT
+WOLFSSL_API
+int wc_ecc_export_ex(ecc_key* key, byte* qx, word32* qxLen,
+ byte* qy, word32* qyLen, byte* d, word32* dLen,
+ int encType);
+WOLFSSL_API
+int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen);
+WOLFSSL_API
+int wc_ecc_export_public_raw(ecc_key* key, byte* qx, word32* qxLen,
+ byte* qy, word32* qyLen);
+WOLFSSL_API
+int wc_ecc_export_private_raw(ecc_key* key, byte* qx, word32* qxLen,
+ byte* qy, word32* qyLen, byte* d, word32* dLen);
+#endif /* HAVE_ECC_KEY_EXPORT */
+
+#ifdef HAVE_ECC_KEY_EXPORT
+WOLFSSL_API
+int wc_ecc_export_point_der_ex(const int curve_idx, ecc_point* point, byte* out,
+ word32* outLen, int compressed);
+WOLFSSL_API
+int wc_ecc_export_point_der(const int curve_idx, ecc_point* point,
+ byte* out, word32* outLen);
+WOLFSSL_LOCAL
+int wc_ecc_export_point_der_compressed(const int curve_idx, ecc_point* point,
+ byte* out, word32* outLen);
+#endif /* HAVE_ECC_KEY_EXPORT */
+
+
+#ifdef HAVE_ECC_KEY_IMPORT
+WOLFSSL_API
+int wc_ecc_import_point_der_ex(const byte* in, word32 inLen,
+ const int curve_idx, ecc_point* point,
+ int shortKeySize);
+WOLFSSL_API
+int wc_ecc_import_point_der(const byte* in, word32 inLen, const int curve_idx,
+ ecc_point* point);
+#endif /* HAVE_ECC_KEY_IMPORT */
+
+/* size helper */
+WOLFSSL_API
+int wc_ecc_size(ecc_key* key);
+WOLFSSL_API
+int wc_ecc_sig_size_calc(int sz);
+WOLFSSL_API
+int wc_ecc_sig_size(const ecc_key* key);
+
+WOLFSSL_API
+int wc_ecc_get_oid(word32 oidSum, const byte** oid, word32* oidSz);
+
+#ifdef WOLFSSL_CUSTOM_CURVES
+ WOLFSSL_API
+ int wc_ecc_set_custom_curve(ecc_key* key, const ecc_set_type* dp);
+#endif
+
+#ifdef HAVE_ECC_ENCRYPT
+/* ecc encrypt */
+
+enum ecEncAlgo {
+ ecAES_128_CBC = 1, /* default */
+ ecAES_256_CBC = 2
+};
+
+enum ecKdfAlgo {
+ ecHKDF_SHA256 = 1, /* default */
+ ecHKDF_SHA1 = 2
+};
+
+enum ecMacAlgo {
+ ecHMAC_SHA256 = 1, /* default */
+ ecHMAC_SHA1 = 2
+};
+
+enum {
+ KEY_SIZE_128 = 16,
+ KEY_SIZE_256 = 32,
+ IV_SIZE_64 = 8,
+ IV_SIZE_128 = 16,
+ EXCHANGE_SALT_SZ = 16,
+ EXCHANGE_INFO_SZ = 23
+};
+
+enum ecFlags {
+ REQ_RESP_CLIENT = 1,
+ REQ_RESP_SERVER = 2
+};
+
+
+typedef struct ecEncCtx ecEncCtx;
+
+WOLFSSL_API
+ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng);
+WOLFSSL_API
+ecEncCtx* wc_ecc_ctx_new_ex(int flags, WC_RNG* rng, void* heap);
+WOLFSSL_API
+void wc_ecc_ctx_free(ecEncCtx*);
+WOLFSSL_API
+int wc_ecc_ctx_reset(ecEncCtx*, WC_RNG*); /* reset for use again w/o alloc/free */
+
+WOLFSSL_API
+const byte* wc_ecc_ctx_get_own_salt(ecEncCtx*);
+WOLFSSL_API
+int wc_ecc_ctx_set_peer_salt(ecEncCtx*, const byte* salt);
+WOLFSSL_API
+int wc_ecc_ctx_set_info(ecEncCtx*, const byte* info, int sz);
+
+WOLFSSL_API
+int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
+ word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
+WOLFSSL_API
+int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
+ word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
+
+#endif /* HAVE_ECC_ENCRYPT */
+
+#ifdef HAVE_X963_KDF
+WOLFSSL_API int wc_X963_KDF(enum wc_HashType type, const byte* secret,
+ word32 secretSz, const byte* sinfo, word32 sinfoSz,
+ byte* out, word32 outSz);
+#endif
+
+#ifdef ECC_CACHE_CURVE
+WOLFSSL_API int wc_ecc_curve_cache_init(void);
+WOLFSSL_API void wc_ecc_curve_cache_free(void);
+#endif
+
+WOLFSSL_API
+int wc_ecc_gen_k(WC_RNG* rng, int size, mp_int* k, mp_int* order);
+
+#ifdef WOLFSSL_DSP
+WOLFSSL_API
+int wc_ecc_set_handle(ecc_key* key, remote_handle64 handle);
+WOLFSSL_LOCAL
+int sp_dsp_ecc_verify_256(remote_handle64 handle, const byte* hash, word32 hashLen, mp_int* pX,
+ mp_int* pY, mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap);
+#endif
+
+#ifdef WC_ECC_NONBLOCK
+ WOLFSSL_API int wc_ecc_set_nonblock(ecc_key *key, ecc_nb_ctx_t* ctx);
+#endif
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* HAVE_ECC */
+#endif /* WOLF_CRYPT_ECC_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/eccsi.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/eccsi.h
new file mode 100644
index 0000000..b563514
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/eccsi.h
@@ -0,0 +1,176 @@
+/* eccsi.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/eccsi.h
+*/
+
+
+#ifndef WOLF_CRYPT_ECCSI_H
+#define WOLF_CRYPT_ECCSI_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef WOLFCRYPT_HAVE_ECCSI
+
+#include <wolfssl/wolfcrypt/integer.h>
+#include <wolfssl/wolfcrypt/ecc.h>
+#include <wolfssl/wolfcrypt/hash.h>
+#include <wolfssl/wolfcrypt/hmac.h>
+
+#define WOLFCRYPT_ECCSI_KMS
+#define WOLFCRYPT_ECCSI_CLIENT
+
+#define MAX_ECCSI_BYTES (256 / 8)
+
+/* Maximum number of loops of attempting to generate key pairs and signatures.
+ */
+#ifndef ECCSI_MAX_GEN_COUNT
+ #define ECCSI_MAX_GEN_COUNT 10
+#endif
+
+typedef struct EccsiKeyParams {
+ /** Order (q) of elliptic curve as an MP integer. */
+ mp_int order;
+#ifdef WOLFCRYPT_ECCSI_CLIENT
+ /** A parameter of elliptic curve as an MP integer. */
+ mp_int a;
+ /** P parameter of elliptic curve as an MP integer. */
+ mp_int b;
+ /** Prime of elliptic curve as an MP integer. */
+ mp_int prime;
+#endif
+ /** Base point for elliptic curve operations as an ECC point. */
+ ecc_point* base;
+
+ /** Bit indicates order (q) is set as an MP integer in ECCSI key. */
+ byte haveOrder:1;
+ /** Bit indicates A is set as an MP integer in ECCSI key. */
+ byte haveA:1;
+ /** Bit indicates B is set as an MP integer in ECCSI key. */
+ byte haveB:1;
+ /** Bit indicates prime is set as an MP integer in ECCSI key. */
+ byte havePrime:1;
+ /** Bit indicates base point is set as an MP integer in ECCSI key. */
+ byte haveBase:1;
+} EccsiKeyParams;
+
+/**
+ * ECCSI key.
+ */
+typedef struct EccsiKey {
+ /** ECC key to perform elliptic curve operations with. */
+ ecc_key ecc;
+ /** ECC key to perform public key elliptic curve operations with. */
+ ecc_key pubkey;
+ /** ECC parameter in forms that can be used in computation. */
+ EccsiKeyParams params;
+#ifdef WOLFCRYPT_ECCSI_CLIENT
+ /** Temporary MP integer used during operations.. */
+ mp_int tmp;
+ /** Secret Signing Key */
+ mp_int ssk;
+ /** Public Validation Token (PVT) */
+ ecc_point* pvt;
+#endif
+ /** Generic hash algorithm object. */
+ wc_HashAlg hash;
+ /** Temporary buffer for use in operations. */
+ byte data[(MAX_ECCSI_BYTES * 2) + 1];
+#ifdef WOLFCRYPT_ECCSI_CLIENT
+ /** Hash of identity - used in signing/verification. */
+ byte idHash[WC_MAX_DIGEST_SIZE];
+ /** Size of hash of identity in bytes. */
+ byte idHashSz;
+#endif
+ /** Heap hint for dynamic memory allocation. */
+ void* heap;
+ /** Bit indicates KPAK (public key) is in montogmery form. */
+ word16 kpakMont:1;
+} EccsiKey;
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+WOLFSSL_API int wc_InitEccsiKey(EccsiKey* key, void* heap, int devId);
+WOLFSSL_API int wc_InitEccsiKey_ex(EccsiKey* key, int keySz, int curveId,
+ void* heap, int devId);
+WOLFSSL_API void wc_FreeEccsiKey(EccsiKey* key);
+
+WOLFSSL_API int wc_MakeEccsiKey(EccsiKey* key, WC_RNG* rng);
+
+WOLFSSL_API int wc_MakeEccsiPair(EccsiKey* key, WC_RNG* rng,
+ enum wc_HashType hashType, const byte* id, word32 idSz, mp_int* ssk,
+ ecc_point* pvt);
+WOLFSSL_API int wc_ValidateEccsiPair(EccsiKey* key, enum wc_HashType hashType,
+ const byte* id, word32 idSz, const mp_int* ssk, ecc_point* pvt,
+ int* valid);
+WOLFSSL_API int wc_ValidateEccsiPvt(EccsiKey* key, const ecc_point* pvt,
+ int* valid);
+WOLFSSL_API int wc_EncodeEccsiPair(const EccsiKey* key, mp_int* ssk,
+ ecc_point* pvt, byte* data, word32* sz);
+WOLFSSL_API int wc_EncodeEccsiSsk(const EccsiKey* key, mp_int* ssk, byte* data,
+ word32* sz);
+WOLFSSL_API int wc_EncodeEccsiPvt(const EccsiKey* key, ecc_point* pvt,
+ byte* data, word32* sz, int raw);
+WOLFSSL_API int wc_DecodeEccsiPair(const EccsiKey* key, const byte* data,
+ word32 sz, mp_int* ssk, ecc_point* pvt);
+WOLFSSL_API int wc_DecodeEccsiSsk(const EccsiKey* key, const byte* data,
+ word32 sz, mp_int* ssk);
+WOLFSSL_API int wc_DecodeEccsiPvt(const EccsiKey* key, const byte* data,
+ word32 sz, ecc_point* pvt);
+WOLFSSL_API int wc_DecodeEccsiPvtFromSig(const EccsiKey* key, const byte* sig,
+ word32 sz, ecc_point* pvt);
+
+WOLFSSL_API int wc_ExportEccsiKey(EccsiKey* key, byte* data, word32* sz);
+WOLFSSL_API int wc_ImportEccsiKey(EccsiKey* key, const byte* data, word32 sz);
+
+WOLFSSL_API int wc_ExportEccsiPrivateKey(EccsiKey* key, byte* data, word32* sz);
+WOLFSSL_API int wc_ImportEccsiPrivateKey(EccsiKey* key, const byte* data,
+ word32 sz);
+
+WOLFSSL_API int wc_ExportEccsiPublicKey(EccsiKey* key, byte* data, word32* sz,
+ int raw);
+WOLFSSL_API int wc_ImportEccsiPublicKey(EccsiKey* key, const byte* data,
+ word32 sz, int trusted);
+
+WOLFSSL_API int wc_HashEccsiId(EccsiKey* key, enum wc_HashType hashType,
+ const byte* id, word32 idSz, ecc_point* pvt, byte* hash, byte* hashSz);
+WOLFSSL_API int wc_SetEccsiHash(EccsiKey* key, const byte* hash, byte hashSz);
+WOLFSSL_API int wc_SetEccsiPair(EccsiKey* key, const mp_int* ssk,
+ const ecc_point* pvt);
+
+WOLFSSL_API int wc_SignEccsiHash(EccsiKey* key, WC_RNG* rng,
+ enum wc_HashType hashType, const byte* msg, word32 msgSz, byte* sig,
+ word32* sigSz);
+WOLFSSL_API int wc_VerifyEccsiHash(EccsiKey* key, enum wc_HashType hashType,
+ const byte* msg, word32 msgSz, const byte* sig, word32 sigSz,
+ int* verified);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLFCRYPT_HAVE_ECCSI */
+
+#endif /* WOLF_CRYPT_ECCSI_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/ed25519.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/ed25519.h
new file mode 100644
index 0000000..7289923
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/ed25519.h
@@ -0,0 +1,183 @@
+/* ed25519.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/ed25519.h
+*/
+
+
+#ifndef WOLF_CRYPT_ED25519_H
+#define WOLF_CRYPT_ED25519_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef HAVE_ED25519
+
+#include <wolfssl/wolfcrypt/fe_operations.h>
+#include <wolfssl/wolfcrypt/ge_operations.h>
+#include <wolfssl/wolfcrypt/random.h>
+#include <wolfssl/wolfcrypt/sha512.h>
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+
+/* info about EdDSA curve specifically ed25519, defined as an elliptic curve
+ over GF(p) */
+/*
+ 32, key size
+ "ED25519", curve name
+ "2^255-19", prime number
+ "SHA512", hash function
+ "-121665/121666", value of d
+*/
+
+#define ED25519_KEY_SIZE 32 /* private key only */
+#define ED25519_SIG_SIZE 64
+
+#define ED25519_PUB_KEY_SIZE 32 /* compressed */
+/* both private and public key */
+#define ED25519_PRV_KEY_SIZE (ED25519_PUB_KEY_SIZE+ED25519_KEY_SIZE)
+
+
+enum {
+ Ed25519 = -1,
+ Ed25519ctx = 0,
+ Ed25519ph = 1,
+};
+
+#ifndef WC_ED25519KEY_TYPE_DEFINED
+ typedef struct ed25519_key ed25519_key;
+ #define WC_ED25519KEY_TYPE_DEFINED
+#endif
+
+/* An ED25519 Key */
+struct ed25519_key {
+ byte p[ED25519_PUB_KEY_SIZE]; /* compressed public key */
+ byte k[ED25519_PRV_KEY_SIZE]; /* private key : 32 secret -- 32 public */
+#ifdef FREESCALE_LTC_ECC
+ /* uncompressed point coordinates */
+ byte pointX[ED25519_KEY_SIZE]; /* recovered X coordinate */
+ byte pointY[ED25519_KEY_SIZE]; /* Y coordinate is the public key with The most significant bit of the final octet always zero. */
+#endif
+ word16 pubKeySet:1;
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WC_ASYNC_DEV asyncDev;
+#endif
+#if defined(WOLF_CRYPTO_CB)
+ int devId;
+#endif
+};
+
+
+WOLFSSL_API
+int wc_ed25519_make_public(ed25519_key* key, unsigned char* pubKey,
+ word32 pubKeySz);
+WOLFSSL_API
+int wc_ed25519_make_key(WC_RNG* rng, int keysize, ed25519_key* key);
+WOLFSSL_API
+int wc_ed25519_sign_msg(const byte* in, word32 inLen, byte* out,
+ word32 *outLen, ed25519_key* key);
+WOLFSSL_API
+int wc_ed25519ctx_sign_msg(const byte* in, word32 inLen, byte* out,
+ word32 *outLen, ed25519_key* key,
+ const byte* context, byte contextLen);
+WOLFSSL_API
+int wc_ed25519ph_sign_hash(const byte* hash, word32 hashLen, byte* out,
+ word32 *outLen, ed25519_key* key,
+ const byte* context, byte contextLen);
+WOLFSSL_API
+int wc_ed25519ph_sign_msg(const byte* in, word32 inLen, byte* out,
+ word32 *outLen, ed25519_key* key, const byte* context,
+ byte contextLen);
+WOLFSSL_API
+int wc_ed25519_sign_msg_ex(const byte* in, word32 inLen, byte* out,
+ word32 *outLen, ed25519_key* key, byte type,
+ const byte* context, byte contextLen);
+WOLFSSL_API
+int wc_ed25519_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
+ word32 msgLen, int* stat, ed25519_key* key);
+WOLFSSL_API
+int wc_ed25519ctx_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
+ word32 msgLen, int* stat, ed25519_key* key,
+ const byte* context, byte contextLen);
+WOLFSSL_API
+int wc_ed25519ph_verify_hash(const byte* sig, word32 sigLen, const byte* hash,
+ word32 hashLen, int* stat, ed25519_key* key,
+ const byte* context, byte contextLen);
+WOLFSSL_API
+int wc_ed25519ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
+ word32 msgLen, int* stat, ed25519_key* key,
+ const byte* context, byte contextLen);
+WOLFSSL_API
+int wc_ed25519_verify_msg_ex(const byte* sig, word32 sigLen, const byte* msg,
+ word32 msgLen, int* res, ed25519_key* key,
+ byte type, const byte* context, byte contextLen);
+
+WOLFSSL_API
+int wc_ed25519_init(ed25519_key* key);
+WOLFSSL_API
+int wc_ed25519_init_ex(ed25519_key* key, void* heap, int devId);
+WOLFSSL_API
+void wc_ed25519_free(ed25519_key* key);
+WOLFSSL_API
+int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key);
+WOLFSSL_API
+int wc_ed25519_import_private_only(const byte* priv, word32 privSz,
+ ed25519_key* key);
+WOLFSSL_API
+int wc_ed25519_import_private_key(const byte* priv, word32 privSz,
+ const byte* pub, word32 pubSz, ed25519_key* key);
+WOLFSSL_API
+int wc_ed25519_export_public(ed25519_key*, byte* out, word32* outLen);
+WOLFSSL_API
+int wc_ed25519_export_private_only(ed25519_key* key, byte* out, word32* outLen);
+WOLFSSL_API
+int wc_ed25519_export_private(ed25519_key* key, byte* out, word32* outLen);
+WOLFSSL_API
+int wc_ed25519_export_key(ed25519_key* key,
+ byte* priv, word32 *privSz,
+ byte* pub, word32 *pubSz);
+
+WOLFSSL_API
+int wc_ed25519_check_key(ed25519_key* key);
+
+/* size helper */
+WOLFSSL_API
+int wc_ed25519_size(ed25519_key* key);
+WOLFSSL_API
+int wc_ed25519_priv_size(ed25519_key* key);
+WOLFSSL_API
+int wc_ed25519_pub_size(ed25519_key* key);
+WOLFSSL_API
+int wc_ed25519_sig_size(ed25519_key* key);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* HAVE_ED25519 */
+#endif /* WOLF_CRYPT_ED25519_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/ed448.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/ed448.h
new file mode 100644
index 0000000..d45585a
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/ed448.h
@@ -0,0 +1,160 @@
+/* ed448.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/ed448.h
+*/
+
+
+#ifndef WOLF_CRYPT_ED448_H
+#define WOLF_CRYPT_ED448_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef HAVE_ED448
+
+#include <wolfssl/wolfcrypt/fe_448.h>
+#include <wolfssl/wolfcrypt/ge_448.h>
+#include <wolfssl/wolfcrypt/random.h>
+#include <wolfssl/wolfcrypt/sha3.h>
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+
+/* info about EdDSA curve specifically ed448, defined as an elliptic curve
+ * over GF(p)
+ *
+ * 56 key size
+ * "ED448" curve name
+ * "2^448-2^224-1" prime number
+ * "-39081" value of d
+ * "SHAKE256" hash function
+ */
+
+#define ED448_KEY_SIZE 57 /* private key only */
+#define ED448_SIG_SIZE 114 /* two elements */
+
+#define ED448_PUB_KEY_SIZE 57 /* compressed */
+/* both private and public key */
+#define ED448_PRV_KEY_SIZE (ED448_PUB_KEY_SIZE+ED448_KEY_SIZE)
+
+
+enum {
+ Ed448 = 0,
+ Ed448ph = 1,
+};
+
+#ifndef WC_ED448KEY_TYPE_DEFINED
+ typedef struct ed448_key ed448_key;
+ #define WC_ED448KEY_TYPE_DEFINED
+#endif
+
+/* An ED448 Key */
+struct ed448_key {
+ byte p[ED448_PUB_KEY_SIZE]; /* compressed public key */
+ byte k[ED448_PRV_KEY_SIZE]; /* private key : 56 secret -- 56 public */
+#ifdef FREESCALE_LTC_ECC
+ /* uncompressed point coordinates */
+ byte pointX[ED448_KEY_SIZE]; /* recovered X coordinate */
+ byte pointY[ED448_KEY_SIZE]; /* Y coordinate is the public key with The most significant bit of the final octet always zero. */
+#endif
+ word16 pubKeySet:1;
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WC_ASYNC_DEV asyncDev;
+#endif
+};
+
+
+WOLFSSL_API
+int wc_ed448_make_public(ed448_key* key, unsigned char* pubKey,
+ word32 pubKeySz);
+WOLFSSL_API
+int wc_ed448_make_key(WC_RNG* rng, int keysize, ed448_key* key);
+WOLFSSL_API
+int wc_ed448_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen,
+ ed448_key* key, const byte* context, byte contextLen);
+WOLFSSL_API
+int wc_ed448ph_sign_hash(const byte* hash, word32 hashLen, byte* out,
+ word32 *outLen, ed448_key* key,
+ const byte* context, byte contextLen);
+WOLFSSL_API
+int wc_ed448ph_sign_msg(const byte* in, word32 inLen, byte* out,
+ word32 *outLen, ed448_key* key, const byte* context,
+ byte contextLen);
+WOLFSSL_API
+int wc_ed448_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
+ word32 msgLen, int* stat, ed448_key* key,
+ const byte* context, byte contextLen);
+WOLFSSL_API
+int wc_ed448ph_verify_hash(const byte* sig, word32 sigLen, const byte* hash,
+ word32 hashLen, int* stat, ed448_key* key,
+ const byte* context, byte contextLen);
+WOLFSSL_API
+int wc_ed448ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
+ word32 msgLen, int* stat, ed448_key* key,
+ const byte* context, byte contextLen);
+WOLFSSL_API
+int wc_ed448_init(ed448_key* key);
+WOLFSSL_API
+void wc_ed448_free(ed448_key* key);
+WOLFSSL_API
+int wc_ed448_import_public(const byte* in, word32 inLen, ed448_key* key);
+WOLFSSL_API
+int wc_ed448_import_private_only(const byte* priv, word32 privSz,
+ ed448_key* key);
+WOLFSSL_API
+int wc_ed448_import_private_key(const byte* priv, word32 privSz,
+ const byte* pub, word32 pubSz, ed448_key* key);
+WOLFSSL_API
+int wc_ed448_export_public(ed448_key*, byte* out, word32* outLen);
+WOLFSSL_API
+int wc_ed448_export_private_only(ed448_key* key, byte* out, word32* outLen);
+WOLFSSL_API
+int wc_ed448_export_private(ed448_key* key, byte* out, word32* outLen);
+WOLFSSL_API
+int wc_ed448_export_key(ed448_key* key, byte* priv, word32 *privSz,
+ byte* pub, word32 *pubSz);
+
+WOLFSSL_API
+int wc_ed448_check_key(ed448_key* key);
+
+/* size helper */
+WOLFSSL_API
+int wc_ed448_size(ed448_key* key);
+WOLFSSL_API
+int wc_ed448_priv_size(ed448_key* key);
+WOLFSSL_API
+int wc_ed448_pub_size(ed448_key* key);
+WOLFSSL_API
+int wc_ed448_sig_size(ed448_key* key);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* HAVE_ED448 */
+#endif /* WOLF_CRYPT_ED448_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/error-crypt.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/error-crypt.h
new file mode 100644
index 0000000..dd6ac17
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/error-crypt.h
@@ -0,0 +1,264 @@
+/* error-crypt.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/error-crypt.h
+*/
+/*
+DESCRIPTION
+This library defines error codes and contians routines for setting and examining
+the error status.
+*/
+
+#ifndef WOLF_CRYPT_ERROR_H
+#define WOLF_CRYPT_ERROR_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#if defined(HAVE_FIPS) && \
+ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
+ #include <cyassl/ctaocrypt/error-crypt.h>
+#endif /* HAVE_FIPS V1 */
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+
+/* error codes, add string for new errors !!! */
+enum {
+ MAX_CODE_E = -100, /* errors -101 - -299 */
+ OPEN_RAN_E = -101, /* opening random device error */
+ READ_RAN_E = -102, /* reading random device error */
+ WINCRYPT_E = -103, /* windows crypt init error */
+ CRYPTGEN_E = -104, /* windows crypt generation error */
+ RAN_BLOCK_E = -105, /* reading random device would block */
+ BAD_MUTEX_E = -106, /* Bad mutex operation */
+ WC_TIMEOUT_E = -107, /* timeout error */
+ WC_PENDING_E = -108, /* wolfCrypt operation pending (would block) */
+ WC_NOT_PENDING_E = -109, /* wolfCrypt operation not pending */
+
+ MP_INIT_E = -110, /* mp_init error state */
+ MP_READ_E = -111, /* mp_read error state */
+ MP_EXPTMOD_E = -112, /* mp_exptmod error state */
+ MP_TO_E = -113, /* mp_to_xxx error state, can't convert */
+ MP_SUB_E = -114, /* mp_sub error state, can't subtract */
+ MP_ADD_E = -115, /* mp_add error state, can't add */
+ MP_MUL_E = -116, /* mp_mul error state, can't multiply */
+ MP_MULMOD_E = -117, /* mp_mulmod error state, can't multiply mod */
+ MP_MOD_E = -118, /* mp_mod error state, can't mod */
+ MP_INVMOD_E = -119, /* mp_invmod error state, can't inv mod */
+ MP_CMP_E = -120, /* mp_cmp error state */
+ MP_ZERO_E = -121, /* got a mp zero result, not expected */
+
+ MEMORY_E = -125, /* out of memory error */
+ VAR_STATE_CHANGE_E = -126, /* var state modified by different thread */
+
+ RSA_WRONG_TYPE_E = -130, /* RSA wrong block type for RSA function */
+ RSA_BUFFER_E = -131, /* RSA buffer error, output too small or
+ input too large */
+ BUFFER_E = -132, /* output buffer too small or input too large */
+ ALGO_ID_E = -133, /* setting algo id error */
+ PUBLIC_KEY_E = -134, /* setting public key error */
+ DATE_E = -135, /* setting date validity error */
+ SUBJECT_E = -136, /* setting subject name error */
+ ISSUER_E = -137, /* setting issuer name error */
+ CA_TRUE_E = -138, /* setting CA basic constraint true error */
+ EXTENSIONS_E = -139, /* setting extensions error */
+
+ ASN_PARSE_E = -140, /* ASN parsing error, invalid input */
+ ASN_VERSION_E = -141, /* ASN version error, invalid number */
+ ASN_GETINT_E = -142, /* ASN get big int error, invalid data */
+ ASN_RSA_KEY_E = -143, /* ASN key init error, invalid input */
+ ASN_OBJECT_ID_E = -144, /* ASN object id error, invalid id */
+ ASN_TAG_NULL_E = -145, /* ASN tag error, not null */
+ ASN_EXPECT_0_E = -146, /* ASN expect error, not zero */
+ ASN_BITSTR_E = -147, /* ASN bit string error, wrong id */
+ ASN_UNKNOWN_OID_E = -148, /* ASN oid error, unknown sum id */
+ ASN_DATE_SZ_E = -149, /* ASN date error, bad size */
+ ASN_BEFORE_DATE_E = -150, /* ASN date error, current date before */
+ ASN_AFTER_DATE_E = -151, /* ASN date error, current date after */
+ ASN_SIG_OID_E = -152, /* ASN signature error, mismatched oid */
+ ASN_TIME_E = -153, /* ASN time error, unknown time type */
+ ASN_INPUT_E = -154, /* ASN input error, not enough data */
+ ASN_SIG_CONFIRM_E = -155, /* ASN sig error, confirm failure */
+ ASN_SIG_HASH_E = -156, /* ASN sig error, unsupported hash type */
+ ASN_SIG_KEY_E = -157, /* ASN sig error, unsupported key type */
+ ASN_DH_KEY_E = -158, /* ASN key init error, invalid input */
+ ASN_NTRU_KEY_E = -159, /* ASN ntru key decode error, invalid input */
+ ASN_CRIT_EXT_E = -160, /* ASN unsupported critical extension */
+ ASN_ALT_NAME_E = -161, /* ASN alternate name error */
+ ASN_NO_PEM_HEADER = -162, /* ASN no PEM header found */
+
+ ECC_BAD_ARG_E = -170, /* ECC input argument of wrong type */
+ ASN_ECC_KEY_E = -171, /* ASN ECC bad input */
+ ECC_CURVE_OID_E = -172, /* Unsupported ECC OID curve type */
+ BAD_FUNC_ARG = -173, /* Bad function argument provided */
+ NOT_COMPILED_IN = -174, /* Feature not compiled in */
+ UNICODE_SIZE_E = -175, /* Unicode password too big */
+ NO_PASSWORD = -176, /* no password provided by user */
+ ALT_NAME_E = -177, /* alt name size problem, too big */
+ BAD_OCSP_RESPONDER = -178, /* missing key usage extensions */
+
+ AES_GCM_AUTH_E = -180, /* AES-GCM Authentication check failure */
+ AES_CCM_AUTH_E = -181, /* AES-CCM Authentication check failure */
+
+ ASYNC_INIT_E = -182, /* Async Init type error */
+
+ COMPRESS_INIT_E = -183, /* Compress init error */
+ COMPRESS_E = -184, /* Compress error */
+ DECOMPRESS_INIT_E = -185, /* DeCompress init error */
+ DECOMPRESS_E = -186, /* DeCompress error */
+
+ BAD_ALIGN_E = -187, /* Bad alignment for operation, no alloc */
+ ASN_NO_SIGNER_E = -188, /* ASN no signer to confirm failure */
+ ASN_CRL_CONFIRM_E = -189, /* ASN CRL signature confirm failure */
+ ASN_CRL_NO_SIGNER_E = -190, /* ASN CRL no signer to confirm failure */
+ ASN_OCSP_CONFIRM_E = -191, /* ASN OCSP signature confirm failure */
+
+ BAD_STATE_E = -192, /* Bad state operation */
+ BAD_PADDING_E = -193, /* Bad padding, msg not correct length */
+
+ REQ_ATTRIBUTE_E = -194, /* setting cert request attributes error */
+
+ PKCS7_OID_E = -195, /* PKCS#7, mismatched OID error */
+ PKCS7_RECIP_E = -196, /* PKCS#7, recipient error */
+ FIPS_NOT_ALLOWED_E = -197, /* FIPS not allowed error */
+ ASN_NAME_INVALID_E = -198, /* ASN name constraint error */
+
+ RNG_FAILURE_E = -199, /* RNG Failed, Reinitialize */
+ HMAC_MIN_KEYLEN_E = -200, /* FIPS Mode HMAC Minimum Key Length error */
+ RSA_PAD_E = -201, /* RSA Padding Error */
+ LENGTH_ONLY_E = -202, /* Returning output length only */
+
+ IN_CORE_FIPS_E = -203, /* In Core Integrity check failure */
+ AES_KAT_FIPS_E = -204, /* AES KAT failure */
+ DES3_KAT_FIPS_E = -205, /* DES3 KAT failure */
+ HMAC_KAT_FIPS_E = -206, /* HMAC KAT failure */
+ RSA_KAT_FIPS_E = -207, /* RSA KAT failure */
+ DRBG_KAT_FIPS_E = -208, /* HASH DRBG KAT failure */
+ DRBG_CONT_FIPS_E = -209, /* HASH DRBG Continuous test failure */
+ AESGCM_KAT_FIPS_E = -210, /* AESGCM KAT failure */
+ THREAD_STORE_KEY_E = -211, /* Thread local storage key create failure */
+ THREAD_STORE_SET_E = -212, /* Thread local storage key set failure */
+
+ MAC_CMP_FAILED_E = -213, /* MAC comparison failed */
+ IS_POINT_E = -214, /* ECC is point on curve failed */
+ ECC_INF_E = -215, /* ECC point infinity error */
+ ECC_PRIV_KEY_E = -216, /* ECC private key not valid error */
+ ECC_OUT_OF_RANGE_E = -217, /* ECC key component out of range */
+
+ SRP_CALL_ORDER_E = -218, /* SRP function called in the wrong order. */
+ SRP_VERIFY_E = -219, /* SRP proof verification failed. */
+ SRP_BAD_KEY_E = -220, /* SRP bad ephemeral values. */
+
+ ASN_NO_SKID = -221, /* ASN no Subject Key Identifier found */
+ ASN_NO_AKID = -222, /* ASN no Authority Key Identifier found */
+ ASN_NO_KEYUSAGE = -223, /* ASN no Key Usage found */
+ SKID_E = -224, /* setting Subject Key Identifier error */
+ AKID_E = -225, /* setting Authority Key Identifier error */
+ KEYUSAGE_E = -226, /* Bad Key Usage value */
+ CERTPOLICIES_E = -227, /* setting Certificate Policies error */
+
+ WC_INIT_E = -228, /* wolfcrypt failed to initialize */
+ SIG_VERIFY_E = -229, /* wolfcrypt signature verify error */
+ BAD_COND_E = -230, /* Bad condition variable operation */
+ SIG_TYPE_E = -231, /* Signature Type not enabled/available */
+ HASH_TYPE_E = -232, /* Hash Type not enabled/available */
+
+ WC_KEY_SIZE_E = -234, /* Key size error, either too small or large */
+ ASN_COUNTRY_SIZE_E = -235, /* ASN Cert Gen, invalid country code size */
+ MISSING_RNG_E = -236, /* RNG required but not provided */
+ ASN_PATHLEN_SIZE_E = -237, /* ASN CA path length too large error */
+ ASN_PATHLEN_INV_E = -238, /* ASN CA path length inversion error */
+
+ BAD_KEYWRAP_ALG_E = -239,
+ BAD_KEYWRAP_IV_E = -240, /* Decrypted AES key wrap IV incorrect */
+ WC_CLEANUP_E = -241, /* wolfcrypt cleanup failed */
+ ECC_CDH_KAT_FIPS_E = -242, /* ECC CDH Known Answer Test failure */
+ DH_CHECK_PUB_E = -243, /* DH Check Pub Key error */
+ BAD_PATH_ERROR = -244, /* Bad path for opendir */
+
+ ASYNC_OP_E = -245, /* Async operation error */
+
+ ECC_PRIVATEONLY_E = -246, /* Invalid use of private only ECC key*/
+ EXTKEYUSAGE_E = -247, /* Bad Extended Key Usage value */
+ WC_HW_E = -248, /* Error with hardware crypto use */
+ WC_HW_WAIT_E = -249, /* Hardware waiting on resource */
+
+ PSS_SALTLEN_E = -250, /* PSS length of salt is too long for hash */
+ PRIME_GEN_E = -251, /* Failure finding a prime. */
+ BER_INDEF_E = -252, /* Cannot decode indefinite length BER. */
+ RSA_OUT_OF_RANGE_E = -253, /* Ciphertext to decrypt out of range. */
+ RSAPSS_PAT_FIPS_E = -254, /* RSA-PSS PAT failure */
+ ECDSA_PAT_FIPS_E = -255, /* ECDSA PAT failure */
+ DH_KAT_FIPS_E = -256, /* DH KAT failure */
+ AESCCM_KAT_FIPS_E = -257, /* AESCCM KAT failure */
+ SHA3_KAT_FIPS_E = -258, /* SHA-3 KAT failure */
+ ECDHE_KAT_FIPS_E = -259, /* ECDHE KAT failure */
+ AES_GCM_OVERFLOW_E = -260, /* AES-GCM invocation counter overflow. */
+ AES_CCM_OVERFLOW_E = -261, /* AES-CCM invocation counter overflow. */
+ RSA_KEY_PAIR_E = -262, /* RSA Key Pair-Wise Consistency check fail. */
+ DH_CHECK_PRIV_E = -263, /* DH Check Priv Key error */
+
+ WC_AFALG_SOCK_E = -264, /* AF_ALG socket error */
+ WC_DEVCRYPTO_E = -265, /* /dev/crypto error */
+
+ ZLIB_INIT_ERROR = -266, /* zlib init error */
+ ZLIB_COMPRESS_ERROR = -267, /* zlib compression error */
+ ZLIB_DECOMPRESS_ERROR = -268, /* zlib decompression error */
+
+ PKCS7_NO_SIGNER_E = -269, /* No signer in PKCS#7 signed data msg */
+ WC_PKCS7_WANT_READ_E= -270, /* PKCS7 operations wants more input */
+
+ CRYPTOCB_UNAVAILABLE= -271, /* Crypto callback unavailable */
+ PKCS7_SIGNEEDS_CHECK= -272, /* signature needs verified by caller */
+ PSS_SALTLEN_RECOVER_E=-273, /* PSS slat length not recoverable */
+ CHACHA_POLY_OVERFLOW =-274, /* ChaCha20Poly1305 limit overflow */
+ ASN_SELF_SIGNED_E = -275, /* ASN self-signed certificate error */
+ SAKKE_VERIFY_FAIL_E = -276, /* SAKKE derivation verification error */
+ MISSING_IV = -277, /* IV was not set */
+ MISSING_KEY = -278, /* Key was not set */
+ BAD_LENGTH_E = -279, /* Value of length parameter is invalid. */
+
+ WC_LAST_E = -279, /* Update this to indicate last error */
+ MIN_CODE_E = -300 /* errors -101 - -299 */
+
+ /* add new companion error id strings for any new error codes
+ wolfcrypt/src/error.c !!! */
+};
+
+
+#ifdef NO_ERROR_STRINGS
+ #define wc_GetErrorString(error) "no support for error strings built in"
+ #define wc_ErrorString(err, buf) \
+ (void)err; XSTRNCPY((buf), wc_GetErrorString((err)), \
+ WOLFSSL_MAX_ERROR_SZ);
+
+#else
+WOLFSSL_API void wc_ErrorString(int err, char* buff);
+WOLFSSL_API const char* wc_GetErrorString(int error);
+#endif
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+#endif /* WOLF_CRYPT_ERROR_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/fe_448.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/fe_448.h
new file mode 100644
index 0000000..6be82cd
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/fe_448.h
@@ -0,0 +1,121 @@
+/* fe448_448.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+#ifndef WOLF_CRYPT_FE_448_H
+#define WOLF_CRYPT_FE_448_H
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#if defined(HAVE_CURVE448) || defined(HAVE_ED448)
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#if defined(HAVE___UINT128_T) && !defined(NO_CURVED448_128BIT)
+ #define CURVED448_128BIT
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* default to be faster but take more memory */
+#if !defined(CURVE448_SMALL) && !defined(ED448_SMALL)
+
+#if defined(CURVED448_128BIT)
+ typedef sword64 fe448;
+ #ifndef WOLFSSL_UINT128_T_DEFINED
+ #ifdef __SIZEOF_INT128__
+ typedef __uint128_t uint128_t;
+ typedef __int128_t int128_t;
+ typedef __uint128_t word128;
+ typedef __int128_t sword128;
+ #else
+ typedef unsigned long uint128_t __attribute__ ((mode(TI)));
+ typedef long int128_t __attribute__ ((mode(TI)));
+ typedef uint128_t word128;
+ typedef int128_t sword128;
+ #endif
+ #define WOLFSSL_UINT128_T_DEFINED
+ #endif
+#else
+ typedef sword32 fe448;
+#endif
+
+WOLFSSL_LOCAL void fe448_init(void);
+WOLFSSL_LOCAL int curve448(byte* r, const byte* n, const byte* a);
+
+#if !defined(CURVED448_128BIT)
+WOLFSSL_LOCAL void fe448_reduce(fe448*);
+#else
+#define fe448_reduce(a)
+#endif
+WOLFSSL_LOCAL void fe448_neg(fe448*,const fe448*);
+WOLFSSL_LOCAL void fe448_add(fe448*, const fe448*, const fe448*);
+WOLFSSL_LOCAL void fe448_sub(fe448*, const fe448*, const fe448*);
+WOLFSSL_LOCAL void fe448_mul(fe448*,const fe448*,const fe448*);
+WOLFSSL_LOCAL void fe448_sqr(fe448*, const fe448*);
+WOLFSSL_LOCAL void fe448_mul39081(fe448*, const fe448*);
+WOLFSSL_LOCAL void fe448_invert(fe448*, const fe448*);
+
+WOLFSSL_LOCAL void fe448_0(fe448*);
+WOLFSSL_LOCAL void fe448_1(fe448*);
+WOLFSSL_LOCAL void fe448_copy(fe448*, const fe448*);
+WOLFSSL_LOCAL int fe448_isnonzero(const fe448*);
+WOLFSSL_LOCAL int fe448_isnegative(const fe448*);
+
+WOLFSSL_LOCAL void fe448_from_bytes(fe448*,const unsigned char *);
+WOLFSSL_LOCAL void fe448_to_bytes(unsigned char *, const fe448*);
+
+WOLFSSL_LOCAL void fe448_cmov(fe448*,const fe448*, int);
+WOLFSSL_LOCAL void fe448_pow_2_446_222_1(fe448*,const fe448*);
+
+#else
+
+WOLFSSL_LOCAL void fe448_init(void);
+WOLFSSL_LOCAL int curve448(byte* r, const byte* n, const byte* a);
+
+#define fe448_reduce(a)
+WOLFSSL_LOCAL void fe448_neg(word8*,const word8*);
+WOLFSSL_LOCAL void fe448_add(word8*, const word8*, const word8*);
+WOLFSSL_LOCAL void fe448_sub(word8*, const word8*, const word8*);
+WOLFSSL_LOCAL void fe448_mul(word8*,const word8*,const word8*);
+WOLFSSL_LOCAL void fe448_sqr(word8*, const word8*);
+WOLFSSL_LOCAL void fe448_mul39081(word8*, const word8*);
+WOLFSSL_LOCAL void fe448_invert(word8*, const word8*);
+
+WOLFSSL_LOCAL void fe448_copy(word8*, const word8*);
+WOLFSSL_LOCAL int fe448_isnonzero(const word8*);
+
+WOLFSSL_LOCAL void fe448_norm(byte *a);
+
+WOLFSSL_LOCAL void fe448_cmov(word8*,const word8*, int);
+WOLFSSL_LOCAL void fe448_pow_2_446_222_1(word8*,const word8*);
+
+#endif /* !CURVE448_SMALL || !ED448_SMALL */
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* HAVE_CURVE448 || HAVE_ED448 */
+
+#endif /* WOLF_CRYPT_FE_448_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/fe_operations.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/fe_operations.h
new file mode 100644
index 0000000..03d3afa
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/fe_operations.h
@@ -0,0 +1,206 @@
+/* fe_operations.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+#ifndef WOLF_CRYPT_FE_OPERATIONS_H
+#define WOLF_CRYPT_FE_OPERATIONS_H
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#if defined(USE_INTEL_SPEEDUP) && !defined(NO_CURVED25519_X64)
+ #define CURVED25519_X64
+#elif defined(HAVE___UINT128_T) && !defined(NO_CURVED25519_128BIT)
+ #define CURVED25519_128BIT
+#endif
+
+#if defined(CURVED25519_X64)
+ #define CURVED25519_ASM_64BIT
+ #define CURVED25519_ASM
+#endif
+#if defined(WOLFSSL_ARMASM)
+ #ifdef __aarch64__
+ #define CURVED25519_ASM_64BIT
+ #else
+ #define CURVED25519_ASM_32BIT
+ #endif
+ #define CURVED25519_ASM
+#endif
+
+/*
+fe means field element.
+Here the field is \Z/(2^255-19).
+An element t, entries t[0]...t[9], represents the integer
+t[0]+2^26 t[1]+2^51 t[2]+2^77 t[3]+2^102 t[4]+...+2^230 t[9].
+Bounds on each t[i] vary depending on context.
+*/
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#if defined(CURVE25519_SMALL) || defined(ED25519_SMALL)
+ #define F25519_SIZE 32
+
+ WOLFSSL_LOCAL void lm_copy(byte*, const byte*);
+ WOLFSSL_LOCAL void lm_add(byte*, const byte*, const byte*);
+ WOLFSSL_LOCAL void lm_sub(byte*, const byte*, const byte*);
+ WOLFSSL_LOCAL void lm_neg(byte*,const byte*);
+ WOLFSSL_LOCAL void lm_invert(byte*, const byte*);
+ WOLFSSL_LOCAL void lm_mul(byte*,const byte*,const byte*);
+#endif
+
+
+#if !defined(FREESCALE_LTC_ECC)
+WOLFSSL_LOCAL void fe_init(void);
+
+WOLFSSL_LOCAL int curve25519(byte * q, const byte * n, const byte * p);
+#endif
+
+/* default to be faster but take more memory */
+#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
+
+#ifdef CURVED25519_ASM_64BIT
+ typedef sword64 fe[4];
+#elif defined(CURVED25519_ASM_32BIT)
+ typedef sword32 fe[8];
+#elif defined(CURVED25519_128BIT)
+ typedef sword64 fe[5];
+#else
+ typedef sword32 fe[10];
+#endif
+
+WOLFSSL_LOCAL void fe_copy(fe, const fe);
+WOLFSSL_LOCAL void fe_add(fe, const fe, const fe);
+WOLFSSL_LOCAL void fe_neg(fe,const fe);
+WOLFSSL_LOCAL void fe_sub(fe, const fe, const fe);
+WOLFSSL_LOCAL void fe_invert(fe, const fe);
+WOLFSSL_LOCAL void fe_mul(fe,const fe,const fe);
+
+
+/* Based On Daniel J Bernstein's curve25519 and ed25519 Public Domain ref10
+ work. */
+
+WOLFSSL_LOCAL void fe_0(fe);
+WOLFSSL_LOCAL void fe_1(fe);
+WOLFSSL_LOCAL int fe_isnonzero(const fe);
+WOLFSSL_LOCAL int fe_isnegative(const fe);
+WOLFSSL_LOCAL void fe_tobytes(unsigned char *, const fe);
+WOLFSSL_LOCAL void fe_sq(fe, const fe);
+WOLFSSL_LOCAL void fe_sq2(fe,const fe);
+WOLFSSL_LOCAL void fe_frombytes(fe,const unsigned char *);
+WOLFSSL_LOCAL void fe_cswap(fe, fe, int);
+WOLFSSL_LOCAL void fe_mul121666(fe,fe);
+WOLFSSL_LOCAL void fe_cmov(fe,const fe, int);
+WOLFSSL_LOCAL void fe_pow22523(fe,const fe);
+
+/* 64 type needed for SHA512 */
+WOLFSSL_LOCAL word64 load_3(const unsigned char *in);
+WOLFSSL_LOCAL word64 load_4(const unsigned char *in);
+
+#ifdef CURVED25519_ASM
+WOLFSSL_LOCAL void fe_ge_to_p2(fe rx, fe ry, fe rz, const fe px, const fe py,
+ const fe pz, const fe pt);
+WOLFSSL_LOCAL void fe_ge_to_p3(fe rx, fe ry, fe rz, fe rt, const fe px,
+ const fe py, const fe pz, const fe pt);
+WOLFSSL_LOCAL void fe_ge_dbl(fe rx, fe ry, fe rz, fe rt, const fe px,
+ const fe py, const fe pz);
+WOLFSSL_LOCAL void fe_ge_madd(fe rx, fe ry, fe rz, fe rt, const fe px,
+ const fe py, const fe pz, const fe pt,
+ const fe qxy2d, const fe qyplusx,
+ const fe qyminusx);
+WOLFSSL_LOCAL void fe_ge_msub(fe rx, fe ry, fe rz, fe rt, const fe px,
+ const fe py, const fe pz, const fe pt,
+ const fe qxy2d, const fe qyplusx,
+ const fe qyminusx);
+WOLFSSL_LOCAL void fe_ge_add(fe rx, fe ry, fe rz, fe rt, const fe px,
+ const fe py, const fe pz, const fe pt, const fe qz,
+ const fe qt2d, const fe qyplusx,
+ const fe qyminusx);
+WOLFSSL_LOCAL void fe_ge_sub(fe rx, fe ry, fe rz, fe rt, const fe px,
+ const fe py, const fe pz, const fe pt, const fe qz,
+ const fe qt2d, const fe qyplusx,
+ const fe qyminusx);
+WOLFSSL_LOCAL void fe_cmov_table(fe* r, fe* base, signed char b);
+#endif /* CURVED25519_ASM */
+#endif /* !CURVE25519_SMALL || !ED25519_SMALL */
+
+/* Use less memory and only 32bit types or less, but is slower
+ Based on Daniel Beer's public domain work. */
+#if defined(CURVE25519_SMALL) || defined(ED25519_SMALL)
+static const byte c25519_base_x[F25519_SIZE] = {9};
+static const byte f25519_zero[F25519_SIZE] = {0};
+static const byte f25519_one[F25519_SIZE] = {1};
+static const byte fprime_zero[F25519_SIZE] = {0};
+static const byte fprime_one[F25519_SIZE] = {1};
+
+WOLFSSL_LOCAL void fe_load(byte *x, word32 c);
+WOLFSSL_LOCAL void fe_normalize(byte *x);
+WOLFSSL_LOCAL void fe_inv__distinct(byte *r, const byte *x);
+
+/* Conditional copy. If condition == 0, then zero is copied to dst. If
+ * condition == 1, then one is copied to dst. Any other value results in
+ * undefined behavior.
+ */
+WOLFSSL_LOCAL void fe_select(byte *dst, const byte *zero, const byte *one,
+ byte condition);
+
+/* Multiply a point by a small constant. The two pointers are not
+ * required to be distinct.
+ *
+ * The constant must be less than 2^24.
+ */
+WOLFSSL_LOCAL void fe_mul_c(byte *r, const byte *a, word32 b);
+WOLFSSL_LOCAL void fe_mul__distinct(byte *r, const byte *a, const byte *b);
+
+/* Compute one of the square roots of the field element, if the element
+ * is square. The other square is -r.
+ *
+ * If the input is not square, the returned value is a valid field
+ * element, but not the correct answer. If you don't already know that
+ * your element is square, you should square the return value and test.
+ */
+WOLFSSL_LOCAL void fe_sqrt(byte *r, const byte *x);
+
+/* Conditional copy. If condition == 0, then zero is copied to dst. If
+ * condition == 1, then one is copied to dst. Any other value results in
+ * undefined behavior.
+ */
+WOLFSSL_LOCAL void fprime_select(byte *dst, const byte *zero, const byte *one,
+ byte condition);
+WOLFSSL_LOCAL void fprime_add(byte *r, const byte *a, const byte *modulus);
+WOLFSSL_LOCAL void fprime_sub(byte *r, const byte *a, const byte *modulus);
+WOLFSSL_LOCAL void fprime_mul(byte *r, const byte *a, const byte *b,
+ const byte *modulus);
+WOLFSSL_LOCAL void fprime_copy(byte *x, const byte *a);
+
+#endif /* CURVE25519_SMALL || ED25519_SMALL */
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* HAVE_CURVE25519 || HAVE_ED25519 */
+
+#endif /* WOLF_CRYPT_FE_OPERATIONS_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/fips_test.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/fips_test.h
new file mode 100644
index 0000000..9d139fd
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/fips_test.h
@@ -0,0 +1,59 @@
+/* fips_test.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+
+#ifndef WOLF_CRYPT_FIPS_TEST_H
+#define WOLF_CRYPT_FIPS_TEST_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* Known Answer Test string inputs are hex, internal */
+WOLFSSL_LOCAL int DoKnownAnswerTests(char*, int);
+
+
+/* FIPS failure callback */
+typedef void(*wolfCrypt_fips_cb)(int ok, int err, const char* hash);
+
+/* Public set function */
+WOLFSSL_API int wolfCrypt_SetCb_fips(wolfCrypt_fips_cb cbf);
+
+/* Public get status functions */
+WOLFSSL_API int wolfCrypt_GetStatus_fips(void);
+WOLFSSL_API const char* wolfCrypt_GetCoreHash_fips(void);
+
+#ifdef HAVE_FORCE_FIPS_FAILURE
+ /* Public function to force failure mode for operational testing */
+ WOLFSSL_API int wolfCrypt_SetStatus_fips(int);
+#endif
+
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_FIPS_TEST_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/ge_448.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/ge_448.h
new file mode 100644
index 0000000..befedce
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/ge_448.h
@@ -0,0 +1,86 @@
+/* ge_448.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+#ifndef WOLF_CRYPT_GE_448_H
+#define WOLF_CRYPT_GE_448_H
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef HAVE_ED448
+
+#include <wolfssl/wolfcrypt/fe_448.h>
+
+/*
+ge448 means group element.
+
+Here the group is the set of pairs (x,y) of field elements (see fe.h)
+satisfying -x^2 + y^2 = 1 + d x^2y^2
+where d = -39081.
+
+Representations:
+ ge448_p2 (projective) : (X:Y:Z) satisfying x=X/Z, y=Y/Z
+ ge448_precomp (affine): (x,y)
+*/
+
+#ifdef ED448_SMALL
+ typedef byte ge448;
+ #define GE448_WORDS 56
+#elif defined(CURVED448_128BIT)
+ typedef sword64 ge448;
+ #define GE448_WORDS 8
+#else
+ typedef sword32 ge448;
+ #define GE448_WORDS 16
+#endif
+
+typedef struct {
+ ge448 X[GE448_WORDS];
+ ge448 Y[GE448_WORDS];
+ ge448 Z[GE448_WORDS];
+} ge448_p2;
+
+
+WOLFSSL_LOCAL int ge448_compress_key(byte*, const byte*, const byte*);
+WOLFSSL_LOCAL int ge448_from_bytes_negate_vartime(ge448_p2 *,
+ const unsigned char *);
+
+WOLFSSL_LOCAL int ge448_double_scalarmult_vartime(ge448_p2 *,
+ const unsigned char *,
+ const ge448_p2 *,
+ const unsigned char *);
+WOLFSSL_LOCAL void ge448_scalarmult_base(ge448_p2 *, const unsigned char *);
+WOLFSSL_LOCAL void sc448_reduce(byte*);
+WOLFSSL_LOCAL void sc448_muladd(byte*, const byte*, const byte*, const byte*);
+WOLFSSL_LOCAL void ge448_to_bytes(unsigned char *, const ge448_p2 *);
+
+
+#ifndef ED448_SMALL
+typedef struct {
+ ge448 x[GE448_WORDS];
+ ge448 y[GE448_WORDS];
+} ge448_precomp;
+
+#endif /* !ED448_SMALL */
+
+#endif /* HAVE_ED448 */
+
+#endif /* WOLF_CRYPT_GE_448_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/ge_operations.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/ge_operations.h
new file mode 100644
index 0000000..5ad7814
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/ge_operations.h
@@ -0,0 +1,113 @@
+/* ge_operations.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+ /* Based On Daniel J Bernstein's ed25519 Public Domain ref10 work. */
+
+#ifndef WOLF_CRYPT_GE_OPERATIONS_H
+#define WOLF_CRYPT_GE_OPERATIONS_H
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef HAVE_ED25519
+
+#include <wolfssl/wolfcrypt/fe_operations.h>
+
+/*
+ge means group element.
+
+Here the group is the set of pairs (x,y) of field elements (see fe.h)
+satisfying -x^2 + y^2 = 1 + d x^2y^2
+where d = -121665/121666.
+
+Representations:
+ ge_p2 (projective): (X:Y:Z) satisfying x=X/Z, y=Y/Z
+ ge_p3 (extended): (X:Y:Z:T) satisfying x=X/Z, y=Y/Z, XY=ZT
+ ge_p1p1 (completed): ((X:Z),(Y:T)) satisfying x=X/Z, y=Y/T
+ ge_precomp (Duif): (y+x,y-x,2dxy)
+*/
+
+#ifdef ED25519_SMALL
+ typedef byte ge[F25519_SIZE];
+#elif defined(CURVED25519_ASM_64BIT)
+ typedef sword64 ge[4];
+#elif defined(CURVED25519_ASM_32BIT)
+ typedef sword32 ge[8];
+#elif defined(CURVED25519_128BIT)
+ typedef sword64 ge[5];
+#else
+ typedef sword32 ge[10];
+#endif
+
+typedef struct {
+ ge X;
+ ge Y;
+ ge Z;
+} ge_p2;
+
+typedef struct {
+ ge X;
+ ge Y;
+ ge Z;
+ ge T;
+} ge_p3;
+
+
+WOLFSSL_LOCAL int ge_compress_key(byte* out, const byte* xIn, const byte* yIn,
+ word32 keySz);
+WOLFSSL_LOCAL int ge_frombytes_negate_vartime(ge_p3 *,const unsigned char *);
+
+WOLFSSL_LOCAL int ge_double_scalarmult_vartime(ge_p2 *,const unsigned char *,
+ const ge_p3 *,const unsigned char *);
+WOLFSSL_LOCAL void ge_scalarmult_base(ge_p3 *,const unsigned char *);
+WOLFSSL_LOCAL void sc_reduce(byte* s);
+WOLFSSL_LOCAL void sc_muladd(byte* s, const byte* a, const byte* b,
+ const byte* c);
+WOLFSSL_LOCAL void ge_tobytes(unsigned char *,const ge_p2 *);
+WOLFSSL_LOCAL void ge_p3_tobytes(unsigned char *,const ge_p3 *);
+
+
+#ifndef ED25519_SMALL
+typedef struct {
+ ge X;
+ ge Y;
+ ge Z;
+ ge T;
+} ge_p1p1;
+
+typedef struct {
+ ge yplusx;
+ ge yminusx;
+ ge xy2d;
+} ge_precomp;
+
+typedef struct {
+ ge YplusX;
+ ge YminusX;
+ ge Z;
+ ge T2d;
+} ge_cached;
+
+#endif /* !ED25519_SMALL */
+
+#endif /* HAVE_ED25519 */
+
+#endif /* WOLF_CRYPT_GE_OPERATIONS_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/hash.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/hash.h
new file mode 100644
index 0000000..0c6bc77
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/hash.h
@@ -0,0 +1,252 @@
+/* hash.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/hash.h
+*/
+
+#ifndef WOLF_CRYPT_HASH_H
+#define WOLF_CRYPT_HASH_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifndef NO_MD5
+ #include <wolfssl/wolfcrypt/md5.h>
+#endif
+#ifndef NO_SHA
+ #include <wolfssl/wolfcrypt/sha.h>
+#endif
+#if defined(WOLFSSL_SHA224) || !defined(NO_SHA256)
+ #include <wolfssl/wolfcrypt/sha256.h>
+#endif
+#if defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512)
+ #include <wolfssl/wolfcrypt/sha512.h>
+#endif
+#ifdef HAVE_BLAKE2
+ #include <wolfssl/wolfcrypt/blake2.h>
+#endif
+#ifdef WOLFSSL_SHA3
+ #include <wolfssl/wolfcrypt/sha3.h>
+#endif
+#ifndef NO_MD4
+ #include <wolfssl/wolfcrypt/md4.h>
+#endif
+#ifdef WOLFSSL_MD2
+ #include <wolfssl/wolfcrypt/md2.h>
+#endif
+#if defined(HAVE_BLAKE2) || defined(HAVE_BLAKE2S)
+ #include <wolfssl/wolfcrypt/blake2.h>
+#endif
+
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#if !defined(HAVE_FIPS) && !defined(NO_OLD_WC_NAMES)
+ #define MAX_DIGEST_SIZE WC_MAX_DIGEST_SIZE
+#endif
+
+
+/* Supported Message Authentication Codes from page 43 */
+enum wc_MACAlgorithm {
+ no_mac,
+ md5_mac,
+ sha_mac,
+ sha224_mac,
+ sha256_mac, /* needs to match external KDF_MacAlgorithm */
+ sha384_mac,
+ sha512_mac,
+ rmd_mac,
+ blake2b_mac
+};
+
+enum wc_HashFlags {
+ WC_HASH_FLAG_NONE = 0x00000000,
+ WC_HASH_FLAG_WILLCOPY = 0x00000001, /* flag to indicate hash will be copied */
+ WC_HASH_FLAG_ISCOPY = 0x00000002, /* hash is copy */
+#ifdef WOLFSSL_SHA3
+ WC_HASH_SHA3_KECCAK256 =0x00010000, /* Older KECCAK256 */
+#endif
+};
+
+#ifndef NO_HASH_WRAPPER
+typedef union {
+ #ifndef NO_MD5
+ wc_Md5 md5;
+ #endif
+ #ifndef NO_SHA
+ wc_Sha sha;
+ #endif
+ #ifdef WOLFSSL_SHA224
+ wc_Sha224 sha224;
+ #endif
+ #ifndef NO_SHA256
+ wc_Sha256 sha256;
+ #endif
+ #ifdef WOLFSSL_SHA384
+ wc_Sha384 sha384;
+ #endif
+ #ifdef WOLFSSL_SHA512
+ wc_Sha512 sha512;
+ #endif
+ #ifdef WOLFSSL_SHA3
+ wc_Sha3 sha3;
+ #endif
+} wc_HashAlg;
+#endif /* !NO_HASH_WRAPPER */
+
+/* Find largest possible digest size
+ Note if this gets up to the size of 80 or over check smallstack build */
+#if defined(WOLFSSL_SHA3)
+ #define WC_MAX_DIGEST_SIZE WC_SHA3_512_DIGEST_SIZE
+ #define WC_MAX_BLOCK_SIZE WC_SHA3_224_BLOCK_SIZE /* 224 is the largest block size */
+#elif defined(WOLFSSL_SHA512)
+ #define WC_MAX_DIGEST_SIZE WC_SHA512_DIGEST_SIZE
+ #define WC_MAX_BLOCK_SIZE WC_SHA512_BLOCK_SIZE
+#elif defined(HAVE_BLAKE2)
+ #define WC_MAX_DIGEST_SIZE BLAKE2B_OUTBYTES
+ #define WC_MAX_BLOCK_SIZE BLAKE2B_BLOCKBYTES
+#elif defined(WOLFSSL_SHA384)
+ #define WC_MAX_DIGEST_SIZE WC_SHA384_DIGEST_SIZE
+ #define WC_MAX_BLOCK_SIZE WC_SHA384_BLOCK_SIZE
+#elif !defined(NO_SHA256)
+ #define WC_MAX_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
+ #define WC_MAX_BLOCK_SIZE WC_SHA256_BLOCK_SIZE
+#elif defined(WOLFSSL_SHA224)
+ #define WC_MAX_DIGEST_SIZE WC_SHA224_DIGEST_SIZE
+ #define WC_MAX_BLOCK_SIZE WC_SHA224_BLOCK_SIZE
+#elif !defined(NO_SHA)
+ #define WC_MAX_DIGEST_SIZE WC_SHA_DIGEST_SIZE
+ #define WC_MAX_BLOCK_SIZE WC_SHA_BLOCK_SIZE
+#elif !defined(NO_MD5)
+ #define WC_MAX_DIGEST_SIZE WC_MD5_DIGEST_SIZE
+ #define WC_MAX_BLOCK_SIZE WC_MD5_BLOCK_SIZE
+#else
+ #define WC_MAX_DIGEST_SIZE 64 /* default to max size of 64 */
+ #define WC_MAX_BLOCK_SIZE 128
+#endif
+
+#if !defined(NO_ASN) || !defined(NO_DH) || defined(HAVE_ECC)
+WOLFSSL_API int wc_HashGetOID(enum wc_HashType hash_type);
+WOLFSSL_API enum wc_HashType wc_OidGetHash(int oid);
+#endif
+
+WOLFSSL_API enum wc_HashType wc_HashTypeConvert(int hashType);
+
+#ifndef NO_HASH_WRAPPER
+
+WOLFSSL_API int wc_HashGetDigestSize(enum wc_HashType hash_type);
+WOLFSSL_API int wc_HashGetBlockSize(enum wc_HashType hash_type);
+WOLFSSL_API int wc_Hash(enum wc_HashType hash_type,
+ const byte* data, word32 data_len,
+ byte* hash, word32 hash_len);
+
+/* generic hash operation wrappers */
+WOLFSSL_API int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type,
+ void* heap, int devId);
+WOLFSSL_API int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type);
+WOLFSSL_API int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type,
+ const byte* data, word32 dataSz);
+WOLFSSL_API int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type,
+ byte* out);
+WOLFSSL_API int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type);
+
+#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
+ WOLFSSL_API int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type,
+ word32 flags);
+ WOLFSSL_API int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type,
+ word32* flags);
+#endif
+
+#ifndef NO_MD5
+#include <wolfssl/wolfcrypt/md5.h>
+WOLFSSL_API int wc_Md5Hash(const byte* data, word32 len, byte* hash);
+#endif
+
+#ifndef NO_SHA
+#include <wolfssl/wolfcrypt/sha.h>
+WOLFSSL_API int wc_ShaHash(const byte*, word32, byte*);
+#endif
+
+#ifdef WOLFSSL_SHA224
+#include <wolfssl/wolfcrypt/sha256.h>
+WOLFSSL_API int wc_Sha224Hash(const byte*, word32, byte*);
+#endif /* defined(WOLFSSL_SHA224) */
+
+#ifndef NO_SHA256
+#include <wolfssl/wolfcrypt/sha256.h>
+WOLFSSL_API int wc_Sha256Hash(const byte*, word32, byte*);
+#endif
+
+#ifdef WOLFSSL_SHA384
+#include <wolfssl/wolfcrypt/sha512.h>
+WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*);
+#endif /* defined(WOLFSSL_SHA384) */
+
+#ifdef WOLFSSL_SHA512
+#include <wolfssl/wolfcrypt/sha512.h>
+WOLFSSL_API int wc_Sha512Hash(const byte*, word32, byte*);
+#endif /* WOLFSSL_SHA512 */
+
+#ifdef WOLFSSL_SHA3
+#include <wolfssl/wolfcrypt/sha3.h>
+WOLFSSL_API int wc_Sha3_224Hash(const byte*, word32, byte*);
+WOLFSSL_API int wc_Sha3_256Hash(const byte*, word32, byte*);
+WOLFSSL_API int wc_Sha3_384Hash(const byte*, word32, byte*);
+WOLFSSL_API int wc_Sha3_512Hash(const byte*, word32, byte*);
+#ifdef WOLFSSL_SHAKE256
+WOLFSSL_API int wc_Shake256Hash(const byte*, word32, byte*, word32);
+#endif
+#endif /* WOLFSSL_SHA3 */
+
+#endif /* !NO_HASH_WRAPPER */
+
+enum max_prf {
+#ifdef HAVE_FFDHE_8192
+ MAX_PRF_HALF = 516, /* Maximum half secret len */
+#elif defined(HAVE_FFDHE_6144)
+ MAX_PRF_HALF = 388, /* Maximum half secret len */
+#else
+ MAX_PRF_HALF = 260, /* Maximum half secret len */
+#endif
+ MAX_PRF_LABSEED = 128, /* Maximum label + seed len */
+ MAX_PRF_DIG = 224 /* Maximum digest len */
+};
+
+#ifdef WOLFSSL_HAVE_PRF
+WOLFSSL_API int wc_PRF(byte* result, word32 resLen, const byte* secret,
+ word32 secLen, const byte* seed, word32 seedLen, int hash,
+ void* heap, int devId);
+WOLFSSL_API int wc_PRF_TLSv1(byte* digest, word32 digLen, const byte* secret,
+ word32 secLen, const byte* label, word32 labLen,
+ const byte* seed, word32 seedLen, void* heap, int devId);
+WOLFSSL_API int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret,
+ word32 secLen, const byte* label, word32 labLen,
+ const byte* seed, word32 seedLen, int useAtLeastSha256,
+ int hash_type, void* heap, int devId);
+#endif /* WOLFSSL_HAVE_PRF */
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_HASH_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/hc128.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/hc128.h
new file mode 100644
index 0000000..2b93a24
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/hc128.h
@@ -0,0 +1,67 @@
+/* hc128.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/hc128.h
+*/
+
+
+#ifndef WOLF_CRYPT_HC128_H
+#define WOLF_CRYPT_HC128_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifndef NO_HC128
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+enum {
+ HC128_ENC_TYPE = WC_CIPHER_HC128, /* cipher unique type */
+};
+
+/* HC-128 stream cipher */
+typedef struct HC128 {
+ word32 T[1024]; /* P[i] = T[i]; Q[i] = T[1024 + i ]; */
+ word32 X[16];
+ word32 Y[16];
+ word32 counter1024; /* counter1024 = i mod 1024 at the ith step */
+ word32 key[8];
+ word32 iv[8];
+#ifdef XSTREAM_ALIGN
+ void* heap; /* heap hint, currently XMALLOC only used with aligning */
+#endif
+} HC128;
+
+
+WOLFSSL_API int wc_Hc128_Process(HC128*, byte*, const byte*, word32);
+WOLFSSL_API int wc_Hc128_SetKey(HC128*, const byte* key, const byte* iv);
+
+WOLFSSL_LOCAL int wc_Hc128_SetHeap(HC128* ctx, void* heap);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* HAVE_HC128 */
+#endif /* WOLF_CRYPT_HC128_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/hmac.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/hmac.h
new file mode 100644
index 0000000..a8d12a7
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/hmac.h
@@ -0,0 +1,214 @@
+/* hmac.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/hmac.h
+*/
+
+#ifndef NO_HMAC
+
+#ifndef WOLF_CRYPT_HMAC_H
+#define WOLF_CRYPT_HMAC_H
+
+#include <wolfssl/wolfcrypt/hash.h>
+
+#if defined(HAVE_FIPS) && \
+ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
+/* for fips @wc_fips */
+ #include <cyassl/ctaocrypt/hmac.h>
+ #define WC_HMAC_BLOCK_SIZE HMAC_BLOCK_SIZE
+#endif
+
+
+#if defined(HAVE_FIPS) && \
+ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
+ #include <wolfssl/wolfcrypt/fips.h>
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* avoid redefinition of structs */
+#if !defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+#endif
+
+#ifndef NO_OLD_WC_NAMES
+ #define HMAC_BLOCK_SIZE WC_HMAC_BLOCK_SIZE
+#endif
+
+#define WC_HMAC_INNER_HASH_KEYED_SW 1
+#define WC_HMAC_INNER_HASH_KEYED_DEV 2
+
+enum {
+ HMAC_FIPS_MIN_KEY = 14, /* 112 bit key length minimum */
+
+ IPAD = 0x36,
+ OPAD = 0x5C,
+
+/* If any hash is not enabled, add the ID here. */
+#ifdef NO_MD5
+ WC_MD5 = WC_HASH_TYPE_MD5,
+#endif
+#ifdef NO_SHA
+ WC_SHA = WC_HASH_TYPE_SHA,
+#endif
+#ifdef NO_SHA256
+ WC_SHA256 = WC_HASH_TYPE_SHA256,
+#endif
+#ifndef WOLFSSL_SHA512
+ WC_SHA512 = WC_HASH_TYPE_SHA512,
+#endif
+#ifndef WOLFSSL_SHA384
+ WC_SHA384 = WC_HASH_TYPE_SHA384,
+#endif
+#ifndef WOLFSSL_SHA224
+ WC_SHA224 = WC_HASH_TYPE_SHA224,
+#endif
+#ifndef WOLFSSL_SHA3
+ WC_SHA3_224 = WC_HASH_TYPE_SHA3_224,
+ WC_SHA3_256 = WC_HASH_TYPE_SHA3_256,
+ WC_SHA3_384 = WC_HASH_TYPE_SHA3_384,
+ WC_SHA3_512 = WC_HASH_TYPE_SHA3_512,
+#endif
+#ifdef HAVE_PKCS11
+ HMAC_MAX_ID_LEN = 32,
+ HMAC_MAX_LABEL_LEN = 32,
+#endif
+};
+
+/* Select the largest available hash for the buffer size. */
+#define WC_HMAC_BLOCK_SIZE WC_MAX_BLOCK_SIZE
+
+#if !defined(WOLFSSL_SHA3) && !defined(WOLFSSL_SHA512) && \
+ !defined(WOLFSSL_SHA384) && defined(NO_SHA256) && \
+ defined(WOLFSSL_SHA224) && defined(NO_SHA) && defined(NO_MD5)
+ #error "You have to have some kind of hash if you want to use HMAC."
+#endif
+
+
+/* hash union */
+typedef union {
+#ifndef NO_MD5
+ wc_Md5 md5;
+#endif
+#ifndef NO_SHA
+ wc_Sha sha;
+#endif
+#ifdef WOLFSSL_SHA224
+ wc_Sha224 sha224;
+#endif
+#ifndef NO_SHA256
+ wc_Sha256 sha256;
+#endif
+#ifdef WOLFSSL_SHA384
+ wc_Sha384 sha384;
+#endif
+#ifdef WOLFSSL_SHA512
+ wc_Sha512 sha512;
+#endif
+#ifdef WOLFSSL_SHA3
+ wc_Sha3 sha3;
+#endif
+} wc_Hmac_Hash;
+
+/* Hmac digest */
+struct Hmac {
+ wc_Hmac_Hash hash;
+ word32 ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
+ word32 opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)];
+ word32 innerHash[WC_MAX_DIGEST_SIZE / sizeof(word32)];
+ void* heap; /* heap hint */
+ byte macType; /* md5 sha or sha256 */
+ byte innerHashKeyed; /* keyed flag */
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WC_ASYNC_DEV asyncDev;
+#endif /* WOLFSSL_ASYNC_CRYPT */
+#ifdef WOLF_CRYPTO_CB
+ int devId;
+ void* devCtx;
+ const byte* keyRaw;
+#endif
+#ifdef HAVE_PKCS11
+ byte id[HMAC_MAX_ID_LEN];
+ int idLen;
+ char label[HMAC_MAX_LABEL_LEN];
+ int labelLen;
+#endif
+#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
+ word16 keyLen; /* hmac key length (key in ipad) */
+#endif
+};
+
+#ifndef WC_HMAC_TYPE_DEFINED
+ typedef struct Hmac Hmac;
+ #define WC_HMAC_TYPE_DEFINED
+#endif
+
+
+#endif /* HAVE_FIPS */
+
+/* does init */
+WOLFSSL_API int wc_HmacSetKey(Hmac*, int type, const byte* key, word32 keySz);
+WOLFSSL_API int wc_HmacUpdate(Hmac*, const byte*, word32);
+WOLFSSL_API int wc_HmacFinal(Hmac*, byte*);
+WOLFSSL_API int wc_HmacSizeByType(int type);
+
+WOLFSSL_API int wc_HmacInit(Hmac* hmac, void* heap, int devId);
+#ifdef HAVE_PKCS11
+WOLFSSL_API int wc_HmacInit_Id(Hmac* hmac, byte* id, int len, void* heap,
+ int devId);
+WOLFSSL_API int wc_HmacInit_Label(Hmac* hmac, const char* label, void* heap,
+ int devId);
+#endif
+WOLFSSL_API void wc_HmacFree(Hmac*);
+
+WOLFSSL_API int wolfSSL_GetHmacMaxSize(void);
+
+WOLFSSL_LOCAL int _InitHmac(Hmac* hmac, int type, void* heap);
+
+#ifdef HAVE_HKDF
+
+WOLFSSL_API int wc_HKDF_Extract(int type, const byte* salt, word32 saltSz,
+ const byte* inKey, word32 inKeySz, byte* out);
+WOLFSSL_API int wc_HKDF_Expand(int type, const byte* inKey, word32 inKeySz,
+ const byte* info, word32 infoSz,
+ byte* out, word32 outSz);
+
+WOLFSSL_API int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
+ const byte* salt, word32 saltSz,
+ const byte* info, word32 infoSz,
+ byte* out, word32 outSz);
+
+#endif /* HAVE_HKDF */
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_HMAC_H */
+
+#endif /* NO_HMAC */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/idea.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/idea.h
new file mode 100644
index 0000000..16a3817
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/idea.h
@@ -0,0 +1,70 @@
+/* idea.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/idea.h
+*/
+
+#ifndef WOLF_CRYPT_IDEA_H
+#define WOLF_CRYPT_IDEA_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef HAVE_IDEA
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+enum {
+ IDEA_MODULO = 0x10001, /* 2^16+1 */
+ IDEA_2EXP16 = 0x10000, /* 2^16 */
+ IDEA_MASK = 0xFFFF, /* 16 bits set to one */
+ IDEA_ROUNDS = 8, /* number of rounds for IDEA */
+ IDEA_SK_NUM = (6*IDEA_ROUNDS + 4), /* number of subkeys */
+ IDEA_KEY_SIZE = 16, /* size of key in bytes */
+ IDEA_BLOCK_SIZE = 8, /* size of IDEA blocks in bytes */
+ IDEA_IV_SIZE = 8, /* size of IDEA IV in bytes */
+ IDEA_ENCRYPTION = 0,
+ IDEA_DECRYPTION = 1
+};
+
+/* IDEA encryption and decryption */
+typedef struct Idea {
+ word32 reg[IDEA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
+ word32 tmp[IDEA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
+ word16 skey[IDEA_SK_NUM]; /* 832 bits expanded key */
+} Idea;
+
+WOLFSSL_API int wc_IdeaSetKey(Idea *idea, const byte* key, word16 keySz,
+ const byte *iv, int dir);
+WOLFSSL_API int wc_IdeaSetIV(Idea *idea, const byte* iv);
+WOLFSSL_API int wc_IdeaCipher(Idea *idea, byte* out, const byte* in);
+WOLFSSL_API int wc_IdeaCbcEncrypt(Idea *idea, byte* out,
+ const byte* in, word32 len);
+WOLFSSL_API int wc_IdeaCbcDecrypt(Idea *idea, byte* out,
+ const byte* in, word32 len);
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* HAVE_IDEA */
+#endif /* WOLF_CRYPT_IDEA_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/integer.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/integer.h
new file mode 100644
index 0000000..255f55c
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/integer.h
@@ -0,0 +1,416 @@
+/* integer.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+/*
+ * Based on public domain LibTomMath 0.38 by Tom St Denis, tomstdenis@iahu.ca,
+ * http://math.libtomcrypt.com
+ */
+
+
+#ifndef WOLF_CRYPT_INTEGER_H
+#define WOLF_CRYPT_INTEGER_H
+
+/* may optionally use fast math instead, not yet supported on all platforms and
+ may not be faster on all
+*/
+#include <wolfssl/wolfcrypt/types.h> /* will set MP_xxBIT if not default */
+#if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
+ #include <wolfssl/wolfcrypt/sp_int.h>
+#elif defined(USE_FAST_MATH)
+ #include <wolfssl/wolfcrypt/tfm.h>
+#else
+
+#include <wolfssl/wolfcrypt/random.h>
+
+#ifndef CHAR_BIT
+ #if defined(WOLFSSL_LINUXKM)
+ #include <linux/limits.h>
+ #else
+ #include <limits.h>
+ #endif
+#endif
+
+#include <wolfssl/wolfcrypt/mpi_class.h>
+
+
+#ifdef __cplusplus
+extern "C" {
+
+/* C++ compilers don't like assigning void * to mp_digit * */
+#define OPT_CAST(x) (x *)
+
+#elif defined(_SH3)
+
+/* SuperH SH3 compiler doesn't like assigning voi* to mp_digit* */
+#define OPT_CAST(x) (x *)
+
+#else
+
+/* C on the other hand doesn't care */
+#define OPT_CAST(x)
+
+#endif /* __cplusplus */
+
+
+/* detect 64-bit mode if possible */
+#if (defined(__x86_64__) || defined(__aarch64__)) && !(defined (_MSC_VER) && defined(__clang__))
+ #if !(defined(MP_64BIT) && defined(MP_16BIT) && defined(MP_8BIT))
+ #define MP_64BIT
+ #endif
+#endif
+/* if intel compiler doesn't provide 128 bit type don't turn on 64bit */
+#if defined(MP_64BIT) && defined(__INTEL_COMPILER) && !defined(HAVE___UINT128_T)
+ #undef MP_64BIT
+#endif
+
+
+/* allow user to define on mp_digit, mp_word, DIGIT_BIT types */
+#ifndef WOLFSSL_BIGINT_TYPES
+
+/* some default configurations.
+ *
+ * A "mp_digit" must be able to hold DIGIT_BIT + 1 bits
+ * A "mp_word" must be able to hold 2*DIGIT_BIT + 1 bits
+ *
+ * At the very least a mp_digit must be able to hold 7 bits
+ * [any size beyond that is ok provided it doesn't overflow the data type]
+ */
+#ifdef MP_8BIT
+ /* 8-bit */
+ typedef unsigned char mp_digit;
+ typedef unsigned short mp_word;
+ /* don't define DIGIT_BIT, so its calculated below */
+#elif defined(MP_16BIT)
+ /* 16-bit */
+ typedef unsigned int mp_digit;
+ typedef unsigned long mp_word;
+ /* don't define DIGIT_BIT, so its calculated below */
+#elif defined(NO_64BIT)
+ /* 32-bit forced to 16-bit */
+ typedef unsigned short mp_digit;
+ typedef unsigned int mp_word;
+ #define DIGIT_BIT 12
+#elif defined(MP_64BIT)
+ /* 64-bit */
+ /* for GCC only on supported platforms */
+ typedef unsigned long long mp_digit; /* 64 bit type, 128 uses mode(TI) */
+ typedef unsigned long mp_word __attribute__ ((mode(TI)));
+ #define DIGIT_BIT 60
+#else
+ /* 32-bit default case */
+
+ #if defined(_MSC_VER) || defined(__BORLANDC__)
+ typedef unsigned __int64 ulong64;
+ #else
+ typedef unsigned long long ulong64;
+ #endif
+
+ typedef unsigned int mp_digit; /* long could be 64 now, changed TAO */
+ typedef ulong64 mp_word;
+
+ #ifdef MP_31BIT
+ /* this is an extension that uses 31-bit digits */
+ #define DIGIT_BIT 31
+ #else
+ /* default case is 28-bit digits, defines MP_28BIT as a handy test macro */
+ #define DIGIT_BIT 28
+ #define MP_28BIT
+ #endif
+#endif
+
+#endif /* WOLFSSL_BIGINT_TYPES */
+
+/* otherwise the bits per digit is calculated automatically from the size of
+ a mp_digit */
+#ifndef DIGIT_BIT
+ #define DIGIT_BIT ((int)((CHAR_BIT * sizeof(mp_digit) - 1)))
+ /* bits per digit */
+#endif
+
+#define MP_DIGIT_BIT DIGIT_BIT
+#define MP_MASK ((((mp_digit)1)<<((mp_digit)DIGIT_BIT))-((mp_digit)1))
+#define MP_DIGIT_MAX MP_MASK
+
+/* equalities */
+#define MP_LT -1 /* less than */
+#define MP_EQ 0 /* equal to */
+#define MP_GT 1 /* greater than */
+
+#define MP_ZPOS 0 /* positive integer */
+#define MP_NEG 1 /* negative */
+
+#define MP_OKAY 0 /* ok result */
+#define MP_MEM -2 /* out of mem */
+#define MP_VAL -3 /* invalid input */
+#define MP_NOT_INF -4 /* point not at infinity */
+#define MP_RANGE MP_NOT_INF
+
+#define MP_YES 1 /* yes response */
+#define MP_NO 0 /* no response */
+
+/* Primality generation flags */
+#define LTM_PRIME_BBS 0x0001 /* BBS style prime */
+#define LTM_PRIME_SAFE 0x0002 /* Safe prime (p-1)/2 == prime */
+#define LTM_PRIME_2MSB_ON 0x0008 /* force 2nd MSB to 1 */
+
+typedef int mp_err;
+
+/* define this to use lower memory usage routines (exptmods mostly) */
+#define MP_LOW_MEM
+
+/* default precision */
+#ifndef MP_PREC
+ #ifndef MP_LOW_MEM
+ #define MP_PREC 32 /* default digits of precision */
+ #else
+ #define MP_PREC 1 /* default digits of precision */
+ #endif
+#endif
+
+/* size of comba arrays, should be at least 2 * 2**(BITS_PER_WORD -
+ BITS_PER_DIGIT*2) */
+#define MP_WARRAY ((mp_word)1 << (sizeof(mp_word) * CHAR_BIT - 2 * DIGIT_BIT + 1))
+
+#ifdef HAVE_WOLF_BIGINT
+ /* raw big integer */
+ typedef struct WC_BIGINT {
+ byte* buf;
+ word32 len;
+ void* heap;
+ } WC_BIGINT;
+ #define WOLF_BIGINT_DEFINED
+#endif
+
+/* the mp_int structure */
+typedef struct mp_int {
+ int used, alloc, sign;
+ mp_digit *dp;
+
+#ifdef HAVE_WOLF_BIGINT
+ struct WC_BIGINT raw; /* unsigned binary (big endian) */
+#endif
+} mp_int;
+
+/* wolf big int and common functions */
+#include <wolfssl/wolfcrypt/wolfmath.h>
+
+
+/* callback for mp_prime_random, should fill dst with random bytes and return
+ how many read [up to len] */
+typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat);
+
+
+#define USED(m) ((m)->used)
+#define DIGIT(m,k) ((m)->dp[(k)])
+#define SIGN(m) ((m)->sign)
+
+
+/* ---> Basic Manipulations <--- */
+#define mp_iszero(a) (((a)->used == 0) ? MP_YES : MP_NO)
+#define mp_isone(a) \
+ (((((a)->used == 1)) && ((a)->dp[0] == 1u) && ((a)->sign == MP_ZPOS)) \
+ ? MP_YES : MP_NO)
+#define mp_iseven(a) \
+ (((a)->used > 0 && (((a)->dp[0] & 1u) == 0u)) ? MP_YES : MP_NO)
+#define mp_isodd(a) \
+ (((a)->used > 0 && (((a)->dp[0] & 1u) == 1u)) ? MP_YES : MP_NO)
+#define mp_isneg(a) (((a)->sign != MP_ZPOS) ? MP_YES : MP_NO)
+#define mp_isword(a, w) \
+ ((((a)->used == 1) && ((a)->dp[0] == w)) || ((w == 0) && ((a)->used == 0)) \
+ ? MP_YES : MP_NO)
+
+/* number of primes */
+#ifdef MP_8BIT
+ #define PRIME_SIZE 31
+#else
+ #define PRIME_SIZE 256
+#endif
+
+#ifndef MAX_INVMOD_SZ
+ #if defined(WOLFSSL_MYSQL_COMPATIBLE)
+ #define MAX_INVMOD_SZ 8192
+ #else
+ #define MAX_INVMOD_SZ 4096
+ #endif
+#endif
+
+#define mp_prime_random(a, t, size, bbs, cb, dat) \
+ mp_prime_random_ex(a, t, ((size) * 8) + 1, (bbs==1)?LTM_PRIME_BBS:0, cb, dat)
+
+#define mp_read_mag(mp, str, len) mp_read_unsigned_bin((mp), (str), (len))
+#define mp_mag_size(mp) mp_unsigned_bin_size(mp)
+#define mp_tomag(mp, str) mp_to_unsigned_bin((mp), (str))
+
+#define MP_RADIX_BIN 2
+#define MP_RADIX_OCT 8
+#define MP_RADIX_DEC 10
+#define MP_RADIX_HEX 16
+#define MP_RADIX_MAX 64
+
+#define mp_tobinary(M, S) mp_toradix((M), (S), MP_RADIX_BIN)
+#define mp_tooctal(M, S) mp_toradix((M), (S), MP_RADIX_OCT)
+#define mp_todecimal(M, S) mp_toradix((M), (S), MP_RADIX_DEC)
+#define mp_tohex(M, S) mp_toradix((M), (S), MP_RADIX_HEX)
+
+#define s_mp_mul(a, b, c) s_mp_mul_digs(a, b, c, (a)->used + (b)->used + 1)
+
+#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || \
+ defined(WOLFSSL_DEBUG_MATH) || defined(DEBUG_WOLFSSL)
+extern const char *mp_s_rmap;
+#endif
+
+/* 6 functions needed by Rsa */
+MP_API int mp_init (mp_int * a);
+MP_API void mp_clear (mp_int * a);
+MP_API void mp_free (mp_int * a);
+MP_API void mp_forcezero(mp_int * a);
+MP_API int mp_unsigned_bin_size(const mp_int * a);
+MP_API int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c);
+MP_API int mp_to_unsigned_bin_at_pos(int x, mp_int *t, unsigned char *b);
+MP_API int mp_to_unsigned_bin (mp_int * a, unsigned char *b);
+MP_API int mp_to_unsigned_bin_len(mp_int * a, unsigned char *b, int c);
+MP_API int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y);
+MP_API int mp_exptmod_ex (mp_int * G, mp_int * X, int digits, mp_int * P,
+ mp_int * Y);
+/* end functions needed by Rsa */
+
+/* functions added to support above needed, removed TOOM and KARATSUBA */
+MP_API int mp_count_bits (const mp_int * a);
+MP_API int mp_leading_bit (mp_int * a);
+MP_API int mp_init_copy (mp_int * a, mp_int * b);
+MP_API int mp_copy (const mp_int * a, mp_int * b);
+MP_API int mp_grow (mp_int * a, int size);
+MP_API int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d);
+MP_API void mp_zero (mp_int * a);
+MP_API void mp_clamp (mp_int * a);
+MP_API void mp_exch (mp_int * a, mp_int * b);
+MP_API int mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m);
+MP_API void mp_rshd (mp_int * a, int b);
+MP_API void mp_rshb (mp_int * a, int b);
+MP_API int mp_mod_2d (mp_int * a, int b, mp_int * c);
+MP_API int mp_mul_2d (mp_int * a, int b, mp_int * c);
+MP_API int mp_lshd (mp_int * a, int b);
+MP_API int mp_abs (mp_int * a, mp_int * b);
+MP_API int mp_invmod (mp_int * a, mp_int * b, mp_int * c);
+int fast_mp_invmod (mp_int * a, mp_int * b, mp_int * c);
+MP_API int mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c);
+MP_API int mp_cmp_mag (mp_int * a, mp_int * b);
+MP_API int mp_cmp (mp_int * a, mp_int * b);
+MP_API int mp_cmp_d(mp_int * a, mp_digit b);
+MP_API int mp_set (mp_int * a, mp_digit b);
+MP_API int mp_is_bit_set (mp_int * a, mp_digit b);
+MP_API int mp_mod (mp_int * a, mp_int * b, mp_int * c);
+MP_API int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d);
+MP_API int mp_div_2(mp_int * a, mp_int * b);
+MP_API int mp_div_2_mod_ct (mp_int* a, mp_int* b, mp_int* c);
+MP_API int mp_add (mp_int * a, mp_int * b, mp_int * c);
+int s_mp_add (mp_int * a, mp_int * b, mp_int * c);
+int s_mp_sub (mp_int * a, mp_int * b, mp_int * c);
+MP_API int mp_sub (mp_int * a, mp_int * b, mp_int * c);
+MP_API int mp_reduce_is_2k_l(mp_int *a);
+MP_API int mp_reduce_is_2k(mp_int *a);
+MP_API int mp_dr_is_modulus(mp_int *a);
+MP_API int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y,
+ int);
+MP_API int mp_exptmod_base_2 (mp_int * X, mp_int * P, mp_int * Y);
+#define mp_exptmod_nct(G,X,P,Y) mp_exptmod_fast(G,X,P,Y,0)
+MP_API int mp_montgomery_setup (mp_int * n, mp_digit * rho);
+int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho);
+MP_API int mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho);
+#define mp_montgomery_reduce_ex(x, n, rho, ct) mp_montgomery_reduce (x, n, rho)
+MP_API void mp_dr_setup(mp_int *a, mp_digit *d);
+MP_API int mp_dr_reduce (mp_int * x, mp_int * n, mp_digit k);
+MP_API int mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d);
+int fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs);
+int s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs);
+MP_API int mp_reduce_2k_setup_l(mp_int *a, mp_int *d);
+MP_API int mp_reduce_2k_l(mp_int *a, mp_int *n, mp_int *d);
+MP_API int mp_reduce (mp_int * x, mp_int * m, mp_int * mu);
+MP_API int mp_reduce_setup (mp_int * a, mp_int * b);
+int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode);
+MP_API int mp_montgomery_calc_normalization (mp_int * a, mp_int * b);
+int s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs);
+int s_mp_sqr (mp_int * a, mp_int * b);
+int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs);
+int fast_s_mp_sqr (mp_int * a, mp_int * b);
+MP_API int mp_init_size (mp_int * a, int size);
+MP_API int mp_div_3 (mp_int * a, mp_int *c, mp_digit * d);
+MP_API int mp_mul_2(mp_int * a, mp_int * b);
+MP_API int mp_mul (mp_int * a, mp_int * b, mp_int * c);
+MP_API int mp_sqr (mp_int * a, mp_int * b);
+MP_API int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
+MP_API int mp_submod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
+MP_API int mp_addmod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
+MP_API int mp_submod_ct (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
+MP_API int mp_addmod_ct (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
+MP_API int mp_mul_d (mp_int * a, mp_digit b, mp_int * c);
+MP_API int mp_2expt (mp_int * a, int b);
+MP_API int mp_set_bit (mp_int * a, int b);
+MP_API int mp_reduce_2k_setup(mp_int *a, mp_digit *d);
+MP_API int mp_add_d (mp_int* a, mp_digit b, mp_int* c);
+MP_API int mp_set_int (mp_int * a, unsigned long b);
+MP_API int mp_sub_d (mp_int * a, mp_digit b, mp_int * c);
+/* end support added functions */
+
+/* added */
+MP_API int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e,
+ mp_int* f);
+MP_API int mp_toradix (mp_int *a, char *str, int radix);
+MP_API int mp_radix_size (mp_int * a, int radix, int *size);
+
+#ifdef WOLFSSL_DEBUG_MATH
+ MP_API void mp_dump(const char* desc, mp_int* a, byte verbose);
+#else
+ #define mp_dump(desc, a, verbose)
+#endif
+
+#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || \
+ !defined(NO_DSA) || !defined(NO_DH)
+ MP_API int mp_sqrmod(mp_int* a, mp_int* b, mp_int* c);
+#endif
+#if !defined(NO_DSA) || defined(HAVE_ECC)
+ MP_API int mp_read_radix(mp_int* a, const char* str, int radix);
+#endif
+
+#if defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || !defined(NO_DSA) || !defined(NO_DH)
+ MP_API int mp_prime_is_prime (mp_int * a, int t, int *result);
+ MP_API int mp_prime_is_prime_ex (mp_int * a, int t, int *result, WC_RNG*);
+#endif /* WOLFSSL_KEY_GEN NO_RSA NO_DSA NO_DH */
+#ifdef WOLFSSL_KEY_GEN
+ MP_API int mp_gcd (mp_int * a, mp_int * b, mp_int * c);
+ MP_API int mp_lcm (mp_int * a, mp_int * b, mp_int * c);
+ MP_API int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap);
+#endif
+
+MP_API int mp_cnt_lsb(mp_int *a);
+MP_API int mp_mod_d(mp_int* a, mp_digit b, mp_digit* c);
+
+
+#ifdef __cplusplus
+ }
+#endif
+
+
+#endif /* USE_FAST_MATH */
+
+#endif /* WOLF_CRYPT_INTEGER_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/logging.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/logging.h
new file mode 100644
index 0000000..0921864
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/logging.h
@@ -0,0 +1,206 @@
+/* logging.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/logging.h
+*/
+
+
+/* submitted by eof */
+
+
+#ifndef WOLFSSL_LOGGING_H
+#define WOLFSSL_LOGGING_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+
+enum wc_LogLevels {
+ ERROR_LOG = 0,
+ INFO_LOG,
+ ENTER_LOG,
+ LEAVE_LOG,
+ OTHER_LOG
+};
+
+#ifdef WOLFSSL_FUNC_TIME
+/* WARNING: This code is only to be used for debugging performance.
+ * The code is not thread-safe.
+ * Do not use WOLFSSL_FUNC_TIME in production code.
+ */
+enum wc_FuncNum {
+ WC_FUNC_HELLO_REQUEST_SEND = 0,
+ WC_FUNC_HELLO_REQUEST_DO,
+ WC_FUNC_CLIENT_HELLO_SEND,
+ WC_FUNC_CLIENT_HELLO_DO,
+ WC_FUNC_SERVER_HELLO_SEND,
+ WC_FUNC_SERVER_HELLO_DO,
+ WC_FUNC_ENCRYPTED_EXTENSIONS_SEND,
+ WC_FUNC_ENCRYPTED_EXTENSIONS_DO,
+ WC_FUNC_CERTIFICATE_REQUEST_SEND,
+ WC_FUNC_CERTIFICATE_REQUEST_DO,
+ WC_FUNC_CERTIFICATE_SEND,
+ WC_FUNC_CERTIFICATE_DO,
+ WC_FUNC_CERTIFICATE_VERIFY_SEND,
+ WC_FUNC_CERTIFICATE_VERIFY_DO,
+ WC_FUNC_FINISHED_SEND,
+ WC_FUNC_FINISHED_DO,
+ WC_FUNC_KEY_UPDATE_SEND,
+ WC_FUNC_KEY_UPDATE_DO,
+ WC_FUNC_EARLY_DATA_SEND,
+ WC_FUNC_EARLY_DATA_DO,
+ WC_FUNC_NEW_SESSION_TICKET_SEND,
+ WC_FUNC_NEW_SESSION_TICKET_DO,
+ WC_FUNC_SERVER_HELLO_DONE_SEND,
+ WC_FUNC_SERVER_HELLO_DONE_DO,
+ WC_FUNC_TICKET_SEND,
+ WC_FUNC_TICKET_DO,
+ WC_FUNC_CLIENT_KEY_EXCHANGE_SEND,
+ WC_FUNC_CLIENT_KEY_EXCHANGE_DO,
+ WC_FUNC_CERTIFICATE_STATUS_SEND,
+ WC_FUNC_CERTIFICATE_STATUS_DO,
+ WC_FUNC_SERVER_KEY_EXCHANGE_SEND,
+ WC_FUNC_SERVER_KEY_EXCHANGE_DO,
+ WC_FUNC_END_OF_EARLY_DATA_SEND,
+ WC_FUNC_END_OF_EARLY_DATA_DO,
+ WC_FUNC_COUNT
+};
+#endif
+
+typedef void (*wolfSSL_Logging_cb)(const int logLevel,
+ const char *const logMessage);
+
+WOLFSSL_API int wolfSSL_SetLoggingCb(wolfSSL_Logging_cb log_function);
+WOLFSSL_API wolfSSL_Logging_cb wolfSSL_GetLoggingCb(void);
+
+/* turn logging on, only if compiled in */
+WOLFSSL_API int wolfSSL_Debugging_ON(void);
+/* turn logging off */
+WOLFSSL_API void wolfSSL_Debugging_OFF(void);
+
+#ifdef HAVE_WC_INTROSPECTION
+ WOLFSSL_API const char *wolfSSL_configure_args(void);
+ WOLFSSL_API const char *wolfSSL_global_cflags(void);
+#endif
+
+#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
+ WOLFSSL_LOCAL int wc_LoggingInit(void);
+ WOLFSSL_LOCAL int wc_LoggingCleanup(void);
+ WOLFSSL_LOCAL int wc_AddErrorNode(int error, int line, char* buf,
+ char* file);
+ WOLFSSL_LOCAL int wc_PeekErrorNode(int index, const char **file,
+ const char **reason, int *line);
+ WOLFSSL_LOCAL void wc_RemoveErrorNode(int index);
+ WOLFSSL_LOCAL void wc_ClearErrorNodes(void);
+ WOLFSSL_LOCAL int wc_PullErrorNode(const char **file, const char **reason,
+ int *line);
+ WOLFSSL_API int wc_SetLoggingHeap(void* h);
+ WOLFSSL_API int wc_ERR_remove_state(void);
+ #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
+ WOLFSSL_API void wc_ERR_print_errors_fp(XFILE fp);
+ WOLFSSL_API void wc_ERR_print_errors_cb(int (*cb)(const char *str,
+ size_t len, void *u), void *u);
+ #endif
+#endif /* OPENSSL_EXTRA || DEBUG_WOLFSSL_VERBOSE */
+
+#ifdef WOLFSSL_FUNC_TIME
+ /* WARNING: This code is only to be used for debugging performance.
+ * The code is not thread-safe.
+ * Do not use WOLFSSL_FUNC_TIME in production code.
+ */
+ WOLFSSL_API void WOLFSSL_START(int funcNum);
+ WOLFSSL_API void WOLFSSL_END(int funcNum);
+ WOLFSSL_API void WOLFSSL_TIME(int count);
+#else
+ #define WOLFSSL_START(n)
+ #define WOLFSSL_END(n)
+ #define WOLFSSL_TIME(n)
+#endif
+
+#if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_DEBUG_ERRORS_ONLY)
+ #if defined(_WIN32)
+ #if defined(INTIME_RTOS)
+ #define __func__ NULL
+ #else
+ #define __func__ __FUNCTION__
+ #endif
+ #endif
+
+ /* a is prepended to m and b is appended, creating a log msg a + m + b */
+ #define WOLFSSL_LOG_CAT(a, m, b) #a " " m " " #b
+
+ WOLFSSL_API void WOLFSSL_ENTER(const char* msg);
+ WOLFSSL_API void WOLFSSL_LEAVE(const char* msg, int ret);
+ #define WOLFSSL_STUB(m) \
+ WOLFSSL_MSG(WOLFSSL_LOG_CAT(wolfSSL Stub, m, not implemented))
+ WOLFSSL_API int WOLFSSL_IS_DEBUG_ON(void);
+
+ WOLFSSL_API void WOLFSSL_MSG(const char* msg);
+ WOLFSSL_API void WOLFSSL_BUFFER(const byte* buffer, word32 length);
+
+#else
+
+ #define WOLFSSL_ENTER(m)
+ #define WOLFSSL_LEAVE(m, r)
+ #define WOLFSSL_STUB(m)
+ #define WOLFSSL_IS_DEBUG_ON() 0
+
+ #define WOLFSSL_MSG(m)
+ #define WOLFSSL_BUFFER(b, l)
+
+#endif /* DEBUG_WOLFSSL && !WOLFSSL_DEBUG_ERRORS_ONLY */
+
+#if defined(DEBUG_WOLFSSL) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) ||\
+ defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA)
+
+ #if (!defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && !defined(_WIN32))\
+ || defined(DEBUG_WOLFSSL_VERBOSE)
+ WOLFSSL_API void WOLFSSL_ERROR_LINE(int err, const char* func, unsigned int line,
+ const char* file, void* ctx);
+ #define WOLFSSL_ERROR(x) \
+ WOLFSSL_ERROR_LINE((x), __func__, __LINE__, __FILE__, NULL)
+ #else
+ WOLFSSL_API void WOLFSSL_ERROR(int err);
+ #endif
+ WOLFSSL_API void WOLFSSL_ERROR_MSG(const char* msg);
+
+#else
+ #define WOLFSSL_ERROR(e)
+ #define WOLFSSL_ERROR_MSG(m)
+#endif
+
+#ifdef HAVE_STACK_SIZE_VERBOSE
+ extern WOLFSSL_API THREAD_LS_T unsigned char *StackSizeCheck_myStack;
+ extern WOLFSSL_API THREAD_LS_T size_t StackSizeCheck_stackSize;
+ extern WOLFSSL_API THREAD_LS_T size_t StackSizeCheck_stackSizeHWM;
+ extern WOLFSSL_API THREAD_LS_T size_t *StackSizeCheck_stackSizeHWM_ptr;
+ extern WOLFSSL_API THREAD_LS_T void *StackSizeCheck_stackOffsetPointer;
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+#endif /* WOLFSSL_LOGGING_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/md2.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/md2.h
new file mode 100644
index 0000000..8aeb4f4
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/md2.h
@@ -0,0 +1,69 @@
+/* md2.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/md2.h
+*/
+
+
+#ifndef WOLF_CRYPT_MD2_H
+#define WOLF_CRYPT_MD2_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef WOLFSSL_MD2
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* in bytes */
+enum {
+ MD2 = WC_HASH_TYPE_MD2,
+ MD2_BLOCK_SIZE = 16,
+ MD2_DIGEST_SIZE = 16,
+ MD2_PAD_SIZE = 16,
+ MD2_X_SIZE = 48
+};
+
+
+/* Md2 digest */
+typedef struct Md2 {
+ word32 count; /* bytes % PAD_SIZE */
+ byte X[MD2_X_SIZE];
+ byte C[MD2_BLOCK_SIZE];
+ byte buffer[MD2_BLOCK_SIZE];
+} Md2;
+
+
+WOLFSSL_API void wc_InitMd2(Md2*);
+WOLFSSL_API void wc_Md2Update(Md2*, const byte*, word32);
+WOLFSSL_API void wc_Md2Final(Md2*, byte*);
+WOLFSSL_API int wc_Md2Hash(const byte*, word32, byte*);
+
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLFSSL_MD2 */
+#endif /* WOLF_CRYPT_MD2_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/md4.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/md4.h
new file mode 100644
index 0000000..cf203d9
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/md4.h
@@ -0,0 +1,67 @@
+/* md4.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/md4.h
+*/
+
+#ifndef WOLF_CRYPT_MD4_H
+#define WOLF_CRYPT_MD4_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifndef NO_MD4
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* in bytes */
+enum {
+ MD4 = WC_HASH_TYPE_MD4,
+ MD4_BLOCK_SIZE = 64,
+ MD4_DIGEST_SIZE = 16,
+ MD4_PAD_SIZE = 56
+};
+
+
+/* MD4 digest */
+typedef struct Md4 {
+ word32 buffLen; /* in bytes */
+ word32 loLen; /* length in bytes */
+ word32 hiLen; /* length in bytes */
+ word32 digest[MD4_DIGEST_SIZE / sizeof(word32)];
+ word32 buffer[MD4_BLOCK_SIZE / sizeof(word32)];
+} Md4;
+
+
+WOLFSSL_API void wc_InitMd4(Md4*);
+WOLFSSL_API void wc_Md4Update(Md4*, const byte*, word32);
+WOLFSSL_API void wc_Md4Final(Md4*, byte*);
+
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* NO_MD4 */
+#endif /* WOLF_CRYPT_MD4_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/md5.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/md5.h
new file mode 100644
index 0000000..d469147
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/md5.h
@@ -0,0 +1,136 @@
+/* md5.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/md5.h
+*/
+
+
+#ifndef WOLF_CRYPT_MD5_H
+#define WOLF_CRYPT_MD5_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifndef NO_MD5
+
+#ifdef HAVE_FIPS
+ #define wc_InitMd5 InitMd5
+ #define wc_Md5Update Md5Update
+ #define wc_Md5Final Md5Final
+ #define wc_Md5Hash Md5Hash
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#if !defined(NO_OLD_MD5_NAME)
+ #define MD5 WC_MD5
+#endif
+
+#ifndef NO_OLD_WC_NAMES
+ #define Md5 wc_Md5
+ #define MD5_BLOCK_SIZE WC_MD5_BLOCK_SIZE
+ #define MD5_DIGEST_SIZE WC_MD5_DIGEST_SIZE
+ #define WC_MD5_PAD_SIZE WC_MD5_PAD_SIZE
+#endif
+
+/* in bytes */
+enum {
+ WC_MD5 = WC_HASH_TYPE_MD5,
+ WC_MD5_BLOCK_SIZE = 64,
+ WC_MD5_DIGEST_SIZE = 16,
+ WC_MD5_PAD_SIZE = 56
+};
+
+
+#ifdef WOLFSSL_MICROCHIP_PIC32MZ
+ #include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
+#endif
+#ifdef STM32_HASH
+ #include <wolfssl/wolfcrypt/port/st/stm32.h>
+#endif
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+#endif
+
+#ifdef WOLFSSL_TI_HASH
+ #include "wolfssl/wolfcrypt/port/ti/ti-hash.h"
+#elif defined(WOLFSSL_IMX6_CAAM) && !defined(WOLFSSL_QNX_CAAM)
+ #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
+#else
+
+/* MD5 digest */
+typedef struct wc_Md5 {
+#ifdef STM32_HASH
+ STM32_HASH_Context stmCtx;
+#else
+ word32 buffLen; /* in bytes */
+ word32 loLen; /* length in bytes */
+ word32 hiLen; /* length in bytes */
+ word32 buffer[WC_MD5_BLOCK_SIZE / sizeof(word32)];
+#ifdef WOLFSSL_PIC32MZ_HASH
+ word32 digest[PIC32_DIGEST_SIZE / sizeof(word32)];
+#else
+ word32 digest[WC_MD5_DIGEST_SIZE / sizeof(word32)];
+#endif
+ void* heap;
+#ifdef WOLFSSL_PIC32MZ_HASH
+ hashUpdCache cache; /* cache for updates */
+#endif
+#endif /* STM32_HASH */
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WC_ASYNC_DEV asyncDev;
+#endif /* WOLFSSL_ASYNC_CRYPT */
+#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
+ word32 flags; /* enum wc_HashFlags in hash.h */
+#endif
+} wc_Md5;
+
+#endif /* WOLFSSL_TI_HASH */
+
+WOLFSSL_API int wc_InitMd5(wc_Md5*);
+WOLFSSL_API int wc_InitMd5_ex(wc_Md5*, void*, int);
+WOLFSSL_API int wc_Md5Update(wc_Md5*, const byte*, word32);
+WOLFSSL_API int wc_Md5Final(wc_Md5*, byte*);
+WOLFSSL_API void wc_Md5Free(wc_Md5*);
+#ifdef OPENSSL_EXTRA
+WOLFSSL_API int wc_Md5Transform(wc_Md5*, const byte*);
+#endif
+
+WOLFSSL_API int wc_Md5GetHash(wc_Md5*, byte*);
+WOLFSSL_API int wc_Md5Copy(wc_Md5*, wc_Md5*);
+
+#ifdef WOLFSSL_PIC32MZ_HASH
+WOLFSSL_API void wc_Md5SizeSet(wc_Md5* md5, word32 len);
+#endif
+
+#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
+ WOLFSSL_API int wc_Md5SetFlags(wc_Md5* md5, word32 flags);
+ WOLFSSL_API int wc_Md5GetFlags(wc_Md5* md5, word32* flags);
+#endif
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* NO_MD5 */
+#endif /* WOLF_CRYPT_MD5_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/mem_track.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/mem_track.h
new file mode 100644
index 0000000..362ef39
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/mem_track.h
@@ -0,0 +1,423 @@
+/* mem_track.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+/* The memory tracker overrides the wolfSSL memory callback system and uses a
+ * static to track the total, peak and currently allocated bytes.
+ *
+ * If you are already using the memory callbacks then enabling this will
+ * override the memory callbacks and prevent your memory callbacks from
+ * working. This assumes malloc() and free() are available. Feel free to
+ * customize this for your needs.
+
+ * The enable this feature define the following:
+ * #define USE_WOLFSSL_MEMORY
+ * #define WOLFSSL_TRACK_MEMORY
+ *
+ * On startup call:
+ * InitMemoryTracker();
+ *
+ * When ready to dump the memory report call:
+ * ShowMemoryTracker();
+ *
+ * Report example:
+ * total Allocs = 228
+ * total Bytes = 93442
+ * peak Bytes = 8840
+ * current Bytes = 0
+ *
+ *
+ * You can also:
+ * #define WOLFSSL_DEBUG_MEMORY
+ *
+ * To print every alloc/free along with the function and line number.
+ * Example output:
+ * Alloc: 0x7fa14a500010 -> 120 at wc_InitRng:496
+ * Free: 0x7fa14a500010 -> 120 at wc_FreeRng:606
+ */
+
+
+#ifndef WOLFSSL_MEM_TRACK_H
+#define WOLFSSL_MEM_TRACK_H
+
+#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_STATIC_MEMORY)
+
+ #include "wolfssl/wolfcrypt/logging.h"
+
+ #if defined(WOLFSSL_TRACK_MEMORY)
+ #define DO_MEM_STATS
+ #if defined(__linux__) || defined(__MACH__)
+ #define DO_MEM_LIST
+ #endif
+ #endif
+
+
+ typedef struct memoryStats {
+ long totalAllocs; /* number of allocations */
+ long totalDeallocs; /* number of deallocations */
+ long totalBytes; /* total number of bytes allocated */
+ long peakBytes; /* concurrent max bytes */
+ long currentBytes; /* total current bytes in use */
+#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
+ long peakAllocsTripOdometer; /* peak number of concurrent allocations,
+ * subject to reset by
+ * wolfCrypt_heap_peak_checkpoint()
+ */
+ long peakBytesTripOdometer; /* peak concurrent bytes, subject to reset
+ * by wolfCrypt_heap_peak_checkpoint()
+ */
+#endif
+ } memoryStats;
+
+ typedef struct memHint {
+ size_t thisSize; /* size of this memory */
+
+ #ifdef DO_MEM_LIST
+ struct memHint* next;
+ struct memHint* prev;
+ #ifdef WOLFSSL_DEBUG_MEMORY
+ const char* func;
+ unsigned int line;
+ #endif
+ #endif
+ void* thisMemory; /* actual memory for user */
+ } memHint;
+
+ typedef struct memoryTrack {
+ union {
+ memHint hint;
+ byte alignit[sizeof(memHint) + ((16-1) & ~(16-1))]; /* make sure we have strong alignment */
+ } u;
+ } memoryTrack;
+
+#ifdef DO_MEM_LIST
+ /* track allocations and report at end */
+ typedef struct memoryList {
+ memHint* head;
+ memHint* tail;
+ word32 count;
+ } memoryList;
+#endif
+
+#if defined(WOLFSSL_TRACK_MEMORY)
+ static memoryStats ourMemStats;
+
+ #ifdef DO_MEM_LIST
+ #include <pthread.h>
+ static memoryList ourMemList;
+ static pthread_mutex_t memLock = PTHREAD_MUTEX_INITIALIZER;
+ #endif
+#endif
+
+
+ /* if defined to not using inline then declare function prototypes */
+ #ifdef NO_INLINE
+ #define WC_STATIC
+ #ifdef WOLFSSL_DEBUG_MEMORY
+ WOLFSSL_LOCAL void* TrackMalloc(size_t sz, const char* func, unsigned int line);
+ WOLFSSL_LOCAL void TrackFree(void* ptr, const char* func, unsigned int line);
+ WOLFSSL_LOCAL void* TrackRealloc(void* ptr, size_t sz, const char* func, unsigned int line);
+ #else
+ WOLFSSL_LOCAL void* TrackMalloc(size_t sz);
+ WOLFSSL_LOCAL void TrackFree(void* ptr);
+ WOLFSSL_LOCAL void* TrackRealloc(void* ptr, size_t sz);
+ #endif
+ WOLFSSL_LOCAL int InitMemoryTracker(void);
+ WOLFSSL_LOCAL void ShowMemoryTracker(void);
+ #else
+ #define WC_STATIC static
+ #endif
+
+#ifdef WOLFSSL_DEBUG_MEMORY
+ WC_STATIC WC_INLINE void* TrackMalloc(size_t sz, const char* func, unsigned int line)
+#else
+ WC_STATIC WC_INLINE void* TrackMalloc(size_t sz)
+#endif
+ {
+ memoryTrack* mt;
+ memHint* header;
+
+ if (sz == 0)
+ return NULL;
+
+ mt = (memoryTrack*)malloc(sizeof(memoryTrack) + sz);
+ if (mt == NULL)
+ return NULL;
+
+ header = &mt->u.hint;
+ header->thisSize = sz;
+ header->thisMemory = (byte*)mt + sizeof(memoryTrack);
+
+ #ifdef WOLFSSL_DEBUG_MEMORY
+ #ifdef WOLFSSL_DEBUG_MEMORY_PRINT
+ printf("Alloc: %p -> %u at %s:%d\n", header->thisMemory, (word32)sz, func, line);
+ #else
+ (void)func;
+ (void)line;
+ #endif
+ #endif
+
+ #ifdef DO_MEM_STATS
+ ourMemStats.totalAllocs++;
+ ourMemStats.totalBytes += sz;
+ ourMemStats.currentBytes += sz;
+ #ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
+ if (ourMemStats.peakAllocsTripOdometer < ourMemStats.totalAllocs - ourMemStats.totalDeallocs)
+ ourMemStats.peakAllocsTripOdometer = ourMemStats.totalAllocs - ourMemStats.totalDeallocs;
+ if (ourMemStats.peakBytesTripOdometer < ourMemStats.currentBytes) {
+ ourMemStats.peakBytesTripOdometer = ourMemStats.currentBytes;
+ #endif
+ if (ourMemStats.currentBytes > ourMemStats.peakBytes)
+ ourMemStats.peakBytes = ourMemStats.currentBytes;
+ #ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
+ }
+ #endif
+ #endif
+ #ifdef DO_MEM_LIST
+ if (pthread_mutex_lock(&memLock) == 0) {
+ #ifdef WOLFSSL_DEBUG_MEMORY
+ header->func = func;
+ header->line = line;
+ #endif
+
+ /* Setup event */
+ header->next = NULL;
+ if (ourMemList.tail == NULL) {
+ ourMemList.head = header;
+ header->prev = NULL;
+ }
+ else {
+ ourMemList.tail->next = header;
+ header->prev = ourMemList.tail;
+ }
+ ourMemList.tail = header; /* add to the end either way */
+ ourMemList.count++;
+
+ pthread_mutex_unlock(&memLock);
+ }
+ #endif
+
+ return header->thisMemory;
+ }
+
+
+#ifdef WOLFSSL_DEBUG_MEMORY
+ WC_STATIC WC_INLINE void TrackFree(void* ptr, const char* func, unsigned int line)
+#else
+ WC_STATIC WC_INLINE void TrackFree(void* ptr)
+#endif
+ {
+ memoryTrack* mt;
+ memHint* header;
+ size_t sz;
+
+ if (ptr == NULL) {
+ return;
+ }
+
+ mt = (memoryTrack*)((byte*)ptr - sizeof(memoryTrack));
+ header = &mt->u.hint;
+ sz = header->thisSize;
+
+ #ifdef DO_MEM_LIST
+ if (pthread_mutex_lock(&memLock) == 0)
+ {
+ #endif
+
+ #ifdef DO_MEM_STATS
+ ourMemStats.currentBytes -= header->thisSize;
+ ourMemStats.totalDeallocs++;
+ #endif
+
+ #ifdef DO_MEM_LIST
+ if (header == ourMemList.head && header == ourMemList.tail) {
+ ourMemList.head = NULL;
+ ourMemList.tail = NULL;
+ }
+ else if (header == ourMemList.head) {
+ ourMemList.head = header->next;
+ ourMemList.head->prev = NULL;
+ }
+ else if (header == ourMemList.tail) {
+ ourMemList.tail = header->prev;
+ ourMemList.tail->next = NULL;
+ }
+ else {
+ memHint* next = header->next;
+ memHint* prev = header->prev;
+ if (next)
+ next->prev = prev;
+ if (prev)
+ prev->next = next;
+ }
+ ourMemList.count--;
+
+ pthread_mutex_unlock(&memLock);
+ }
+ #endif
+
+#ifdef WOLFSSL_DEBUG_MEMORY
+#ifdef WOLFSSL_DEBUG_MEMORY_PRINT
+ printf("Free: %p -> %u at %s:%d\n", ptr, (word32)sz, func, line);
+#else
+ (void)func;
+ (void)line;
+#endif
+#endif
+ (void)sz;
+
+ free(mt);
+ }
+
+
+#ifdef WOLFSSL_DEBUG_MEMORY
+ WC_STATIC WC_INLINE void* TrackRealloc(void* ptr, size_t sz, const char* func, unsigned int line)
+#else
+ WC_STATIC WC_INLINE void* TrackRealloc(void* ptr, size_t sz)
+#endif
+ {
+ #ifdef WOLFSSL_DEBUG_MEMORY
+ void* ret = TrackMalloc(sz, func, line);
+ #else
+ void* ret = TrackMalloc(sz);
+ #endif
+
+ if (ptr) {
+ /* if realloc is bigger, don't overread old ptr */
+ memoryTrack* mt;
+ memHint* header;
+
+ mt = (memoryTrack*)((byte*)ptr - sizeof(memoryTrack));
+ header = &mt->u.hint;
+
+ if (header->thisSize < sz)
+ sz = header->thisSize;
+ }
+
+ if (ret && ptr)
+ XMEMCPY(ret, ptr, sz);
+
+ if (ret) {
+ #ifdef WOLFSSL_DEBUG_MEMORY
+ TrackFree(ptr, func, line);
+ #else
+ TrackFree(ptr);
+ #endif
+ }
+
+ return ret;
+ }
+
+#ifdef WOLFSSL_TRACK_MEMORY
+ static wolfSSL_Malloc_cb mfDefault = NULL;
+ static wolfSSL_Free_cb ffDefault = NULL;
+ static wolfSSL_Realloc_cb rfDefault = NULL;
+
+ WC_STATIC WC_INLINE int InitMemoryTracker(void)
+ {
+ int ret;
+
+ ret = wolfSSL_GetAllocators(&mfDefault, &ffDefault, &rfDefault);
+ if (ret < 0) {
+ printf("wolfSSL GetAllocators failed to get the defaults\n");
+ }
+ ret = wolfSSL_SetAllocators(TrackMalloc, TrackFree, TrackRealloc);
+ if (ret < 0) {
+ printf("wolfSSL SetAllocators failed for track memory\n");
+ return ret;
+ }
+
+ #ifdef DO_MEM_LIST
+ if (pthread_mutex_lock(&memLock) == 0)
+ {
+ #endif
+
+ #ifdef DO_MEM_STATS
+ ourMemStats.totalAllocs = 0;
+ ourMemStats.totalDeallocs = 0;
+ ourMemStats.totalBytes = 0;
+ ourMemStats.peakBytes = 0;
+ ourMemStats.currentBytes = 0;
+#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
+ ourMemStats.peakAllocsTripOdometer = 0;
+ ourMemStats.peakBytesTripOdometer = 0;
+#endif
+ #endif
+
+ #ifdef DO_MEM_LIST
+ XMEMSET(&ourMemList, 0, sizeof(ourMemList));
+
+ pthread_mutex_unlock(&memLock);
+ }
+ #endif
+
+ return ret;
+ }
+
+ WC_STATIC WC_INLINE void ShowMemoryTracker(void)
+ {
+ #ifdef DO_MEM_LIST
+ if (pthread_mutex_lock(&memLock) == 0)
+ {
+ #endif
+
+ #ifdef DO_MEM_STATS
+ printf("total Allocs = %9ld\n", ourMemStats.totalAllocs);
+ printf("total Deallocs = %9ld\n", ourMemStats.totalDeallocs);
+ printf("total Bytes = %9ld\n", ourMemStats.totalBytes);
+ printf("peak Bytes = %9ld\n", ourMemStats.peakBytes);
+ printf("current Bytes = %9ld\n", ourMemStats.currentBytes);
+ #endif
+
+ #ifdef DO_MEM_LIST
+ if (ourMemList.count > 0) {
+ /* print list of allocations */
+ memHint* header;
+ for (header = ourMemList.head; header != NULL; header = header->next) {
+ printf("Leak: Ptr %p, Size %u"
+ #ifdef WOLFSSL_DEBUG_MEMORY
+ ", Func %s, Line %d"
+ #endif
+ "\n",
+ (byte*)header + sizeof(memHint), (unsigned int)header->thisSize
+ #ifdef WOLFSSL_DEBUG_MEMORY
+ , header->func, header->line
+ #endif
+ );
+ }
+ }
+
+ pthread_mutex_unlock(&memLock);
+ }
+ #endif
+ }
+
+ WC_STATIC WC_INLINE int CleanupMemoryTracker(void)
+ {
+ /* restore default allocators */
+ return wolfSSL_SetAllocators(mfDefault, ffDefault, rfDefault);
+ }
+#endif
+
+#endif /* USE_WOLFSSL_MEMORY */
+
+#endif /* WOLFSSL_MEM_TRACK_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/memory.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/memory.h
new file mode 100644
index 0000000..42e3609
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/memory.h
@@ -0,0 +1,237 @@
+/* memory.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+/* submitted by eof */
+
+/*!
+ \file wolfssl/wolfcrypt/memory.h
+*/
+
+#ifndef WOLFSSL_MEMORY_H
+#define WOLFSSL_MEMORY_H
+
+#if !defined(STRING_USER) && !defined(WOLFSSL_LINUXKM)
+#include <stdlib.h>
+#endif
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#ifdef WOLFSSL_FORCE_MALLOC_FAIL_TEST
+ WOLFSSL_API void wolfSSL_SetMemFailCount(int memFailCount);
+#endif
+
+#ifdef WOLFSSL_STATIC_MEMORY
+ #ifdef WOLFSSL_DEBUG_MEMORY
+ typedef void *(*wolfSSL_Malloc_cb)(size_t size, void* heap, int type, const char* func, unsigned int line);
+ typedef void (*wolfSSL_Free_cb)(void *ptr, void* heap, int type, const char* func, unsigned int line);
+ typedef void *(*wolfSSL_Realloc_cb)(void *ptr, size_t size, void* heap, int type, const char* func, unsigned int line);
+ WOLFSSL_API void* wolfSSL_Malloc(size_t size, void* heap, int type, const char* func, unsigned int line);
+ WOLFSSL_API void wolfSSL_Free(void *ptr, void* heap, int type, const char* func, unsigned int line);
+ WOLFSSL_API void* wolfSSL_Realloc(void *ptr, size_t size, void* heap, int type, const char* func, unsigned int line);
+ #else
+ typedef void *(*wolfSSL_Malloc_cb)(size_t size, void* heap, int type);
+ typedef void (*wolfSSL_Free_cb)(void *ptr, void* heap, int type);
+ typedef void *(*wolfSSL_Realloc_cb)(void *ptr, size_t size, void* heap, int type);
+ WOLFSSL_API void* wolfSSL_Malloc(size_t size, void* heap, int type);
+ WOLFSSL_API void wolfSSL_Free(void *ptr, void* heap, int type);
+ WOLFSSL_API void* wolfSSL_Realloc(void *ptr, size_t size, void* heap, int type);
+ #endif /* WOLFSSL_DEBUG_MEMORY */
+#else
+ #ifdef WOLFSSL_DEBUG_MEMORY
+ typedef void *(*wolfSSL_Malloc_cb)(size_t size, const char* func, unsigned int line);
+ typedef void (*wolfSSL_Free_cb)(void *ptr, const char* func, unsigned int line);
+ typedef void *(*wolfSSL_Realloc_cb)(void *ptr, size_t size, const char* func, unsigned int line);
+
+ /* Public in case user app wants to use XMALLOC/XFREE */
+ WOLFSSL_API void* wolfSSL_Malloc(size_t size, const char* func, unsigned int line);
+ WOLFSSL_API void wolfSSL_Free(void *ptr, const char* func, unsigned int line);
+ WOLFSSL_API void* wolfSSL_Realloc(void *ptr, size_t size, const char* func, unsigned int line);
+ #else
+ typedef void *(*wolfSSL_Malloc_cb)(size_t size);
+ typedef void (*wolfSSL_Free_cb)(void *ptr);
+ typedef void *(*wolfSSL_Realloc_cb)(void *ptr, size_t size);
+ /* Public in case user app wants to use XMALLOC/XFREE */
+ WOLFSSL_API void* wolfSSL_Malloc(size_t size);
+ WOLFSSL_API void wolfSSL_Free(void *ptr);
+ WOLFSSL_API void* wolfSSL_Realloc(void *ptr, size_t size);
+ #endif /* WOLFSSL_DEBUG_MEMORY */
+#endif /* WOLFSSL_STATIC_MEMORY */
+
+/* Public get/set functions */
+WOLFSSL_API int wolfSSL_SetAllocators(wolfSSL_Malloc_cb,
+ wolfSSL_Free_cb,
+ wolfSSL_Realloc_cb);
+WOLFSSL_API int wolfSSL_GetAllocators(wolfSSL_Malloc_cb*,
+ wolfSSL_Free_cb*,
+ wolfSSL_Realloc_cb*);
+
+#ifdef WOLFSSL_STATIC_MEMORY
+ #define WOLFSSL_STATIC_TIMEOUT 1
+ #ifndef WOLFSSL_STATIC_ALIGN
+ #define WOLFSSL_STATIC_ALIGN 16
+ #endif
+ #ifndef WOLFMEM_MAX_BUCKETS
+ #define WOLFMEM_MAX_BUCKETS 9
+ #endif
+ #define WOLFMEM_DEF_BUCKETS 9 /* number of default memory blocks */
+ #ifndef WOLFMEM_IO_SZ
+ #define WOLFMEM_IO_SZ 16992 /* 16 byte aligned */
+ #endif
+ #ifndef WOLFMEM_BUCKETS
+ #ifndef SESSION_CERTS
+ /* default size of chunks of memory to separate into */
+ #ifndef LARGEST_MEM_BUCKET
+ #define LARGEST_MEM_BUCKET 16128
+ #endif
+ #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,\
+ LARGEST_MEM_BUCKET
+ #elif defined (OPENSSL_EXTRA)
+ /* extra storage in structs for multiple attributes and order */
+ #ifndef LARGEST_MEM_BUCKET
+ #ifdef WOLFSSL_TLS13
+ #define LARGEST_MEM_BUCKET 30400
+ #else
+ #define LARGEST_MEM_BUCKET 25600
+ #endif
+ #endif
+ #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3360,4480,\
+ LARGEST_MEM_BUCKET
+ #elif defined (WOLFSSL_CERT_EXT)
+ /* certificate extensions requires 24k for the SSL struct */
+ #ifndef LARGEST_MEM_BUCKET
+ #define LARGEST_MEM_BUCKET 24576
+ #endif
+ #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,\
+ LARGEST_MEM_BUCKET
+ #else
+ /* increase 23k for object member of WOLFSSL_X509_NAME_ENTRY */
+ #ifndef LARGEST_MEM_BUCKET
+ #define LARGEST_MEM_BUCKET 23440
+ #endif
+ #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,\
+ LARGEST_MEM_BUCKET
+ #endif
+ #endif
+ #ifndef WOLFMEM_DIST
+ #ifndef WOLFSSL_STATIC_MEMORY_SMALL
+ #define WOLFMEM_DIST 49,10,6,14,5,6,9,1,1
+ #else
+ /* Low resource and not RSA */
+ #define WOLFMEM_DIST 29, 7,6, 9,4,4,0,0,0
+ #endif
+ #endif
+
+ /* flags for loading static memory (one hot bit) */
+ #define WOLFMEM_GENERAL 0x01
+ #define WOLFMEM_IO_POOL 0x02
+ #define WOLFMEM_IO_POOL_FIXED 0x04
+ #define WOLFMEM_TRACK_STATS 0x08
+
+ #ifndef WOLFSSL_MEM_GUARD
+ #define WOLFSSL_MEM_GUARD
+ typedef struct WOLFSSL_MEM_STATS WOLFSSL_MEM_STATS;
+ typedef struct WOLFSSL_MEM_CONN_STATS WOLFSSL_MEM_CONN_STATS;
+ #endif
+
+ struct WOLFSSL_MEM_CONN_STATS {
+ word32 peakMem; /* peak memory usage */
+ word32 curMem; /* current memory usage */
+ word32 peakAlloc; /* peak memory allocations */
+ word32 curAlloc; /* current memory allocations */
+ word32 totalAlloc;/* total memory allocations for lifetime */
+ word32 totalFr; /* total frees for lifetime */
+ };
+
+ struct WOLFSSL_MEM_STATS {
+ word32 curAlloc; /* current memory allocations */
+ word32 totalAlloc;/* total memory allocations for lifetime */
+ word32 totalFr; /* total frees for lifetime */
+ word32 totalUse; /* total amount of memory used in blocks */
+ word32 avaIO; /* available IO specific pools */
+ word32 maxHa; /* max number of concurrent handshakes allowed */
+ word32 maxIO; /* max number of concurrent IO connections allowed */
+ word32 blockSz[WOLFMEM_MAX_BUCKETS]; /* block sizes in stacks */
+ word32 avaBlock[WOLFMEM_MAX_BUCKETS];/* ava block sizes */
+ word32 usedBlock[WOLFMEM_MAX_BUCKETS];
+ int flag; /* flag used */
+ };
+
+ typedef struct wc_Memory wc_Memory; /* internal structure for mem bucket */
+ typedef struct WOLFSSL_HEAP {
+ wc_Memory* ava[WOLFMEM_MAX_BUCKETS];
+ wc_Memory* io; /* list of buffers to use for IO */
+ word32 maxHa; /* max concurrent handshakes */
+ word32 curHa;
+ word32 maxIO; /* max concurrent IO connections */
+ word32 curIO;
+ word32 sizeList[WOLFMEM_MAX_BUCKETS];/* memory sizes in ava list */
+ word32 distList[WOLFMEM_MAX_BUCKETS];/* general distribution */
+ word32 inUse; /* amount of memory currently in use */
+ word32 ioUse;
+ word32 alloc; /* total number of allocs */
+ word32 frAlc; /* total number of frees */
+ int flag;
+ wolfSSL_Mutex memory_mutex;
+ } WOLFSSL_HEAP;
+
+ /* structure passed into XMALLOC as heap hint
+ * having this abstraction allows tracking statistics of individual ssl's
+ */
+ typedef struct WOLFSSL_HEAP_HINT {
+ WOLFSSL_HEAP* memory;
+ WOLFSSL_MEM_CONN_STATS* stats; /* hold individual connection stats */
+ wc_Memory* outBuf; /* set if using fixed io buffers */
+ wc_Memory* inBuf;
+ byte haFlag; /* flag used for checking handshake count */
+ } WOLFSSL_HEAP_HINT;
+
+ WOLFSSL_API int wc_LoadStaticMemory(WOLFSSL_HEAP_HINT** pHint,
+ unsigned char* buf, unsigned int sz, int flag, int max);
+
+ WOLFSSL_LOCAL int wolfSSL_init_memory_heap(WOLFSSL_HEAP* heap);
+ WOLFSSL_LOCAL int wolfSSL_load_static_memory(byte* buffer, word32 sz,
+ int flag, WOLFSSL_HEAP* heap);
+ WOLFSSL_LOCAL int wolfSSL_GetMemStats(WOLFSSL_HEAP* heap,
+ WOLFSSL_MEM_STATS* stats);
+ WOLFSSL_LOCAL int SetFixedIO(WOLFSSL_HEAP* heap, wc_Memory** io);
+ WOLFSSL_LOCAL int FreeFixedIO(WOLFSSL_HEAP* heap, wc_Memory** io);
+
+ WOLFSSL_API int wolfSSL_StaticBufferSz(byte* buffer, word32 sz, int flag);
+ WOLFSSL_API int wolfSSL_MemoryPaddingSz(void);
+#endif /* WOLFSSL_STATIC_MEMORY */
+
+#ifdef WOLFSSL_STACK_LOG
+ WOLFSSL_API void __attribute__((no_instrument_function))
+ __cyg_profile_func_enter(void *func, void *caller);
+ WOLFSSL_API void __attribute__((no_instrument_function))
+ __cyg_profile_func_exit(void *func, void *caller);
+#endif /* WOLFSSL_STACK_LOG */
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLFSSL_MEMORY_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/misc.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/misc.h
new file mode 100644
index 0000000..748688f
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/misc.h
@@ -0,0 +1,136 @@
+/* misc.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+/*
+
+DESCRIPTION
+This module implements the arithmetic-shift right, left, byte swapping, XOR,
+masking and clearing memory logic.
+
+*/
+#ifndef WOLF_CRYPT_MISC_H
+#define WOLF_CRYPT_MISC_H
+
+
+#include <wolfssl/wolfcrypt/types.h>
+
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+
+#ifdef NO_INLINE
+WOLFSSL_LOCAL
+word32 rotlFixed(word32, word32);
+WOLFSSL_LOCAL
+word32 rotrFixed(word32, word32);
+
+#ifdef WC_RC2
+WOLFSSL_LOCAL
+word16 rotlFixed16(word16, word16);
+WOLFSSL_LOCAL
+word16 rotrFixed16(word16, word16);
+#endif
+
+WOLFSSL_LOCAL
+word32 ByteReverseWord32(word32);
+WOLFSSL_LOCAL
+void ByteReverseWords(word32*, const word32*, word32);
+
+WOLFSSL_LOCAL
+void XorWordsOut(wolfssl_word* r, const wolfssl_word* a, const wolfssl_word* b,
+ word32 n);
+WOLFSSL_LOCAL
+void xorbufout(void*, const void*, const void*, word32);
+WOLFSSL_LOCAL
+void XorWords(wolfssl_word*, const wolfssl_word*, word32);
+WOLFSSL_LOCAL
+void xorbuf(void*, const void*, word32);
+
+WOLFSSL_LOCAL
+void ForceZero(const void*, word32);
+
+WOLFSSL_LOCAL
+int ConstantCompare(const byte*, const byte*, int);
+
+#ifdef WORD64_AVAILABLE
+WOLFSSL_LOCAL
+word64 rotlFixed64(word64, word64);
+WOLFSSL_LOCAL
+word64 rotrFixed64(word64, word64);
+
+WOLFSSL_LOCAL
+word64 ByteReverseWord64(word64);
+WOLFSSL_LOCAL
+void ByteReverseWords64(word64*, const word64*, word32);
+#endif /* WORD64_AVAILABLE */
+
+#ifndef WOLFSSL_HAVE_MIN
+ #if defined(HAVE_FIPS) && !defined(min) /* so ifdef check passes */
+ #define min min
+ #endif
+ WOLFSSL_LOCAL word32 min(word32 a, word32 b);
+#endif
+
+#ifndef WOLFSSL_HAVE_MAX
+ #if defined(HAVE_FIPS) && !defined(max) /* so ifdef check passes */
+ #define max max
+ #endif
+ WOLFSSL_LOCAL word32 max(word32 a, word32 b);
+#endif /* WOLFSSL_HAVE_MAX */
+
+
+void c32to24(word32 in, word24 out);
+void c16toa(word16 u16, byte* c);
+void c32toa(word32 u32, byte* c);
+void c24to32(const word24 u24, word32* u32);
+void ato16(const byte* c, word16* u16);
+void ato24(const byte* c, word32* u24);
+void ato32(const byte* c, word32* u32);
+word32 btoi(byte b);
+
+
+WOLFSSL_LOCAL byte ctMaskGT(int a, int b);
+WOLFSSL_LOCAL byte ctMaskGTE(int a, int b);
+WOLFSSL_LOCAL int ctMaskIntGTE(int a, int b);
+WOLFSSL_LOCAL byte ctMaskLT(int a, int b);
+WOLFSSL_LOCAL byte ctMaskLTE(int a, int b);
+WOLFSSL_LOCAL byte ctMaskEq(int a, int b);
+WOLFSSL_LOCAL word16 ctMask16GT(int a, int b);
+WOLFSSL_LOCAL word16 ctMask16GTE(int a, int b);
+WOLFSSL_LOCAL word16 ctMask16LT(int a, int b);
+WOLFSSL_LOCAL word16 ctMask16LTE(int a, int b);
+WOLFSSL_LOCAL word16 ctMask16Eq(int a, int b);
+WOLFSSL_LOCAL byte ctMaskNotEq(int a, int b);
+WOLFSSL_LOCAL byte ctMaskSel(byte m, byte a, byte b);
+WOLFSSL_LOCAL int ctMaskSelInt(byte m, int a, int b);
+WOLFSSL_LOCAL byte ctSetLTE(int a, int b);
+
+#endif /* NO_INLINE */
+
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+
+#endif /* WOLF_CRYPT_MISC_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/mpi_class.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/mpi_class.h
new file mode 100644
index 0000000..e04acc2
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/mpi_class.h
@@ -0,0 +1,1021 @@
+/* mpi_class.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+
+#if !(defined(LTM1) && defined(LTM2) && defined(LTM3))
+#if defined(LTM2)
+#define LTM3
+#endif
+#if defined(LTM1)
+#define LTM2
+#endif
+#define LTM1
+
+#if defined(LTM_ALL)
+#define BN_ERROR_C
+#define BN_FAST_MP_INVMOD_C
+#define BN_FAST_MP_MONTGOMERY_REDUCE_C
+#define BN_FAST_S_MP_MUL_DIGS_C
+#define BN_FAST_S_MP_MUL_HIGH_DIGS_C
+#define BN_FAST_S_MP_SQR_C
+#define BN_MP_2EXPT_C
+#define BN_MP_ABS_C
+#define BN_MP_ADD_C
+#define BN_MP_ADD_D_C
+#define BN_MP_ADDMOD_C
+#define BN_MP_AND_C
+#define BN_MP_CLAMP_C
+#define BN_MP_CLEAR_C
+#define BN_MP_CLEAR_MULTI_C
+#define BN_MP_CMP_C
+#define BN_MP_CMP_D_C
+#define BN_MP_CMP_MAG_C
+#define BN_MP_CNT_LSB_C
+#define BN_MP_COPY_C
+#define BN_MP_COUNT_BITS_C
+#define BN_MP_DIV_C
+#define BN_MP_DIV_2_C
+#define BN_MP_DIV_2D_C
+#define BN_MP_DIV_3_C
+#define BN_MP_DIV_D_C
+#define BN_MP_DR_IS_MODULUS_C
+#define BN_MP_DR_REDUCE_C
+#define BN_MP_DR_SETUP_C
+#define BN_MP_EXCH_C
+#define BN_MP_EXPT_D_C
+#define BN_MP_EXPTMOD_BASE_2
+#define BN_MP_EXPTMOD_C
+#define BN_MP_EXPTMOD_FAST_C
+#define BN_MP_EXTEUCLID_C
+#define BN_MP_FREAD_C
+#define BN_MP_FWRITE_C
+#define BN_MP_GCD_C
+#define BN_MP_GET_INT_C
+#define BN_MP_GROW_C
+#define BN_MP_INIT_C
+#define BN_MP_INIT_COPY_C
+#define BN_MP_INIT_MULTI_C
+#define BN_MP_INIT_SET_C
+#define BN_MP_INIT_SET_INT_C
+#define BN_MP_INIT_SIZE_C
+#define BN_MP_INVMOD_C
+#define BN_MP_INVMOD_SLOW_C
+#define BN_MP_IS_SQUARE_C
+#define BN_MP_JACOBI_C
+#define BN_MP_KARATSUBA_MUL_C
+#define BN_MP_KARATSUBA_SQR_C
+#define BN_MP_LCM_C
+#define BN_MP_LSHD_C
+#define BN_MP_MOD_C
+#define BN_MP_MOD_2D_C
+#define BN_MP_MOD_D_C
+#define BN_MP_MONTGOMERY_CALC_NORMALIZATION_C
+#define BN_MP_MONTGOMERY_REDUCE_C
+#define BN_MP_MONTGOMERY_SETUP_C
+#define BN_MP_MUL_C
+#define BN_MP_MUL_2_C
+#define BN_MP_MUL_2D_C
+#define BN_MP_MUL_D_C
+#define BN_MP_MULMOD_C
+#define BN_MP_N_ROOT_C
+#define BN_MP_NEG_C
+#define BN_MP_OR_C
+#define BN_MP_PRIME_FERMAT_C
+#define BN_MP_PRIME_IS_DIVISIBLE_C
+#define BN_MP_PRIME_IS_PRIME_C
+#define BN_MP_PRIME_MILLER_RABIN_C
+#define BN_MP_PRIME_NEXT_PRIME_C
+#define BN_MP_PRIME_RABIN_MILLER_TRIALS_C
+#define BN_MP_PRIME_RANDOM_EX_C
+#define BN_MP_RADIX_SIZE_C
+#define BN_MP_RADIX_SMAP_C
+#define BN_MP_RAND_C
+#define BN_MP_READ_RADIX_C
+#define BN_MP_READ_SIGNED_BIN_C
+#define BN_MP_READ_UNSIGNED_BIN_C
+#define BN_MP_REDUCE_C
+#define BN_MP_REDUCE_2K_C
+#define BN_MP_REDUCE_2K_L_C
+#define BN_MP_REDUCE_2K_SETUP_C
+#define BN_MP_REDUCE_2K_SETUP_L_C
+#define BN_MP_REDUCE_IS_2K_C
+#define BN_MP_REDUCE_IS_2K_L_C
+#define BN_MP_REDUCE_SETUP_C
+#define BN_MP_RSHD_C
+#define BN_MP_SET_C
+#define BN_MP_SET_INT_C
+#define BN_MP_SHRINK_C
+#define BN_MP_SIGNED_BIN_SIZE_C
+#define BN_MP_SQR_C
+#define BN_MP_SQRMOD_C
+#define BN_MP_SQRT_C
+#define BN_MP_SUB_C
+#define BN_MP_SUB_D_C
+#define BN_MP_SUBMOD_C
+#define BN_MP_TO_SIGNED_BIN_C
+#define BN_MP_TO_SIGNED_BIN_N_C
+#define BN_MP_TO_UNSIGNED_BIN_C
+#define BN_MP_TO_UNSIGNED_BIN_N_C
+#define BN_MP_TOOM_MUL_C
+#define BN_MP_TOOM_SQR_C
+#define BN_MP_TORADIX_C
+#define BN_MP_TORADIX_N_C
+#define BN_MP_UNSIGNED_BIN_SIZE_C
+#define BN_MP_XOR_C
+#define BN_MP_ZERO_C
+#define BN_PRIME_TAB_C
+#define BN_REVERSE_C
+#define BN_S_MP_ADD_C
+#define BN_S_MP_EXPTMOD_C
+#define BN_S_MP_MUL_DIGS_C
+#define BN_S_MP_MUL_HIGH_DIGS_C
+#define BN_S_MP_SQR_C
+#define BN_S_MP_SUB_C
+#define BNCORE_C
+#endif
+
+#if defined(BN_ERROR_C)
+ #define BN_MP_ERROR_TO_STRING_C
+#endif
+
+#if defined(BN_FAST_MP_INVMOD_C)
+ #define BN_MP_ISEVEN_C
+ #define BN_MP_INIT_MULTI_C
+ #define BN_MP_COPY_C
+ #define BN_MP_MOD_C
+ #define BN_MP_SET_C
+ #define BN_MP_DIV_2_C
+ #define BN_MP_ISODD_C
+ #define BN_MP_SUB_C
+ #define BN_MP_CMP_C
+ #define BN_MP_ISZERO_C
+ #define BN_MP_CMP_D_C
+ #define BN_MP_ADD_C
+ #define BN_MP_EXCH_C
+ #define BN_MP_CLEAR_MULTI_C
+#endif
+
+#if defined(BN_FAST_MP_MONTGOMERY_REDUCE_C)
+ #define BN_MP_GROW_C
+ #define BN_MP_RSHD_C
+ #define BN_MP_CLAMP_C
+ #define BN_MP_CMP_MAG_C
+ #define BN_S_MP_SUB_C
+#endif
+
+#if defined(BN_FAST_S_MP_MUL_DIGS_C)
+ #define BN_MP_GROW_C
+ #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_FAST_S_MP_MUL_HIGH_DIGS_C)
+ #define BN_MP_GROW_C
+ #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_FAST_S_MP_SQR_C)
+ #define BN_MP_GROW_C
+ #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_MP_2EXPT_C)
+ #define BN_MP_ZERO_C
+ #define BN_MP_GROW_C
+#endif
+
+#if defined(BN_MP_ABS_C)
+ #define BN_MP_COPY_C
+#endif
+
+#if defined(BN_MP_ADD_C)
+ #define BN_S_MP_ADD_C
+ #define BN_MP_CMP_MAG_C
+ #define BN_S_MP_SUB_C
+#endif
+
+#if defined(BN_MP_ADD_D_C)
+ #define BN_MP_GROW_C
+ #define BN_MP_SUB_D_C
+ #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_MP_ADDMOD_C)
+ #define BN_MP_INIT_C
+ #define BN_MP_ADD_C
+ #define BN_MP_CLEAR_C
+ #define BN_MP_MOD_C
+#endif
+
+#if defined(BN_MP_AND_C)
+ #define BN_MP_INIT_COPY_C
+ #define BN_MP_CLAMP_C
+ #define BN_MP_EXCH_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_CLAMP_C)
+#endif
+
+#if defined(BN_MP_CLEAR_C)
+#endif
+
+#if defined(BN_MP_CLEAR_MULTI_C)
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_CMP_C)
+ #define BN_MP_CMP_MAG_C
+#endif
+
+#if defined(BN_MP_CMP_D_C)
+#endif
+
+#if defined(BN_MP_CMP_MAG_C)
+#endif
+
+#if defined(BN_MP_CNT_LSB_C)
+ #define BN_MP_ISZERO_C
+#endif
+
+#if defined(BN_MP_COPY_C)
+ #define BN_MP_GROW_C
+#endif
+
+#if defined(BN_MP_COUNT_BITS_C)
+#endif
+
+#if defined(BN_MP_DIV_C)
+ #define BN_MP_ISZERO_C
+ #define BN_MP_CMP_MAG_C
+ #define BN_MP_COPY_C
+ #define BN_MP_ZERO_C
+ #define BN_MP_INIT_MULTI_C
+ #define BN_MP_SET_C
+ #define BN_MP_COUNT_BITS_C
+ #define BN_MP_ABS_C
+ #define BN_MP_MUL_2D_C
+ #define BN_MP_CMP_C
+ #define BN_MP_SUB_C
+ #define BN_MP_ADD_C
+ #define BN_MP_DIV_2D_C
+ #define BN_MP_EXCH_C
+ #define BN_MP_CLEAR_MULTI_C
+ #define BN_MP_INIT_SIZE_C
+ #define BN_MP_INIT_C
+ #define BN_MP_INIT_COPY_C
+ #define BN_MP_LSHD_C
+ #define BN_MP_RSHD_C
+ #define BN_MP_MUL_D_C
+ #define BN_MP_CLAMP_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_DIV_2_C)
+ #define BN_MP_GROW_C
+ #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_MP_DIV_2D_C)
+ #define BN_MP_COPY_C
+ #define BN_MP_ZERO_C
+ #define BN_MP_INIT_C
+ #define BN_MP_MOD_2D_C
+ #define BN_MP_CLEAR_C
+ #define BN_MP_RSHD_C
+ #define BN_MP_CLAMP_C
+ #define BN_MP_EXCH_C
+#endif
+
+#if defined(BN_MP_DIV_3_C)
+ #define BN_MP_INIT_SIZE_C
+ #define BN_MP_CLAMP_C
+ #define BN_MP_EXCH_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_DIV_D_C)
+ #define BN_MP_ISZERO_C
+ #define BN_MP_COPY_C
+ #define BN_MP_DIV_2D_C
+ #define BN_MP_DIV_3_C
+ #define BN_MP_INIT_SIZE_C
+ #define BN_MP_CLAMP_C
+ #define BN_MP_EXCH_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_DR_IS_MODULUS_C)
+#endif
+
+#if defined(BN_MP_DR_REDUCE_C)
+ #define BN_MP_GROW_C
+ #define BN_MP_CLAMP_C
+ #define BN_MP_CMP_MAG_C
+ #define BN_S_MP_SUB_C
+#endif
+
+#if defined(BN_MP_DR_SETUP_C)
+#endif
+
+#if defined(BN_MP_EXCH_C)
+#endif
+
+#if defined(BN_MP_EXPT_D_C)
+ #define BN_MP_INIT_COPY_C
+ #define BN_MP_SET_C
+ #define BN_MP_SQR_C
+ #define BN_MP_CLEAR_C
+ #define BN_MP_MUL_C
+#endif
+
+#if defined(BN_MP_EXPTMOD_C)
+ #define BN_MP_INIT_C
+ #define BN_MP_INVMOD_C
+ #define BN_MP_CLEAR_C
+ #define BN_MP_ABS_C
+ #define BN_MP_CLEAR_MULTI_C
+ #define BN_MP_REDUCE_IS_2K_L_C
+ #define BN_S_MP_EXPTMOD_C
+ #define BN_MP_DR_IS_MODULUS_C
+ #define BN_MP_REDUCE_IS_2K_C
+ #define BN_MP_ISODD_C
+ #define BN_MP_EXPTMOD_FAST_C
+ #define BN_MP_EXPTMOD_BASE_2
+#endif
+
+#if defined(BN_MP_EXPTMOD_FAST_C)
+ #define BN_MP_COUNT_BITS_C
+ #define BN_MP_INIT_C
+ #define BN_MP_CLEAR_C
+ #define BN_MP_MONTGOMERY_SETUP_C
+ #define BN_FAST_MP_MONTGOMERY_REDUCE_C
+ #define BN_MP_MONTGOMERY_REDUCE_C
+ #define BN_MP_DR_SETUP_C
+ #define BN_MP_DR_REDUCE_C
+ #define BN_MP_REDUCE_2K_SETUP_C
+ #define BN_MP_REDUCE_2K_C
+ #define BN_MP_MONTGOMERY_CALC_NORMALIZATION_C
+ #define BN_MP_MULMOD_C
+ #define BN_MP_SET_C
+ #define BN_MP_MOD_C
+ #define BN_MP_COPY_C
+ #define BN_MP_SQR_C
+ #define BN_MP_MUL_C
+ #define BN_MP_EXCH_C
+#endif
+
+#if defined(BN_MP_EXTEUCLID_C)
+ #define BN_MP_INIT_MULTI_C
+ #define BN_MP_SET_C
+ #define BN_MP_COPY_C
+ #define BN_MP_ISZERO_C
+ #define BN_MP_DIV_C
+ #define BN_MP_MUL_C
+ #define BN_MP_SUB_C
+ #define BN_MP_NEG_C
+ #define BN_MP_EXCH_C
+ #define BN_MP_CLEAR_MULTI_C
+#endif
+
+#if defined(BN_MP_FREAD_C)
+ #define BN_MP_ZERO_C
+ #define BN_MP_S_RMAP_C
+ #define BN_MP_MUL_D_C
+ #define BN_MP_ADD_D_C
+ #define BN_MP_CMP_D_C
+#endif
+
+#if defined(BN_MP_FWRITE_C)
+ #define BN_MP_RADIX_SIZE_C
+ #define BN_MP_TORADIX_C
+#endif
+
+#if defined(BN_MP_GCD_C)
+ #define BN_MP_ISZERO_C
+ #define BN_MP_ABS_C
+ #define BN_MP_ZERO_C
+ #define BN_MP_INIT_COPY_C
+ #define BN_MP_CNT_LSB_C
+ #define BN_MP_DIV_2D_C
+ #define BN_MP_CMP_MAG_C
+ #define BN_MP_EXCH_C
+ #define BN_S_MP_SUB_C
+ #define BN_MP_MUL_2D_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_GET_INT_C)
+#endif
+
+#if defined(BN_MP_GROW_C)
+#endif
+
+#if defined(BN_MP_INIT_C)
+#endif
+
+#if defined(BN_MP_INIT_COPY_C)
+ #define BN_MP_COPY_C
+#endif
+
+#if defined(BN_MP_INIT_MULTI_C)
+ #define BN_MP_ERR_C
+ #define BN_MP_INIT_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_INIT_SET_C)
+ #define BN_MP_INIT_C
+ #define BN_MP_SET_C
+#endif
+
+#if defined(BN_MP_INIT_SET_INT_C)
+ #define BN_MP_INIT_C
+ #define BN_MP_SET_INT_C
+#endif
+
+#if defined(BN_MP_INIT_SIZE_C)
+ #define BN_MP_INIT_C
+#endif
+
+#if defined(BN_MP_INVMOD_C)
+ #define BN_MP_ISZERO_C
+ #define BN_MP_ISODD_C
+ #define BN_FAST_MP_INVMOD_C
+ #define BN_MP_INVMOD_SLOW_C
+#endif
+
+#if defined(BN_MP_INVMOD_SLOW_C)
+ #define BN_MP_ISZERO_C
+ #define BN_MP_INIT_MULTI_C
+ #define BN_MP_MOD_C
+ #define BN_MP_COPY_C
+ #define BN_MP_ISEVEN_C
+ #define BN_MP_SET_C
+ #define BN_MP_DIV_2_C
+ #define BN_MP_ISODD_C
+ #define BN_MP_ADD_C
+ #define BN_MP_SUB_C
+ #define BN_MP_CMP_C
+ #define BN_MP_CMP_D_C
+ #define BN_MP_CMP_MAG_C
+ #define BN_MP_EXCH_C
+ #define BN_MP_CLEAR_MULTI_C
+#endif
+
+#if defined(BN_MP_IS_SQUARE_C)
+ #define BN_MP_MOD_D_C
+ #define BN_MP_INIT_SET_INT_C
+ #define BN_MP_MOD_C
+ #define BN_MP_GET_INT_C
+ #define BN_MP_SQRT_C
+ #define BN_MP_SQR_C
+ #define BN_MP_CMP_MAG_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_JACOBI_C)
+ #define BN_MP_CMP_D_C
+ #define BN_MP_ISZERO_C
+ #define BN_MP_INIT_COPY_C
+ #define BN_MP_CNT_LSB_C
+ #define BN_MP_DIV_2D_C
+ #define BN_MP_MOD_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_KARATSUBA_MUL_C)
+ #define BN_MP_MUL_C
+ #define BN_MP_INIT_SIZE_C
+ #define BN_MP_CLAMP_C
+ #define BN_MP_SUB_C
+ #define BN_MP_ADD_C
+ #define BN_MP_LSHD_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_KARATSUBA_SQR_C)
+ #define BN_MP_INIT_SIZE_C
+ #define BN_MP_CLAMP_C
+ #define BN_MP_SQR_C
+ #define BN_MP_SUB_C
+ #define BN_S_MP_ADD_C
+ #define BN_MP_LSHD_C
+ #define BN_MP_ADD_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_LCM_C)
+ #define BN_MP_INIT_MULTI_C
+ #define BN_MP_GCD_C
+ #define BN_MP_CMP_MAG_C
+ #define BN_MP_DIV_C
+ #define BN_MP_MUL_C
+ #define BN_MP_CLEAR_MULTI_C
+#endif
+
+#if defined(BN_MP_LSHD_C)
+ #define BN_MP_GROW_C
+ #define BN_MP_RSHD_C
+#endif
+
+#if defined(BN_MP_MOD_C)
+ #define BN_MP_INIT_C
+ #define BN_MP_DIV_C
+ #define BN_MP_CLEAR_C
+ #define BN_MP_ADD_C
+ #define BN_MP_EXCH_C
+#endif
+
+#if defined(BN_MP_MOD_2D_C)
+ #define BN_MP_ZERO_C
+ #define BN_MP_COPY_C
+ #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_MP_MOD_D_C)
+ #define BN_MP_DIV_D_C
+#endif
+
+#if defined(BN_MP_MONTGOMERY_CALC_NORMALIZATION_C)
+ #define BN_MP_COUNT_BITS_C
+ #define BN_MP_2EXPT_C
+ #define BN_MP_SET_C
+ #define BN_MP_MUL_2_C
+ #define BN_MP_CMP_MAG_C
+ #define BN_S_MP_SUB_C
+#endif
+
+#if defined(BN_MP_MONTGOMERY_REDUCE_C)
+ #define BN_FAST_MP_MONTGOMERY_REDUCE_C
+ #define BN_MP_GROW_C
+ #define BN_MP_CLAMP_C
+ #define BN_MP_RSHD_C
+ #define BN_MP_CMP_MAG_C
+ #define BN_S_MP_SUB_C
+#endif
+
+#if defined(BN_MP_MONTGOMERY_SETUP_C)
+#endif
+
+#if defined(BN_MP_MUL_C)
+ #define BN_MP_TOOM_MUL_C
+ #define BN_MP_KARATSUBA_MUL_C
+ #define BN_FAST_S_MP_MUL_DIGS_C
+ #define BN_S_MP_MUL_C
+ #define BN_S_MP_MUL_DIGS_C
+#endif
+
+#if defined(BN_MP_MUL_2_C)
+ #define BN_MP_GROW_C
+#endif
+
+#if defined(BN_MP_MUL_2D_C)
+ #define BN_MP_COPY_C
+ #define BN_MP_GROW_C
+ #define BN_MP_LSHD_C
+ #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_MP_MUL_D_C)
+ #define BN_MP_GROW_C
+ #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_MP_MULMOD_C)
+ #define BN_MP_INIT_C
+ #define BN_MP_MUL_C
+ #define BN_MP_CLEAR_C
+ #define BN_MP_MOD_C
+#endif
+
+#if defined(BN_MP_N_ROOT_C)
+ #define BN_MP_INIT_C
+ #define BN_MP_SET_C
+ #define BN_MP_COPY_C
+ #define BN_MP_EXPT_D_C
+ #define BN_MP_MUL_C
+ #define BN_MP_SUB_C
+ #define BN_MP_MUL_D_C
+ #define BN_MP_DIV_C
+ #define BN_MP_CMP_C
+ #define BN_MP_SUB_D_C
+ #define BN_MP_EXCH_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_NEG_C)
+ #define BN_MP_COPY_C
+ #define BN_MP_ISZERO_C
+#endif
+
+#if defined(BN_MP_OR_C)
+ #define BN_MP_INIT_COPY_C
+ #define BN_MP_CLAMP_C
+ #define BN_MP_EXCH_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_PRIME_FERMAT_C)
+ #define BN_MP_CMP_D_C
+ #define BN_MP_INIT_C
+ #define BN_MP_EXPTMOD_C
+ #define BN_MP_CMP_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_PRIME_IS_DIVISIBLE_C)
+ #define BN_MP_MOD_D_C
+#endif
+
+#if defined(BN_MP_PRIME_IS_PRIME_C)
+ #define BN_MP_CMP_D_C
+ #define BN_MP_PRIME_IS_DIVISIBLE_C
+ #define BN_MP_INIT_C
+ #define BN_MP_SET_C
+ #define BN_MP_PRIME_MILLER_RABIN_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_PRIME_MILLER_RABIN_C)
+ #define BN_MP_CMP_D_C
+ #define BN_MP_INIT_COPY_C
+ #define BN_MP_SUB_D_C
+ #define BN_MP_CNT_LSB_C
+ #define BN_MP_DIV_2D_C
+ #define BN_MP_EXPTMOD_C
+ #define BN_MP_CMP_C
+ #define BN_MP_SQRMOD_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_PRIME_NEXT_PRIME_C)
+ #define BN_MP_CMP_D_C
+ #define BN_MP_SET_C
+ #define BN_MP_SUB_D_C
+ #define BN_MP_ISEVEN_C
+ #define BN_MP_MOD_D_C
+ #define BN_MP_INIT_C
+ #define BN_MP_ADD_D_C
+ #define BN_MP_PRIME_MILLER_RABIN_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_PRIME_RABIN_MILLER_TRIALS_C)
+#endif
+
+#if defined(BN_MP_PRIME_RANDOM_EX_C)
+ #define BN_MP_READ_UNSIGNED_BIN_C
+ #define BN_MP_PRIME_IS_PRIME_C
+ #define BN_MP_SUB_D_C
+ #define BN_MP_DIV_2_C
+ #define BN_MP_MUL_2_C
+ #define BN_MP_ADD_D_C
+#endif
+
+#if defined(BN_MP_RADIX_SIZE_C)
+ #define BN_MP_COUNT_BITS_C
+ #define BN_MP_INIT_COPY_C
+ #define BN_MP_ISZERO_C
+ #define BN_MP_DIV_D_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_RADIX_SMAP_C)
+ #define BN_MP_S_RMAP_C
+#endif
+
+#if defined(BN_MP_RAND_C)
+ #define BN_MP_ZERO_C
+ #define BN_MP_ADD_D_C
+ #define BN_MP_LSHD_C
+#endif
+
+#if defined(BN_MP_READ_RADIX_C)
+ #define BN_MP_ZERO_C
+ #define BN_MP_S_RMAP_C
+ #define BN_MP_RADIX_SMAP_C
+ #define BN_MP_MUL_D_C
+ #define BN_MP_ADD_D_C
+ #define BN_MP_ISZERO_C
+#endif
+
+#if defined(BN_MP_READ_SIGNED_BIN_C)
+ #define BN_MP_READ_UNSIGNED_BIN_C
+#endif
+
+#if defined(BN_MP_READ_UNSIGNED_BIN_C)
+ #define BN_MP_GROW_C
+ #define BN_MP_ZERO_C
+ #define BN_MP_MUL_2D_C
+ #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_MP_REDUCE_C)
+ #define BN_MP_REDUCE_SETUP_C
+ #define BN_MP_INIT_COPY_C
+ #define BN_MP_RSHD_C
+ #define BN_MP_MUL_C
+ #define BN_S_MP_MUL_HIGH_DIGS_C
+ #define BN_FAST_S_MP_MUL_HIGH_DIGS_C
+ #define BN_MP_MOD_2D_C
+ #define BN_S_MP_MUL_DIGS_C
+ #define BN_MP_SUB_C
+ #define BN_MP_CMP_D_C
+ #define BN_MP_SET_C
+ #define BN_MP_LSHD_C
+ #define BN_MP_ADD_C
+ #define BN_MP_CMP_C
+ #define BN_S_MP_SUB_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_REDUCE_2K_C)
+ #define BN_MP_INIT_C
+ #define BN_MP_COUNT_BITS_C
+ #define BN_MP_DIV_2D_C
+ #define BN_MP_MUL_D_C
+ #define BN_S_MP_ADD_C
+ #define BN_MP_CMP_MAG_C
+ #define BN_S_MP_SUB_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_REDUCE_2K_L_C)
+ #define BN_MP_INIT_C
+ #define BN_MP_COUNT_BITS_C
+ #define BN_MP_DIV_2D_C
+ #define BN_MP_MUL_C
+ #define BN_S_MP_ADD_C
+ #define BN_MP_CMP_MAG_C
+ #define BN_S_MP_SUB_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_REDUCE_2K_SETUP_C)
+ #define BN_MP_INIT_C
+ #define BN_MP_COUNT_BITS_C
+ #define BN_MP_2EXPT_C
+ #define BN_MP_CLEAR_C
+ #define BN_S_MP_SUB_C
+#endif
+
+#if defined(BN_MP_REDUCE_2K_SETUP_L_C)
+ #define BN_MP_INIT_C
+ #define BN_MP_2EXPT_C
+ #define BN_MP_COUNT_BITS_C
+ #define BN_S_MP_SUB_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_REDUCE_IS_2K_C)
+ #define BN_MP_REDUCE_2K_C
+ #define BN_MP_COUNT_BITS_C
+#endif
+
+#if defined(BN_MP_REDUCE_IS_2K_L_C)
+#endif
+
+#if defined(BN_MP_REDUCE_SETUP_C)
+ #define BN_MP_2EXPT_C
+ #define BN_MP_DIV_C
+#endif
+
+#if defined(BN_MP_RSHD_C)
+ #define BN_MP_ZERO_C
+#endif
+
+#if defined(BN_MP_SET_C)
+ #define BN_MP_ZERO_C
+#endif
+
+#if defined(BN_MP_SET_INT_C)
+ #define BN_MP_ZERO_C
+ #define BN_MP_MUL_2D_C
+ #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_MP_SHRINK_C)
+#endif
+
+#if defined(BN_MP_SIGNED_BIN_SIZE_C)
+ #define BN_MP_UNSIGNED_BIN_SIZE_C
+#endif
+
+#if defined(BN_MP_SQR_C)
+ #define BN_MP_TOOM_SQR_C
+ #define BN_MP_KARATSUBA_SQR_C
+ #define BN_FAST_S_MP_SQR_C
+ #define BN_S_MP_SQR_C
+#endif
+
+#if defined(BN_MP_SQRMOD_C)
+ #define BN_MP_INIT_C
+ #define BN_MP_SQR_C
+ #define BN_MP_CLEAR_C
+ #define BN_MP_MOD_C
+#endif
+
+#if defined(BN_MP_SQRT_C)
+ #define BN_MP_N_ROOT_C
+ #define BN_MP_ISZERO_C
+ #define BN_MP_ZERO_C
+ #define BN_MP_INIT_COPY_C
+ #define BN_MP_RSHD_C
+ #define BN_MP_DIV_C
+ #define BN_MP_ADD_C
+ #define BN_MP_DIV_2_C
+ #define BN_MP_CMP_MAG_C
+ #define BN_MP_EXCH_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_SUB_C)
+ #define BN_S_MP_ADD_C
+ #define BN_MP_CMP_MAG_C
+ #define BN_S_MP_SUB_C
+#endif
+
+#if defined(BN_MP_SUB_D_C)
+ #define BN_MP_GROW_C
+ #define BN_MP_ADD_D_C
+ #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_MP_SUBMOD_C)
+ #define BN_MP_INIT_C
+ #define BN_MP_SUB_C
+ #define BN_MP_CLEAR_C
+ #define BN_MP_MOD_C
+#endif
+
+#if defined(BN_MP_TO_SIGNED_BIN_C)
+ #define BN_MP_TO_UNSIGNED_BIN_C
+#endif
+
+#if defined(BN_MP_TO_SIGNED_BIN_N_C)
+ #define BN_MP_SIGNED_BIN_SIZE_C
+ #define BN_MP_TO_SIGNED_BIN_C
+#endif
+
+#if defined(BN_MP_TO_UNSIGNED_BIN_C)
+ #define BN_MP_INIT_COPY_C
+ #define BN_MP_ISZERO_C
+ #define BN_MP_DIV_2D_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_TO_UNSIGNED_BIN_N_C)
+ #define BN_MP_UNSIGNED_BIN_SIZE_C
+ #define BN_MP_TO_UNSIGNED_BIN_C
+#endif
+
+#if defined(BN_MP_TOOM_MUL_C)
+ #define BN_MP_INIT_MULTI_C
+ #define BN_MP_MOD_2D_C
+ #define BN_MP_COPY_C
+ #define BN_MP_RSHD_C
+ #define BN_MP_MUL_C
+ #define BN_MP_MUL_2_C
+ #define BN_MP_ADD_C
+ #define BN_MP_SUB_C
+ #define BN_MP_DIV_2_C
+ #define BN_MP_MUL_2D_C
+ #define BN_MP_MUL_D_C
+ #define BN_MP_DIV_3_C
+ #define BN_MP_LSHD_C
+ #define BN_MP_CLEAR_MULTI_C
+#endif
+
+#if defined(BN_MP_TOOM_SQR_C)
+ #define BN_MP_INIT_MULTI_C
+ #define BN_MP_MOD_2D_C
+ #define BN_MP_COPY_C
+ #define BN_MP_RSHD_C
+ #define BN_MP_SQR_C
+ #define BN_MP_MUL_2_C
+ #define BN_MP_ADD_C
+ #define BN_MP_SUB_C
+ #define BN_MP_DIV_2_C
+ #define BN_MP_MUL_2D_C
+ #define BN_MP_MUL_D_C
+ #define BN_MP_DIV_3_C
+ #define BN_MP_LSHD_C
+ #define BN_MP_CLEAR_MULTI_C
+#endif
+
+#if defined(BN_MP_TORADIX_C)
+ #define BN_MP_ISZERO_C
+ #define BN_MP_INIT_COPY_C
+ #define BN_MP_DIV_D_C
+ #define BN_MP_CLEAR_C
+ #define BN_MP_S_RMAP_C
+#endif
+
+#if defined(BN_MP_TORADIX_N_C)
+ #define BN_MP_ISZERO_C
+ #define BN_MP_INIT_COPY_C
+ #define BN_MP_DIV_D_C
+ #define BN_MP_CLEAR_C
+ #define BN_MP_S_RMAP_C
+#endif
+
+#if defined(BN_MP_UNSIGNED_BIN_SIZE_C)
+ #define BN_MP_COUNT_BITS_C
+#endif
+
+#if defined(BN_MP_XOR_C)
+ #define BN_MP_INIT_COPY_C
+ #define BN_MP_CLAMP_C
+ #define BN_MP_EXCH_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_ZERO_C)
+#endif
+
+#if defined(BN_PRIME_TAB_C)
+#endif
+
+#if defined(BN_REVERSE_C)
+#endif
+
+#if defined(BN_S_MP_ADD_C)
+ #define BN_MP_GROW_C
+ #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_S_MP_EXPTMOD_C)
+ #define BN_MP_COUNT_BITS_C
+ #define BN_MP_INIT_C
+ #define BN_MP_CLEAR_C
+ #define BN_MP_REDUCE_SETUP_C
+ #define BN_MP_REDUCE_C
+ #define BN_MP_REDUCE_2K_SETUP_L_C
+ #define BN_MP_REDUCE_2K_L_C
+ #define BN_MP_MOD_C
+ #define BN_MP_COPY_C
+ #define BN_MP_SQR_C
+ #define BN_MP_MUL_C
+ #define BN_MP_SET_C
+ #define BN_MP_EXCH_C
+#endif
+
+#if defined(BN_S_MP_MUL_DIGS_C)
+ #define BN_FAST_S_MP_MUL_DIGS_C
+ #define BN_MP_INIT_SIZE_C
+ #define BN_MP_CLAMP_C
+ #define BN_MP_EXCH_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_S_MP_MUL_HIGH_DIGS_C)
+ #define BN_FAST_S_MP_MUL_HIGH_DIGS_C
+ #define BN_MP_INIT_SIZE_C
+ #define BN_MP_CLAMP_C
+ #define BN_MP_EXCH_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_S_MP_SQR_C)
+ #define BN_MP_INIT_SIZE_C
+ #define BN_MP_CLAMP_C
+ #define BN_MP_EXCH_C
+ #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_S_MP_SUB_C)
+ #define BN_MP_GROW_C
+ #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BNCORE_C)
+#endif
+
+#ifdef LTM3
+#define LTM_LAST
+#endif
+#include "mpi_superclass.h"
+#include "mpi_class.h"
+#else
+#define LTM_LAST
+#endif
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/mpi_superclass.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/mpi_superclass.h
new file mode 100644
index 0000000..91ebad8
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/mpi_superclass.h
@@ -0,0 +1,96 @@
+/* mpi_superclass.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+
+/* super class file for PK algos */
+
+/* default ... include all MPI */
+#define LTM_ALL
+
+/* RSA only (does not support DH/DSA/ECC) */
+/* #define SC_RSA_1 */
+
+/* For reference.... On an Athlon64 optimizing for speed...
+
+ LTM's mpi.o with all functions [striped] is 142KiB in size.
+
+*/
+
+/* Works for RSA only, mpi.o is 68KiB */
+#ifdef SC_RSA_1
+ #define BN_MP_SHRINK_C
+ #define BN_MP_LCM_C
+ #define BN_MP_PRIME_RANDOM_EX_C
+ #define BN_MP_INVMOD_C
+ #define BN_MP_GCD_C
+ #define BN_MP_MOD_C
+ #define BN_MP_MULMOD_C
+ #define BN_MP_ADDMOD_C
+ #define BN_MP_EXPTMOD_C
+ #define BN_MP_SET_INT_C
+ #define BN_MP_INIT_MULTI_C
+ #define BN_MP_CLEAR_MULTI_C
+ #define BN_MP_UNSIGNED_BIN_SIZE_C
+ #define BN_MP_TO_UNSIGNED_BIN_C
+ #define BN_MP_MOD_D_C
+ #define BN_MP_PRIME_RABIN_MILLER_TRIALS_C
+ #define BN_REVERSE_C
+ #define BN_PRIME_TAB_C
+
+ /* other modifiers */
+ #define BN_MP_DIV_SMALL /* Slower division, not critical */
+
+ /* here we are on the last pass so we turn things off. The functions classes are still there
+ * but we remove them specifically from the build. This also invokes tweaks in functions
+ * like removing support for even moduli, etc...
+ */
+#ifdef LTM_LAST
+ #undef BN_MP_TOOM_MUL_C
+ #undef BN_MP_TOOM_SQR_C
+ #undef BN_MP_KARATSUBA_MUL_C
+ #undef BN_MP_KARATSUBA_SQR_C
+ #undef BN_MP_REDUCE_C
+ #undef BN_MP_REDUCE_SETUP_C
+ #undef BN_MP_DR_IS_MODULUS_C
+ #undef BN_MP_DR_SETUP_C
+ #undef BN_MP_DR_REDUCE_C
+ #undef BN_MP_REDUCE_IS_2K_C
+ #undef BN_MP_REDUCE_2K_SETUP_C
+ #undef BN_MP_REDUCE_2K_C
+ #undef BN_S_MP_EXPTMOD_C
+ #undef BN_MP_DIV_3_C
+ #undef BN_S_MP_MUL_HIGH_DIGS_C
+ #undef BN_FAST_S_MP_MUL_HIGH_DIGS_C
+ #undef BN_FAST_MP_INVMOD_C
+
+ /* To safely undefine these you have to make sure your RSA key won't exceed the Comba threshold
+ * which is roughly 255 digits [7140 bits for 32-bit machines, 15300 bits for 64-bit machines]
+ * which means roughly speaking you can handle up to 2536-bit RSA keys with these defined without
+ * trouble.
+ */
+ #undef BN_S_MP_MUL_DIGS_C
+ #undef BN_S_MP_SQR_C
+ #undef BN_MP_MONTGOMERY_REDUCE_C
+#endif
+
+#endif
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/pkcs12.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/pkcs12.h
new file mode 100644
index 0000000..fa8b331
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/pkcs12.h
@@ -0,0 +1,74 @@
+/* pkcs12.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+#ifndef WOLF_CRYPT_PKCS12_H
+#define WOLF_CRYPT_PKCS12_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#ifndef WOLFSSL_TYPES_DEFINED /* do not redeclare from ssl.h */
+ typedef struct WC_PKCS12 WC_PKCS12;
+#endif
+
+typedef struct WC_DerCertList { /* dereferenced in ssl.c */
+ byte* buffer;
+ word32 bufferSz;
+ struct WC_DerCertList* next;
+} WC_DerCertList;
+
+/* default values for creating PKCS12 */
+enum {
+ WC_PKCS12_ITT_DEFAULT = 2048,
+ WC_PKCS12_VERSION_DEFAULT = 3,
+ WC_PKCS12_MAC_DEFAULT = 1,
+};
+
+WOLFSSL_API WC_PKCS12* wc_PKCS12_new(void);
+WOLFSSL_API void wc_PKCS12_free(WC_PKCS12* pkcs12);
+WOLFSSL_API int wc_d2i_PKCS12(const byte* der, word32 derSz, WC_PKCS12* pkcs12);
+WOLFSSL_API int wc_i2d_PKCS12(WC_PKCS12* pkcs12, byte** der, int* derSz);
+WOLFSSL_API int wc_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw,
+ byte** pkey, word32* pkeySz, byte** cert, word32* certSz,
+ WC_DerCertList** ca);
+WOLFSSL_LOCAL int wc_PKCS12_verify_ex(WC_PKCS12* pkcs12,
+ const byte* psw, word32 pswSz);
+WOLFSSL_API WC_PKCS12* wc_PKCS12_create(char* pass, word32 passSz,
+ char* name, byte* key, word32 keySz, byte* cert, word32 certSz,
+ WC_DerCertList* ca, int nidKey, int nidCert, int iter, int macIter,
+ int keyType, void* heap);
+
+
+WOLFSSL_LOCAL int wc_PKCS12_SetHeap(WC_PKCS12* pkcs12, void* heap);
+WOLFSSL_LOCAL void* wc_PKCS12_GetHeap(WC_PKCS12* pkcs12);
+
+WOLFSSL_LOCAL void wc_FreeCertList(WC_DerCertList* list, void* heap);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_PKCS12_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/pkcs7.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/pkcs7.h
new file mode 100644
index 0000000..4f24e81
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/pkcs7.h
@@ -0,0 +1,501 @@
+/* pkcs7.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/pkcs7.h
+*/
+
+#ifndef WOLF_CRYPT_PKCS7_H
+#define WOLF_CRYPT_PKCS7_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef HAVE_PKCS7
+
+#ifndef NO_ASN
+ #include <wolfssl/wolfcrypt/asn.h>
+#endif
+#include <wolfssl/wolfcrypt/asn_public.h>
+#include <wolfssl/wolfcrypt/random.h>
+#ifndef NO_AES
+ #include <wolfssl/wolfcrypt/aes.h>
+#endif
+#ifndef NO_DES3
+ #include <wolfssl/wolfcrypt/des3.h>
+#endif
+#include <wolfssl/wolfcrypt/wc_encrypt.h>
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* Max number of certificates that PKCS7 structure can parse */
+#ifndef MAX_PKCS7_CERTS
+#ifdef OPENSSL_ALL
+ #define MAX_PKCS7_CERTS 15
+#else
+ #define MAX_PKCS7_CERTS 4
+#endif
+#endif
+
+#ifndef MAX_ORI_TYPE_SZ
+ #define MAX_ORI_TYPE_SZ MAX_OID_SZ
+#endif
+#ifndef MAX_ORI_VALUE_SZ
+ #define MAX_ORI_VALUE_SZ 512
+#endif
+
+#ifndef MAX_SIGNED_ATTRIBS_SZ
+ #define MAX_SIGNED_ATTRIBS_SZ 7
+#endif
+
+#ifndef MAX_AUTH_ATTRIBS_SZ
+ #define MAX_AUTH_ATTRIBS_SZ 7
+#endif
+
+#ifndef MAX_UNAUTH_ATTRIBS_SZ
+ #define MAX_UNAUTH_ATTRIBS_SZ 7
+#endif
+
+/* PKCS#7 content types, ref RFC 2315 (Section 14) */
+enum PKCS7_TYPES {
+ PKCS7_MSG = 650, /* 1.2.840.113549.1.7 */
+ DATA = 651, /* 1.2.840.113549.1.7.1 */
+ SIGNED_DATA = 652, /* 1.2.840.113549.1.7.2 */
+ ENVELOPED_DATA = 653, /* 1.2.840.113549.1.7.3 */
+ SIGNED_AND_ENVELOPED_DATA = 654, /* 1.2.840.113549.1.7.4 */
+ DIGESTED_DATA = 655, /* 1.2.840.113549.1.7.5 */
+ ENCRYPTED_DATA = 656, /* 1.2.840.113549.1.7.6 */
+#if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA)
+ COMPRESSED_DATA = 678, /* 1.2.840.113549.1.9.16.1.9, RFC 3274 */
+#endif
+ FIRMWARE_PKG_DATA = 685, /* 1.2.840.113549.1.9.16.1.16, RFC 4108 */
+ AUTH_ENVELOPED_DATA = 692 /* 1.2.840.113549.1.9.16.1.23, RFC 5083 */
+};
+
+enum PKCS7_STATE {
+ WC_PKCS7_START = 0,
+
+ /* decode encrypted */
+ WC_PKCS7_STAGE2,
+ WC_PKCS7_STAGE3,
+ WC_PKCS7_STAGE4,
+ WC_PKCS7_STAGE5,
+ WC_PKCS7_STAGE6,
+
+ WC_PKCS7_VERIFY_STAGE2,
+ WC_PKCS7_VERIFY_STAGE3,
+ WC_PKCS7_VERIFY_STAGE4,
+ WC_PKCS7_VERIFY_STAGE5,
+ WC_PKCS7_VERIFY_STAGE6,
+
+ /* parse info set */
+ WC_PKCS7_INFOSET_START,
+ WC_PKCS7_INFOSET_BER,
+ WC_PKCS7_INFOSET_STAGE1,
+ WC_PKCS7_INFOSET_STAGE2,
+ WC_PKCS7_INFOSET_END,
+
+ /* decode enveloped data */
+ WC_PKCS7_ENV_2,
+ WC_PKCS7_ENV_3,
+ WC_PKCS7_ENV_4,
+ WC_PKCS7_ENV_5,
+
+ /* decode auth enveloped */
+ WC_PKCS7_AUTHENV_2,
+ WC_PKCS7_AUTHENV_3,
+ WC_PKCS7_AUTHENV_4,
+ WC_PKCS7_AUTHENV_5,
+ WC_PKCS7_AUTHENV_6,
+ WC_PKCS7_AUTHENV_ATRB,
+ WC_PKCS7_AUTHENV_ATRBEND,
+ WC_PKCS7_AUTHENV_7,
+
+ /* decryption state types */
+ WC_PKCS7_DECRYPT_KTRI,
+ WC_PKCS7_DECRYPT_KTRI_2,
+ WC_PKCS7_DECRYPT_KTRI_3,
+
+
+ WC_PKCS7_DECRYPT_KARI,
+ WC_PKCS7_DECRYPT_KEKRI,
+ WC_PKCS7_DECRYPT_PWRI,
+ WC_PKCS7_DECRYPT_ORI,
+
+ WC_PKCS7_DECRYPT_DONE,
+
+};
+
+enum Pkcs7_Misc {
+ PKCS7_NONCE_SZ = 16,
+ MAX_ENCRYPTED_KEY_SZ = 512, /* max enc. key size, RSA <= 4096 */
+ MAX_CONTENT_KEY_LEN = 32, /* highest current cipher is AES-256-CBC */
+ MAX_CONTENT_IV_SIZE = 16, /* highest current is AES128 */
+#ifndef NO_AES
+ MAX_CONTENT_BLOCK_LEN = AES_BLOCK_SIZE,
+#else
+ MAX_CONTENT_BLOCK_LEN = DES_BLOCK_SIZE,
+#endif
+ MAX_RECIP_SZ = MAX_VERSION_SZ +
+ MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ +
+ MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ,
+};
+
+enum Cms_Options {
+ CMS_SKID = 1,
+ CMS_ISSUER_AND_SERIAL_NUMBER = 2,
+};
+#define DEGENERATE_SID 3
+
+/* CMS/PKCS#7 RecipientInfo types, RFC 5652, Section 6.2 */
+enum Pkcs7_RecipientInfo_Types {
+ PKCS7_KTRI = 0,
+ PKCS7_KARI = 1,
+ PKCS7_KEKRI = 2,
+ PKCS7_PWRI = 3,
+ PKCS7_ORI = 4
+};
+
+typedef struct PKCS7Attrib {
+ const byte* oid;
+ word32 oidSz;
+ const byte* value;
+ word32 valueSz;
+} PKCS7Attrib;
+
+
+typedef struct PKCS7DecodedAttrib {
+ struct PKCS7DecodedAttrib* next;
+ byte* oid;
+ word32 oidSz;
+ byte* value;
+ word32 valueSz;
+} PKCS7DecodedAttrib;
+
+typedef struct PKCS7State PKCS7State;
+typedef struct Pkcs7Cert Pkcs7Cert;
+typedef struct Pkcs7EncodedRecip Pkcs7EncodedRecip;
+typedef struct PKCS7 PKCS7;
+typedef struct PKCS7 PKCS7_SIGNED;
+typedef struct PKCS7SignerInfo PKCS7SignerInfo;
+
+/* OtherRecipientInfo decrypt callback prototype */
+typedef int (*CallbackOriDecrypt)(PKCS7* pkcs7, byte* oriType, word32 oriTypeSz,
+ byte* oriValue, word32 oriValueSz,
+ byte* decryptedKey, word32* decryptedKeySz,
+ void* ctx);
+typedef int (*CallbackOriEncrypt)(PKCS7* pkcs7, byte* cek, word32 cekSz,
+ byte* oriType, word32* oriTypeSz,
+ byte* oriValue, word32* oriValueSz,
+ void* ctx);
+typedef int (*CallbackDecryptContent)(PKCS7* pkcs7, int encryptOID,
+ byte* iv, int ivSz, byte* aad, word32 aadSz,
+ byte* authTag, word32 authTagSz, byte* in,
+ int inSz, byte* out, void* ctx);
+typedef int (*CallbackWrapCEK)(PKCS7* pkcs7, byte* cek, word32 cekSz,
+ byte* keyId, word32 keyIdSz,
+ byte* originKey, word32 originKeySz,
+ byte* out, word32 outSz,
+ int keyWrapAlgo, int type, int dir);
+
+#if defined(HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK) && !defined(NO_RSA)
+/* RSA sign raw digest callback, user builds DigestInfo */
+typedef int (*CallbackRsaSignRawDigest)(PKCS7* pkcs7, byte* digest,
+ word32 digestSz, byte* out, word32 outSz,
+ byte* privateKey, word32 privateKeySz,
+ int devId, int hashOID);
+#endif
+
+/* Public Structure Warning:
+ * Existing members must not be changed to maintain backwards compatibility!
+ */
+struct PKCS7 {
+ WC_RNG* rng;
+ PKCS7Attrib* signedAttribs;
+ byte* content; /* inner content, not owner */
+ byte* contentDynamic; /* content if constructed OCTET_STRING */
+ byte* singleCert; /* recipient cert, DER, not owner */
+ const byte* issuer; /* issuer name of singleCert */
+ byte* privateKey; /* private key, DER, not owner */
+ void* heap; /* heap hint for dynamic memory */
+#ifdef ASN_BER_TO_DER
+ byte* der; /* DER encoded version of message */
+ word32 derSz;
+#endif
+ byte* cert[MAX_PKCS7_CERTS];
+
+ /* Encrypted-data Content Type */
+ byte* encryptionKey; /* block cipher encryption key */
+ PKCS7Attrib* unprotectedAttribs; /* optional */
+ PKCS7DecodedAttrib* decodedAttrib; /* linked list of decoded attribs */
+
+ /* Enveloped-data optional ukm, not owner */
+ byte* ukm;
+ word32 ukmSz;
+
+ word32 encryptionKeySz; /* size of key buffer, bytes */
+ word32 unprotectedAttribsSz;
+ word32 contentSz; /* content size */
+ word32 singleCertSz; /* size of recipient cert buffer, bytes */
+ word32 issuerSz; /* length of issuer name */
+ word32 issuerSnSz; /* length of serial number */
+
+ word32 publicKeySz;
+ word32 publicKeyOID; /* key OID (RSAk, ECDSAk, etc) */
+ word32 privateKeySz; /* size of private key buffer, bytes */
+ word32 signedAttribsSz;
+ int contentOID; /* PKCS#7 content type OID sum */
+ int hashOID;
+ int encryptOID; /* key encryption algorithm OID */
+ int keyWrapOID; /* key wrap algorithm OID */
+ int keyAgreeOID; /* key agreement algorithm OID */
+ int devId; /* device ID for HW based private key */
+ byte issuerHash[KEYID_SIZE]; /* hash of all alt Names */
+ byte issuerSn[MAX_SN_SZ]; /* singleCert's serial number */
+ byte publicKey[MAX_RSA_INT_SZ + MAX_RSA_E_SZ]; /* MAX RSA key size (m + e)*/
+ word32 certSz[MAX_PKCS7_CERTS];
+
+ /* flags - up to 16-bits */
+ word16 isDynamic:1;
+ word16 noDegenerate:1; /* allow degenerate case in verify function */
+ word16 detached:1; /* generate detached SignedData signature bundles */
+
+ byte contentType[MAX_OID_SZ]; /* custom contentType byte array */
+ word32 contentTypeSz; /* size of contentType, bytes */
+
+ int sidType; /* SignerIdentifier type to use, of type
+ Pkcs7_SignerIdentifier_Types, default to
+ SID_ISSUER_AND_SERIAL_NUMBER */
+ byte issuerSubjKeyId[KEYID_SIZE]; /* SubjectKeyIdentifier of singleCert */
+ Pkcs7Cert* certList; /* certificates list for SignedData set */
+ Pkcs7EncodedRecip* recipList; /* recipients list */
+ byte* cek; /* content encryption key, random, dynamic */
+ word32 cekSz; /* size of cek, bytes */
+ byte* pass; /* password, for PWRI decryption */
+ word32 passSz; /* size of pass, bytes */
+ int kekEncryptOID; /* KEK encryption algorithm OID */
+
+ CallbackOriEncrypt oriEncryptCb; /* ORI encrypt callback */
+ CallbackOriDecrypt oriDecryptCb; /* ORI decrypt callback */
+ void* oriEncryptCtx; /* ORI encrypt user context ptr */
+ void* oriDecryptCtx; /* ORI decrypt user context ptr */
+
+ PKCS7Attrib* authAttribs; /* authenticated attribs */
+ word32 authAttribsSz;
+ PKCS7Attrib* unauthAttribs; /* unauthenticated attribs */
+ word32 unauthAttribsSz;
+
+#ifndef NO_PKCS7_STREAM
+ PKCS7State* stream;
+#endif
+ word32 state;
+
+ word16 skipDefaultSignedAttribs:1; /* skip adding default signed attribs */
+
+ byte version; /* 1 for RFC 2315 and 3 for RFC 4108 */
+ PKCS7SignerInfo* signerInfo;
+ CallbackDecryptContent decryptionCb;
+ CallbackWrapCEK wrapCEKCb;
+ void* decryptionCtx;
+
+ byte* signature;
+ byte* plainDigest;
+ byte* pkcs7Digest;
+ word32 signatureSz;
+ word32 plainDigestSz;
+ word32 pkcs7DigestSz;
+
+#if defined(HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK) && !defined(NO_RSA)
+ CallbackRsaSignRawDigest rsaSignRawDigestCb;
+#endif
+
+ /* used by DecodeEnvelopedData with multiple encrypted contents */
+ byte* cachedEncryptedContent;
+ word32 cachedEncryptedContentSz;
+ /* !! NEW DATA MEMBERS MUST BE ADDED AT END !! */
+};
+
+WOLFSSL_API PKCS7* wc_PKCS7_New(void* heap, int devId);
+WOLFSSL_API int wc_PKCS7_Init(PKCS7* pkcs7, void* heap, int devId);
+WOLFSSL_API int wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* der, word32 derSz);
+WOLFSSL_API int wc_PKCS7_AddCertificate(PKCS7* pkcs7, byte* der, word32 derSz);
+WOLFSSL_API void wc_PKCS7_Free(PKCS7* pkcs7);
+
+WOLFSSL_API int wc_PKCS7_GetAttributeValue(PKCS7* pkcs7, const byte* oid,
+ word32 oidSz, byte* out, word32* outSz);
+
+WOLFSSL_API int wc_PKCS7_SetSignerIdentifierType(PKCS7* pkcs7, int type);
+WOLFSSL_API int wc_PKCS7_SetContentType(PKCS7* pkcs7, byte* contentType,
+ word32 sz);
+WOLFSSL_API int wc_PKCS7_GetPadSize(word32 inputSz, word32 blockSz);
+WOLFSSL_API int wc_PKCS7_PadData(byte* in, word32 inSz, byte* out, word32 outSz,
+ word32 blockSz);
+
+/* CMS/PKCS#7 Data */
+WOLFSSL_API int wc_PKCS7_EncodeData(PKCS7* pkcs7, byte* output,
+ word32 outputSz);
+
+/* CMS/PKCS#7 SignedData */
+WOLFSSL_API int wc_PKCS7_SetDetached(PKCS7* pkcs7, word16 flag);
+WOLFSSL_API int wc_PKCS7_NoDefaultSignedAttribs(PKCS7* pkcs7);
+WOLFSSL_API int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7,
+ byte* output, word32 outputSz);
+WOLFSSL_API int wc_PKCS7_EncodeSignedData_ex(PKCS7* pkcs7, const byte* hashBuf,
+ word32 hashSz, byte* outputHead,
+ word32* outputHeadSz,
+ byte* outputFoot,
+ word32* outputFootSz);
+WOLFSSL_API void wc_PKCS7_AllowDegenerate(PKCS7* pkcs7, word16 flag);
+WOLFSSL_API int wc_PKCS7_VerifySignedData(PKCS7* pkcs7,
+ byte* pkiMsg, word32 pkiMsgSz);
+WOLFSSL_API int wc_PKCS7_VerifySignedData_ex(PKCS7* pkcs7, const byte* hashBuf,
+ word32 hashSz, byte* pkiMsgHead,
+ word32 pkiMsgHeadSz, byte* pkiMsgFoot,
+ word32 pkiMsgFootSz);
+
+WOLFSSL_API int wc_PKCS7_GetSignerSID(PKCS7* pkcs7, byte* out, word32* outSz);
+
+/* CMS single-shot API for Signed FirmwarePkgData */
+WOLFSSL_API int wc_PKCS7_EncodeSignedFPD(PKCS7* pkcs7, byte* privateKey,
+ word32 privateKeySz, int signOID,
+ int hashOID, byte* content,
+ word32 contentSz,
+ PKCS7Attrib* signedAttribs,
+ word32 signedAttribsSz, byte* output,
+ word32 outputSz);
+#ifndef NO_PKCS7_ENCRYPTED_DATA
+/* CMS single-shot API for Signed Encrypted FirmwarePkgData */
+WOLFSSL_API int wc_PKCS7_EncodeSignedEncryptedFPD(PKCS7* pkcs7,
+ byte* encryptKey, word32 encryptKeySz,
+ byte* privateKey, word32 privateKeySz,
+ int encryptOID, int signOID,
+ int hashOID, byte* content,
+ word32 contentSz,
+ PKCS7Attrib* unprotectedAttribs,
+ word32 unprotectedAttribsSz,
+ PKCS7Attrib* signedAttribs,
+ word32 signedAttribsSz,
+ byte* output, word32 outputSz);
+#endif /* NO_PKCS7_ENCRYPTED_DATA */
+#if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA)
+/* CMS single-shot API for Signed Compressed FirmwarePkgData */
+WOLFSSL_API int wc_PKCS7_EncodeSignedCompressedFPD(PKCS7* pkcs7,
+ byte* privateKey, word32 privateKeySz,
+ int signOID, int hashOID,
+ byte* content, word32 contentSz,
+ PKCS7Attrib* signedAttribs,
+ word32 signedAttribsSz, byte* output,
+ word32 outputSz);
+
+#ifndef NO_PKCS7_ENCRYPTED_DATA
+/* CMS single-shot API for Signed Encrypted Compressed FirmwarePkgData */
+WOLFSSL_API int wc_PKCS7_EncodeSignedEncryptedCompressedFPD(PKCS7* pkcs7,
+ byte* encryptKey, word32 encryptKeySz,
+ byte* privateKey, word32 privateKeySz,
+ int encryptOID, int signOID,
+ int hashOID, byte* content,
+ word32 contentSz,
+ PKCS7Attrib* unprotectedAttribs,
+ word32 unprotectedAttribsSz,
+ PKCS7Attrib* signedAttribs,
+ word32 signedAttribsSz,
+ byte* output, word32 outputSz);
+#endif /* !NO_PKCS7_ENCRYPTED_DATA */
+#endif /* HAVE_LIBZ && !NO_PKCS7_COMPRESSED_DATA */
+
+/* EnvelopedData and AuthEnvelopedData RecipientInfo functions */
+WOLFSSL_API int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert,
+ word32 certSz, int options);
+WOLFSSL_API int wc_PKCS7_AddRecipient_KARI(PKCS7* pkcs7, const byte* cert,
+ word32 certSz, int keyWrapOID,
+ int keyAgreeOID, byte* ukm,
+ word32 ukmSz, int options);
+
+WOLFSSL_API int wc_PKCS7_SetKey(PKCS7* pkcs7, byte* key, word32 keySz);
+WOLFSSL_API int wc_PKCS7_AddRecipient_KEKRI(PKCS7* pkcs7, int keyWrapOID,
+ byte* kek, word32 kekSz,
+ byte* keyID, word32 keyIdSz,
+ void* timePtr, byte* otherOID,
+ word32 otherOIDSz, byte* other,
+ word32 otherSz, int options);
+
+WOLFSSL_API int wc_PKCS7_SetPassword(PKCS7* pkcs7, byte* passwd, word32 pLen);
+WOLFSSL_API int wc_PKCS7_AddRecipient_PWRI(PKCS7* pkcs7, byte* passwd,
+ word32 pLen, byte* salt,
+ word32 saltSz, int kdfOID,
+ int prfOID, int iterations,
+ int kekEncryptOID, int options);
+WOLFSSL_API int wc_PKCS7_SetOriEncryptCtx(PKCS7* pkcs7, void* ctx);
+WOLFSSL_API int wc_PKCS7_SetOriDecryptCtx(PKCS7* pkcs7, void* ctx);
+WOLFSSL_API int wc_PKCS7_SetOriDecryptCb(PKCS7* pkcs7, CallbackOriDecrypt cb);
+WOLFSSL_API int wc_PKCS7_AddRecipient_ORI(PKCS7* pkcs7, CallbackOriEncrypt cb,
+ int options);
+WOLFSSL_API int wc_PKCS7_SetWrapCEKCb(PKCS7* pkcs7,
+ CallbackWrapCEK wrapCEKCb);
+
+#if defined(HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK) && !defined(NO_RSA)
+WOLFSSL_API int wc_PKCS7_SetRsaSignRawDigestCb(PKCS7* pkcs7,
+ CallbackRsaSignRawDigest cb);
+#endif
+
+/* CMS/PKCS#7 EnvelopedData */
+WOLFSSL_API int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7,
+ byte* output, word32 outputSz);
+WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
+ word32 pkiMsgSz, byte* output,
+ word32 outputSz);
+
+/* CMS/PKCS#7 AuthEnvelopedData */
+WOLFSSL_API int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7,
+ byte* output, word32 outputSz);
+WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
+ word32 pkiMsgSz, byte* output,
+ word32 outputSz);
+
+/* CMS/PKCS#7 EncryptedData */
+#ifndef NO_PKCS7_ENCRYPTED_DATA
+WOLFSSL_API int wc_PKCS7_EncodeEncryptedData(PKCS7* pkcs7,
+ byte* output, word32 outputSz);
+WOLFSSL_API int wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* pkiMsg,
+ word32 pkiMsgSz, byte* output,
+ word32 outputSz);
+WOLFSSL_API int wc_PKCS7_SetDecodeEncryptedCb(PKCS7* pkcs7,
+ CallbackDecryptContent decryptionCb);
+WOLFSSL_API int wc_PKCS7_SetDecodeEncryptedCtx(PKCS7* pkcs7, void* ctx);
+#endif /* NO_PKCS7_ENCRYPTED_DATA */
+
+/* CMS/PKCS#7 CompressedData */
+#if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA)
+WOLFSSL_API int wc_PKCS7_EncodeCompressedData(PKCS7* pkcs7, byte* output,
+ word32 outputSz);
+WOLFSSL_API int wc_PKCS7_DecodeCompressedData(PKCS7* pkcs7, byte* pkiMsg,
+ word32 pkiMsgSz, byte* output,
+ word32 outputSz);
+#endif /* HAVE_LIBZ && !NO_PKCS7_COMPRESSED_DATA */
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* HAVE_PKCS7 */
+#endif /* WOLF_CRYPT_PKCS7_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/poly1305.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/poly1305.h
new file mode 100644
index 0000000..a0e0b3a
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/poly1305.h
@@ -0,0 +1,138 @@
+/* poly1305.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/poly1305.h
+*/
+
+#ifndef WOLF_CRYPT_POLY1305_H
+#define WOLF_CRYPT_POLY1305_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef HAVE_POLY1305
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* auto detect between 32bit / 64bit */
+#if defined(__SIZEOF_INT128__) && defined(__LP64__)
+#define WC_HAS_SIZEOF_INT128_64BIT
+#endif
+
+#if defined(_MSC_VER) && defined(_M_X64)
+#define WC_HAS_MSVC_64BIT
+#endif
+
+#if (defined(__GNUC__) && defined(__LP64__) && \
+ ((__GNUC__ > 4) || ((__GNUC__ == 4) && (__GNUC_MINOR__ >= 4))))
+#define WC_HAS_GCC_4_4_64BIT
+#endif
+
+#ifdef USE_INTEL_SPEEDUP
+#elif (defined(WC_HAS_SIZEOF_INT128_64BIT) || defined(WC_HAS_MSVC_64BIT) || \
+ defined(WC_HAS_GCC_4_4_64BIT))
+#define POLY130564
+#else
+#define POLY130532
+#endif
+
+enum {
+ POLY1305 = 7,
+ POLY1305_BLOCK_SIZE = 16,
+ POLY1305_DIGEST_SIZE = 16,
+};
+
+#define WC_POLY1305_PAD_SZ 16
+#define WC_POLY1305_MAC_SZ 16
+
+/* Poly1305 state */
+typedef struct Poly1305 {
+#ifdef USE_INTEL_SPEEDUP
+ word64 r[3];
+ word64 h[3];
+ word64 pad[2];
+ word64 hh[20];
+ word32 r1[8];
+ word32 r2[8];
+ word32 r3[8];
+ word32 r4[8];
+ word64 hm[16];
+ unsigned char buffer[8*POLY1305_BLOCK_SIZE];
+ size_t leftover;
+ unsigned char finished;
+ unsigned char started;
+#else
+#if defined(WOLFSSL_ARMASM) && defined(__aarch64__)
+ ALIGN128 word32 r[5];
+ ALIGN128 word32 r_2[5]; // r^2
+ ALIGN128 word32 r_4[5]; // r^4
+ ALIGN128 word32 h[5];
+ word32 pad[4];
+ word64 leftover;
+#else
+#if defined(POLY130564)
+ word64 r[3];
+ word64 h[3];
+ word64 pad[2];
+#else
+ word32 r[5];
+ word32 h[5];
+ word32 pad[4];
+#endif
+ size_t leftover;
+#endif /* WOLFSSL_ARMASM */
+ unsigned char buffer[POLY1305_BLOCK_SIZE];
+ unsigned char finished;
+#endif
+} Poly1305;
+
+/* does init */
+
+WOLFSSL_API int wc_Poly1305SetKey(Poly1305* poly1305, const byte* key,
+ word32 kySz);
+WOLFSSL_API int wc_Poly1305Update(Poly1305* poly1305, const byte*, word32);
+WOLFSSL_API int wc_Poly1305Final(Poly1305* poly1305, byte* tag);
+
+/* AEAD Functions */
+WOLFSSL_API int wc_Poly1305_Pad(Poly1305* ctx, word32 lenToPad);
+WOLFSSL_API int wc_Poly1305_EncodeSizes(Poly1305* ctx, word32 aadSz,
+ word32 dataSz);
+#ifdef WORD64_AVAILABLE
+WOLFSSL_API int wc_Poly1305_EncodeSizes64(Poly1305* ctx, word64 aadSz,
+ word64 dataSz);
+#endif
+WOLFSSL_API int wc_Poly1305_MAC(Poly1305* ctx, const byte* additional,
+ word32 addSz, const byte* input, word32 sz, byte* tag, word32 tagSz);
+
+#if defined(__aarch64__ ) && defined(WOLFSSL_ARMASM)
+void poly1305_blocks(Poly1305* ctx, const unsigned char *m,
+ size_t bytes);
+void poly1305_block(Poly1305* ctx, const unsigned char *m);
+#endif
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* HAVE_POLY1305 */
+#endif /* WOLF_CRYPT_POLY1305_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/pwdbased.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/pwdbased.h
new file mode 100644
index 0000000..e142adb
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/pwdbased.h
@@ -0,0 +1,77 @@
+/* pwdbased.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/pwdbased.h
+*/
+
+#ifndef WOLF_CRYPT_PWDBASED_H
+#define WOLF_CRYPT_PWDBASED_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifndef NO_PWDBASED
+
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/*
+ * hashType renamed to typeH to avoid shadowing global declaration here:
+ * wolfssl/wolfcrypt/asn.h line 173 in enum Oid_Types
+ */
+WOLFSSL_API int wc_PBKDF1_ex(byte* key, int keyLen, byte* iv, int ivLen,
+ const byte* passwd, int passwdLen,
+ const byte* salt, int saltLen, int iterations,
+ int hashType, void* heap);
+WOLFSSL_API int wc_PBKDF1(byte* output, const byte* passwd, int pLen,
+ const byte* salt, int sLen, int iterations, int kLen,
+ int typeH);
+WOLFSSL_API int wc_PBKDF2_ex(byte* output, const byte* passwd, int pLen,
+ const byte* salt, int sLen, int iterations, int kLen,
+ int typeH, void* heap, int devId);
+WOLFSSL_API int wc_PBKDF2(byte* output, const byte* passwd, int pLen,
+ const byte* salt, int sLen, int iterations, int kLen,
+ int typeH);
+WOLFSSL_API int wc_PKCS12_PBKDF(byte* output, const byte* passwd, int pLen,
+ const byte* salt, int sLen, int iterations,
+ int kLen, int typeH, int purpose);
+WOLFSSL_API int wc_PKCS12_PBKDF_ex(byte* output, const byte* passwd,int passLen,
+ const byte* salt, int saltLen, int iterations, int kLen,
+ int hashType, int id, void* heap);
+
+#ifdef HAVE_SCRYPT
+WOLFSSL_API int wc_scrypt(byte* output, const byte* passwd, int passLen,
+ const byte* salt, int saltLen, int cost,
+ int blockSize, int parallel, int dkLen);
+WOLFSSL_API int wc_scrypt_ex(byte* output, const byte* passwd, int passLen,
+ const byte* salt, int saltLen, word32 iterations,
+ int blockSize, int parallel, int dkLen);
+#endif
+
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* NO_PWDBASED */
+#endif /* WOLF_CRYPT_PWDBASED_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/rabbit.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/rabbit.h
new file mode 100644
index 0000000..836b737
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/rabbit.h
@@ -0,0 +1,73 @@
+/* rabbit.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/rabbit.h
+*/
+
+
+#ifndef WOLF_CRYPT_RABBIT_H
+#define WOLF_CRYPT_RABBIT_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifndef NO_RABBIT
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+
+enum {
+ RABBIT_ENC_TYPE = 5 /* cipher unique type */
+};
+
+
+/* Rabbit Context */
+typedef struct RabbitCtx {
+ word32 x[8];
+ word32 c[8];
+ word32 carry;
+} RabbitCtx;
+
+
+/* Rabbit stream cipher */
+typedef struct Rabbit {
+ RabbitCtx masterCtx;
+ RabbitCtx workCtx;
+#ifdef XSTREAM_ALIGN
+ void* heap; /* heap hint, currently XMALLOC only used with aligning */
+#endif
+} Rabbit;
+
+
+WOLFSSL_API int wc_RabbitProcess(Rabbit*, byte*, const byte*, word32);
+WOLFSSL_API int wc_RabbitSetKey(Rabbit*, const byte* key, const byte* iv);
+
+WOLFSSL_LOCAL int wc_Rabbit_SetHeap(Rabbit* ctx, void* heap);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* NO_RABBIT */
+#endif /* WOLF_CRYPT_RABBIT_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/random.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/random.h
new file mode 100644
index 0000000..066eaff
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/random.h
@@ -0,0 +1,261 @@
+/* random.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/random.h
+*/
+
+
+
+#ifndef WOLF_CRYPT_RANDOM_H
+#define WOLF_CRYPT_RANDOM_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#if defined(HAVE_FIPS) && \
+ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
+ #include <wolfssl/wolfcrypt/fips.h>
+#endif /* HAVE_FIPS_VERSION >= 2 */
+
+/* included for fips @wc_fips */
+#if defined(HAVE_FIPS) && \
+ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
+#include <cyassl/ctaocrypt/random.h>
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+ /* Maximum generate block length */
+#ifndef RNG_MAX_BLOCK_LEN
+ #ifdef HAVE_INTEL_QA
+ #define RNG_MAX_BLOCK_LEN (0xFFFFl)
+ #else
+ #define RNG_MAX_BLOCK_LEN (0x10000l)
+ #endif
+#endif
+
+/* Size of the BRBG seed */
+#ifndef DRBG_SEED_LEN
+ #define DRBG_SEED_LEN (440/8)
+#endif
+
+
+#if !defined(CUSTOM_RAND_TYPE)
+ /* To maintain compatibility the default is byte */
+ #define CUSTOM_RAND_TYPE byte
+#endif
+
+/* make sure Hash DRBG is enabled, unless WC_NO_HASHDRBG is defined
+ or CUSTOM_RAND_GENERATE_BLOCK is defined */
+#if !defined(WC_NO_HASHDRBG) && !defined(CUSTOM_RAND_GENERATE_BLOCK)
+ #undef HAVE_HASHDRBG
+ #define HAVE_HASHDRBG
+ #ifndef WC_RESEED_INTERVAL
+ #define WC_RESEED_INTERVAL (1000000)
+ #endif
+#endif
+
+
+/* avoid redefinition of structs */
+#if !defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
+
+/* RNG supports the following sources (in order):
+ * 1. CUSTOM_RAND_GENERATE_BLOCK: Defines name of function as RNG source and
+ * bypasses the options below.
+ * 2. HAVE_INTEL_RDRAND: Uses the Intel RDRAND if supported by CPU.
+ * 3. HAVE_HASHDRBG (requires SHA256 enabled): Uses SHA256 based P-RNG
+ * seeded via wc_GenerateSeed. This is the default source.
+ */
+
+ /* Seed source can be overridden by defining one of these:
+ CUSTOM_RAND_GENERATE_SEED
+ CUSTOM_RAND_GENERATE_SEED_OS
+ CUSTOM_RAND_GENERATE */
+
+
+#if defined(CUSTOM_RAND_GENERATE_BLOCK)
+ /* To use define the following:
+ * #define CUSTOM_RAND_GENERATE_BLOCK myRngFunc
+ * extern int myRngFunc(byte* output, word32 sz);
+ */
+#elif defined(HAVE_HASHDRBG)
+ #ifdef NO_SHA256
+ #error "Hash DRBG requires SHA-256."
+ #endif /* NO_SHA256 */
+ #include <wolfssl/wolfcrypt/sha256.h>
+#elif defined(HAVE_WNR)
+ /* allow whitewood as direct RNG source using wc_GenerateSeed directly */
+#elif defined(HAVE_INTEL_RDRAND)
+ /* Intel RDRAND or RDSEED */
+#elif !defined(WC_NO_RNG)
+ #error No RNG source defined!
+#endif
+
+#ifdef HAVE_WNR
+ #include <wnr.h>
+#endif
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+#endif
+
+
+#if defined(USE_WINDOWS_API)
+ #if defined(_WIN64)
+ typedef unsigned __int64 ProviderHandle;
+ /* type HCRYPTPROV, avoid #include <windows.h> */
+ #else
+ typedef unsigned long ProviderHandle;
+ #endif
+#endif
+
+
+/* OS specific seeder */
+typedef struct OS_Seed {
+ #if defined(USE_WINDOWS_API)
+ ProviderHandle handle;
+ #else
+ int fd;
+ #endif
+ #if defined(WOLF_CRYPTO_CB)
+ int devId;
+ #endif
+} OS_Seed;
+
+
+#ifndef WC_RNG_TYPE_DEFINED /* guard on redeclaration */
+ typedef struct WC_RNG WC_RNG;
+ #define WC_RNG_TYPE_DEFINED
+#endif
+
+#ifdef HAVE_HASHDRBG
+struct DRBG_internal {
+ word32 reseedCtr;
+ word32 lastBlock;
+ byte V[DRBG_SEED_LEN];
+ byte C[DRBG_SEED_LEN];
+#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
+ void* heap;
+ int devId;
+#endif
+ byte matchCount;
+#ifdef WOLFSSL_SMALL_STACK_CACHE
+ wc_Sha256 sha256;
+#endif
+};
+#endif
+
+/* RNG context */
+struct WC_RNG {
+ OS_Seed seed;
+ void* heap;
+#ifdef HAVE_HASHDRBG
+ /* Hash-based Deterministic Random Bit Generator */
+ struct DRBG* drbg;
+#if defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_STATIC_MEMORY)
+ struct DRBG_internal drbg_data;
+#endif
+ byte status;
+#endif
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WC_ASYNC_DEV asyncDev;
+#endif
+#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
+ int devId;
+#endif
+};
+
+#endif /* NO FIPS or have FIPS v2*/
+
+/* NO_OLD_RNGNAME removes RNG struct name to prevent possible type conflicts,
+ * can't be used with CTaoCrypt FIPS */
+#if !defined(NO_OLD_RNGNAME) && !defined(HAVE_FIPS)
+ #define RNG WC_RNG
+#endif
+
+
+WOLFSSL_LOCAL
+int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz);
+
+
+#ifdef HAVE_WNR
+ /* Whitewood netRandom client library */
+ WOLFSSL_API int wc_InitNetRandom(const char*, wnr_hmac_key, int);
+ WOLFSSL_API int wc_FreeNetRandom(void);
+#endif /* HAVE_WNR */
+
+
+WOLFSSL_ABI WOLFSSL_API WC_RNG* wc_rng_new(byte*, word32, void*);
+WOLFSSL_ABI WOLFSSL_API void wc_rng_free(WC_RNG*);
+
+
+#ifndef WC_NO_RNG
+WOLFSSL_API int wc_InitRng(WC_RNG*);
+WOLFSSL_API int wc_InitRng_ex(WC_RNG* rng, void* heap, int devId);
+WOLFSSL_API int wc_InitRngNonce(WC_RNG* rng, byte* nonce, word32 nonceSz);
+WOLFSSL_API int wc_InitRngNonce_ex(WC_RNG* rng, byte* nonce, word32 nonceSz,
+ void* heap, int devId);
+WOLFSSL_ABI WOLFSSL_API int wc_RNG_GenerateBlock(WC_RNG*, byte*, word32 sz);
+WOLFSSL_API int wc_RNG_GenerateByte(WC_RNG*, byte*);
+WOLFSSL_API int wc_FreeRng(WC_RNG*);
+#else
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#define wc_InitRng(rng) NOT_COMPILED_IN
+#define wc_InitRng_ex(rng, h, d) NOT_COMPILED_IN
+#define wc_InitRngNonce(rng, n, s) NOT_COMPILED_IN
+#define wc_InitRngNonce_ex(rng, n, s, h, d) NOT_COMPILED_IN
+#if defined(__ghs__) || defined(WC_NO_RNG_SIMPLE)
+/* some older compilers do not like macro function in expression */
+#define wc_RNG_GenerateBlock(rng, b, s) NOT_COMPILED_IN
+#else
+#define wc_RNG_GenerateBlock(rng, b, s) ({(void)rng; (void)b; (void)s; NOT_COMPILED_IN;})
+#endif
+#define wc_RNG_GenerateByte(rng, b) NOT_COMPILED_IN
+#define wc_FreeRng(rng) (void)NOT_COMPILED_IN
+#endif
+
+
+
+#ifdef HAVE_HASHDRBG
+ WOLFSSL_LOCAL int wc_RNG_DRBG_Reseed(WC_RNG* rng, const byte* entropy,
+ word32 entropySz);
+ WOLFSSL_API int wc_RNG_TestSeed(const byte* seed, word32 seedSz);
+ WOLFSSL_API int wc_RNG_HealthTest(int reseed,
+ const byte* entropyA, word32 entropyASz,
+ const byte* entropyB, word32 entropyBSz,
+ byte* output, word32 outputSz);
+ WOLFSSL_API int wc_RNG_HealthTest_ex(int reseed,
+ const byte* nonce, word32 nonceSz,
+ const byte* entropyA, word32 entropyASz,
+ const byte* entropyB, word32 entropyBSz,
+ byte* output, word32 outputSz,
+ void* heap, int devId);
+#endif /* HAVE_HASHDRBG */
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_RANDOM_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/rc2.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/rc2.h
new file mode 100644
index 0000000..5aa641a
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/rc2.h
@@ -0,0 +1,68 @@
+/* rc2.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef WOLF_CRYPT_RC2_H
+#define WOLF_CRYPT_RC2_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef WC_RC2
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+enum {
+ RC2_MAX_KEY_SIZE = 128, /* max effective key size, octets */
+ RC2_BLOCK_SIZE = 8
+};
+
+/* RC2 encryption and decryption */
+typedef struct Rc2 {
+ ALIGN16 word16 key[RC2_MAX_KEY_SIZE/2];
+ ALIGN16 word32 reg[RC2_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
+ ALIGN16 word32 tmp[RC2_BLOCK_SIZE / sizeof(word32)]; /* same */
+ word32 keylen; /* key length, octets */
+ word32 bits; /* effective key length, bits */
+} Rc2;
+
+WOLFSSL_API int wc_Rc2SetKey(Rc2* rc2, const byte* key, word32 length,
+ const byte* iv, word32 bits);
+WOLFSSL_API int wc_Rc2SetIV(Rc2* rc2, const byte* iv);
+
+/* RC2-ECB */
+WOLFSSL_API int wc_Rc2EcbEncrypt(Rc2* rc2, byte* out,
+ const byte* in, word32 sz);
+WOLFSSL_API int wc_Rc2EcbDecrypt(Rc2* rc2, byte* out,
+ const byte* in, word32 sz);
+
+/* RC2-CBC */
+WOLFSSL_API int wc_Rc2CbcEncrypt(Rc2* rc2, byte* out,
+ const byte* in, word32 sz);
+WOLFSSL_API int wc_Rc2CbcDecrypt(Rc2* rc2, byte* out,
+ const byte* in, word32 sz);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WC_RC2 */
+#endif /* WOLF_CRYPT_RC2_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/ripemd.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/ripemd.h
new file mode 100644
index 0000000..1e4c6b3
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/ripemd.h
@@ -0,0 +1,67 @@
+/* ripemd.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/ripemd.h
+*/
+
+#ifndef WOLF_CRYPT_RIPEMD_H
+#define WOLF_CRYPT_RIPEMD_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef WOLFSSL_RIPEMD
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+
+/* in bytes */
+enum {
+ RIPEMD = 3, /* hash type unique */
+ RIPEMD_BLOCK_SIZE = 64,
+ RIPEMD_DIGEST_SIZE = 20,
+ RIPEMD_PAD_SIZE = 56
+};
+
+
+/* RipeMd 160 digest */
+typedef struct RipeMd {
+ word32 buffLen; /* in bytes */
+ word32 loLen; /* length in bytes */
+ word32 hiLen; /* length in bytes */
+ word32 digest[RIPEMD_DIGEST_SIZE / sizeof(word32)];
+ word32 buffer[RIPEMD_BLOCK_SIZE / sizeof(word32)];
+} RipeMd;
+
+
+WOLFSSL_API int wc_InitRipeMd(RipeMd*);
+WOLFSSL_API int wc_RipeMdUpdate(RipeMd*, const byte*, word32);
+WOLFSSL_API int wc_RipeMdFinal(RipeMd*, byte*);
+
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLFSSL_RIPEMD */
+#endif /* WOLF_CRYPT_RIPEMD_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/rsa.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/rsa.h
new file mode 100644
index 0000000..3164351
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/rsa.h
@@ -0,0 +1,388 @@
+/* rsa.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/rsa.h
+*/
+
+/*
+
+DESCRIPTION
+This library provides the interface to the RSA.
+RSA keys can be used to encrypt, decrypt, sign and verify data.
+
+*/
+#ifndef WOLF_CRYPT_RSA_H
+#define WOLF_CRYPT_RSA_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifndef NO_RSA
+
+
+/* RSA default exponent */
+#ifndef WC_RSA_EXPONENT
+ #define WC_RSA_EXPONENT 65537L
+#endif
+
+#if defined(WC_RSA_NONBLOCK)
+ /* enable support for fast math based non-blocking exptmod */
+ /* this splits the RSA function into many smaller operations */
+ #ifndef USE_FAST_MATH
+ #error RSA non-blocking mode only supported using fast math
+ #endif
+ #ifndef TFM_TIMING_RESISTANT
+ #error RSA non-blocking mode only supported with timing resistance enabled
+ #endif
+
+ /* RSA bounds check is not supported with RSA non-blocking mode */
+ #undef NO_RSA_BOUNDS_CHECK
+ #define NO_RSA_BOUNDS_CHECK
+#endif
+
+/* allow for user to plug in own crypto */
+#if !defined(HAVE_FIPS) && (defined(HAVE_USER_RSA) || defined(HAVE_FAST_RSA))
+ #include "user_rsa.h"
+#else
+
+#if defined(HAVE_FIPS) && \
+ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
+/* for fips @wc_fips */
+#include <cyassl/ctaocrypt/rsa.h>
+#if defined(CYASSL_KEY_GEN) && !defined(WOLFSSL_KEY_GEN)
+ #define WOLFSSL_KEY_GEN
+#endif
+#else
+ #include <wolfssl/wolfcrypt/integer.h>
+ #include <wolfssl/wolfcrypt/random.h>
+#endif /* HAVE_FIPS && HAVE_FIPS_VERION 1 */
+#if defined(HAVE_FIPS) && \
+ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
+#include <wolfssl/wolfcrypt/fips.h>
+#endif
+
+/* header file needed for OAEP padding */
+#include <wolfssl/wolfcrypt/hash.h>
+
+#ifdef WOLFSSL_XILINX_CRYPT
+#include "xsecure_rsa.h"
+#endif
+
+#if defined(WOLFSSL_CRYPTOCELL)
+ #include <wolfssl/wolfcrypt/port/arm/cryptoCell.h>
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+enum {
+ RSA_MIN_SIZE = 512,
+ RSA_MAX_SIZE = 4096,
+};
+
+/* avoid redefinition of structs */
+#if !defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+ #ifdef WOLFSSL_CERT_GEN
+ #include <wolfssl/wolfcrypt/asn.h>
+ #endif
+#endif
+
+enum {
+ RSA_PUBLIC = 0,
+ RSA_PRIVATE = 1,
+
+ RSA_TYPE_UNKNOWN = -1,
+ RSA_PUBLIC_ENCRYPT = 0,
+ RSA_PUBLIC_DECRYPT = 1,
+ RSA_PRIVATE_ENCRYPT = 2,
+ RSA_PRIVATE_DECRYPT = 3,
+
+ RSA_BLOCK_TYPE_1 = 1,
+ RSA_BLOCK_TYPE_2 = 2,
+
+ RSA_MIN_PAD_SZ = 11, /* separator + 0 + pad value + 8 pads */
+
+ RSA_PSS_PAD_SZ = 8,
+ RSA_PSS_SALT_MAX_SZ = 62,
+
+#ifdef OPENSSL_EXTRA
+ RSA_PKCS1_PADDING_SIZE = 11,
+ RSA_PKCS1_OAEP_PADDING_SIZE = 42, /* (2 * hashlen(SHA-1)) + 2 */
+#endif
+#ifdef WC_RSA_PSS
+ RSA_PSS_PAD_TERM = 0xBC,
+#endif
+
+ RSA_PSS_SALT_LEN_DEFAULT = -1,
+#ifdef WOLFSSL_PSS_SALT_LEN_DISCOVER
+ RSA_PSS_SALT_LEN_DISCOVER = -2,
+#endif
+
+#ifdef WOLF_CRYPTO_CB
+ RSA_MAX_ID_LEN = 32,
+ RSA_MAX_LABEL_LEN = 32,
+#endif
+};
+
+#ifdef WC_RSA_NONBLOCK
+typedef struct RsaNb {
+ exptModNb_t exptmod; /* non-block expt_mod */
+ mp_int tmp;
+} RsaNb;
+#endif
+
+/* RSA */
+struct RsaKey {
+ mp_int n, e;
+#ifndef WOLFSSL_RSA_PUBLIC_ONLY
+ mp_int d, p, q;
+#if defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA) || !defined(RSA_LOW_MEM)
+ mp_int dP, dQ, u;
+#endif
+#endif
+ void* heap; /* for user memory overrides */
+ byte* data; /* temp buffer for async RSA */
+ int type; /* public or private */
+ int state;
+ word32 dataLen;
+#ifdef WC_RSA_BLINDING
+ WC_RNG* rng; /* for PrivateDecrypt blinding */
+#endif
+#ifdef WOLF_CRYPTO_CB
+ int devId;
+#endif
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WC_ASYNC_DEV asyncDev;
+ #ifdef WOLFSSL_CERT_GEN
+ CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */
+ #endif
+#endif /* WOLFSSL_ASYNC_CRYPT */
+#ifdef WOLFSSL_XILINX_CRYPT
+ word32 pubExp; /* to keep values in scope they are here in struct */
+ byte* mod;
+ XSecure_Rsa xRsa;
+#endif
+#ifdef WOLF_CRYPTO_CB
+ byte id[RSA_MAX_ID_LEN];
+ int idLen;
+ char label[RSA_MAX_LABEL_LEN];
+ int labelLen;
+#endif
+#if defined(WOLFSSL_ASYNC_CRYPT) || !defined(WOLFSSL_RSA_VERIFY_INLINE)
+ byte dataIsAlloc;
+#endif
+#ifdef WC_RSA_NONBLOCK
+ RsaNb* nb;
+#endif
+#ifdef WOLFSSL_AFALG_XILINX_RSA
+ int alFd;
+ int rdFd;
+#endif
+#if defined(WOLFSSL_CRYPTOCELL)
+ rsa_context_t ctx;
+#endif
+};
+
+#ifndef WC_RSAKEY_TYPE_DEFINED
+ typedef struct RsaKey RsaKey;
+ #define WC_RSAKEY_TYPE_DEFINED
+#endif
+
+#endif /*HAVE_FIPS */
+
+WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap);
+WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId);
+WOLFSSL_API int wc_FreeRsaKey(RsaKey* key);
+#ifdef WOLF_CRYPTO_CB
+WOLFSSL_API int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len,
+ void* heap, int devId);
+WOLFSSL_API int wc_InitRsaKey_Label(RsaKey* key, const char* label, void* heap,
+ int devId);
+#endif
+WOLFSSL_API int wc_CheckRsaKey(RsaKey* key);
+#ifdef WOLFSSL_XILINX_CRYPT
+WOLFSSL_LOCAL int wc_InitRsaHw(RsaKey* key);
+#endif /* WOLFSSL_XILINX_CRYPT */
+
+WOLFSSL_API int wc_RsaFunction(const byte* in, word32 inLen, byte* out,
+ word32* outLen, int type, RsaKey* key, WC_RNG* rng);
+
+WOLFSSL_API int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
+ word32 outLen, RsaKey* key, WC_RNG* rng);
+WOLFSSL_API int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
+ RsaKey* key);
+WOLFSSL_API int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
+ word32 outLen, RsaKey* key);
+WOLFSSL_API int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
+ word32 outLen, RsaKey* key, WC_RNG* rng);
+WOLFSSL_API int wc_RsaPSS_Sign(const byte* in, word32 inLen, byte* out,
+ word32 outLen, enum wc_HashType hash, int mgf,
+ RsaKey* key, WC_RNG* rng);
+WOLFSSL_API int wc_RsaPSS_Sign_ex(const byte* in, word32 inLen, byte* out,
+ word32 outLen, enum wc_HashType hash,
+ int mgf, int saltLen, RsaKey* key,
+ WC_RNG* rng);
+WOLFSSL_API int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out,
+ RsaKey* key);
+WOLFSSL_API int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
+ word32 outLen, RsaKey* key);
+WOLFSSL_API int wc_RsaSSL_Verify_ex(const byte* in, word32 inLen, byte* out,
+ word32 outLen, RsaKey* key, int pad_type);
+WOLFSSL_API int wc_RsaSSL_Verify_ex2(const byte* in, word32 inLen, byte* out,
+ word32 outLen, RsaKey* key, int pad_type,
+ enum wc_HashType hash);
+WOLFSSL_API int wc_RsaPSS_VerifyInline(byte* in, word32 inLen, byte** out,
+ enum wc_HashType hash, int mgf,
+ RsaKey* key);
+WOLFSSL_API int wc_RsaPSS_VerifyInline_ex(byte* in, word32 inLen, byte** out,
+ enum wc_HashType hash, int mgf,
+ int saltLen, RsaKey* key);
+WOLFSSL_API int wc_RsaPSS_Verify(byte* in, word32 inLen, byte* out,
+ word32 outLen, enum wc_HashType hash, int mgf,
+ RsaKey* key);
+WOLFSSL_API int wc_RsaPSS_Verify_ex(byte* in, word32 inLen, byte* out,
+ word32 outLen, enum wc_HashType hash,
+ int mgf, int saltLen, RsaKey* key);
+WOLFSSL_API int wc_RsaPSS_CheckPadding(const byte* in, word32 inLen, byte* sig,
+ word32 sigSz,
+ enum wc_HashType hashType);
+WOLFSSL_API int wc_RsaPSS_CheckPadding_ex(const byte* in, word32 inLen,
+ byte* sig, word32 sigSz,
+ enum wc_HashType hashType,
+ int saltLen, int bits);
+WOLFSSL_API int wc_RsaPSS_VerifyCheckInline(byte* in, word32 inLen, byte** out,
+ const byte* digest, word32 digentLen,
+ enum wc_HashType hash, int mgf,
+ RsaKey* key);
+WOLFSSL_API int wc_RsaPSS_VerifyCheck(byte* in, word32 inLen,
+ byte* out, word32 outLen,
+ const byte* digest, word32 digestLen,
+ enum wc_HashType hash, int mgf,
+ RsaKey* key);
+
+WOLFSSL_API int wc_RsaEncryptSize(const RsaKey* key);
+
+#if !defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
+/* to avoid asn duplicate symbols @wc_fips */
+WOLFSSL_API int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
+ RsaKey*, word32);
+WOLFSSL_API int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx,
+ RsaKey*, word32);
+WOLFSSL_API int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
+ const byte* e, word32 eSz, RsaKey* key);
+#ifdef WOLFSSL_KEY_GEN
+ WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
+#endif
+
+#ifdef WC_RSA_BLINDING
+ WOLFSSL_API int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng);
+#endif
+#ifdef WC_RSA_NONBLOCK
+ WOLFSSL_API int wc_RsaSetNonBlock(RsaKey* key, RsaNb* nb);
+ #ifdef WC_RSA_NONBLOCK_TIME
+ WOLFSSL_API int wc_RsaSetNonBlockTime(RsaKey* key, word32 maxBlockUs,
+ word32 cpuMHz);
+ #endif
+#endif
+
+/*
+ choice of padding added after fips, so not available when using fips RSA
+ */
+
+/* Mask Generation Function Identifiers */
+#define WC_MGF1NONE 0
+#define WC_MGF1SHA1 26
+#define WC_MGF1SHA224 4
+#define WC_MGF1SHA256 1
+#define WC_MGF1SHA384 2
+#define WC_MGF1SHA512 3
+
+/* Padding types */
+#define WC_RSA_PKCSV15_PAD 0
+#define WC_RSA_OAEP_PAD 1
+#define WC_RSA_PSS_PAD 2
+#define WC_RSA_NO_PAD 3
+
+WOLFSSL_API int wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out,
+ word32 outLen, RsaKey* key, WC_RNG* rng, int type,
+ enum wc_HashType hash, int mgf, byte* label, word32 lableSz);
+WOLFSSL_API int wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen,
+ byte* out, word32 outLen, RsaKey* key, int type,
+ enum wc_HashType hash, int mgf, byte* label, word32 lableSz);
+WOLFSSL_API int wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen,
+ byte** out, RsaKey* key, int type, enum wc_HashType hash,
+ int mgf, byte* label, word32 lableSz);
+#if defined(WC_RSA_DIRECT) || defined(WC_RSA_NO_PADDING)
+WOLFSSL_API int wc_RsaDirect(byte* in, word32 inLen, byte* out, word32* outSz,
+ RsaKey* key, int type, WC_RNG* rng);
+#endif
+
+#endif /* HAVE_FIPS */
+
+WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*,
+ word32*);
+WOLFSSL_API int wc_RsaExportKey(RsaKey* key,
+ byte* e, word32* eSz,
+ byte* n, word32* nSz,
+ byte* d, word32* dSz,
+ byte* p, word32* pSz,
+ byte* q, word32* qSz);
+
+WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen);
+
+#ifdef WOLFSSL_KEY_GEN
+ WOLFSSL_API int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng);
+ WOLFSSL_API int wc_CheckProbablePrime_ex(const byte* p, word32 pSz,
+ const byte* q, word32 qSz,
+ const byte* e, word32 eSz,
+ int nlen, int* isPrime, WC_RNG* rng);
+ WOLFSSL_API int wc_CheckProbablePrime(const byte* p, word32 pSz,
+ const byte* q, word32 qSz,
+ const byte* e, word32 eSz,
+ int nlen, int* isPrime);
+#endif
+
+WOLFSSL_LOCAL int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock,
+ word32 pkcsBlockLen, byte padValue, WC_RNG* rng, int padType,
+ enum wc_HashType hType, int mgf, byte* optLabel, word32 labelLen,
+ int saltLen, int bits, void* heap);
+WOLFSSL_LOCAL int wc_RsaUnPad_ex(byte* pkcsBlock, word32 pkcsBlockLen, byte** out,
+ byte padValue, int padType, enum wc_HashType hType,
+ int mgf, byte* optLabel, word32 labelLen, int saltLen,
+ int bits, void* heap);
+
+WOLFSSL_LOCAL int wc_hash2mgf(enum wc_HashType hType);
+
+#endif /* HAVE_USER_RSA */
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* NO_RSA */
+#endif /* WOLF_CRYPT_RSA_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/sakke.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/sakke.h
new file mode 100644
index 0000000..79fc314
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/sakke.h
@@ -0,0 +1,228 @@
+/* sakke.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/sakke.h
+*/
+
+
+#ifndef WOLF_CRYPT_SAKKE_H
+#define WOLF_CRYPT_SAKKE_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef WOLFCRYPT_HAVE_SAKKE
+
+#include <wolfssl/wolfcrypt/integer.h>
+#include <wolfssl/wolfcrypt/ecc.h>
+#include <wolfssl/wolfcrypt/hash.h>
+#include <wolfssl/wolfcrypt/hmac.h>
+
+#define WOLFCRYPT_SAKKE_KMS
+#define WOLFCRYPT_SAKKE_CLIENT
+
+#define SAKKE_ID_MAX_SIZE 128
+
+/* Maximum number of loops of attempting to generate a key. */
+#ifndef SAKKE_MAX_GEN_COUNT
+ #define SAKKE_MAX_GEN_COUNT 10
+#endif
+
+
+/** MP integer in projective form. */
+typedef ecc_point mp_proj;
+
+/** SAKKE ECC parameters in usable format. */
+typedef struct SakkeKeyParams {
+ /** Prime as an MP integer. */
+ mp_int prime;
+ /** Q (order) as an MP integer. */
+ mp_int q;
+ /** G (pairing base) as an MP integer. */
+ mp_int g;
+ /** Temporary MP integer used during operations. */
+ mp_int a;
+ /** Base point for elliptic curve operations as an ECC point. */
+ ecc_point* base;
+
+ /** Bit indicate prime is set as an MP integer in SAKKE key. */
+ byte havePrime:1;
+ /** Bit indicates q (order) is set as an MP integer in SAKKE key. */
+ byte haveQ:1;
+ /** Bit indicates g (pairing base) is set as an MP integer in SAKKE key. */
+ byte haveG:1;
+ /** Bit indicates a is set as an MP integer in SAKKE key. */
+ byte haveA:1;
+ /** Bit indicates base point is set as an ECC point in SAKKE key. */
+ byte haveBase:1;
+} SakkeKeyParams;
+
+/** Temporary values to use in SAKKE calculations. */
+typedef struct SakkeKeyTmp {
+ /** Temporary MP integer used during operations. */
+ mp_int m1;
+ /** Temporary MP integer used during operations. */
+ mp_int m2;
+
+#ifdef WOLFCRYPT_SAKKE_CLIENT
+ /** Temporary elliptic curve point for use in operations. */
+ ecc_point* p1;
+ /** Temporary elliptic curve point for use in operations. */
+ ecc_point* p2;
+ /** Temporary MP projective integer for use in operations. */
+ mp_proj* p3;
+#endif
+} SakkeKeyTmp;
+
+#ifdef WOLFCRYPT_SAKKE_CLIENT
+/** SAKKE data for the intermediate point I. */
+typedef struct SakkeKeyPointI {
+ /** Temporary elliptic curve point for use in operations. */
+ ecc_point* i;
+ /** Table associated with point I. */
+ byte* table;
+ /** Length of table */
+ int tableLen;
+ /** Identity associated with point I. */
+ byte id[SAKKE_ID_MAX_SIZE];
+ /** Size of identity associated with point I. */
+ word16 idSz;
+} SakkeKeyPointI;
+
+/** SAKKE data for the Receiver Secret Key (RSK). */
+typedef struct SakkeKeyRsk {
+ /** RSK (Receiver Secret Key). */
+ ecc_point* rsk;
+ /** Table associated with point I. */
+ byte* table;
+ /** Length of table */
+ int tableLen;
+ /** Indicates whether an RSK value has been set. */
+ byte set:1;
+} SakkeKeyRsk;
+#endif
+
+/**
+ * SAKKE key.
+ */
+typedef struct SakkeKey {
+ /** ECC key to perform elliptic curve operations with. */
+ ecc_key ecc;
+
+ /** ECC parameter in forms that can be used in computation. */
+ SakkeKeyParams params;
+ /** Temporaries used during calculations. */
+ SakkeKeyTmp tmp;
+
+#ifdef WOLFCRYPT_SAKKE_CLIENT
+ /** Data relating to the RSK (Receiver Secret Key). */
+ SakkeKeyRsk rsk;
+ /** Identity to perform operations with. */
+ byte id[SAKKE_ID_MAX_SIZE];
+ /** Size of identity in bytes. */
+ word16 idSz;
+
+ /** Data relating to the intermediate point I. */
+ SakkeKeyPointI i;
+
+ /** Generic hash algorithm object. */
+ wc_HashAlg hash;
+ /** Temporary buffer for use in operations. */
+ byte data[(MAX_ECC_BYTES * 2) + 1];
+#endif
+
+ /** Heap hint for dynamic memory allocation. */
+ void* heap;
+
+ /** Bit indicates Z, public key, is in montgomery form. */
+ byte zMont:1;
+ /** Bit indicate MP integers have been initialized. */
+ byte mpInit:1;
+} SakkeKey;
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+WOLFSSL_API int wc_InitSakkeKey(SakkeKey* key, void* heap, int devId);
+WOLFSSL_API int wc_InitSakkeKey_ex(SakkeKey* key, int keySize, int curveId,
+ void* heap, int devId);
+WOLFSSL_API void wc_FreeSakkeKey(SakkeKey* key);
+
+WOLFSSL_API int wc_MakeSakkeKey(SakkeKey* key, WC_RNG* rng);
+WOLFSSL_API int wc_MakeSakkePublicKey(SakkeKey* key, ecc_point* pub);
+
+WOLFSSL_API int wc_MakeSakkeRsk(SakkeKey* key, const byte* id, word16 idSz,
+ ecc_point* rsk);
+WOLFSSL_API int wc_ValidateSakkeRsk(SakkeKey* key, const byte* id, word16 idSz,
+ ecc_point* rsk, int* valid);
+
+WOLFSSL_API int wc_ExportSakkeKey(SakkeKey* key, byte* data, word32* sz);
+WOLFSSL_API int wc_ImportSakkeKey(SakkeKey* key, const byte* data, word32 sz);
+WOLFSSL_API int wc_ExportSakkePrivateKey(SakkeKey* key, byte* data, word32* sz);
+WOLFSSL_API int wc_ImportSakkePrivateKey(SakkeKey* key, const byte* data,
+ word32 sz);
+WOLFSSL_API int wc_ExportSakkePublicKey(SakkeKey* key, byte* data,
+ word32* sz, int raw);
+WOLFSSL_API int wc_ImportSakkePublicKey(SakkeKey* key, const byte* data,
+ word32 sz, int trusted);
+
+WOLFSSL_API int wc_EncodeSakkeRsk(const SakkeKey* key, ecc_point* rsk,
+ byte* out, word32* sz, int raw);
+WOLFSSL_API int wc_DecodeSakkeRsk(const SakkeKey* key, const byte* data,
+ word32 sz, ecc_point* rsk);
+WOLFSSL_API int wc_ImportSakkeRsk(SakkeKey* key, const byte* data, word32 sz);
+
+WOLFSSL_API int wc_GetSakkeAuthSize(SakkeKey* key, word16* authSz);
+
+WOLFSSL_API int wc_SetSakkeIdentity(SakkeKey* key, const byte* id, word16 idSz);
+WOLFSSL_API int wc_MakeSakkePointI(SakkeKey* key, const byte* id, word16 idSz);
+WOLFSSL_API int wc_GetSakkePointI(SakkeKey* key, byte* data, word32* sz);
+WOLFSSL_API int wc_SetSakkePointI(SakkeKey* key, const byte* id, word16 idSz,
+ const byte* data, word32 sz);
+WOLFSSL_API int wc_GenerateSakkePointITable(SakkeKey* key, byte* table,
+ word32* len);
+WOLFSSL_API int wc_SetSakkePointITable(SakkeKey* key, byte* table, word32 len);
+WOLFSSL_API int wc_ClearSakkePointITable(SakkeKey* key);
+
+WOLFSSL_API int wc_MakeSakkeEncapsulatedSSV(SakkeKey* key,
+ enum wc_HashType hashType, byte* ssv, word16 ssvSz, byte* auth,
+ word16* authSz);
+
+WOLFSSL_API int wc_GenerateSakkeRskTable(const SakkeKey* key,
+ const ecc_point* rsk, byte* table, word32* len);
+WOLFSSL_API int wc_SetSakkeRsk(SakkeKey* key, const ecc_point* rsk, byte* table,
+ word32 len);
+
+WOLFSSL_API int wc_GenerateSakkeSSV(SakkeKey* key, WC_RNG* rng, byte* ssv,
+ word16* ssvSz);
+WOLFSSL_API int wc_DeriveSakkeSSV(SakkeKey* key, enum wc_HashType hashType,
+ byte* ssv, word16 ssvSz, const byte* auth,
+ word16 authSz);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLFCRYPT_HAVE_SAKKE */
+
+#endif /* WOLF_CRYPT_SAKKE_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/settings.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/settings.h
new file mode 100644
index 0000000..3a3dfae
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/settings.h
@@ -0,0 +1,2494 @@
+/* settings.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+/* Place OS specific preprocessor flags, defines, includes here, will be
+ included into every file because types.h includes it */
+
+
+#ifndef WOLF_CRYPT_SETTINGS_H
+#define WOLF_CRYPT_SETTINGS_H
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* This flag allows wolfSSL to include options.h instead of having client
+ * projects do it themselves. This should *NEVER* be defined when building
+ * wolfSSL as it can cause hard to debug problems. */
+#ifdef EXTERNAL_OPTS_OPENVPN
+#include <wolfssl/options.h>
+#endif
+
+/* Uncomment next line if using IPHONE */
+/* #define IPHONE */
+
+/* Uncomment next line if using ThreadX */
+/* #define THREADX */
+
+/* Uncomment next line if using Micrium uC/OS-III */
+/* #define MICRIUM */
+
+/* Uncomment next line if using Deos RTOS*/
+/* #define WOLFSSL_DEOS*/
+
+/* Uncomment next line if using Mbed */
+/* #define MBED */
+
+/* Uncomment next line if using Microchip PIC32 ethernet starter kit */
+/* #define MICROCHIP_PIC32 */
+
+/* Uncomment next line if using Microchip TCP/IP stack, version 5 */
+/* #define MICROCHIP_TCPIP_V5 */
+
+/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */
+/* #define MICROCHIP_TCPIP */
+
+/* Uncomment next line if using above Microchip TCP/IP defines with BSD API */
+/* #define MICROCHIP_TCPIP_BSD_API */
+
+/* Uncomment next line if using PIC32MZ Crypto Engine */
+/* #define WOLFSSL_MICROCHIP_PIC32MZ */
+
+/* Uncomment next line if using FreeRTOS */
+/* #define FREERTOS */
+
+/* Uncomment next line if using FreeRTOS+ TCP */
+/* #define FREERTOS_TCP */
+
+/* Uncomment next line if using FreeRTOS Windows Simulator */
+/* #define FREERTOS_WINSIM */
+
+/* Uncomment next line if using RTIP */
+/* #define EBSNET */
+
+/* Uncomment next line if using lwip */
+/* #define WOLFSSL_LWIP */
+
+/* Uncomment next line if building wolfSSL for a game console */
+/* #define WOLFSSL_GAME_BUILD */
+
+/* Uncomment next line if building wolfSSL for LSR */
+/* #define WOLFSSL_LSR */
+
+/* Uncomment next line if building for Freescale Classic MQX version 5.0 */
+/* #define FREESCALE_MQX_5_0 */
+
+/* Uncomment next line if building for Freescale Classic MQX version 4.0 */
+/* #define FREESCALE_MQX_4_0 */
+
+/* Uncomment next line if building for Freescale Classic MQX/RTCS/MFS */
+/* #define FREESCALE_MQX */
+
+/* Uncomment next line if building for Freescale KSDK MQX/RTCS/MFS */
+/* #define FREESCALE_KSDK_MQX */
+
+/* Uncomment next line if building for Freescale KSDK Bare Metal */
+/* #define FREESCALE_KSDK_BM */
+
+/* Uncomment next line if building for Freescale KSDK FreeRTOS, */
+/* (old name FREESCALE_FREE_RTOS) */
+/* #define FREESCALE_KSDK_FREERTOS */
+
+/* Uncomment next line if using STM32F2 */
+/* #define WOLFSSL_STM32F2 */
+
+/* Uncomment next line if using STM32F4 */
+/* #define WOLFSSL_STM32F4 */
+
+/* Uncomment next line if using STM32FL */
+/* #define WOLFSSL_STM32FL */
+
+/* Uncomment next line if using STM32F7 */
+/* #define WOLFSSL_STM32F7 */
+
+/* Uncomment next line if using QL SEP settings */
+/* #define WOLFSSL_QL */
+
+/* Uncomment next line if building for EROAD */
+/* #define WOLFSSL_EROAD */
+
+/* Uncomment next line if building for IAR EWARM */
+/* #define WOLFSSL_IAR_ARM */
+
+/* Uncomment next line if building for Rowley CrossWorks ARM */
+/* #define WOLFSSL_ROWLEY_ARM */
+
+/* Uncomment next line if using TI-RTOS settings */
+/* #define WOLFSSL_TIRTOS */
+
+/* Uncomment next line if building with PicoTCP */
+/* #define WOLFSSL_PICOTCP */
+
+/* Uncomment next line if building for PicoTCP demo bundle */
+/* #define WOLFSSL_PICOTCP_DEMO */
+
+/* Uncomment next line if building for uITRON4 */
+/* #define WOLFSSL_uITRON4 */
+
+/* Uncomment next line if building for uT-Kernel */
+/* #define WOLFSSL_uTKERNEL2 */
+
+/* Uncomment next line if using Max Strength build */
+/* #define WOLFSSL_MAX_STRENGTH */
+
+/* Uncomment next line if building for VxWorks */
+/* #define WOLFSSL_VXWORKS */
+
+/* Uncomment next line if building for Nordic nRF5x platform */
+/* #define WOLFSSL_NRF5x */
+
+/* Uncomment next line to enable deprecated less secure static DH suites */
+/* #define WOLFSSL_STATIC_DH */
+
+/* Uncomment next line to enable deprecated less secure static RSA suites */
+/* #define WOLFSSL_STATIC_RSA */
+
+/* Uncomment next line if building for ARDUINO */
+/* Uncomment both lines if building for ARDUINO on INTEL_GALILEO */
+/* #define WOLFSSL_ARDUINO */
+/* #define INTEL_GALILEO */
+
+/* Uncomment next line to enable asynchronous crypto WC_PENDING_E */
+/* #define WOLFSSL_ASYNC_CRYPT */
+
+/* Uncomment next line if building for uTasker */
+/* #define WOLFSSL_UTASKER */
+
+/* Uncomment next line if building for embOS */
+/* #define WOLFSSL_EMBOS */
+
+/* Uncomment next line if building for RIOT-OS */
+/* #define WOLFSSL_RIOT_OS */
+
+/* Uncomment next line if building for using XILINX hardened crypto */
+/* #define WOLFSSL_XILINX_CRYPT */
+
+/* Uncomment next line if building for using XILINX */
+/* #define WOLFSSL_XILINX */
+
+/* Uncomment next line if building for WICED Studio. */
+/* #define WOLFSSL_WICED */
+
+/* Uncomment next line if building for Nucleus 1.2 */
+/* #define WOLFSSL_NUCLEUS_1_2 */
+
+/* Uncomment next line if building for using Apache mynewt */
+/* #define WOLFSSL_APACHE_MYNEWT */
+
+/* Uncomment next line if building for using ESP-IDF */
+/* #define WOLFSSL_ESPIDF */
+
+/* Uncomment next line if using Espressif ESP32-WROOM-32 */
+/* #define WOLFSSL_ESPWROOM32 */
+
+/* Uncomment next line if using Espressif ESP32-WROOM-32SE */
+/* #define WOLFSSL_ESPWROOM32SE */
+
+/* Uncomment next line if using ARM CRYPTOCELL*/
+/* #define WOLFSSL_CRYPTOCELL */
+
+/* Uncomment next line if using RENESAS TSIP */
+/* #define WOLFSSL_RENESAS_TSIP */
+
+/* Uncomment next line if using RENESAS RX64N */
+/* #define WOLFSSL_RENESAS_RX65N */
+
+/* Uncomment next line if using Solaris OS*/
+/* #define WOLFSSL_SOLARIS */
+
+/* Uncomment next line if building for Linux Kernel Module */
+/* #define WOLFSSL_LINUXKM */
+
+/* Uncomment next line if building for devkitPro */
+/* #define DEVKITPRO */
+
+/* Uncomment next line if building for Dolphin Emulator */
+/* #define DOLPHIN_EMULATOR */
+
+#include <wolfssl/wolfcrypt/visibility.h>
+
+#ifdef WOLFSSL_USER_SETTINGS
+ #include "user_settings.h"
+#elif defined(USE_HAL_DRIVER) && !defined(HAVE_CONFIG_H)
+ /* STM Configuration File (generated by CubeMX) */
+ #include "wolfSSL.I-CUBE-wolfSSL_conf.h"
+#endif
+
+/* make sure old RNG name is used with CTaoCrypt FIPS */
+#ifdef HAVE_FIPS
+ #if !defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)
+ #define WC_RNG RNG
+ #else
+ #ifndef WOLFSSL_STM32L4
+ #define RNG WC_RNG
+ #endif
+ #endif
+ /* blinding adds API not available yet in FIPS mode */
+ #undef WC_RSA_BLINDING
+#endif
+
+
+#if defined(_WIN32) && !defined(_M_X64) && \
+ defined(HAVE_AESGCM) && defined(WOLFSSL_AESNI)
+
+/* The _M_X64 macro is what's used in the headers for MSC to tell if it
+ * has the 64-bit versions of the 128-bit integers available. If one is
+ * building on 32-bit Windows with AES-NI, turn off the AES-GCMloop
+ * unrolling. */
+
+ #define AES_GCM_AESNI_NO_UNROLL
+#endif
+
+#ifdef IPHONE
+ #define SIZEOF_LONG_LONG 8
+#endif
+
+#ifdef THREADX
+ #define SIZEOF_LONG_LONG 8
+#endif
+
+#ifdef HAVE_NETX
+ #ifdef NEED_THREADX_TYPES
+ #include <types.h>
+ #endif
+ #include <nx_api.h>
+#endif
+
+#if defined(WOLFSSL_ESPIDF)
+ #define FREERTOS
+ #define WOLFSSL_LWIP
+ #define NO_WRITEV
+ #define SIZEOF_LONG_LONG 8
+ #define NO_WOLFSSL_DIR
+ #define WOLFSSL_NO_CURRDIR
+
+ #define TFM_TIMING_RESISTANT
+ #define ECC_TIMING_RESISTANT
+ #define WC_RSA_BLINDING
+
+#if defined(WOLFSSL_ESPWROOM32) || defined(WOLFSSL_ESPWROOM32SE)
+ #ifndef NO_ESP32WROOM32_CRYPT
+ #define WOLFSSL_ESP32WROOM32_CRYPT
+ #if defined(ESP32_USE_RSA_PRIMITIVE) && \
+ !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
+ #define WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI
+ #define USE_FAST_MATH
+ #define WOLFSSL_SMALL_STACK
+ #endif
+ #endif
+#endif
+#endif /* WOLFSSL_ESPIDF */
+
+#if defined(WOLFSSL_RENESAS_TSIP)
+ #define TSIP_TLS_HMAC_KEY_INDEX_WORDSIZE 64
+ #define TSIP_TLS_MASTERSECRET_SIZE 80 /* 20 words */
+ #define TSIP_TLS_ENCPUBKEY_SZ_BY_CERTVRFY 560 /* in byte */
+ #if !defined(NO_RENESAS_TSIP_CRYPT) && defined(WOLFSSL_RENESAS_RX65N)
+ #define WOLFSSL_RENESAS_TSIP_CRYPT
+ #define WOLFSSL_RENESAS_TSIP_TLS
+ #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
+ #endif
+#endif
+
+#if defined(WOLFSSL_RENESAS_RA6M3G) || defined(WOLFSSL_RENESAS_RA6M3)
+ /* settings in user_settings.h */
+#endif
+
+#if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */
+ #define WOLFSSL_LWIP
+ #define NO_WRITEV
+ #define SINGLE_THREADED
+ #define WOLFSSL_USER_IO
+ #define NO_FILESYSTEM
+#endif
+
+#if defined(WOLFSSL_CONTIKI)
+ #include <contiki.h>
+ #define WOLFSSL_UIP
+ #define NO_WOLFSSL_MEMORY
+ #define NO_WRITEV
+ #define SINGLE_THREADED
+ #define WOLFSSL_USER_IO
+ #define NO_FILESYSTEM
+ #define CUSTOM_RAND_TYPE uint16_t
+ #define CUSTOM_RAND_GENERATE random_rand
+ static inline word32 LowResTimer(void)
+ {
+ return clock_seconds();
+ }
+#endif
+
+#if defined(WOLFSSL_IAR_ARM) || defined(WOLFSSL_ROWLEY_ARM)
+ #define NO_MAIN_DRIVER
+ #define SINGLE_THREADED
+ #if !defined(USE_CERT_BUFFERS_2048) && !defined(USE_CERT_BUFFERS_4096)
+ #define USE_CERT_BUFFERS_1024
+ #endif
+ #define BENCH_EMBEDDED
+ #define NO_FILESYSTEM
+ #define NO_WRITEV
+ #define WOLFSSL_USER_IO
+ #define BENCH_EMBEDDED
+#endif
+
+#ifdef MICROCHIP_PIC32
+ /* #define WOLFSSL_MICROCHIP_PIC32MZ */
+ #define SIZEOF_LONG_LONG 8
+ #define SINGLE_THREADED
+ #ifndef MICROCHIP_TCPIP_BSD_API
+ #define WOLFSSL_USER_IO
+ #endif
+ #define NO_WRITEV
+ #define NO_DEV_RANDOM
+ #define NO_FILESYSTEM
+ #define USE_FAST_MATH
+ #define TFM_TIMING_RESISTANT
+ #define NO_BIG_INT
+#endif
+
+#ifdef WOLFSSL_MICROCHIP_PIC32MZ
+ #define WOLFSSL_HAVE_MIN
+ #define WOLFSSL_HAVE_MAX
+
+ #ifndef NO_PIC32MZ_CRYPT
+ #define WOLFSSL_PIC32MZ_CRYPT
+ #endif
+ #ifndef NO_PIC32MZ_RNG
+ #define WOLFSSL_PIC32MZ_RNG
+ #endif
+ #ifndef NO_PIC32MZ_HASH
+ #define WOLFSSL_PIC32MZ_HASH
+ #endif
+#endif
+
+#ifdef MICROCHIP_TCPIP_V5
+ /* include timer functions */
+ #include "TCPIP Stack/TCPIP.h"
+#endif
+
+#ifdef MICROCHIP_TCPIP
+ /* include timer, NTP functions */
+ #ifdef MICROCHIP_MPLAB_HARMONY
+ #include "tcpip/tcpip.h"
+ #else
+ #include "system/system_services.h"
+ #include "tcpip/sntp.h"
+ #endif
+#endif
+
+#ifdef WOLFSSL_ATECC508A
+ /* backwards compatibility */
+#ifndef WOLFSSL_ATECC_NO_ECDH_ENC
+ #define WOLFSSL_ATECC_ECDH_ENC
+#endif
+ #ifdef WOLFSSL_ATECC508A_DEBUG
+ #define WOLFSSL_ATECC_DEBUG
+ #endif
+#endif
+
+#ifdef MBED
+ #define WOLFSSL_USER_IO
+ #define NO_FILESYSTEM
+ #define NO_CERTS
+ #if !defined(USE_CERT_BUFFERS_2048) && !defined(USE_CERT_BUFFERS_4096)
+ #define USE_CERT_BUFFERS_1024
+ #endif
+ #define NO_WRITEV
+ #define NO_DEV_RANDOM
+ #define NO_SHA512
+ #define NO_DH
+ /* Allows use of DH with fixed points if uncommented and NO_DH is removed */
+ /* WOLFSSL_DH_CONST */
+ #define NO_DSA
+ #define NO_HC128
+ #define HAVE_ECC
+ #define NO_SESSION_CACHE
+ #define WOLFSSL_CMSIS_RTOS
+#endif
+
+
+#ifdef WOLFSSL_EROAD
+ #define FREESCALE_MQX
+ #define FREESCALE_MMCAU
+ #define SINGLE_THREADED
+ #define NO_STDIO_FILESYSTEM
+ #define WOLFSSL_LEANPSK
+ #define HAVE_NULL_CIPHER
+ #define NO_OLD_TLS
+ #define NO_ASN
+ #define NO_BIG_INT
+ #define NO_RSA
+ #define NO_DSA
+ #define NO_DH
+ /* Allows use of DH with fixed points if uncommented and NO_DH is removed */
+ /* WOLFSSL_DH_CONST */
+ #define NO_CERTS
+ #define NO_PWDBASED
+ #define NO_DES3
+ #define NO_MD4
+ #define NO_RC4
+ #define NO_MD5
+ #define NO_SESSION_CACHE
+ #define NO_MAIN_DRIVER
+#endif
+
+#ifdef WOLFSSL_PICOTCP
+ #ifndef errno
+ #define errno pico_err
+ #endif
+ #include "pico_defines.h"
+ #include "pico_stack.h"
+ #include "pico_constants.h"
+ #include "pico_protocol.h"
+ #define CUSTOM_RAND_GENERATE pico_rand
+#endif
+
+#ifdef WOLFSSL_PICOTCP_DEMO
+ #define WOLFSSL_STM32
+ #define USE_FAST_MATH
+ #define TFM_TIMING_RESISTANT
+ #define XMALLOC(s, h, type) PICO_ZALLOC((s))
+ #define XFREE(p, h, type) PICO_FREE((p))
+ #define SINGLE_THREADED
+ #define NO_WRITEV
+ #define WOLFSSL_USER_IO
+ #define NO_DEV_RANDOM
+ #define NO_FILESYSTEM
+#endif
+
+#ifdef FREERTOS_WINSIM
+ #define FREERTOS
+ #define USE_WINDOWS_API
+#endif
+
+
+#ifdef WOLFSSL_VXWORKS
+ /* VxWorks simulator incorrectly detects building for i386 */
+ #ifdef VXWORKS_SIM
+ #define TFM_NO_ASM
+ #endif
+ /* For VxWorks pthreads wrappers for mutexes uncomment the next line. */
+ /* #define WOLFSSL_PTHREADS */
+ #define WOLFSSL_HAVE_MIN
+ #define WOLFSSL_HAVE_MAX
+ #define USE_FAST_MATH
+ #define TFM_TIMING_RESISTANT
+ #define NO_MAIN_DRIVER
+ #define NO_DEV_RANDOM
+ #define NO_WRITEV
+ #define HAVE_STRINGS_H
+#endif
+
+
+#ifdef WOLFSSL_ARDUINO
+ #define NO_WRITEV
+ #define NO_WOLFSSL_DIR
+ #define SINGLE_THREADED
+ #define NO_DEV_RANDOM
+ #ifndef INTEL_GALILEO /* Galileo has time.h compatibility */
+ #define TIME_OVERRIDES
+ #ifndef XTIME
+ #error "Must define XTIME externally see porting guide"
+ #error "https://www.wolfssl.com/docs/porting-guide/"
+ #endif
+ #ifndef XGMTIME
+ #error "Must define XGMTIME externally see porting guide"
+ #error "https://www.wolfssl.com/docs/porting-guide/"
+ #endif
+ #endif
+ #define WOLFSSL_USER_IO
+ #define HAVE_ECC
+ #define NO_DH
+ #define NO_SESSION_CACHE
+#endif
+
+
+#ifdef WOLFSSL_UTASKER
+ /* uTasker configuration - used for fnRandom() */
+ #include "config.h"
+
+ #define SINGLE_THREADED
+ #define NO_WOLFSSL_DIR
+ #define WOLFSSL_HAVE_MIN
+ #define NO_WRITEV
+
+ #define HAVE_ECC
+ #define ALT_ECC_SIZE
+ #define USE_FAST_MATH
+ #define TFM_TIMING_RESISTANT
+ #define ECC_TIMING_RESISTANT
+
+ /* used in wolfCrypt test */
+ #define NO_MAIN_DRIVER
+ #define USE_CERT_BUFFERS_2048
+
+ /* uTasker port uses RAW sockets, use I/O callbacks
+ * See wolfSSL uTasker example for sample callbacks */
+ #define WOLFSSL_USER_IO
+
+ /* uTasker filesystem not ported */
+ #define NO_FILESYSTEM
+
+ /* uTasker RNG is abstracted, calls HW RNG when available */
+ #define CUSTOM_RAND_GENERATE fnRandom
+ #define CUSTOM_RAND_TYPE unsigned short
+
+ /* user needs to define XTIME to function that provides
+ * seconds since Unix epoch */
+ #ifndef XTIME
+ #error XTIME must be defined in wolfSSL settings.h
+ /* #define XTIME fnSecondsSinceEpoch */
+ #endif
+
+ /* use uTasker std library replacements where available */
+ #define STRING_USER
+ #define XMEMCPY(d,s,l) uMemcpy((d),(s),(l))
+ #define XMEMSET(b,c,l) uMemset((b),(c),(l))
+ #define XMEMCMP(s1,s2,n) uMemcmp((s1),(s2),(n))
+ #define XMEMMOVE(d,s,l) memmove((d),(s),(l))
+
+ #define XSTRLEN(s1) uStrlen((s1))
+ #define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
+ #define XSTRSTR(s1,s2) strstr((s1),(s2))
+ #define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n))
+ #define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
+ #define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n))
+ #define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n))
+ #if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) \
+ || defined(HAVE_ALPN)
+ #define XSTRTOK strtok_r
+ #endif
+#endif
+
+#ifdef WOLFSSL_EMBOS
+ #define NO_FILESYSTEM /* Not ported at this time */
+ #define USE_CERT_BUFFERS_2048 /* use when NO_FILESYSTEM */
+ #define NO_MAIN_DRIVER
+ #define NO_RC4
+ #define SINGLE_THREADED /* Not ported at this time */
+#endif
+
+#ifdef WOLFSSL_RIOT_OS
+ #define NO_WRITEV
+ #define TFM_NO_ASM
+ #define NO_FILESYSTEM
+ #define USE_CERT_BUFFERS_2048
+ #if defined(WOLFSSL_GNRC) && !defined(WOLFSSL_DTLS)
+ #define WOLFSSL_DTLS
+ #endif
+#endif
+
+#ifdef WOLFSSL_CHIBIOS
+ /* ChibiOS definitions. This file is distributed with chibiOS. */
+ #include "wolfssl_chibios.h"
+#endif
+
+#ifdef WOLFSSL_PB
+ /* PB is using older 1.2 version of Nucleus */
+ #undef WOLFSSL_NUCLEUS
+ #define WOLFSSL_NUCLEUS_1_2
+#endif
+
+#ifdef WOLFSSL_NUCLEUS_1_2
+ #define NO_WRITEV
+ #define NO_WOLFSSL_DIR
+
+ #if !defined(NO_ASN_TIME) && !defined(USER_TIME)
+ #error User must define XTIME, see manual
+ #endif
+
+ #if !defined(XMALLOC_OVERRIDE) && !defined(XMALLOC_USER)
+ extern void* nucleus_malloc(unsigned long size, void* heap, int type);
+ extern void* nucleus_realloc(void* ptr, unsigned long size, void* heap,
+ int type);
+ extern void nucleus_free(void* ptr, void* heap, int type);
+
+ #define XMALLOC(s, h, type) nucleus_malloc((s), (h), (type))
+ #define XREALLOC(p, n, h, t) nucleus_realloc((p), (n), (h), (t))
+ #define XFREE(p, h, type) nucleus_free((p), (h), (type))
+ #endif
+#endif
+
+#ifdef WOLFSSL_NRF5x
+ #define SIZEOF_LONG 4
+ #define SIZEOF_LONG_LONG 8
+ #define NO_DEV_RANDOM
+ #define NO_FILESYSTEM
+ #define NO_MAIN_DRIVER
+ #define NO_WRITEV
+ #define SINGLE_THREADED
+ #define USE_FAST_MATH
+ #define TFM_TIMING_RESISTANT
+ #define WOLFSSL_NRF51
+ #define WOLFSSL_USER_IO
+ #define NO_SESSION_CACHE
+#endif
+
+/* Micrium will use Visual Studio for compilation but not the Win32 API */
+#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \
+ !defined(FREERTOS_TCP) && !defined(EBSNET) && !defined(WOLFSSL_EROAD) && \
+ !defined(WOLFSSL_UTASKER) && !defined(INTIME_RTOS)
+ #define USE_WINDOWS_API
+#endif
+
+#if defined(WOLFSSL_uITRON4)
+
+#define XMALLOC_USER
+#include <stddef.h>
+#define ITRON_POOL_SIZE 1024*20
+extern int uITRON4_minit(size_t poolsz) ;
+extern void *uITRON4_malloc(size_t sz) ;
+extern void *uITRON4_realloc(void *p, size_t sz) ;
+extern void uITRON4_free(void *p) ;
+
+#define XMALLOC(sz, heap, type) uITRON4_malloc(sz)
+#define XREALLOC(p, sz, heap, type) uITRON4_realloc(p, sz)
+#define XFREE(p, heap, type) uITRON4_free(p)
+#endif
+
+#if defined(WOLFSSL_uTKERNEL2)
+ #ifndef NO_TKERNEL_MEM_POOL
+ #define XMALLOC_OVERRIDE
+ int uTKernel_init_mpool(unsigned int sz); /* initializing malloc pool */
+ void* uTKernel_malloc(unsigned int sz);
+ void* uTKernel_realloc(void *p, unsigned int sz);
+ void uTKernel_free(void *p);
+ #define XMALLOC(s, h, type) uTKernel_malloc((s))
+ #define XREALLOC(p, n, h, t) uTKernel_realloc((p), (n))
+ #define XFREE(p, h, type) uTKernel_free((p))
+ #endif
+
+ #ifndef NO_STDIO_FGETS_REMAP
+ #include <stdio.h>
+ #include "tm/tmonitor.h"
+
+ /* static char* gets(char *buff); */
+ static char* fgets(char *buff, int sz, XFILE fp) {
+ char * s = buff;
+ *s = '\0';
+ while (1) {
+ *s = tm_getchar(-1);
+ tm_putchar(*s);
+ if (*s == '\r') {
+ tm_putchar('\n');
+ *s = '\0';
+ break;
+ }
+ s++;
+ }
+ return buff;
+ }
+ #endif /* !NO_STDIO_FGETS_REMAP */
+#endif
+
+
+#if defined(WOLFSSL_LEANPSK) && !defined(XMALLOC_USER) && \
+ !defined(NO_WOLFSSL_MEMORY)
+ #include <stdlib.h>
+ #define XMALLOC(s, h, type) malloc((s))
+ #define XFREE(p, h, type) free((p))
+ #define XREALLOC(p, n, h, t) realloc((p), (n))
+#endif
+
+#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL)
+ #undef XMALLOC
+ #define XMALLOC yaXMALLOC
+ #undef XFREE
+ #define XFREE yaXFREE
+ #undef XREALLOC
+ #define XREALLOC yaXREALLOC
+#endif
+
+
+#ifdef FREERTOS
+ #include "FreeRTOS.h"
+
+ #if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY) && \
+ !defined(WOLFSSL_STATIC_MEMORY)
+ #define XMALLOC(s, h, type) pvPortMalloc((s))
+ #define XFREE(p, h, type) vPortFree((p))
+ /* FreeRTOS pvPortRealloc() implementation can be found here:
+ https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */
+ #if !defined(USE_FAST_MATH) || defined(HAVE_ED25519) || \
+ defined(HAVE_ED448)
+ #if defined(WOLFSSL_ESPIDF)
+ /*In IDF, realloc(p, n) is equivalent to
+ heap_caps_realloc(p, s, MALLOC_CAP_8BIT) */
+ #define XREALLOC(p, n, h, t) realloc((p), (n))
+ #else
+ #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n))
+ #endif
+ #endif
+ #endif
+
+ #ifndef NO_WRITEV
+ #define NO_WRITEV
+ #endif
+ #ifndef HAVE_SHA512
+ #ifndef NO_SHA512
+ #define NO_SHA512
+ #endif
+ #endif
+ #ifndef HAVE_DH
+ #ifndef NO_DH
+ #define NO_DH
+ #endif
+ #endif
+ #ifndef NO_DSA
+ #define NO_DSA
+ #endif
+ #ifndef NO_HC128
+ #define NO_HC128
+ #endif
+
+ #ifndef SINGLE_THREADED
+ #include "semphr.h"
+ #endif
+#endif
+
+#ifdef FREERTOS_TCP
+ #if !defined(NO_WOLFSSL_MEMORY) && !defined(XMALLOC_USER) && \
+ !defined(WOLFSSL_STATIC_MEMORY)
+ #define XMALLOC(s, h, type) pvPortMalloc((s))
+ #define XFREE(p, h, type) vPortFree((p))
+ #endif
+
+ #define WOLFSSL_GENSEED_FORTEST
+
+ #define NO_WOLFSSL_DIR
+ #define NO_WRITEV
+ #define USE_FAST_MATH
+ #define TFM_TIMING_RESISTANT
+ #define NO_MAIN_DRIVER
+#endif
+
+#ifdef WOLFSSL_TIRTOS
+ #define SIZEOF_LONG_LONG 8
+ #define NO_WRITEV
+ #define NO_WOLFSSL_DIR
+ #define USE_FAST_MATH
+ #define TFM_TIMING_RESISTANT
+ #define ECC_TIMING_RESISTANT
+ #define WC_RSA_BLINDING
+ #define NO_DEV_RANDOM
+ #define NO_FILESYSTEM
+ #define USE_CERT_BUFFERS_2048
+ #define NO_ERROR_STRINGS
+ /* Uncomment this setting if your toolchain does not offer time.h header */
+ /* #define USER_TIME */
+ #define HAVE_ECC
+ #define HAVE_ALPN
+ #define USE_WOLF_STRTOK /* use with HAVE_ALPN */
+ #define HAVE_TLS_EXTENSIONS
+ #define HAVE_AESGCM
+ #ifdef WOLFSSL_TI_CRYPT
+ #define NO_GCM_ENCRYPT_EXTRA
+ #define NO_PUBLIC_GCM_SET_IV
+ #define NO_PUBLIC_CCM_SET_NONCE
+ #endif
+ #define HAVE_SUPPORTED_CURVES
+ #define ALT_ECC_SIZE
+
+ #ifdef __IAR_SYSTEMS_ICC__
+ #pragma diag_suppress=Pa089
+ #elif !defined(__GNUC__)
+ /* Suppress the sslpro warning */
+ #pragma diag_suppress=11
+ #endif
+
+ #include <ti/sysbios/hal/Seconds.h>
+#endif
+
+#ifdef EBSNET
+ #include "rtip.h"
+
+ /* #define DEBUG_WOLFSSL */
+ #define NO_WOLFSSL_DIR /* tbd */
+
+ #if (POLLOS)
+ #define SINGLE_THREADED
+ #endif
+
+ #if (RTPLATFORM)
+ #if (!RTP_LITTLE_ENDIAN)
+ #define BIG_ENDIAN_ORDER
+ #endif
+ #else
+ #if (!KS_LITTLE_ENDIAN)
+ #define BIG_ENDIAN_ORDER
+ #endif
+ #endif
+
+ #if (WINMSP3)
+ #undef SIZEOF_LONG
+ #define SIZEOF_LONG_LONG 8
+ #else
+ #if !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
+ #error settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG
+ #endif
+ #endif
+
+ #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC))
+ #define XFREE(p, h, type) (rtp_free(p))
+ #define XREALLOC(p, n, h, t) (rtp_realloc((p), (n)))
+
+ #if (WINMSP3)
+ #define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n))
+ #else
+ #ifndef XSTRNCASECMP
+ #error settings.h - please implement XSTRNCASECMP - needed for HAVE_ECC
+ #endif
+ #endif
+
+ #define WOLFSSL_HAVE_MAX
+ #define WOLFSSL_HAVE_MIN
+
+ #define USE_FAST_MATH
+ #define TFM_TIMING_RESISTANT
+ #define WC_RSA_BLINDING
+ #define ECC_TIMING_RESISTANT
+
+ #define HAVE_ECC
+
+#endif /* EBSNET */
+
+#ifdef WOLFSSL_GAME_BUILD
+ #define SIZEOF_LONG_LONG 8
+ #if defined(__PPU) || defined(__XENON)
+ #define BIG_ENDIAN_ORDER
+ #endif
+#endif
+
+#ifdef WOLFSSL_LSR
+ #define HAVE_WEBSERVER
+ #define SIZEOF_LONG_LONG 8
+ #define WOLFSSL_LOW_MEMORY
+ #define NO_WRITEV
+ #define NO_SHA512
+ #define NO_DH
+ /* Allows use of DH with fixed points if uncommented and NO_DH is removed */
+ /* WOLFSSL_DH_CONST */
+ #define NO_DSA
+ #define NO_HC128
+ #define NO_DEV_RANDOM
+ #define NO_WOLFSSL_DIR
+ #define NO_RABBIT
+ #ifndef NO_FILESYSTEM
+ #define LSR_FS
+ #include "inc/hw_types.h"
+ #include "fs.h"
+ #endif
+ #define WOLFSSL_LWIP
+ #include <errno.h> /* for tcp errno */
+ #define WOLFSSL_SAFERTOS
+ #if defined(__IAR_SYSTEMS_ICC__)
+ /* enum uses enum */
+ #pragma diag_suppress=Pa089
+ #endif
+#endif
+
+#ifdef WOLFSSL_SAFERTOS
+ #ifndef SINGLE_THREADED
+ #include "SafeRTOS/semphr.h"
+ #endif
+ #ifndef WOLFSSL_NO_MALLOC
+ #include "SafeRTOS/heap.h"
+ #endif
+ #if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY) && \
+ !defined(WOLFSSL_STATIC_MEMORY)
+ #define XMALLOC(s, h, type) pvPortMalloc((s))
+ #define XFREE(p, h, type) vPortFree((p))
+
+ /* FreeRTOS pvPortRealloc() implementation can be found here:
+ https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */
+ #if !defined(USE_FAST_MATH) || defined(HAVE_ED25519) || \
+ defined(HAVE_ED448)
+ #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n))
+ #endif
+ #endif
+#endif
+
+#ifdef WOLFSSL_LOW_MEMORY
+ #undef RSA_LOW_MEM
+ #define RSA_LOW_MEM
+ #undef WOLFSSL_SMALL_STACK
+ #define WOLFSSL_SMALL_STACK
+ #undef TFM_TIMING_RESISTANT
+ #define TFM_TIMING_RESISTANT
+#endif
+
+/* To support storing some of the large constant tables in flash memory rather than SRAM.
+ Useful for processors that have limited SRAM, such as the AVR family of microtrollers. */
+#ifdef WOLFSSL_USE_FLASHMEM
+ /* This is supported on the avr-gcc compiler, for more information see:
+ https://gcc.gnu.org/onlinedocs/gcc/Named-Address-Spaces.html */
+ #define FLASH_QUALIFIER __flash
+
+ /* Copy data out of flash memory and into SRAM */
+ #define XMEMCPY_P(pdest, psrc, size) memcpy_P((pdest), (psrc), (size))
+#else
+ #define FLASH_QUALIFIER
+#endif
+
+#ifdef FREESCALE_MQX_5_0
+ /* use normal Freescale MQX port, but with minor changes for 5.0 */
+ #define FREESCALE_MQX
+#endif
+
+#ifdef FREESCALE_MQX_4_0
+ /* use normal Freescale MQX port, but with minor changes for 4.0 */
+ #define FREESCALE_MQX
+#endif
+
+#ifdef FREESCALE_MQX
+ #define FREESCALE_COMMON
+ #include "mqx.h"
+ #ifndef NO_FILESYSTEM
+ #include "mfs.h"
+ #if (defined(MQX_USE_IO_OLD) && MQX_USE_IO_OLD) || \
+ defined(FREESCALE_MQX_5_0)
+ #include "fio.h"
+ #define NO_STDIO_FILESYSTEM
+ #else
+ #include "nio.h"
+ #endif
+ #endif
+ #ifndef SINGLE_THREADED
+ #include "mutex.h"
+ #endif
+
+ #if !defined(XMALLOC_OVERRIDE) && !defined(XMALLOC_USER)
+ #define XMALLOC_OVERRIDE
+ #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s))
+ #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));}
+ /* Note: MQX has no realloc, using fastmath above */
+ #endif
+ #ifdef USE_FAST_MATH
+ /* Undef first to avoid re-definition if user_settings.h defines */
+ #undef TFM_TIMING_RESISTANT
+ #define TFM_TIMING_RESISTANT
+ #undef ECC_TIMING_RESISTANT
+ #define ECC_TIMING_RESISTANT
+ #undef WC_RSA_BLINDING
+ #define WC_RSA_BLINDING
+ #endif
+#endif
+
+#ifdef FREESCALE_KSDK_MQX
+ #define FREESCALE_COMMON
+ #include <mqx.h>
+ #ifndef NO_FILESYSTEM
+ #if (defined(MQX_USE_IO_OLD) && MQX_USE_IO_OLD) || \
+ defined(FREESCALE_MQX_5_0)
+ #include <fio.h>
+ #else
+ #include <stdio.h>
+ #include <nio.h>
+ #endif
+ #endif
+ #ifndef SINGLE_THREADED
+ #include <mutex.h>
+ #endif
+
+ #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s))
+ #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));}
+ #define XREALLOC(p, n, h, t) _mem_realloc((p), (n)) /* since MQX 4.1.2 */
+
+ #define MQX_FILE_PTR FILE *
+ #define IO_SEEK_SET SEEK_SET
+ #define IO_SEEK_END SEEK_END
+#endif /* FREESCALE_KSDK_MQX */
+
+#if defined(FREESCALE_FREE_RTOS) || defined(FREESCALE_KSDK_FREERTOS)
+ #define NO_FILESYSTEM
+ #define WOLFSSL_CRYPT_HW_MUTEX 1
+
+ #if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY)
+ #define XMALLOC(s, h, type) pvPortMalloc((s))
+ #define XFREE(p, h, type) vPortFree((p))
+ #endif
+
+ //#define USER_TICKS
+ /* Allows use of DH with fixed points if uncommented and NO_DH is removed */
+ /* WOLFSSL_DH_CONST */
+ #define WOLFSSL_LWIP
+ #define FREERTOS_TCP
+
+ #define FREESCALE_FREE_RTOS
+ #define FREERTOS_SOCKET_ERROR ( -1 )
+ #define FREERTOS_EWOULDBLOCK ( -2 )
+ #define FREERTOS_EINVAL ( -4 )
+ #define FREERTOS_EADDRNOTAVAIL ( -5 )
+ #define FREERTOS_EADDRINUSE ( -6 )
+ #define FREERTOS_ENOBUFS ( -7 )
+ #define FREERTOS_ENOPROTOOPT ( -8 )
+#endif /* FREESCALE_FREE_RTOS || FREESCALE_KSDK_FREERTOS */
+
+#ifdef FREESCALE_KSDK_BM
+ #define FREESCALE_COMMON
+ #define WOLFSSL_USER_IO
+ #define SINGLE_THREADED
+ #define NO_FILESYSTEM
+ #ifndef TIME_OVERRIDES
+ #define USER_TICKS
+ #endif
+#endif /* FREESCALE_KSDK_BM */
+
+#ifdef FREESCALE_COMMON
+ #define SIZEOF_LONG_LONG 8
+
+ /* disable features */
+ #undef NO_WRITEV
+ #define NO_WRITEV
+ #undef NO_DEV_RANDOM
+ #define NO_DEV_RANDOM
+ #undef NO_RABBIT
+ #define NO_RABBIT
+ #undef NO_WOLFSSL_DIR
+ #define NO_WOLFSSL_DIR
+ #undef NO_RC4
+ #define NO_RC4
+
+ /* enable features */
+ #undef USE_FAST_MATH
+ #define USE_FAST_MATH
+
+ #define USE_CERT_BUFFERS_2048
+ #define BENCH_EMBEDDED
+
+ #define TFM_TIMING_RESISTANT
+ #define ECC_TIMING_RESISTANT
+
+ #undef HAVE_ECC
+ #ifndef WOLFCRYPT_FIPS_RAND
+ #define HAVE_ECC
+ #endif
+ #ifndef NO_AES
+ #undef HAVE_AESCCM
+ #define HAVE_AESCCM
+ #undef HAVE_AESGCM
+ #define HAVE_AESGCM
+ #undef WOLFSSL_AES_COUNTER
+ #define WOLFSSL_AES_COUNTER
+ #undef WOLFSSL_AES_DIRECT
+ #define WOLFSSL_AES_DIRECT
+ #endif
+
+ #ifdef FREESCALE_KSDK_1_3
+ #include "fsl_device_registers.h"
+ #elif !defined(FREESCALE_MQX)
+ /* Classic MQX does not have fsl_common.h */
+ #include "fsl_common.h"
+ #endif
+
+ /* random seed */
+ #define NO_OLD_RNGNAME
+ #if defined(FREESCALE_NO_RNG)
+ /* nothing to define */
+ #elif defined(FSL_FEATURE_SOC_TRNG_COUNT) && (FSL_FEATURE_SOC_TRNG_COUNT > 0)
+ #define FREESCALE_KSDK_2_0_TRNG
+ #elif defined(FSL_FEATURE_SOC_RNG_COUNT) && (FSL_FEATURE_SOC_RNG_COUNT > 0)
+ #ifdef FREESCALE_KSDK_1_3
+ #include "fsl_rnga_driver.h"
+ #define FREESCALE_RNGA
+ #define RNGA_INSTANCE (0)
+ #else
+ #define FREESCALE_KSDK_2_0_RNGA
+ #endif
+ #elif !defined(FREESCALE_KSDK_BM) && !defined(FREESCALE_FREE_RTOS) && !defined(FREESCALE_KSDK_FREERTOS)
+ #define FREESCALE_RNGA
+ #define RNGA_INSTANCE (0)
+ /* defaulting to K70 RNGA, user should change if different */
+ /* #define FREESCALE_K53_RNGB */
+ #define FREESCALE_K70_RNGA
+ #endif
+
+ /* HW crypto */
+ /* automatic enable based on Kinetis feature */
+ /* if case manual selection is required, for example for benchmarking purposes,
+ * just define FREESCALE_USE_MMCAU or FREESCALE_USE_LTC or none of these two macros (for software only)
+ * both can be enabled simultaneously as LTC has priority over MMCAU in source code.
+ */
+ /* #define FSL_HW_CRYPTO_MANUAL_SELECTION */
+ #ifndef FSL_HW_CRYPTO_MANUAL_SELECTION
+ #if defined(FSL_FEATURE_SOC_MMCAU_COUNT) && FSL_FEATURE_SOC_MMCAU_COUNT
+ #define FREESCALE_USE_MMCAU
+ #endif
+
+ #if defined(FSL_FEATURE_SOC_LTC_COUNT) && FSL_FEATURE_SOC_LTC_COUNT
+ #define FREESCALE_USE_LTC
+ #endif
+ #else
+ /* #define FREESCALE_USE_MMCAU */
+ /* #define FREESCALE_USE_LTC */
+ #endif
+#endif /* FREESCALE_COMMON */
+
+/* Classic pre-KSDK mmCAU library */
+#ifdef FREESCALE_USE_MMCAU_CLASSIC
+ #define FREESCALE_USE_MMCAU
+ #define FREESCALE_MMCAU_CLASSIC
+ #define FREESCALE_MMCAU_CLASSIC_SHA
+#endif
+
+/* KSDK mmCAU library */
+#ifdef FREESCALE_USE_MMCAU
+ /* AES and DES */
+ #define FREESCALE_MMCAU
+ /* MD5, SHA-1 and SHA-256 */
+ #define FREESCALE_MMCAU_SHA
+#endif /* FREESCALE_USE_MMCAU */
+
+#ifdef FREESCALE_USE_LTC
+ #if defined(FSL_FEATURE_SOC_LTC_COUNT) && FSL_FEATURE_SOC_LTC_COUNT
+ #define FREESCALE_LTC
+ #define LTC_BASE LTC0
+
+ #if defined(FSL_FEATURE_LTC_HAS_DES) && FSL_FEATURE_LTC_HAS_DES
+ #define FREESCALE_LTC_DES
+ #endif
+
+ #if defined(FSL_FEATURE_LTC_HAS_GCM) && FSL_FEATURE_LTC_HAS_GCM
+ #define FREESCALE_LTC_AES_GCM
+ #endif
+
+ #if defined(FSL_FEATURE_LTC_HAS_SHA) && FSL_FEATURE_LTC_HAS_SHA
+ #define FREESCALE_LTC_SHA
+ #endif
+
+ #if defined(FSL_FEATURE_LTC_HAS_PKHA) && FSL_FEATURE_LTC_HAS_PKHA
+ #ifndef WOLFCRYPT_FIPS_RAND
+ #define FREESCALE_LTC_ECC
+ #endif
+ #define FREESCALE_LTC_TFM
+
+ /* the LTC PKHA hardware limit is 2048 bits (256 bytes) for integer arithmetic.
+ the LTC_MAX_INT_BYTES defines the size of local variables that hold big integers. */
+ /* size is multiplication of 2 big ints */
+ #if !defined(NO_RSA) || !defined(NO_DH)
+ #define LTC_MAX_INT_BYTES (256*2)
+ #else
+ #define LTC_MAX_INT_BYTES (48*2)
+ #endif
+
+ /* This FREESCALE_LTC_TFM_RSA_4096_ENABLE macro can be defined.
+ * In such a case both software and hardware algorithm
+ * for TFM is linked in. The decision for which algorithm is used is determined at runtime
+ * from size of inputs. If inputs and result can fit into LTC (see LTC_MAX_INT_BYTES)
+ * then we call hardware algorithm, otherwise we call software algorithm.
+ *
+ * Chinese reminder theorem is used to break RSA 4096 exponentiations (both public and private key)
+ * into several computations with 2048-bit modulus and exponents.
+ */
+ /* #define FREESCALE_LTC_TFM_RSA_4096_ENABLE */
+
+ /* ECC-384, ECC-256, ECC-224 and ECC-192 have been enabled with LTC PKHA acceleration */
+ #ifdef HAVE_ECC
+ #undef ECC_TIMING_RESISTANT
+ #define ECC_TIMING_RESISTANT
+
+ /* the LTC PKHA hardware limit is 512 bits (64 bytes) for ECC.
+ the LTC_MAX_ECC_BITS defines the size of local variables that hold ECC parameters
+ and point coordinates */
+ #ifndef LTC_MAX_ECC_BITS
+ #define LTC_MAX_ECC_BITS (384)
+ #endif
+
+ /* Enable curves up to 384 bits */
+ #if !defined(ECC_USER_CURVES) && !defined(HAVE_ALL_CURVES)
+ #define ECC_USER_CURVES
+ #define HAVE_ECC192
+ #define HAVE_ECC224
+ #undef NO_ECC256
+ #define HAVE_ECC384
+ #endif
+ #endif
+ #endif
+ #endif
+#endif /* FREESCALE_USE_LTC */
+
+#ifdef FREESCALE_LTC_TFM_RSA_4096_ENABLE
+ #undef USE_CERT_BUFFERS_4096
+ #define USE_CERT_BUFFERS_4096
+ #undef FP_MAX_BITS
+ #define FP_MAX_BITS (8192)
+ #undef SP_INT_BITS
+ #define SP_INT_BITS (4096)
+
+ #undef NO_DH
+ #define NO_DH
+ #undef NO_DSA
+ #define NO_DSA
+#endif /* FREESCALE_LTC_TFM_RSA_4096_ENABLE */
+
+/* if LTC has AES engine but doesn't have GCM, use software with LTC AES ECB mode */
+#if defined(FREESCALE_USE_LTC) && !defined(FREESCALE_LTC_AES_GCM)
+ #define GCM_TABLE
+#endif
+
+#if defined(WOLFSSL_STM32F2) || defined(WOLFSSL_STM32F4) || \
+ defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32F1) || \
+ defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5) || \
+ defined(WOLFSSL_STM32WB) || defined(WOLFSSL_STM32H7) || \
+ defined(WOLFSSL_STM32G0)
+
+ #define SIZEOF_LONG_LONG 8
+ #ifndef CHAR_BIT
+ #define CHAR_BIT 8
+ #endif
+ #define NO_DEV_RANDOM
+ #define NO_WOLFSSL_DIR
+ #undef NO_RABBIT
+ #define NO_RABBIT
+ #ifndef NO_STM32_RNG
+ #undef STM32_RNG
+ #define STM32_RNG
+ #ifdef WOLFSSL_STM32F427_RNG
+ #include "stm32f427xx.h"
+ #endif
+ #endif
+ #ifndef NO_STM32_CRYPTO
+ #undef STM32_CRYPTO
+ #define STM32_CRYPTO
+
+ #if defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5) || \
+ defined(WOLFSSL_STM32WB)
+ #define NO_AES_192 /* hardware does not support 192-bit */
+ #endif
+ #endif
+ #ifndef NO_STM32_HASH
+ #undef STM32_HASH
+ #define STM32_HASH
+ #endif
+ #if !defined(__GNUC__) && !defined(__ICCARM__)
+ #define KEIL_INTRINSICS
+ #endif
+ #define NO_OLD_RNGNAME
+ #ifdef WOLFSSL_STM32_CUBEMX
+ #if defined(WOLFSSL_STM32F1)
+ #include "stm32f1xx_hal.h"
+ #elif defined(WOLFSSL_STM32F2)
+ #include "stm32f2xx_hal.h"
+ #elif defined(WOLFSSL_STM32L5)
+ #include "stm32l5xx_hal.h"
+ #elif defined(WOLFSSL_STM32L4)
+ #include "stm32l4xx_hal.h"
+ #elif defined(WOLFSSL_STM32F4)
+ #include "stm32f4xx_hal.h"
+ #elif defined(WOLFSSL_STM32F7)
+ #include "stm32f7xx_hal.h"
+ #elif defined(WOLFSSL_STM32F1)
+ #include "stm32f1xx_hal.h"
+ #elif defined(WOLFSSL_STM32H7)
+ #include "stm32h7xx_hal.h"
+ #elif defined(WOLFSSL_STM32WB)
+ #include "stm32wbxx_hal.h"
+ #elif defined(WOLFSSL_STM32G0)
+ #include "stm32g0xx_hal.h"
+ #endif
+ #if defined(WOLFSSL_CUBEMX_USE_LL) && defined(WOLFSSL_STM32L4)
+ #include "stm32l4xx_ll_rng.h"
+ #endif
+
+ #ifndef STM32_HAL_TIMEOUT
+ #define STM32_HAL_TIMEOUT 0xFF
+ #endif
+ #else
+ #if defined(WOLFSSL_STM32F2)
+ #include "stm32f2xx.h"
+ #ifdef STM32_CRYPTO
+ #include "stm32f2xx_cryp.h"
+ #endif
+ #ifdef STM32_HASH
+ #include "stm32f2xx_hash.h"
+ #endif
+ #elif defined(WOLFSSL_STM32F4)
+ #include "stm32f4xx.h"
+ #ifdef STM32_CRYPTO
+ #include "stm32f4xx_cryp.h"
+ #endif
+ #ifdef STM32_HASH
+ #include "stm32f4xx_hash.h"
+ #endif
+ #elif defined(WOLFSSL_STM32L5)
+ #include "stm32l5xx.h"
+ #ifdef STM32_CRYPTO
+ #include "stm32l5xx_cryp.h"
+ #endif
+ #ifdef STM32_HASH
+ #include "stm32l5xx_hash.h"
+ #endif
+ #elif defined(WOLFSSL_STM32L4)
+ #include "stm32l4xx.h"
+ #ifdef STM32_CRYPTO
+ #include "stm32l4xx_cryp.h"
+ #endif
+ #ifdef STM32_HASH
+ #include "stm32l4xx_hash.h"
+ #endif
+ #elif defined(WOLFSSL_STM32F7)
+ #include "stm32f7xx.h"
+ #elif defined(WOLFSSL_STM32H7)
+ #include "stm32h7xx.h"
+ #elif defined(WOLFSSL_STM32F1)
+ #include "stm32f1xx.h"
+ #endif
+ #endif /* WOLFSSL_STM32_CUBEMX */
+#endif /* WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32L4 ||
+ WOLFSSL_STM32L5 || WOLFSSL_STM32F7 || WOLFSSL_STMWB ||
+ WOLFSSL_STM32H7 || WOLFSSL_STM32G0 */
+#ifdef WOLFSSL_DEOS
+ #include <deos.h>
+ #include <timeout.h>
+ #include <socketapi.h>
+ #include <lwip-socket.h>
+ #include <mem.h>
+ #include <string.h>
+ #include <stdlib.h> /* for rand_r: pseudo-random number generator */
+ #include <stdio.h> /* for snprintf */
+
+ /* use external memory XMALLOC, XFREE and XREALLOC functions */
+ #define XMALLOC_USER
+
+ /* disable fall-back case, malloc, realloc and free are unavailable */
+ #define WOLFSSL_NO_MALLOC
+
+ /* file system has not been ported since it is a separate product. */
+
+ #define NO_FILESYSTEM
+
+ #ifdef NO_FILESYSTEM
+ #define NO_WOLFSSL_DIR
+ #define NO_WRITEV
+ #endif
+
+ #define USE_FAST_MATH
+ #define TFM_TIMING_RESISTANT
+ #define ECC_TIMING_RESISTANT
+ #define WC_RSA_BLINDING
+
+ #define HAVE_ECC
+ #define TFM_ECC192
+ #define TFM_ECC224
+ #define TFM_ECC256
+ #define TFM_ECC384
+ #define TFM_ECC521
+
+ #define HAVE_TLS_EXTENSIONS
+ #define HAVE_SUPPORTED_CURVES
+ #define HAVE_EXTENDED_MASTER
+
+ #if (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__)
+ #define BIG_ENDIAN_ORDER
+ #else
+ #undef BIG_ENDIAN_ORDER
+ #define LITTLE_ENDIAN_ORDER
+ #endif
+#endif /* WOLFSSL_DEOS*/
+
+#ifdef MICRIUM
+ #include <stdlib.h>
+ #include <os.h>
+ #if defined(RTOS_MODULE_NET_AVAIL) || (APP_CFG_TCPIP_EN == DEF_ENABLED)
+ #include <net_cfg.h>
+ #include <net_sock.h>
+ #if (OS_VERSION < 50000)
+ #include <net_err.h>
+ #endif
+ #endif
+ #include <lib_mem.h>
+ #include <lib_math.h>
+ #include <lib_str.h>
+ #include <stdio.h>
+ #include <string.h>
+
+ #define USE_FAST_MATH
+ #define TFM_TIMING_RESISTANT
+ #define ECC_TIMING_RESISTANT
+ #define WC_RSA_BLINDING
+ #define HAVE_HASHDRBG
+
+ #define HAVE_ECC
+ #define ALT_ECC_SIZE
+ #define TFM_ECC192
+ #define TFM_ECC224
+ #define TFM_ECC256
+ #define TFM_ECC384
+ #define TFM_ECC521
+
+ #define NO_RC4
+ #define HAVE_TLS_EXTENSIONS
+ #define HAVE_SUPPORTED_CURVES
+ #define HAVE_EXTENDED_MASTER
+
+ #define NO_WOLFSSL_DIR
+ #define NO_WRITEV
+
+ #if ! defined(WOLFSSL_SILABS_SE_ACCEL) && !defined(CUSTOM_RAND_GENERATE)
+ #define CUSTOM_RAND_TYPE RAND_NBR
+ #define CUSTOM_RAND_GENERATE Math_Rand
+ #endif
+ #define STRING_USER
+ #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr)))
+ #define XSTRNCPY(pstr_dest, pstr_src, len_max) \
+ ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \
+ (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max)))
+ #define XSTRNCMP(pstr_1, pstr_2, len_max) \
+ ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \
+ (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max)))
+ #define XSTRNCASECMP(pstr_1, pstr_2, len_max) \
+ ((CPU_INT16S)Str_CmpIgnoreCase_N((CPU_CHAR *)(pstr_1), \
+ (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max)))
+ #define XSTRSTR(pstr, pstr_srch) \
+ ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \
+ (CPU_CHAR *)(pstr_srch)))
+ #define XSTRNSTR(pstr, pstr_srch, len_max) \
+ ((CPU_CHAR *)Str_Str_N((CPU_CHAR *)(pstr), \
+ (CPU_CHAR *)(pstr_srch),(CPU_SIZE_T)(len_max)))
+ #define XSTRNCAT(pstr_dest, pstr_cat, len_max) \
+ ((CPU_CHAR *)Str_Cat_N((CPU_CHAR *)(pstr_dest), \
+ (const CPU_CHAR *)(pstr_cat),(CPU_SIZE_T)(len_max)))
+ #define XMEMSET(pmem, data_val, size) \
+ ((void)Mem_Set((void *)(pmem), \
+ (CPU_INT08U) (data_val), \
+ (CPU_SIZE_T)(size)))
+ #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \
+ (void *)(psrc), (CPU_SIZE_T)(size)))
+
+ #if (OS_VERSION < 50000)
+ #define XMEMCMP(pmem_1, pmem_2, size) \
+ (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), \
+ (void *)(pmem_2), \
+ (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES)
+ #else
+ /* Work around for Micrium OS version 5.8 change in behavior
+ * that returns DEF_NO for 0 size compare
+ */
+ #define XMEMCMP(pmem_1, pmem_2, size) \
+ (( (size < 1 ) || \
+ ((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), \
+ (void *)(pmem_2), \
+ (CPU_SIZE_T)(size)) == DEF_YES)) \
+ ? 0 : 1)
+ #define XSNPRINTF snprintf
+ #endif
+
+ #define XMEMMOVE XMEMCPY
+
+ #if (OS_CFG_MUTEX_EN == DEF_DISABLED)
+ #define SINGLE_THREADED
+ #endif
+
+ #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG)
+ #define BIG_ENDIAN_ORDER
+ #else
+ #undef BIG_ENDIAN_ORDER
+ #define LITTLE_ENDIAN_ORDER
+ #endif
+#endif /* MICRIUM */
+
+#if defined(sun) || defined(__sun)
+# if defined(__SVR4) || defined(__svr4__)
+ /* Solaris */
+ #ifndef WOLFSSL_SOLARIS
+ #define WOLFSSL_SOLARIS
+ #endif
+# else
+ /* SunOS */
+# endif
+#endif
+
+#ifdef WOLFSSL_SOLARIS
+ /* Avoid naming clash with fp_zero from math.h > ieefp.h */
+ #define WOLFSSL_DH_CONST
+#endif
+
+#ifdef WOLFSSL_MCF5441X
+ #define BIG_ENDIAN_ORDER
+ #ifndef SIZEOF_LONG
+ #define SIZEOF_LONG 4
+ #endif
+ #ifndef SIZEOF_LONG_LONG
+ #define SIZEOF_LONG_LONG 8
+ #endif
+#endif
+
+#ifdef WOLFSSL_QL
+ #ifndef WOLFSSL_SEP
+ #define WOLFSSL_SEP
+ #endif
+ #ifndef OPENSSL_EXTRA
+ #define OPENSSL_EXTRA
+ #endif
+ #ifndef SESSION_CERTS
+ #define SESSION_CERTS
+ #endif
+ #ifndef HAVE_AESCCM
+ #define HAVE_AESCCM
+ #endif
+ #ifndef ATOMIC_USER
+ #define ATOMIC_USER
+ #endif
+ #ifndef WOLFSSL_DER_LOAD
+ #define WOLFSSL_DER_LOAD
+ #endif
+ #ifndef KEEP_PEER_CERT
+ #define KEEP_PEER_CERT
+ #endif
+ #ifndef HAVE_ECC
+ #define HAVE_ECC
+ #endif
+ #ifndef SESSION_INDEX
+ #define SESSION_INDEX
+ #endif
+#endif /* WOLFSSL_QL */
+
+
+#if defined(WOLFSSL_XILINX)
+ #define NO_WOLFSSL_DIR
+ #define NO_DEV_RANDOM
+ #define HAVE_AESGCM
+#endif
+
+#if defined(WOLFSSL_XILINX_CRYPT) || defined(WOLFSSL_AFALG_XILINX)
+ #if defined(WOLFSSL_ARMASM)
+ #error can not use both ARMv8 instructions and XILINX hardened crypto
+ #endif
+ #if defined(WOLFSSL_SHA3)
+ /* only SHA3-384 is supported */
+ #undef WOLFSSL_NOSHA3_224
+ #undef WOLFSSL_NOSHA3_256
+ #undef WOLFSSL_NOSHA3_512
+ #define WOLFSSL_NOSHA3_224
+ #define WOLFSSL_NOSHA3_256
+ #define WOLFSSL_NOSHA3_512
+ #endif
+ #ifdef WOLFSSL_AFALG_XILINX_AES
+ #undef WOLFSSL_AES_DIRECT
+ #define WOLFSSL_AES_DIRECT
+ #endif
+#endif /*(WOLFSSL_XILINX_CRYPT)*/
+
+#if defined(WOLFSSL_APACHE_MYNEWT)
+ #include "os/os_malloc.h"
+ #if !defined(WOLFSSL_LWIP)
+ #include <mn_socket/mn_socket.h>
+ #endif
+
+ #if !defined(SIZEOF_LONG)
+ #define SIZEOF_LONG 4
+ #endif
+ #if !defined(SIZEOF_LONG_LONG)
+ #define SIZEOF_LONG_LONG 8
+ #endif
+ #if (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__)
+ #define BIG_ENDIAN_ORDER
+ #else
+ #undef BIG_ENDIAN_ORDER
+ #define LITTLE_ENDIAN_ORDER
+ #endif
+ #define NO_WRITEV
+ #define WOLFSSL_USER_IO
+ #define SINGLE_THREADED
+ #define NO_DEV_RANDOM
+ #define NO_DH
+ #define NO_WOLFSSL_DIR
+ #define NO_ERROR_STRINGS
+ #define HAVE_ECC
+ #define NO_SESSION_CACHE
+ #define NO_ERROR_STRINGS
+ #define XMALLOC_USER
+ #define XMALLOC(sz, heap, type) os_malloc(sz)
+ #define XREALLOC(p, sz, heap, type) os_realloc(p, sz)
+ #define XFREE(p, heap, type) os_free(p)
+
+#endif /*(WOLFSSL_APACHE_MYNEWT)*/
+
+#ifdef WOLFSSL_ZEPHYR
+ #include <zephyr.h>
+ #include <sys/printk.h>
+ #include <sys/util.h>
+ #include <stdlib.h>
+
+ #define WOLFSSL_DH_CONST
+ #define WOLFSSL_HAVE_MAX
+ #define NO_WRITEV
+
+ #define USE_FLAT_BENCHMARK_H
+ #define USE_FLAT_TEST_H
+ #define EXIT_FAILURE 1
+ #define MAIN_NO_ARGS
+
+ void *z_realloc(void *ptr, size_t size);
+ #define realloc z_realloc
+
+ #ifndef CONFIG_NET_SOCKETS_POSIX_NAMES
+ #define CONFIG_NET_SOCKETS_POSIX_NAMES
+ #endif
+#endif
+
+#ifdef WOLFSSL_IMX6
+ #ifndef SIZEOF_LONG_LONG
+ #define SIZEOF_LONG_LONG 8
+ #endif
+#endif
+
+/* if defined turn on all CAAM support */
+#ifdef WOLFSSL_IMX6_CAAM
+ #undef WOLFSSL_IMX6_CAAM_RNG
+ #define WOLFSSL_IMX6_CAAM_RNG
+
+ #undef WOLFSSL_IMX6_CAAM_BLOB
+ #define WOLFSSL_IMX6_CAAM_BLOB
+
+#if defined(HAVE_AESGCM) || defined(WOLFSSL_AES_XTS)
+ /* large performance gain with HAVE_AES_ECB defined */
+ #undef HAVE_AES_ECB
+ #define HAVE_AES_ECB
+
+ //@TODO used for now until plugging in caam aes use with qnx
+ #undef WOLFSSL_AES_DIRECT
+ #define WOLFSSL_AES_DIRECT
+#endif
+#endif
+
+/* If DCP is used without SINGLE_THREADED, enforce WOLFSSL_CRYPT_HW_MUTEX */
+#if defined(WOLFSSL_IMXRT_DCP) && !defined(SINGLE_THREADED)
+ #undef WOLFSSL_CRYPT_HW_MUTEX
+ #define WOLFSSL_CRYPT_HW_MUTEX 1
+#endif
+
+#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \
+ !defined(WOLFSSL_LEANPSK) && !defined(NO_WOLFSSL_MEMORY) && \
+ !defined(XMALLOC_OVERRIDE)
+ #define USE_WOLFSSL_MEMORY
+#endif
+
+
+#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS)
+ #undef KEEP_PEER_CERT
+ #define KEEP_PEER_CERT
+#endif
+
+
+/* stream ciphers except arc4 need 32bit alignment, intel ok without */
+#ifndef XSTREAM_ALIGN
+ #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__)
+ #define NO_XSTREAM_ALIGN
+ #else
+ #define XSTREAM_ALIGN
+ #endif
+#endif
+
+/* write dup cannot be used with secure renegotiation because write dup
+ * make write side write only and read side read only */
+#if defined(HAVE_WRITE_DUP) && defined(HAVE_SECURE_RENEGOTIATION)
+ #error "WRITE DUP and SECURE RENEGOTIATION cannot both be on"
+#endif
+
+#ifdef WOLFSSL_SGX
+ #ifdef _MSC_VER
+ #define NO_RC4
+ #ifndef HAVE_FIPS
+ #define WOLFCRYPT_ONLY
+ #define NO_DES3
+ #define NO_SHA
+ #define NO_MD5
+ #else
+ #define TFM_TIMING_RESISTANT
+ #define NO_WOLFSSL_DIR
+ #define NO_WRITEV
+ #define NO_MAIN_DRIVER
+ #define WOLFSSL_LOG_PRINTF
+ #define WOLFSSL_DH_CONST
+ #endif
+ #else
+ #define HAVE_ECC
+ #define NO_WRITEV
+ #define NO_MAIN_DRIVER
+ #define USER_TICKS
+ #define WOLFSSL_LOG_PRINTF
+ #define WOLFSSL_DH_CONST
+ #endif /* _MSC_VER */
+ #if !defined(HAVE_FIPS) && !defined(NO_RSA)
+ #define WC_RSA_BLINDING
+ #endif
+
+ #define NO_FILESYSTEM
+ #define ECC_TIMING_RESISTANT
+ #define TFM_TIMING_RESISTANT
+ #define SINGLE_THREADED
+ #define NO_ASN_TIME /* can not use headers such as windows.h */
+ #define HAVE_AESGCM
+ #define USE_CERT_BUFFERS_2048
+ #define USE_FAST_MATH
+#endif /* WOLFSSL_SGX */
+
+/* FreeScale MMCAU hardware crypto has 4 byte alignment.
+ However, KSDK fsl_mmcau.h gives API with no alignment
+ requirements (4 byte alignment is managed internally by fsl_mmcau.c) */
+#ifdef FREESCALE_MMCAU
+ #ifdef FREESCALE_MMCAU_CLASSIC
+ #define WOLFSSL_MMCAU_ALIGNMENT 4
+ #else
+ #define WOLFSSL_MMCAU_ALIGNMENT 0
+ #endif
+#endif
+
+/* if using hardware crypto and have alignment requirements, specify the
+ requirement here. The record header of SSL/TLS will prevent easy alignment.
+ This hint tries to help as much as possible. */
+#ifndef WOLFSSL_GENERAL_ALIGNMENT
+ #ifdef WOLFSSL_AESNI
+ #define WOLFSSL_GENERAL_ALIGNMENT 16
+ #elif defined(XSTREAM_ALIGN)
+ #define WOLFSSL_GENERAL_ALIGNMENT 4
+ #elif defined(FREESCALE_MMCAU) || defined(FREESCALE_MMCAU_CLASSIC)
+ #define WOLFSSL_GENERAL_ALIGNMENT WOLFSSL_MMCAU_ALIGNMENT
+ #else
+ #define WOLFSSL_GENERAL_ALIGNMENT 0
+ #endif
+#endif
+
+#if defined(WOLFSSL_GENERAL_ALIGNMENT) && (WOLFSSL_GENERAL_ALIGNMENT > 0)
+ #if defined(_MSC_VER)
+ #define XGEN_ALIGN __declspec(align(WOLFSSL_GENERAL_ALIGNMENT))
+ #elif defined(__GNUC__)
+ #define XGEN_ALIGN __attribute__((aligned(WOLFSSL_GENERAL_ALIGNMENT)))
+ #else
+ #define XGEN_ALIGN
+ #endif
+#else
+ #define XGEN_ALIGN
+#endif
+
+
+#ifdef __INTEL_COMPILER
+ #pragma warning(disable:2259) /* explicit casts to smaller sizes, disable */
+#endif
+
+/* user can specify what curves they want with ECC_USER_CURVES otherwise
+ * all curves are on by default for now */
+#ifndef ECC_USER_CURVES
+ #if !defined(WOLFSSL_SP_MATH) && !defined(HAVE_ALL_CURVES)
+ #define HAVE_ALL_CURVES
+ #endif
+#endif
+
+/* The minimum allowed ECC key size */
+/* Note: 224-bits is equivelant to 2048-bit RSA */
+#ifndef ECC_MIN_KEY_SZ
+ #ifdef WOLFSSL_MIN_ECC_BITS
+ #define ECC_MIN_KEY_SZ WOLFSSL_MIN_ECC_BITS
+ #else
+ #if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION >= 2
+ /* FIPSv2 and ready (for now) includes 192-bit support */
+ #define ECC_MIN_KEY_SZ 192
+ #else
+ #define ECC_MIN_KEY_SZ 224
+ #endif
+ #endif
+#endif
+
+/* ECC Configs */
+#ifdef HAVE_ECC
+ /* By default enable Sign, Verify, DHE, Key Import and Key Export unless explicitly disabled */
+ #if !defined(NO_ECC_SIGN) && \
+ (!defined(ECC_TIMING_RESISTANT) || \
+ (defined(ECC_TIMING_RESISTANT) && !defined(WC_NO_RNG)))
+ #undef HAVE_ECC_SIGN
+ #define HAVE_ECC_SIGN
+ #endif
+ #ifndef NO_ECC_VERIFY
+ #undef HAVE_ECC_VERIFY
+ #define HAVE_ECC_VERIFY
+ #endif
+ #ifndef NO_ECC_CHECK_KEY
+ #undef HAVE_ECC_CHECK_KEY
+ #define HAVE_ECC_CHECK_KEY
+ #endif
+ #if !defined(NO_ECC_DHE) && !defined(WC_NO_RNG)
+ #undef HAVE_ECC_DHE
+ #define HAVE_ECC_DHE
+ #endif
+ #ifndef NO_ECC_KEY_IMPORT
+ #undef HAVE_ECC_KEY_IMPORT
+ #define HAVE_ECC_KEY_IMPORT
+ #endif
+ #ifndef NO_ECC_KEY_EXPORT
+ #undef HAVE_ECC_KEY_EXPORT
+ #define HAVE_ECC_KEY_EXPORT
+ #endif
+#endif /* HAVE_ECC */
+
+/* Curve25519 Configs */
+#ifdef HAVE_CURVE25519
+ /* By default enable shared secret, key export and import */
+ #ifndef NO_CURVE25519_SHARED_SECRET
+ #undef HAVE_CURVE25519_SHARED_SECRET
+ #define HAVE_CURVE25519_SHARED_SECRET
+ #endif
+ #ifndef NO_CURVE25519_KEY_EXPORT
+ #undef HAVE_CURVE25519_KEY_EXPORT
+ #define HAVE_CURVE25519_KEY_EXPORT
+ #endif
+ #ifndef NO_CURVE25519_KEY_IMPORT
+ #undef HAVE_CURVE25519_KEY_IMPORT
+ #define HAVE_CURVE25519_KEY_IMPORT
+ #endif
+#endif /* HAVE_CURVE25519 */
+
+/* Ed25519 Configs */
+#ifdef HAVE_ED25519
+ /* By default enable sign, verify, key export and import */
+ #ifndef NO_ED25519_SIGN
+ #undef HAVE_ED25519_SIGN
+ #define HAVE_ED25519_SIGN
+ #endif
+ #ifndef NO_ED25519_VERIFY
+ #undef HAVE_ED25519_VERIFY
+ #define HAVE_ED25519_VERIFY
+ #endif
+ #ifndef NO_ED25519_KEY_EXPORT
+ #undef HAVE_ED25519_KEY_EXPORT
+ #define HAVE_ED25519_KEY_EXPORT
+ #endif
+ #ifndef NO_ED25519_KEY_IMPORT
+ #undef HAVE_ED25519_KEY_IMPORT
+ #define HAVE_ED25519_KEY_IMPORT
+ #endif
+#endif /* HAVE_ED25519 */
+
+/* Curve448 Configs */
+#ifdef HAVE_CURVE448
+ /* By default enable shared secret, key export and import */
+ #ifndef NO_CURVE448_SHARED_SECRET
+ #undef HAVE_CURVE448_SHARED_SECRET
+ #define HAVE_CURVE448_SHARED_SECRET
+ #endif
+ #ifndef NO_CURVE448_KEY_EXPORT
+ #undef HAVE_CURVE448_KEY_EXPORT
+ #define HAVE_CURVE448_KEY_EXPORT
+ #endif
+ #ifndef NO_CURVE448_KEY_IMPORT
+ #undef HAVE_CURVE448_KEY_IMPORT
+ #define HAVE_CURVE448_KEY_IMPORT
+ #endif
+#endif /* HAVE_CURVE448 */
+
+/* Ed448 Configs */
+#ifdef HAVE_ED448
+ /* By default enable sign, verify, key export and import */
+ #ifndef NO_ED448_SIGN
+ #undef HAVE_ED448_SIGN
+ #define HAVE_ED448_SIGN
+ #endif
+ #ifndef NO_ED448_VERIFY
+ #undef HAVE_ED448_VERIFY
+ #define HAVE_ED448_VERIFY
+ #endif
+ #ifndef NO_ED448_KEY_EXPORT
+ #undef HAVE_ED448_KEY_EXPORT
+ #define HAVE_ED448_KEY_EXPORT
+ #endif
+ #ifndef NO_ED448_KEY_IMPORT
+ #undef HAVE_ED448_KEY_IMPORT
+ #define HAVE_ED448_KEY_IMPORT
+ #endif
+#endif /* HAVE_ED448 */
+
+/* AES Config */
+#ifndef NO_AES
+ /* By default enable all AES key sizes, decryption and CBC */
+ #ifndef AES_MAX_KEY_SIZE
+ #undef AES_MAX_KEY_SIZE
+ #define AES_MAX_KEY_SIZE 256
+ #endif
+
+ #ifndef NO_AES_128
+ #undef WOLFSSL_AES_128
+ #define WOLFSSL_AES_128
+ #endif
+ #if !defined(NO_AES_192) && AES_MAX_KEY_SIZE >= 192
+ #undef WOLFSSL_AES_192
+ #define WOLFSSL_AES_192
+ #endif
+ #if !defined(NO_AES_256) && AES_MAX_KEY_SIZE >= 256
+ #undef WOLFSSL_AES_256
+ #define WOLFSSL_AES_256
+ #endif
+ #if !defined(WOLFSSL_AES_128) && defined(HAVE_ECC_ENCRYPT)
+ #warning HAVE_ECC_ENCRYPT uses AES 128 bit keys
+ #endif
+
+ #ifndef NO_AES_DECRYPT
+ #undef HAVE_AES_DECRYPT
+ #define HAVE_AES_DECRYPT
+ #endif
+ #ifndef NO_AES_CBC
+ #undef HAVE_AES_CBC
+ #define HAVE_AES_CBC
+ #endif
+ #ifdef WOLFSSL_AES_XTS
+ /* AES-XTS makes calls to AES direct functions */
+ #ifndef WOLFSSL_AES_DIRECT
+ #define WOLFSSL_AES_DIRECT
+ #endif
+ #endif
+ #ifdef WOLFSSL_AES_CFB
+ /* AES-CFB makes calls to AES direct functions */
+ #ifndef WOLFSSL_AES_DIRECT
+ #define WOLFSSL_AES_DIRECT
+ #endif
+ #endif
+#endif
+
+#if (defined(WOLFSSL_TLS13) && defined(WOLFSSL_NO_TLS12)) || \
+ (!defined(HAVE_AES_CBC) && defined(NO_DES3) && defined(NO_RC4) && \
+ !defined(HAVE_CAMELLIA) && !defined(HAVE_IDEA) && \
+ !defined(HAVE_NULL_CIPHER) && !defined(HAVE_HC128))
+ #define WOLFSSL_AEAD_ONLY
+#endif
+
+#if !defined(NO_DH) && !defined(HAVE_FFDHE)
+ #if defined(HAVE_FFDHE_2048) || defined(HAVE_FFDHE_3072) || \
+ defined(HAVE_FFDHE_4096) || defined(HAVE_FFDHE_6144) || \
+ defined(HAVE_FFDHE_8192)
+ #define HAVE_FFDHE
+ #endif
+#endif
+#if defined(HAVE_FFDHE_8192)
+ #define MIN_FFDHE_FP_MAX_BITS 16384
+#elif defined(HAVE_FFDHE_6144)
+ #define MIN_FFDHE_FP_MAX_BITS 12288
+#elif defined(HAVE_FFDHE_4096)
+ #define MIN_FFDHE_FP_MAX_BITS 8192
+#elif defined(HAVE_FFDHE_3072)
+ #define MIN_FFDHE_FP_MAX_BITS 6144
+#elif defined(HAVE_FFDHE_2048)
+ #define MIN_FFDHE_FP_MAX_BITS 4096
+#else
+ #define MIN_FFDHE_FP_MAX_BITS 0
+#endif
+#if defined(HAVE_FFDHE) && defined(FP_MAX_BITS)
+ #if MIN_FFDHE_FP_MAX_BITS > FP_MAX_BITS
+ #error "FFDHE parameters are too large for FP_MAX_BIT as set"
+ #endif
+#endif
+#if defined(HAVE_FFDHE) && defined(SP_INT_BITS)
+ #if MIN_FFDHE_FP_MAX_BITS > SP_INT_BITS * 2
+ #error "FFDHE parameters are too large for SP_INT_BIT as set"
+ #endif
+#endif
+
+/* if desktop type system and fastmath increase default max bits */
+#if defined(WOLFSSL_X86_64_BUILD) || defined(WOLFSSL_AARCH64_BUILD)
+ #if defined(USE_FAST_MATH) && !defined(FP_MAX_BITS)
+ #if MIN_FFDHE_FP_MAX_BITS <= 8192
+ #define FP_MAX_BITS 8192
+ #else
+ #define FP_MAX_BITS MIN_FFDHE_FP_MAX_BITS
+ #endif
+ #endif
+ #if defined(WOLFSSL_SP_MATH_ALL) && !defined(SP_INT_BITS)
+ #if MIN_FFDHE_FP_MAX_BITS <= 8192
+ #define SP_INT_BITS 4096
+ #else
+ #define PS_INT_BITS MIN_FFDHE_FP_MAX_BITS / 2
+ #endif
+ #endif
+#endif
+
+/* If using the max strength build, ensure OLD TLS is disabled. */
+#ifdef WOLFSSL_MAX_STRENGTH
+ #undef NO_OLD_TLS
+ #define NO_OLD_TLS
+#endif
+
+
+/* Default AES minimum auth tag sz, allow user to override */
+#ifndef WOLFSSL_MIN_AUTH_TAG_SZ
+ #define WOLFSSL_MIN_AUTH_TAG_SZ 12
+#endif
+
+
+/* sniffer requires:
+ * static RSA cipher suites
+ * session stats and peak stats
+ */
+#ifdef WOLFSSL_SNIFFER
+ #ifndef WOLFSSL_STATIC_RSA
+ #define WOLFSSL_STATIC_RSA
+ #endif
+ #ifndef WOLFSSL_STATIC_DH
+ #define WOLFSSL_STATIC_DH
+ #endif
+ /* Allow option to be disabled. */
+ #ifndef WOLFSSL_NO_SESSION_STATS
+ #ifndef WOLFSSL_SESSION_STATS
+ #define WOLFSSL_SESSION_STATS
+ #endif
+ #ifndef WOLFSSL_PEAK_SESSIONS
+ #define WOLFSSL_PEAK_SESSIONS
+ #endif
+ #endif
+#endif
+
+/* Decode Public Key extras on by default, user can turn off with
+ * WOLFSSL_NO_DECODE_EXTRA */
+#ifndef WOLFSSL_NO_DECODE_EXTRA
+ #ifndef RSA_DECODE_EXTRA
+ #define RSA_DECODE_EXTRA
+ #endif
+ #ifndef ECC_DECODE_EXTRA
+ #define ECC_DECODE_EXTRA
+ #endif
+#endif
+
+/* C Sharp wrapper defines */
+#ifdef HAVE_CSHARP
+ #ifndef WOLFSSL_DTLS
+ #define WOLFSSL_DTLS
+ #endif
+ #undef NO_PSK
+ #undef NO_SHA256
+ #undef NO_DH
+#endif
+
+/* Asynchronous Crypto */
+#ifdef WOLFSSL_ASYNC_CRYPT
+ /* Make sure wolf events are enabled */
+ #undef HAVE_WOLF_EVENT
+ #define HAVE_WOLF_EVENT
+
+ #ifdef WOLFSSL_ASYNC_CRYPT_TEST
+ #define WC_ASYNC_DEV_SIZE 168
+ #else
+ #define WC_ASYNC_DEV_SIZE 336
+ #endif
+
+ #if !defined(HAVE_CAVIUM) && !defined(HAVE_INTEL_QA) && \
+ !defined(WOLFSSL_ASYNC_CRYPT_TEST)
+ #error No async hardware defined with WOLFSSL_ASYNC_CRYPT!
+ #endif
+
+ /* Enable ECC_CACHE_CURVE for ASYNC */
+ #if !defined(ECC_CACHE_CURVE)
+ #define ECC_CACHE_CURVE
+ #endif
+#endif /* WOLFSSL_ASYNC_CRYPT */
+#ifndef WC_ASYNC_DEV_SIZE
+ #define WC_ASYNC_DEV_SIZE 0
+#endif
+
+/* leantls checks */
+#ifdef WOLFSSL_LEANTLS
+ #ifndef HAVE_ECC
+ #error leantls build needs ECC
+ #endif
+#endif /* WOLFSSL_LEANTLS*/
+
+/* restriction with static memory */
+#ifdef WOLFSSL_STATIC_MEMORY
+ #if defined(HAVE_IO_POOL) || defined(XMALLOC_USER) || defined(NO_WOLFSSL_MEMORY)
+ #error static memory cannot be used with HAVE_IO_POOL, XMALLOC_USER or NO_WOLFSSL_MEMORY
+ #endif
+ #if !defined(WOLFSSL_SP_NO_MALLOC) && \
+ !defined(USE_FAST_MATH) && !defined(NO_BIG_INT)
+ #error The static memory option is only supported for fast math or SP with no malloc
+ #endif
+ #ifdef WOLFSSL_SMALL_STACK
+ #error static memory does not support small stack please undefine
+ #endif
+#endif /* WOLFSSL_STATIC_MEMORY */
+
+#ifdef HAVE_AES_KEYWRAP
+ #ifndef WOLFSSL_AES_DIRECT
+ #error AES key wrap requires AES direct please define WOLFSSL_AES_DIRECT
+ #endif
+#endif
+
+#ifdef HAVE_PKCS7
+ #if defined(NO_AES) && defined(NO_DES3)
+ #error PKCS7 needs either AES or 3DES enabled, please enable one
+ #endif
+ #ifndef HAVE_AES_KEYWRAP
+ #error PKCS7 requires AES key wrap please define HAVE_AES_KEYWRAP
+ #endif
+ #if defined(HAVE_ECC) && !defined(HAVE_X963_KDF)
+ #error PKCS7 requires X963 KDF please define HAVE_X963_KDF
+ #endif
+#endif
+
+#ifndef NO_PKCS12
+ #undef HAVE_PKCS12
+ #define HAVE_PKCS12
+#endif
+
+#ifndef NO_PKCS8
+ #undef HAVE_PKCS8
+ #define HAVE_PKCS8
+#endif
+
+#if !defined(NO_PBKDF1) || defined(WOLFSSL_ENCRYPTED_KEYS) || defined(HAVE_PKCS8) || defined(HAVE_PKCS12)
+ #undef HAVE_PBKDF1
+ #define HAVE_PBKDF1
+#endif
+
+#if !defined(NO_PBKDF2) || defined(HAVE_PKCS7) || defined(HAVE_SCRYPT)
+ #undef HAVE_PBKDF2
+ #define HAVE_PBKDF2
+#endif
+
+
+#if !defined(WOLFCRYPT_ONLY) && !defined(NO_OLD_TLS) && \
+ (defined(NO_SHA) || defined(NO_MD5))
+ #error old TLS requires MD5 and SHA
+#endif
+
+/* for backwards compatibility */
+#if defined(TEST_IPV6) && !defined(WOLFSSL_IPV6)
+ #define WOLFSSL_IPV6
+#endif
+
+
+#ifdef WOLFSSL_LINUXKM
+ #ifndef NO_DEV_RANDOM
+ #define NO_DEV_RANDOM
+ #endif
+ #ifndef NO_WRITEV
+ #define NO_WRITEV
+ #endif
+ #ifndef NO_FILESYSTEM
+ #define NO_FILESYSTEM
+ #endif
+ #ifndef NO_STDIO_FILESYSTEM
+ #define NO_STDIO_FILESYSTEM
+ #endif
+ #ifndef WOLFSSL_NO_SOCK
+ #define WOLFSSL_NO_SOCK
+ #endif
+ #ifndef WOLFSSL_DH_CONST
+ #define WOLFSSL_DH_CONST
+ #endif
+ #ifndef WOLFSSL_USER_IO
+ #define WOLFSSL_USER_IO
+ #endif
+ #ifndef USE_WOLF_STRTOK
+ #define USE_WOLF_STRTOK
+ #endif
+ #ifndef WOLFSSL_SP_DIV_WORD_HALF
+ #define WOLFSSL_SP_DIV_WORD_HALF
+ #endif
+ #ifndef WOLFSSL_OLD_PRIME_CHECK
+ #define WOLFSSL_OLD_PRIME_CHECK
+ #endif
+ #ifndef WOLFSSL_TEST_SUBROUTINE
+ #define WOLFSSL_TEST_SUBROUTINE static
+ #endif
+ #undef HAVE_STRINGS_H
+ #undef HAVE_ERRNO_H
+ #undef HAVE_THREAD_LS
+ #undef WOLFSSL_HAVE_MIN
+ #undef WOLFSSL_HAVE_MAX
+ #define SIZEOF_LONG 8
+ #define SIZEOF_LONG_LONG 8
+ #define CHAR_BIT 8
+ #ifndef WOLFSSL_SP_DIV_64
+ #define WOLFSSL_SP_DIV_64
+ #endif
+ #ifndef WOLFSSL_SP_DIV_WORD_HALF
+ #define WOLFSSL_SP_DIV_WORD_HALF
+ #endif
+#endif
+
+
+/* Place any other flags or defines here */
+
+#if defined(WOLFSSL_MYSQL_COMPATIBLE) && defined(_WIN32) \
+ && defined(HAVE_GMTIME_R)
+ #undef HAVE_GMTIME_R /* don't trust macro with windows */
+#endif /* WOLFSSL_MYSQL_COMPATIBLE */
+
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \
+ || defined(HAVE_LIGHTY)
+ #define SSL_OP_NO_COMPRESSION SSL_OP_NO_COMPRESSION
+ #define OPENSSL_NO_ENGINE
+ #define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT
+ #ifndef OPENSSL_EXTRA
+ #define OPENSSL_EXTRA
+ #endif
+ #ifndef HAVE_SESSION_TICKET
+ #define HAVE_SESSION_TICKET
+ #endif
+ #ifndef HAVE_OCSP
+ #define HAVE_OCSP
+ #endif
+ #ifndef KEEP_OUR_CERT
+ #define KEEP_OUR_CERT
+ #endif
+ #ifndef HAVE_SNI
+ #define HAVE_SNI
+ #endif
+#endif
+
+#ifdef HAVE_SNI
+ #define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
+#endif
+
+
+/* both CURVE and ED small math should be enabled */
+#ifdef CURVED25519_SMALL
+ #define CURVE25519_SMALL
+ #define ED25519_SMALL
+#endif
+
+/* both CURVE and ED small math should be enabled */
+#ifdef CURVED448_SMALL
+ #define CURVE448_SMALL
+ #define ED448_SMALL
+#endif
+
+
+#ifndef WOLFSSL_ALERT_COUNT_MAX
+ #define WOLFSSL_ALERT_COUNT_MAX 5
+#endif
+
+/* warning for not using harden build options (default with ./configure) */
+#ifndef WC_NO_HARDEN
+ #if (defined(USE_FAST_MATH) && !defined(TFM_TIMING_RESISTANT)) || \
+ (defined(HAVE_ECC) && !defined(ECC_TIMING_RESISTANT)) || \
+ (!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS) && \
+ !defined(WC_NO_RNG))
+
+ #ifndef _MSC_VER
+ #warning "For timing resistance / side-channel attack prevention consider using harden options"
+ #else
+ #pragma message("Warning: For timing resistance / side-channel attack prevention consider using harden options")
+ #endif
+ #endif
+#endif
+
+#if defined(NO_OLD_WC_NAMES) || defined(OPENSSL_EXTRA)
+ /* added to have compatibility with SHA256() */
+ #if !defined(NO_OLD_SHA_NAMES) && (!defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
+ #define NO_OLD_SHA_NAMES
+ #endif
+ #if !defined(NO_OLD_MD5_NAME) && (!defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
+ #define NO_OLD_MD5_NAME
+ #endif
+#endif
+
+/* switch for compatibility layer functionality. Has subparts i.e. BIO/X509
+ * When opensslextra is enabled all subparts should be turned on. */
+#ifdef OPENSSL_EXTRA
+ #undef OPENSSL_EXTRA_X509_SMALL
+ #define OPENSSL_EXTRA_X509_SMALL
+#endif /* OPENSSL_EXTRA */
+
+/* support for converting DER to PEM */
+#if (defined(WOLFSSL_KEY_GEN) && !defined(WOLFSSL_NO_DER_TO_PEM)) || \
+ defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA)
+ #undef WOLFSSL_DER_TO_PEM
+ #define WOLFSSL_DER_TO_PEM
+#endif
+
+/* keep backwards compatibility enabling encrypted private key */
+#ifndef WOLFSSL_ENCRYPTED_KEYS
+ #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
+ defined(HAVE_WEBSERVER)
+ #define WOLFSSL_ENCRYPTED_KEYS
+ #endif
+#endif
+
+/* support for disabling PEM to DER */
+#if !defined(WOLFSSL_NO_PEM) && !defined(NO_CODING)
+ #undef WOLFSSL_PEM_TO_DER
+ #define WOLFSSL_PEM_TO_DER
+#endif
+
+/* Parts of the openssl compatibility layer require peer certs */
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \
+ || defined(HAVE_LIGHTY)
+ #undef KEEP_PEER_CERT
+ #define KEEP_PEER_CERT
+#endif
+
+/* RAW hash function APIs are not implemented */
+#if defined(WOLFSSL_ARMASM) || defined(WOLFSSL_AFALG_HASH)
+ #undef WOLFSSL_NO_HASH_RAW
+ #define WOLFSSL_NO_HASH_RAW
+#endif
+
+/* XChacha not implemented with ARM assembly ChaCha */
+#if defined(WOLFSSL_ARMASM)
+ #undef HAVE_XCHACHA
+#endif
+
+#if !defined(WOLFSSL_SHA384) && !defined(WOLFSSL_SHA512) && defined(NO_AES) && \
+ !defined(WOLFSSL_SHA3)
+ #undef WOLFSSL_NO_WORD64_OPS
+ #define WOLFSSL_NO_WORD64_OPS
+#endif
+
+#if !defined(WOLFCRYPT_ONLY) && !defined(WOLFSSL_NO_TLS12)
+ #undef WOLFSSL_HAVE_PRF
+ #define WOLFSSL_HAVE_PRF
+#endif
+
+#if defined(NO_AES) && defined(NO_DES3) && !defined(HAVE_CAMELLIA) && \
+ !defined(WOLFSSL_HAVE_PRF) && defined(NO_PWDBASED) && !defined(HAVE_IDEA)
+ #undef WOLFSSL_NO_XOR_OPS
+ #define WOLFSSL_NO_XOR_OPS
+#endif
+
+#if defined(NO_ASN) && defined(WOLFCRYPT_ONLY)
+ #undef WOLFSSL_NO_INT_ENCODE
+ #define WOLFSSL_NO_INT_ENCODE
+ #undef WOLFSSL_NO_INT_DECODE
+ #define WOLFSSL_NO_INT_DECODE
+#endif
+
+#if defined(WOLFCRYPT_ONLY) && defined(WOLFSSL_RSA_VERIFY_ONLY) && \
+ defined(WC_NO_RSA_OAEP)
+ #undef WOLFSSL_NO_CT_OPS
+ #define WOLFSSL_NO_CT_OPS
+#endif
+
+#if defined(WOLFCRYPT_ONLY) && defined(NO_AES) && !defined(HAVE_CURVE25519) && \
+ !defined(HAVE_CURVE448) && defined(WC_NO_RNG) && defined(WC_NO_RSA_OAEP)
+ #undef WOLFSSL_NO_CONST_CMP
+ #define WOLFSSL_NO_CONST_CMP
+#endif
+
+#if defined(WOLFCRYPT_ONLY) && defined(NO_AES) && !defined(WOLFSSL_SHA384) && \
+ !defined(WOLFSSL_SHA512) && defined(WC_NO_RNG) && \
+ (defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
+ defined(WOLFSSL_RSA_PUBLIC_ONLY)
+ #undef WOLFSSL_NO_FORCE_ZERO
+ #define WOLFSSL_NO_FORCE_ZERO
+#endif
+
+/* Detect old cryptodev name */
+#if defined(WOLF_CRYPTO_DEV) && !defined(WOLF_CRYPTO_CB)
+ #define WOLF_CRYPTO_CB
+#endif
+
+#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_NO_SIGALG)
+ #error TLS 1.3 requires the Signature Algorithms extension to be enabled
+#endif
+
+#ifndef NO_WOLFSSL_BASE64_DECODE
+ #define WOLFSSL_BASE64_DECODE
+#endif
+
+#if defined(HAVE_EX_DATA) || defined(FORTRESS)
+ #define MAX_EX_DATA 5 /* allow for five items of ex_data */
+#endif
+
+#ifdef NO_WOLFSSL_SMALL_STACK
+ #undef WOLFSSL_SMALL_STACK
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK_STATIC
+ #undef WOLFSSL_SMALL_STACK_STATIC
+ #define WOLFSSL_SMALL_STACK_STATIC static
+#else
+ #define WOLFSSL_SMALL_STACK_STATIC
+#endif
+
+/* The client session cache requires time for timeout */
+#if defined(NO_ASN_TIME) && !defined(NO_SESSION_CACHE)
+ #define NO_SESSION_CACHE
+#endif
+
+/* Use static ECC structs for Position Independant Code (PIC) */
+#if defined(__IAR_SYSTEMS_ICC__) && defined(__ROPI__)
+ #define WOLFSSL_ECC_CURVE_STATIC
+ #define WOLFSSL_NAMES_STATIC
+ #define WOLFSSL_NO_CONSTCHARCONST
+#endif
+
+/* FIPS v1 does not support TLS v1.3 (requires RSA PSS and HKDF) */
+#if defined(HAVE_FIPS) && !defined(HAVE_FIPS_VERSION)
+ #undef WC_RSA_PSS
+ #undef WOLFSSL_TLS13
+#endif
+
+/* For FIPSv2 make sure the ECDSA encoding allows extra bytes
+ * but make sure users consider enabling it */
+#if !defined(NO_STRICT_ECDSA_LEN) && defined(HAVE_FIPS) && \
+ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
+ /* ECDSA length checks off by default for CAVP testing
+ * consider enabling strict checks in production */
+ #define NO_STRICT_ECDSA_LEN
+#endif
+
+/* Do not allow using small stack with no malloc */
+#if defined(WOLFSSL_NO_MALLOC) && \
+ (defined(WOLFSSL_SMALL_STACK) || defined(WOLFSSL_SMALL_STACK_CACHE))
+ #error Small stack cannot be used with no malloc (WOLFSSL_NO_MALLOC)
+#endif
+
+/* Enable DH Extra for QT, openssl all, openssh and static ephemeral */
+/* Allows export/import of DH key and params as DER */
+#if !defined(NO_DH) && !defined(WOLFSSL_DH_EXTRA) && \
+ (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH) || \
+ defined(WOLFSSL_STATIC_EPHEMERAL))
+ #define WOLFSSL_DH_EXTRA
+#endif
+
+/* DH Extra is not supported on FIPS v1 or v2 (is missing DhKey .pub/.priv) */
+#if defined(WOLFSSL_DH_EXTRA) && defined(HAVE_FIPS) && \
+ (!defined(HAVE_FIPS_VERSION) || HAVE_FIPS_VERSION <= 2)
+ #undef WOLFSSL_DH_EXTRA
+#endif
+
+/* Check for insecure build combination:
+ * secure renegotiation [enabled]
+ * extended master secret [disabled]
+ * session resumption [enabled]
+ */
+#if defined(HAVE_SECURE_RENEGOTIATION) && !defined(HAVE_EXTENDED_MASTER) && \
+ (defined(HAVE_SESSION_TICKET) || !defined(NO_SESSION_CACHE))
+ /* secure renegotiation requires extended master secret with resumption */
+ #ifndef _MSC_VER
+ #warning Extended master secret must be enabled with secure renegotiation and session resumption
+ #else
+ #pragma message("Warning: Extended master secret must be enabled with secure renegotiation and session resumption")
+ #endif
+
+ /* Note: "--enable-renegotiation-indication" ("HAVE_RENEGOTIATION_INDICATION")
+ * only sends the secure renegotiation extension, but is not actually supported.
+ * This was added because some TLS peers required it even if not used, so we call
+ * this "(FAKE Secure Renegotiation)"
+ */
+#endif
+
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/sha.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/sha.h
new file mode 100644
index 0000000..cc55fa0
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/sha.h
@@ -0,0 +1,193 @@
+/* sha.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/sha.h
+*/
+
+
+#ifndef WOLF_CRYPT_SHA_H
+#define WOLF_CRYPT_SHA_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifndef NO_SHA
+
+#if defined(HAVE_FIPS) && \
+ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
+ #include <wolfssl/wolfcrypt/fips.h>
+#endif /* HAVE_FIPS_VERSION >= 2 */
+
+#if defined(HAVE_FIPS) && \
+ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
+#define wc_Sha Sha
+#define WC_SHA SHA
+#define WC_SHA_BLOCK_SIZE SHA_BLOCK_SIZE
+#define WC_SHA_DIGEST_SIZE SHA_DIGEST_SIZE
+#define WC_SHA_PAD_SIZE SHA_PAD_SIZE
+
+/* for fips @wc_fips */
+#include <cyassl/ctaocrypt/sha.h>
+#endif
+
+#ifdef FREESCALE_LTC_SHA
+ #include "fsl_ltc.h"
+#endif
+
+#ifdef WOLFSSL_IMXRT_DCP
+ #include "fsl_dcp.h"
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* avoid redefinition of structs */
+#if !defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
+
+#ifdef WOLFSSL_MICROCHIP_PIC32MZ
+ #include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
+#endif
+#ifdef STM32_HASH
+ #include <wolfssl/wolfcrypt/port/st/stm32.h>
+#endif
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+#endif
+#ifdef WOLFSSL_ESP32WROOM32_CRYPT
+ #include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+#endif
+#if defined(WOLFSSL_SILABS_SE_ACCEL)
+ #include <wolfssl/wolfcrypt/port/silabs/silabs_hash.h>
+#endif
+
+#if !defined(NO_OLD_SHA_NAMES)
+ #define SHA WC_SHA
+#endif
+
+#ifndef NO_OLD_WC_NAMES
+ #define Sha wc_Sha
+ #define SHA_BLOCK_SIZE WC_SHA_BLOCK_SIZE
+ #define SHA_DIGEST_SIZE WC_SHA_DIGEST_SIZE
+ #define SHA_PAD_SIZE WC_SHA_PAD_SIZE
+#endif
+
+/* in bytes */
+enum {
+ WC_SHA = WC_HASH_TYPE_SHA,
+ WC_SHA_BLOCK_SIZE = 64,
+ WC_SHA_DIGEST_SIZE = 20,
+ WC_SHA_PAD_SIZE = 56
+};
+
+
+#if defined(WOLFSSL_TI_HASH)
+ #include "wolfssl/wolfcrypt/port/ti/ti-hash.h"
+
+#elif defined(WOLFSSL_IMX6_CAAM) && !defined(WOLFSSL_QNX_CAAM)
+ #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
+#elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
+ !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
+ #include "wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h"
+#else
+
+/* Sha digest */
+struct wc_Sha {
+#ifdef FREESCALE_LTC_SHA
+ ltc_hash_ctx_t ctx;
+#elif defined(STM32_HASH)
+ STM32_HASH_Context stmCtx;
+#elif defined(WOLFSSL_SILABS_SE_ACCEL)
+ wc_silabs_sha_t silabsCtx;
+#elif defined(WOLFSSL_IMXRT_DCP)
+ dcp_handle_t handle;
+ dcp_hash_ctx_t ctx;
+#else
+ word32 buffLen; /* in bytes */
+ word32 loLen; /* length in bytes */
+ word32 hiLen; /* length in bytes */
+ word32 buffer[WC_SHA_BLOCK_SIZE / sizeof(word32)];
+ #ifdef WOLFSSL_PIC32MZ_HASH
+ word32 digest[PIC32_DIGEST_SIZE / sizeof(word32)];
+ #else
+ word32 digest[WC_SHA_DIGEST_SIZE / sizeof(word32)];
+ #endif
+ void* heap;
+ #ifdef WOLFSSL_PIC32MZ_HASH
+ hashUpdCache cache; /* cache for updates */
+ #endif
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ WC_ASYNC_DEV asyncDev;
+ #endif /* WOLFSSL_ASYNC_CRYPT */
+ #ifdef WOLF_CRYPTO_CB
+ int devId;
+ void* devCtx; /* generic crypto callback context */
+ #endif
+#endif
+#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+ WC_ESP32SHA ctx;
+#endif
+#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
+ word32 flags; /* enum wc_HashFlags in hash.h */
+#endif
+};
+
+#ifndef WC_SHA_TYPE_DEFINED
+ typedef struct wc_Sha wc_Sha;
+ #define WC_SHA_TYPE_DEFINED
+#endif
+
+#endif /* WOLFSSL_TI_HASH */
+
+
+#endif /* HAVE_FIPS */
+
+WOLFSSL_API int wc_InitSha(wc_Sha*);
+WOLFSSL_API int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId);
+WOLFSSL_API int wc_ShaUpdate(wc_Sha*, const byte*, word32);
+WOLFSSL_API int wc_ShaFinalRaw(wc_Sha*, byte*);
+WOLFSSL_API int wc_ShaFinal(wc_Sha*, byte*);
+WOLFSSL_API void wc_ShaFree(wc_Sha*);
+
+WOLFSSL_API int wc_ShaGetHash(wc_Sha*, byte*);
+WOLFSSL_API int wc_ShaCopy(wc_Sha*, wc_Sha*);
+#if defined(OPENSSL_EXTRA)
+WOLFSSL_API int wc_ShaTransform(wc_Sha*, const byte*);
+#endif
+
+#ifdef WOLFSSL_PIC32MZ_HASH
+WOLFSSL_API void wc_ShaSizeSet(wc_Sha* sha, word32 len);
+#endif
+
+#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
+ WOLFSSL_API int wc_ShaSetFlags(wc_Sha* sha, word32 flags);
+ WOLFSSL_API int wc_ShaGetFlags(wc_Sha* sha, word32* flags);
+#endif
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* NO_SHA */
+#endif /* WOLF_CRYPT_SHA_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/sha256.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/sha256.h
new file mode 100644
index 0000000..8774472
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/sha256.h
@@ -0,0 +1,282 @@
+/* sha256.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/sha256.h
+*/
+
+
+
+#ifndef WOLF_CRYPT_SHA256_H
+#define WOLF_CRYPT_SHA256_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifndef NO_SHA256
+
+#if defined(HAVE_FIPS) && \
+ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
+ #include <wolfssl/wolfcrypt/fips.h>
+#endif /* HAVE_FIPS_VERSION >= 2 */
+
+#if defined(HAVE_FIPS) && \
+ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
+ #define wc_Sha256 Sha256
+ #define WC_SHA256 SHA256
+ #define WC_SHA256_BLOCK_SIZE SHA256_BLOCK_SIZE
+ #define WC_SHA256_DIGEST_SIZE SHA256_DIGEST_SIZE
+ #define WC_SHA256_PAD_SIZE SHA256_PAD_SIZE
+
+ #ifdef WOLFSSL_SHA224
+ #define wc_Sha224 Sha224
+ #define WC_SHA224 SHA224
+ #define WC_SHA224_BLOCK_SIZE SHA224_BLOCK_SIZE
+ #define WC_SHA224_DIGEST_SIZE SHA224_DIGEST_SIZE
+ #define WC_SHA224_PAD_SIZE SHA224_PAD_SIZE
+ #endif
+
+ /* for fips @wc_fips */
+ #include <cyassl/ctaocrypt/sha256.h>
+#endif
+
+#ifdef FREESCALE_LTC_SHA
+ #include "fsl_ltc.h"
+#endif
+
+#ifdef WOLFSSL_IMXRT_DCP
+ #include "fsl_dcp.h"
+#endif
+
+#if defined(WOLFSSL_PSOC6_CRYPTO)
+#include "cy_crypto_core_sha.h"
+#include "cy_device_headers.h"
+#include "cy_crypto_common.h"
+#include "cy_crypto_core.h"
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* avoid redefinition of structs */
+#if !defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
+
+#ifdef WOLFSSL_MICROCHIP_PIC32MZ
+ #include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
+#endif
+#ifdef STM32_HASH
+ #include <wolfssl/wolfcrypt/port/st/stm32.h>
+#endif
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+#endif
+#if defined(WOLFSSL_DEVCRYPTO) && defined(WOLFSSL_DEVCRYPTO_HASH)
+ #include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
+#endif
+#if defined(WOLFSSL_ESP32WROOM32_CRYPT)
+ #include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
+#endif
+#if defined(WOLFSSL_CRYPTOCELL)
+ #include <wolfssl/wolfcrypt/port/arm/cryptoCell.h>
+#endif
+#if defined(WOLFSSL_SILABS_SE_ACCEL)
+ #include <wolfssl/wolfcrypt/port/silabs/silabs_hash.h>
+#endif
+
+#if defined(_MSC_VER)
+ #define SHA256_NOINLINE __declspec(noinline)
+#elif defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__)
+ #define SHA256_NOINLINE __attribute__((noinline))
+#else
+ #define SHA256_NOINLINE
+#endif
+
+#if !defined(NO_OLD_SHA_NAMES)
+ #define SHA256 WC_SHA256
+#endif
+
+#ifndef NO_OLD_WC_NAMES
+ #define Sha256 wc_Sha256
+ #define SHA256_BLOCK_SIZE WC_SHA256_BLOCK_SIZE
+ #define SHA256_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
+ #define SHA256_PAD_SIZE WC_SHA256_PAD_SIZE
+#endif
+
+/* in bytes */
+enum {
+ WC_SHA256 = WC_HASH_TYPE_SHA256,
+ WC_SHA256_BLOCK_SIZE = 64,
+ WC_SHA256_DIGEST_SIZE = 32,
+ WC_SHA256_PAD_SIZE = 56
+};
+
+
+#ifdef WOLFSSL_TI_HASH
+ #include "wolfssl/wolfcrypt/port/ti/ti-hash.h"
+#elif defined(WOLFSSL_IMX6_CAAM) && !defined(WOLFSSL_QNX_CAAM)
+ #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
+#elif defined(WOLFSSL_AFALG_HASH)
+ #include "wolfssl/wolfcrypt/port/af_alg/afalg_hash.h"
+#elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
+ !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
+ #include "wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h"
+#else
+
+/* wc_Sha256 digest */
+struct wc_Sha256 {
+#ifdef FREESCALE_LTC_SHA
+ ltc_hash_ctx_t ctx;
+#elif defined(STM32_HASH_SHA2)
+ STM32_HASH_Context stmCtx;
+#elif defined(WOLFSSL_SILABS_SE_ACCEL)
+ wc_silabs_sha_t silabsCtx;
+#elif defined(WOLFSSL_IMXRT_DCP)
+ dcp_handle_t handle;
+ dcp_hash_ctx_t ctx;
+#elif defined(WOLFSSL_PSOC6_CRYPTO)
+ cy_stc_crypto_sha_state_t hash_state;
+ cy_en_crypto_sha_mode_t sha_mode;
+ cy_stc_crypto_v2_sha256_buffers_t sha_buffers;
+#else
+ /* alignment on digest and buffer speeds up ARMv8 crypto operations */
+ ALIGN16 word32 digest[WC_SHA256_DIGEST_SIZE / sizeof(word32)];
+ ALIGN16 word32 buffer[WC_SHA256_BLOCK_SIZE / sizeof(word32)];
+ word32 buffLen; /* in bytes */
+ word32 loLen; /* length in bytes */
+ word32 hiLen; /* length in bytes */
+ void* heap;
+#endif
+#ifdef WOLFSSL_PIC32MZ_HASH
+ hashUpdCache cache; /* cache for updates */
+#endif
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WC_ASYNC_DEV asyncDev;
+#endif /* WOLFSSL_ASYNC_CRYPT */
+#ifdef WOLFSSL_SMALL_STACK_CACHE
+ word32* W;
+#endif /* !FREESCALE_LTC_SHA && !STM32_HASH_SHA2 */
+#ifdef WOLFSSL_DEVCRYPTO_HASH
+ WC_CRYPTODEV ctx;
+ byte* msg;
+ word32 used;
+ word32 len;
+#endif
+#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+ WC_ESP32SHA ctx;
+#endif
+#ifdef WOLFSSL_CRYPTOCELL
+ CRYS_HASHUserContext_t ctx;
+#endif
+#ifdef WOLF_CRYPTO_CB
+ int devId;
+ void* devCtx; /* generic crypto callback context */
+#endif
+#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
+ word32 flags; /* enum wc_HashFlags in hash.h */
+#endif
+};
+
+#ifndef WC_SHA256_TYPE_DEFINED
+ typedef struct wc_Sha256 wc_Sha256;
+ #define WC_SHA256_TYPE_DEFINED
+#endif
+
+#endif
+
+#endif /* HAVE_FIPS */
+
+WOLFSSL_API int wc_InitSha256(wc_Sha256*);
+WOLFSSL_API int wc_InitSha256_ex(wc_Sha256*, void*, int);
+WOLFSSL_API int wc_Sha256Update(wc_Sha256*, const byte*, word32);
+WOLFSSL_API int wc_Sha256FinalRaw(wc_Sha256*, byte*);
+WOLFSSL_API int wc_Sha256Final(wc_Sha256*, byte*);
+WOLFSSL_API void wc_Sha256Free(wc_Sha256*);
+#if defined(OPENSSL_EXTRA)
+WOLFSSL_API int wc_Sha256Transform(wc_Sha256*, const byte*);
+#endif
+WOLFSSL_API int wc_Sha256GetHash(wc_Sha256*, byte*);
+WOLFSSL_API int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst);
+
+#ifdef WOLFSSL_PIC32MZ_HASH
+WOLFSSL_API void wc_Sha256SizeSet(wc_Sha256*, word32);
+#endif
+
+#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
+ WOLFSSL_API int wc_Sha256SetFlags(wc_Sha256* sha256, word32 flags);
+ WOLFSSL_API int wc_Sha256GetFlags(wc_Sha256* sha256, word32* flags);
+#endif
+
+#ifdef WOLFSSL_SHA224
+/* avoid redefinition of structs */
+#if !defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
+
+#if !defined(NO_OLD_SHA_NAMES)
+ #define SHA224 WC_SHA224
+#endif
+
+#ifndef NO_OLD_WC_NAMES
+ #define Sha224 wc_Sha224
+ #define SHA224_BLOCK_SIZE WC_SHA224_BLOCK_SIZE
+ #define SHA224_DIGEST_SIZE WC_SHA224_DIGEST_SIZE
+ #define SHA224_PAD_SIZE WC_SHA224_PAD_SIZE
+#endif
+
+/* in bytes */
+enum {
+ WC_SHA224 = WC_HASH_TYPE_SHA224,
+ WC_SHA224_BLOCK_SIZE = WC_SHA256_BLOCK_SIZE,
+ WC_SHA224_DIGEST_SIZE = 28,
+ WC_SHA224_PAD_SIZE = WC_SHA256_PAD_SIZE
+};
+
+
+#ifndef WC_SHA224_TYPE_DEFINED
+ typedef struct wc_Sha256 wc_Sha224;
+ #define WC_SHA224_TYPE_DEFINED
+#endif
+#endif /* HAVE_FIPS */
+
+WOLFSSL_API int wc_InitSha224(wc_Sha224*);
+WOLFSSL_API int wc_InitSha224_ex(wc_Sha224*, void*, int);
+WOLFSSL_API int wc_Sha224Update(wc_Sha224*, const byte*, word32);
+WOLFSSL_API int wc_Sha224Final(wc_Sha224*, byte*);
+WOLFSSL_API void wc_Sha224Free(wc_Sha224*);
+
+WOLFSSL_API int wc_Sha224GetHash(wc_Sha224*, byte*);
+WOLFSSL_API int wc_Sha224Copy(wc_Sha224* src, wc_Sha224* dst);
+
+#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
+ WOLFSSL_API int wc_Sha224SetFlags(wc_Sha224* sha224, word32 flags);
+ WOLFSSL_API int wc_Sha224GetFlags(wc_Sha224* sha224, word32* flags);
+#endif
+
+#endif /* WOLFSSL_SHA224 */
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* NO_SHA256 */
+#endif /* WOLF_CRYPT_SHA256_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/sha3.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/sha3.h
new file mode 100644
index 0000000..19347b0
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/sha3.h
@@ -0,0 +1,166 @@
+/* sha3.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+#ifndef WOLF_CRYPT_SHA3_H
+#define WOLF_CRYPT_SHA3_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef WOLFSSL_SHA3
+
+#ifdef HAVE_FIPS
+ /* for fips @wc_fips */
+ #include <wolfssl/wolfcrypt/fips.h>
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+#endif
+
+/* in bytes */
+enum {
+ WC_SHA3_224 = WC_HASH_TYPE_SHA3_224,
+ WC_SHA3_224_DIGEST_SIZE = 28,
+ WC_SHA3_224_COUNT = 18,
+
+ WC_SHA3_256 = WC_HASH_TYPE_SHA3_256,
+ WC_SHA3_256_DIGEST_SIZE = 32,
+ WC_SHA3_256_COUNT = 17,
+
+ WC_SHA3_384 = WC_HASH_TYPE_SHA3_384,
+ WC_SHA3_384_DIGEST_SIZE = 48,
+ WC_SHA3_384_COUNT = 13,
+
+ WC_SHA3_512 = WC_HASH_TYPE_SHA3_512,
+ WC_SHA3_512_DIGEST_SIZE = 64,
+ WC_SHA3_512_COUNT = 9,
+
+#if !defined(HAVE_SELFTEST) || \
+ defined(HAVE_SELFTEST_VERSION) && (HAVE_SELFTEST_VERSION >= 2)
+ /* These values are used for HMAC, not SHA-3 directly.
+ * They come from from FIPS PUB 202. */
+ WC_SHA3_224_BLOCK_SIZE = 144,
+ WC_SHA3_256_BLOCK_SIZE = 136,
+ WC_SHA3_384_BLOCK_SIZE = 104,
+ WC_SHA3_512_BLOCK_SIZE = 72,
+#endif
+};
+
+#ifndef NO_OLD_WC_NAMES
+ #define SHA3_224 WC_SHA3_224
+ #define SHA3_224_DIGEST_SIZE WC_SHA3_224_DIGEST_SIZE
+ #define SHA3_256 WC_SHA3_256
+ #define SHA3_256_DIGEST_SIZE WC_SHA3_256_DIGEST_SIZE
+ #define SHA3_384 WC_SHA3_384
+ #define SHA3_384_DIGEST_SIZE WC_SHA3_384_DIGEST_SIZE
+ #define SHA3_512 WC_SHA3_512
+ #define SHA3_512_DIGEST_SIZE WC_SHA3_512_DIGEST_SIZE
+ #define Sha3 wc_Sha3
+#endif
+
+
+
+#ifdef WOLFSSL_XILINX_CRYPT
+ #include "wolfssl/wolfcrypt/port/xilinx/xil-sha3.h"
+#elif defined(WOLFSSL_AFALG_XILINX_SHA3)
+ #include <wolfssl/wolfcrypt/port/af_alg/afalg_hash.h>
+#else
+
+/* Sha3 digest */
+struct wc_Sha3 {
+ /* State data that is processed for each block. */
+ word64 s[25];
+ /* Unprocessed message data. */
+ byte t[200];
+ /* Index into unprocessed data to place next message byte. */
+ byte i;
+
+ void* heap;
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WC_ASYNC_DEV asyncDev;
+#endif /* WOLFSSL_ASYNC_CRYPT */
+#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
+ word32 flags; /* enum wc_HashFlags in hash.h */
+#endif
+};
+
+#ifndef WC_SHA3_TYPE_DEFINED
+ typedef struct wc_Sha3 wc_Sha3;
+ #define WC_SHA3_TYPE_DEFINED
+#endif
+
+#endif
+
+typedef wc_Sha3 wc_Shake;
+
+
+WOLFSSL_API int wc_InitSha3_224(wc_Sha3*, void*, int);
+WOLFSSL_API int wc_Sha3_224_Update(wc_Sha3*, const byte*, word32);
+WOLFSSL_API int wc_Sha3_224_Final(wc_Sha3*, byte*);
+WOLFSSL_API void wc_Sha3_224_Free(wc_Sha3*);
+WOLFSSL_API int wc_Sha3_224_GetHash(wc_Sha3*, byte*);
+WOLFSSL_API int wc_Sha3_224_Copy(wc_Sha3* src, wc_Sha3* dst);
+
+WOLFSSL_API int wc_InitSha3_256(wc_Sha3*, void*, int);
+WOLFSSL_API int wc_Sha3_256_Update(wc_Sha3*, const byte*, word32);
+WOLFSSL_API int wc_Sha3_256_Final(wc_Sha3*, byte*);
+WOLFSSL_API void wc_Sha3_256_Free(wc_Sha3*);
+WOLFSSL_API int wc_Sha3_256_GetHash(wc_Sha3*, byte*);
+WOLFSSL_API int wc_Sha3_256_Copy(wc_Sha3* src, wc_Sha3* dst);
+
+WOLFSSL_API int wc_InitSha3_384(wc_Sha3*, void*, int);
+WOLFSSL_API int wc_Sha3_384_Update(wc_Sha3*, const byte*, word32);
+WOLFSSL_API int wc_Sha3_384_Final(wc_Sha3*, byte*);
+WOLFSSL_API void wc_Sha3_384_Free(wc_Sha3*);
+WOLFSSL_API int wc_Sha3_384_GetHash(wc_Sha3*, byte*);
+WOLFSSL_API int wc_Sha3_384_Copy(wc_Sha3* src, wc_Sha3* dst);
+
+WOLFSSL_API int wc_InitSha3_512(wc_Sha3*, void*, int);
+WOLFSSL_API int wc_Sha3_512_Update(wc_Sha3*, const byte*, word32);
+WOLFSSL_API int wc_Sha3_512_Final(wc_Sha3*, byte*);
+WOLFSSL_API void wc_Sha3_512_Free(wc_Sha3*);
+WOLFSSL_API int wc_Sha3_512_GetHash(wc_Sha3*, byte*);
+WOLFSSL_API int wc_Sha3_512_Copy(wc_Sha3* src, wc_Sha3* dst);
+
+WOLFSSL_API int wc_InitShake256(wc_Shake*, void*, int);
+WOLFSSL_API int wc_Shake256_Update(wc_Shake*, const byte*, word32);
+WOLFSSL_API int wc_Shake256_Final(wc_Shake*, byte*, word32);
+WOLFSSL_API void wc_Shake256_Free(wc_Shake*);
+WOLFSSL_API int wc_Shake256_Copy(wc_Shake* src, wc_Sha3* dst);
+
+#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
+ WOLFSSL_API int wc_Sha3_SetFlags(wc_Sha3* sha3, word32 flags);
+ WOLFSSL_API int wc_Sha3_GetFlags(wc_Sha3* sha3, word32* flags);
+#endif
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLFSSL_SHA3 */
+#endif /* WOLF_CRYPT_SHA3_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/sha512.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/sha512.h
new file mode 100644
index 0000000..81da52e
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/sha512.h
@@ -0,0 +1,256 @@
+/* sha512.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/sha512.h
+*/
+
+
+#ifndef WOLF_CRYPT_SHA512_H
+#define WOLF_CRYPT_SHA512_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
+
+
+#if defined(HAVE_FIPS) && \
+ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
+ #include <wolfssl/wolfcrypt/fips.h>
+#endif /* HAVE_FIPS_VERSION >= 2 */
+
+#if defined(HAVE_FIPS) && \
+ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
+ #ifdef WOLFSSL_SHA512
+ #define wc_Sha512 Sha512
+ #define WC_SHA512 SHA512
+ #define WC_SHA512_BLOCK_SIZE SHA512_BLOCK_SIZE
+ #define WC_SHA512_DIGEST_SIZE SHA512_DIGEST_SIZE
+ #define WC_SHA512_PAD_SIZE SHA512_PAD_SIZE
+ #endif /* WOLFSSL_SHA512 */
+ #ifdef WOLFSSL_SHA384
+ #define wc_Sha384 Sha384
+ #define WC_SHA384 SHA384
+ #define WC_SHA384_BLOCK_SIZE SHA384_BLOCK_SIZE
+ #define WC_SHA384_DIGEST_SIZE SHA384_DIGEST_SIZE
+ #define WC_SHA384_PAD_SIZE SHA384_PAD_SIZE
+ #endif /* WOLFSSL_SHA384 */
+
+ #define CYASSL_SHA512
+ #if defined(WOLFSSL_SHA384)
+ #define CYASSL_SHA384
+ #endif
+ /* for fips @wc_fips */
+ #include <cyassl/ctaocrypt/sha512.h>
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* avoid redefinition of structs */
+#if !defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+#endif
+#ifdef WOLFSSL_ESP32WROOM32_CRYPT
+ #include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+#endif
+#if defined(WOLFSSL_SILABS_SE_ACCEL)
+ #include <wolfssl/wolfcrypt/port/silabs/silabs_hash.h>
+#endif
+#if defined(WOLFSSL_PSOC6_CRYPTO)
+ #include "cy_crypto_core_sha.h"
+ #include "cy_device_headers.h"
+ #include "cy_crypto_common.h"
+ #include "cy_crypto_core.h"
+#endif
+
+#if defined(_MSC_VER)
+ #define SHA512_NOINLINE __declspec(noinline)
+#elif defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__)
+ #define SHA512_NOINLINE __attribute__((noinline))
+#else
+ #define SHA512_NOINLINE
+#endif
+
+#ifdef WOLFSSL_SHA512
+
+#if !defined(NO_OLD_SHA_NAMES)
+ #define SHA512 WC_SHA512
+#endif
+
+#if !defined(NO_OLD_WC_NAMES)
+ #define Sha512 wc_Sha512
+ #define SHA512_BLOCK_SIZE WC_SHA512_BLOCK_SIZE
+ #define SHA512_DIGEST_SIZE WC_SHA512_DIGEST_SIZE
+ #define SHA512_PAD_SIZE WC_SHA512_PAD_SIZE
+#endif
+
+#endif /* WOLFSSL_SHA512 */
+
+/* in bytes */
+enum {
+#ifdef WOLFSSL_SHA512
+ WC_SHA512 = WC_HASH_TYPE_SHA512,
+#endif
+ WC_SHA512_BLOCK_SIZE = 128,
+ WC_SHA512_DIGEST_SIZE = 64,
+ WC_SHA512_PAD_SIZE = 112
+};
+
+
+#if defined(WOLFSSL_IMX6_CAAM) && !defined(WOLFSSL_QNX_CAAM)
+ #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
+#else
+/* wc_Sha512 digest */
+struct wc_Sha512 {
+#ifdef WOLFSSL_PSOC6_CRYPTO
+ cy_stc_crypto_sha_state_t hash_state;
+ cy_en_crypto_sha_mode_t sha_mode;
+ cy_stc_crypto_v2_sha512_buffers_t sha_buffers;
+#else
+ word64 digest[WC_SHA512_DIGEST_SIZE / sizeof(word64)];
+ word64 buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64)];
+ word32 buffLen; /* in bytes */
+ word64 loLen; /* length in bytes */
+ word64 hiLen; /* length in bytes */
+ void* heap;
+#ifdef USE_INTEL_SPEEDUP
+ const byte* data;
+#endif
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WC_ASYNC_DEV asyncDev;
+#endif /* WOLFSSL_ASYNC_CRYPT */
+#ifdef WOLFSSL_SMALL_STACK_CACHE
+ word64* W;
+#endif
+#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+ WC_ESP32SHA ctx;
+#endif
+#if defined(WOLFSSL_SILABS_SE_ACCEL)
+ wc_silabs_sha_t silabsCtx;
+#endif
+#ifdef WOLF_CRYPTO_CB
+ int devId;
+ void* devCtx; /* generic crypto callback context */
+#endif
+#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
+ word32 flags; /* enum wc_HashFlags in hash.h */
+#endif
+#endif /* WOLFSSL_PSOC6_CRYPTO */
+};
+
+#ifndef WC_SHA512_TYPE_DEFINED
+ typedef struct wc_Sha512 wc_Sha512;
+ #define WC_SHA512_TYPE_DEFINED
+#endif
+#endif
+
+#endif /* HAVE_FIPS */
+
+#ifdef WOLFSSL_ARMASM
+WOLFSSL_LOCAL void Transform_Sha512_Len(wc_Sha512* sha512, const byte* data,
+ word32 len);
+#endif
+
+#ifdef WOLFSSL_SHA512
+
+
+WOLFSSL_API int wc_InitSha512(wc_Sha512*);
+WOLFSSL_API int wc_InitSha512_ex(wc_Sha512*, void*, int);
+WOLFSSL_API int wc_Sha512Update(wc_Sha512*, const byte*, word32);
+WOLFSSL_API int wc_Sha512FinalRaw(wc_Sha512*, byte*);
+WOLFSSL_API int wc_Sha512Final(wc_Sha512*, byte*);
+WOLFSSL_API void wc_Sha512Free(wc_Sha512*);
+
+WOLFSSL_API int wc_Sha512GetHash(wc_Sha512*, byte*);
+WOLFSSL_API int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst);
+
+#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
+ WOLFSSL_API int wc_Sha512SetFlags(wc_Sha512* sha512, word32 flags);
+ WOLFSSL_API int wc_Sha512GetFlags(wc_Sha512* sha512, word32* flags);
+#endif
+
+#if defined(OPENSSL_EXTRA)
+WOLFSSL_API int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data);
+#endif
+#endif /* WOLFSSL_SHA512 */
+
+#if defined(WOLFSSL_SHA384)
+
+/* avoid redefinition of structs */
+#if !defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
+
+#if !defined(NO_OLD_SHA_NAMES)
+ #define SHA384 WC_SHA384
+#endif
+
+#if !defined(NO_OLD_WC_NAMES)
+ #define Sha384 wc_Sha384
+ #define SHA384_BLOCK_SIZE WC_SHA384_BLOCK_SIZE
+ #define SHA384_DIGEST_SIZE WC_SHA384_DIGEST_SIZE
+ #define SHA384_PAD_SIZE WC_SHA384_PAD_SIZE
+#endif
+
+/* in bytes */
+enum {
+ WC_SHA384 = WC_HASH_TYPE_SHA384,
+ WC_SHA384_BLOCK_SIZE = WC_SHA512_BLOCK_SIZE,
+ WC_SHA384_DIGEST_SIZE = 48,
+ WC_SHA384_PAD_SIZE = WC_SHA512_PAD_SIZE
+};
+
+
+#ifndef WC_SHA384_TYPE_DEFINED
+ typedef struct wc_Sha512 wc_Sha384;
+ #define WC_SHA384_TYPE_DEFINED
+#endif
+#endif /* HAVE_FIPS */
+
+WOLFSSL_API int wc_InitSha384(wc_Sha384*);
+WOLFSSL_API int wc_InitSha384_ex(wc_Sha384*, void*, int);
+WOLFSSL_API int wc_Sha384Update(wc_Sha384*, const byte*, word32);
+WOLFSSL_API int wc_Sha384FinalRaw(wc_Sha384*, byte*);
+WOLFSSL_API int wc_Sha384Final(wc_Sha384*, byte*);
+WOLFSSL_API void wc_Sha384Free(wc_Sha384*);
+
+WOLFSSL_API int wc_Sha384GetHash(wc_Sha384*, byte*);
+WOLFSSL_API int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst);
+
+#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
+ WOLFSSL_API int wc_Sha384SetFlags(wc_Sha384* sha384, word32 flags);
+ WOLFSSL_API int wc_Sha384GetFlags(wc_Sha384* sha384, word32* flags);
+#endif
+
+#endif /* WOLFSSL_SHA384 */
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLFSSL_SHA512 || WOLFSSL_SHA384 */
+#endif /* WOLF_CRYPT_SHA512_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/signature.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/signature.h
new file mode 100644
index 0000000..d7c4188
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/signature.h
@@ -0,0 +1,87 @@
+/* signature.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/signature.h
+*/
+
+
+#ifndef WOLF_CRYPT_SIGNATURE_H
+#define WOLF_CRYPT_SIGNATURE_H
+
+#include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/hash.h>
+#include <wolfssl/wolfcrypt/random.h>
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+enum wc_SignatureType {
+ WC_SIGNATURE_TYPE_NONE = 0,
+ WC_SIGNATURE_TYPE_ECC = 1,
+ WC_SIGNATURE_TYPE_RSA = 2,
+ WC_SIGNATURE_TYPE_RSA_W_ENC = 3, /* Adds DER header via wc_EncodeSignature */
+};
+
+WOLFSSL_API int wc_SignatureGetSize(enum wc_SignatureType sig_type,
+ const void* key, word32 key_len);
+
+WOLFSSL_API int wc_SignatureVerifyHash(
+ enum wc_HashType hash_type, enum wc_SignatureType sig_type,
+ const byte* hash_data, word32 hash_len,
+ const byte* sig, word32 sig_len,
+ const void* key, word32 key_len);
+
+WOLFSSL_API int wc_SignatureVerify(
+ enum wc_HashType hash_type, enum wc_SignatureType sig_type,
+ const byte* data, word32 data_len,
+ const byte* sig, word32 sig_len,
+ const void* key, word32 key_len);
+
+WOLFSSL_API int wc_SignatureGenerateHash(
+ enum wc_HashType hash_type, enum wc_SignatureType sig_type,
+ const byte* hash_data, word32 hash_len,
+ byte* sig, word32 *sig_len,
+ const void* key, word32 key_len, WC_RNG* rng);
+WOLFSSL_API int wc_SignatureGenerateHash_ex(
+ enum wc_HashType hash_type, enum wc_SignatureType sig_type,
+ const byte* hash_data, word32 hash_len,
+ byte* sig, word32 *sig_len,
+ const void* key, word32 key_len, WC_RNG* rng, int verify);
+WOLFSSL_API int wc_SignatureGenerate(
+ enum wc_HashType hash_type, enum wc_SignatureType sig_type,
+ const byte* data, word32 data_len,
+ byte* sig, word32 *sig_len,
+ const void* key, word32 key_len,
+ WC_RNG* rng);
+WOLFSSL_API int wc_SignatureGenerate_ex(
+ enum wc_HashType hash_type, enum wc_SignatureType sig_type,
+ const byte* data, word32 data_len,
+ byte* sig, word32 *sig_len,
+ const void* key, word32 key_len,
+ WC_RNG* rng, int verify);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_SIGNATURE_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/srp.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/srp.h
new file mode 100644
index 0000000..fcf1f4a
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/srp.h
@@ -0,0 +1,311 @@
+/* srp.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/srp.h
+*/
+
+#ifdef WOLFCRYPT_HAVE_SRP
+
+#ifndef WOLFCRYPT_SRP_H
+#define WOLFCRYPT_SRP_H
+
+#include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/sha.h>
+#include <wolfssl/wolfcrypt/sha256.h>
+#include <wolfssl/wolfcrypt/sha512.h>
+#include <wolfssl/wolfcrypt/integer.h>
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* Select the largest available hash for the buffer size. */
+#if defined(WOLFSSL_SHA512)
+ #define SRP_MAX_DIGEST_SIZE WC_SHA512_DIGEST_SIZE
+#elif defined(WOLFSSL_SHA384)
+ #define SRP_MAX_DIGEST_SIZE WC_SHA384_DIGEST_SIZE
+#elif !defined(NO_SHA256)
+ #define SRP_MAX_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
+#elif !defined(NO_SHA)
+ #define SRP_MAX_DIGEST_SIZE WC_SHA_DIGEST_SIZE
+#else
+ #error "You have to have some kind of SHA hash if you want to use SRP."
+#endif
+
+/* Set the minimum number of bits acceptable in an SRP modulus */
+#define SRP_MODULUS_MIN_BITS 512
+
+/* Set the minimum number of bits acceptable for private keys (RFC 5054) */
+#define SRP_PRIVATE_KEY_MIN_BITS 256
+
+/* salt size for SRP password */
+#define SRP_SALT_SIZE 16
+
+/**
+ * SRP side, client or server.
+ */
+typedef enum {
+ SRP_CLIENT_SIDE = 0,
+ SRP_SERVER_SIDE = 1,
+} SrpSide;
+
+/**
+ * SRP hash type, SHA[1|256|384|512].
+ */
+typedef enum {
+ SRP_TYPE_SHA = 1,
+ SRP_TYPE_SHA256 = 2,
+ SRP_TYPE_SHA384 = 3,
+ SRP_TYPE_SHA512 = 4,
+} SrpType;
+
+
+/**
+ * SRP hash struct.
+ */
+typedef struct {
+ byte type;
+ union {
+ #ifndef NO_SHA
+ wc_Sha sha;
+ #endif
+ #ifndef NO_SHA256
+ wc_Sha256 sha256;
+ #endif
+ #ifdef WOLFSSL_SHA384
+ wc_Sha384 sha384;
+ #endif
+ #ifdef WOLFSSL_SHA512
+ wc_Sha512 sha512;
+ #endif
+ } data;
+} SrpHash;
+
+typedef struct Srp {
+ SrpSide side; /**< Client or Server, @see SrpSide. */
+ SrpType type; /**< Hash type, @see SrpType. */
+ byte* user; /**< Username, login. */
+ word32 userSz; /**< Username length. */
+ byte* salt; /**< Small salt. */
+ word32 saltSz; /**< Salt length. */
+ mp_int N; /**< Modulus. N = 2q+1, [q, N] are primes.*/
+ mp_int g; /**< Generator. A generator modulo N. */
+ byte k[SRP_MAX_DIGEST_SIZE]; /**< Multiplier parameter. k = H(N, g) */
+ mp_int auth; /**< Client: x = H(salt + H(user:pswd)) */
+ /**< Server: v = g ^ x % N */
+ mp_int priv; /**< Private ephemeral value. */
+ SrpHash client_proof; /**< Client proof. Sent to the Server. */
+ SrpHash server_proof; /**< Server proof. Sent to the Client. */
+ byte* key; /**< Session key. */
+ word32 keySz; /**< Session key length. */
+ int (*keyGenFunc_cb) (struct Srp* srp, byte* secret, word32 size);
+ /**< Function responsible for generating the session key. */
+ /**< It MUST use XMALLOC with type DYNAMIC_TYPE_SRP to allocate the */
+ /**< key buffer for this structure and set keySz to the buffer size. */
+ /**< The default function used by this implementation is a modified */
+ /**< version of t_mgf1 that uses the proper hash function according */
+ /**< to srp->type. */
+ void* heap; /**< heap hint pointer */
+} Srp;
+
+/**
+ * Initializes the Srp struct for usage.
+ *
+ * @param[out] srp the Srp structure to be initialized.
+ * @param[in] type the hash type to be used.
+ * @param[in] side the side of the communication.
+ *
+ * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
+ */
+WOLFSSL_API int wc_SrpInit(Srp* srp, SrpType type, SrpSide side);
+
+/**
+ * Releases the Srp struct resources after usage.
+ *
+ * @param[in,out] srp the Srp structure to be terminated.
+ */
+WOLFSSL_API void wc_SrpTerm(Srp* srp);
+
+/**
+ * Sets the username.
+ *
+ * This function MUST be called after wc_SrpInit.
+ *
+ * @param[in,out] srp the Srp structure.
+ * @param[in] username the buffer containing the username.
+ * @param[in] size the username size in bytes
+ *
+ * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
+ */
+WOLFSSL_API int wc_SrpSetUsername(Srp* srp, const byte* username, word32 size);
+
+
+/**
+ * Sets the srp parameters based on the username.
+ *
+ * This function MUST be called after wc_SrpSetUsername.
+ *
+ * @param[in,out] srp the Srp structure.
+ * @param[in] N the Modulus. N = 2q+1, [q, N] are primes.
+ * @param[in] nSz the N size in bytes.
+ * @param[in] g the Generator modulo N.
+ * @param[in] gSz the g size in bytes
+ * @param[in] salt a small random salt. Specific for each username.
+ * @param[in] saltSz the salt size in bytes
+ *
+ * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
+ */
+WOLFSSL_API int wc_SrpSetParams(Srp* srp, const byte* N, word32 nSz,
+ const byte* g, word32 gSz,
+ const byte* salt, word32 saltSz);
+
+/**
+ * Sets the password.
+ *
+ * Setting the password does not persists the clear password data in the
+ * srp structure. The client calculates x = H(salt + H(user:pswd)) and stores
+ * it in the auth field.
+ *
+ * This function MUST be called after wc_SrpSetParams and is CLIENT SIDE ONLY.
+ *
+ * @param[in,out] srp the Srp structure.
+ * @param[in] password the buffer containing the password.
+ * @param[in] size the password size in bytes.
+ *
+ * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
+ */
+WOLFSSL_API int wc_SrpSetPassword(Srp* srp, const byte* password, word32 size);
+
+/**
+ * Sets the verifier.
+ *
+ * This function MUST be called after wc_SrpSetParams and is SERVER SIDE ONLY.
+ *
+ * @param[in,out] srp the Srp structure.
+ * @param[in] verifier the buffer containing the verifier.
+ * @param[in] size the verifier size in bytes.
+ *
+ * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
+ */
+WOLFSSL_API int wc_SrpSetVerifier(Srp* srp, const byte* verifier, word32 size);
+
+/**
+ * Gets the verifier.
+ *
+ * The client calculates the verifier with v = g ^ x % N.
+ * This function MAY be called after wc_SrpSetPassword and is CLIENT SIDE ONLY.
+ *
+ * @param[in,out] srp the Srp structure.
+ * @param[out] verifier the buffer to write the verifier.
+ * @param[in,out] size the buffer size in bytes. Will be updated with the
+ * verifier size.
+ *
+ * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
+ */
+WOLFSSL_API int wc_SrpGetVerifier(Srp* srp, byte* verifier, word32* size);
+
+/**
+ * Sets the private ephemeral value.
+ *
+ * The private ephemeral value is known as:
+ * a at the client side. a = random()
+ * b at the server side. b = random()
+ * This function is handy for unit test cases or if the developer wants to use
+ * an external random source to set the ephemeral value.
+ * This function MAY be called before wc_SrpGetPublic.
+ *
+ * @param[in,out] srp the Srp structure.
+ * @param[in] priv the ephemeral value.
+ * @param[in] size the private size in bytes.
+ *
+ * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
+ */
+WOLFSSL_API int wc_SrpSetPrivate(Srp* srp, const byte* priv, word32 size);
+
+/**
+ * Gets the public ephemeral value.
+ *
+ * The public ephemeral value is known as:
+ * A at the client side. A = g ^ a % N
+ * B at the server side. B = (k * v + (g ^ b % N)) % N
+ * This function MUST be called after wc_SrpSetPassword or wc_SrpSetVerifier.
+ *
+ * @param[in,out] srp the Srp structure.
+ * @param[out] pub the buffer to write the public ephemeral value.
+ * @param[in,out] size the the buffer size in bytes. Will be updated with
+ * the ephemeral value size.
+ *
+ * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
+ */
+WOLFSSL_API int wc_SrpGetPublic(Srp* srp, byte* pub, word32* size);
+
+
+/**
+ * Computes the session key.
+ *
+ * The key can be accessed at srp->key after success.
+ *
+ * @param[in,out] srp the Srp structure.
+ * @param[in] clientPubKey the client's public ephemeral value.
+ * @param[in] clientPubKeySz the client's public ephemeral value size.
+ * @param[in] serverPubKey the server's public ephemeral value.
+ * @param[in] serverPubKeySz the server's public ephemeral value size.
+ *
+ * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
+ */
+WOLFSSL_API int wc_SrpComputeKey(Srp* srp,
+ byte* clientPubKey, word32 clientPubKeySz,
+ byte* serverPubKey, word32 serverPubKeySz);
+
+/**
+ * Gets the proof.
+ *
+ * This function MUST be called after wc_SrpComputeKey.
+ *
+ * @param[in,out] srp the Srp structure.
+ * @param[out] proof the buffer to write the proof.
+ * @param[in,out] size the buffer size in bytes. Will be updated with the
+ * proof size.
+ *
+ * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
+ */
+WOLFSSL_API int wc_SrpGetProof(Srp* srp, byte* proof, word32* size);
+
+/**
+ * Verifies the peers proof.
+ *
+ * This function MUST be called before wc_SrpGetSessionKey.
+ *
+ * @param[in,out] srp the Srp structure.
+ * @param[in] proof the peers proof.
+ * @param[in] size the proof size in bytes.
+ *
+ * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
+ */
+WOLFSSL_API int wc_SrpVerifyPeersProof(Srp* srp, byte* proof, word32 size);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLFCRYPT_SRP_H */
+#endif /* WOLFCRYPT_HAVE_SRP */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/tfm.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/tfm.h
new file mode 100644
index 0000000..cc96e3b
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/tfm.h
@@ -0,0 +1,859 @@
+/* tfm.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+
+/*
+ * Based on public domain TomsFastMath 0.10 by Tom St Denis, tomstdenis@iahu.ca,
+ * http://math.libtomcrypt.com
+ */
+
+
+/**
+ * Edited by Moises Guimaraes (moises.guimaraes@phoebus.com.br)
+ * to fit CyaSSL's needs.
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/tfm.h
+*/
+
+#ifndef WOLF_CRYPT_TFM_H
+#define WOLF_CRYPT_TFM_H
+
+#include <wolfssl/wolfcrypt/types.h>
+#ifndef CHAR_BIT
+ #include <limits.h>
+#endif
+
+#include <wolfssl/wolfcrypt/random.h>
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#ifdef WOLFSSL_NO_ASM
+ #undef TFM_NO_ASM
+ #define TFM_NO_ASM
+#endif
+
+#ifdef NO_64BIT
+ #undef NO_TFM_64BIT
+ #define NO_TFM_64BIT
+#endif
+
+#ifndef NO_TFM_64BIT
+/* autodetect x86-64 and make sure we are using 64-bit digits with x86-64 asm */
+#if defined(__x86_64__)
+ #if defined(TFM_X86) || defined(TFM_SSE2) || defined(TFM_ARM)
+ #error x86-64 detected, x86-32/SSE2/ARM optimizations are not valid!
+ #endif
+ #if !defined(TFM_X86_64) && !defined(TFM_NO_ASM)
+ #define TFM_X86_64
+ #endif
+#endif
+#if defined(__aarch64__) && defined(__APPLE__)
+ #if !defined(TFM_AARCH_64) && !defined(TFM_NO_ASM)
+ #define TFM_AARCH_64
+ #endif
+#endif
+#if defined(TFM_X86_64) || defined(TFM_AARCH_64)
+ #if !defined(FP_64BIT)
+ #define FP_64BIT
+ #endif
+#endif
+/* use 64-bit digit even if not using asm on x86_64 */
+#if defined(__x86_64__) && !defined(FP_64BIT)
+ #define FP_64BIT
+#endif
+/* if intel compiler doesn't provide 128 bit type don't turn on 64bit */
+#if defined(FP_64BIT) && defined(__INTEL_COMPILER) && !defined(HAVE___UINT128_T)
+ #undef FP_64BIT
+ #undef TFM_X86_64
+#endif
+#endif /* NO_TFM_64BIT */
+
+/* try to detect x86-32 */
+#if defined(__i386__) && !defined(TFM_SSE2)
+ #if defined(TFM_X86_64) || defined(TFM_ARM)
+ #error x86-32 detected, x86-64/ARM optimizations are not valid!
+ #endif
+ #if !defined(TFM_X86) && !defined(TFM_NO_ASM)
+ #define TFM_X86
+ #endif
+#endif
+
+/* make sure we're 32-bit for x86-32/sse/arm/ppc32 */
+#if (defined(TFM_X86) || defined(TFM_SSE2) || defined(TFM_ARM) || defined(TFM_PPC32)) && defined(FP_64BIT)
+ #warning x86-32, SSE2 and ARM, PPC32 optimizations require 32-bit digits (undefining)
+ #undef FP_64BIT
+#endif
+
+/* multi asms? */
+#ifdef TFM_X86
+ #define TFM_ASM
+#endif
+#ifdef TFM_X86_64
+ #ifdef TFM_ASM
+ #error TFM_ASM already defined!
+ #endif
+ #define TFM_ASM
+#endif
+#ifdef TFM_SSE2
+ #ifdef TFM_ASM
+ #error TFM_ASM already defined!
+ #endif
+ #define TFM_ASM
+#endif
+#ifdef TFM_ARM
+ #ifdef TFM_ASM
+ #error TFM_ASM already defined!
+ #endif
+ #define TFM_ASM
+#endif
+#ifdef TFM_PPC32
+ #ifdef TFM_ASM
+ #error TFM_ASM already defined!
+ #endif
+ #define TFM_ASM
+#endif
+#ifdef TFM_PPC64
+ #ifdef TFM_ASM
+ #error TFM_ASM already defined!
+ #endif
+ #define TFM_ASM
+#endif
+#ifdef TFM_AVR32
+ #ifdef TFM_ASM
+ #error TFM_ASM already defined!
+ #endif
+ #define TFM_ASM
+#endif
+
+/* we want no asm? */
+#ifdef TFM_NO_ASM
+ #undef TFM_X86
+ #undef TFM_X86_64
+ #undef TFM_SSE2
+ #undef TFM_ARM
+ #undef TFM_PPC32
+ #undef TFM_PPC64
+ #undef TFM_AVR32
+ #undef TFM_ASM
+#endif
+
+/* ECC helpers */
+#ifdef TFM_ECC192
+ #ifdef FP_64BIT
+ #define TFM_MUL3
+ #define TFM_SQR3
+ #else
+ #define TFM_MUL6
+ #define TFM_SQR6
+ #endif
+#endif
+
+#ifdef TFM_ECC224
+ #ifdef FP_64BIT
+ #define TFM_MUL4
+ #define TFM_SQR4
+ #else
+ #define TFM_MUL7
+ #define TFM_SQR7
+ #endif
+#endif
+
+#ifdef TFM_ECC256
+ #ifdef FP_64BIT
+ #define TFM_MUL4
+ #define TFM_SQR4
+ #else
+ #define TFM_MUL8
+ #define TFM_SQR8
+ #endif
+#endif
+
+#ifdef TFM_ECC384
+ #ifdef FP_64BIT
+ #define TFM_MUL6
+ #define TFM_SQR6
+ #else
+ #define TFM_MUL12
+ #define TFM_SQR12
+ #endif
+#endif
+
+#ifdef TFM_ECC521
+ #ifdef FP_64BIT
+ #define TFM_MUL9
+ #define TFM_SQR9
+ #else
+ #define TFM_MUL17
+ #define TFM_SQR17
+ #endif
+#endif
+
+
+/* allow user to define on fp_digit, fp_word types */
+#ifndef WOLFSSL_BIGINT_TYPES
+
+/* some default configurations.
+ */
+#if defined(WC_16BIT_CPU)
+ typedef unsigned int fp_digit;
+ #define SIZEOF_FP_DIGIT 2
+ typedef unsigned long fp_word;
+#elif defined(FP_64BIT)
+ /* for GCC only on supported platforms */
+ typedef unsigned long long fp_digit; /* 64bit, 128 uses mode(TI) below */
+ #define SIZEOF_FP_DIGIT 8
+ typedef unsigned long fp_word __attribute__ ((mode(TI)));
+#else
+
+ #ifndef NO_TFM_64BIT
+ #if defined(_MSC_VER) || defined(__BORLANDC__)
+ typedef unsigned __int64 ulong64;
+ #else
+ typedef unsigned long long ulong64;
+ #endif
+ typedef unsigned int fp_digit;
+ #define SIZEOF_FP_DIGIT 4
+ typedef ulong64 fp_word;
+ #define FP_32BIT
+ #else
+ /* some procs like coldfire prefer not to place multiply into 64bit type
+ even though it exists */
+ typedef unsigned short fp_digit;
+ #define SIZEOF_FP_DIGIT 2
+ typedef unsigned int fp_word;
+ #endif
+#endif
+
+#endif /* WOLFSSL_BIGINT_TYPES */
+
+
+/* # of digits this is */
+#define DIGIT_BIT ((CHAR_BIT) * SIZEOF_FP_DIGIT)
+
+/* Max size of any number in bits. Basically the largest size you will be
+ * multiplying should be half [or smaller] of FP_MAX_SIZE-four_digit
+ *
+ * It defaults to 4096-bits [allowing multiplications up to 2048x2048 bits ]
+ */
+
+
+#ifndef FP_MAX_BITS
+ #define FP_MAX_BITS 4096
+#endif
+#ifdef WOLFSSL_OPENSSH
+ /* OpenSSH uses some BIG primes so we need to accommodate for that */
+ #undef FP_MAX_BITS
+ #define FP_MAX_BITS 16384
+#endif
+#define FP_MAX_SIZE (FP_MAX_BITS+(8*DIGIT_BIT))
+
+/* will this lib work? */
+#if (CHAR_BIT & 7)
+ #error CHAR_BIT must be a multiple of eight.
+#endif
+#if FP_MAX_BITS % CHAR_BIT
+ #error FP_MAX_BITS must be a multiple of CHAR_BIT
+#endif
+
+#define FP_MASK (fp_digit)(-1)
+#define FP_DIGIT_MAX FP_MASK
+#define FP_SIZE (FP_MAX_SIZE/DIGIT_BIT)
+
+#define FP_MAX_PRIME_SIZE (FP_MAX_BITS/(2*CHAR_BIT))
+/* In terms of FP_MAX_BITS, it is double the size possible for a number
+ * to allow for multiplication, divide that 2 out. Also divide by CHAR_BIT
+ * to convert from bits to bytes. (Note, FP_PRIME_SIZE is the number of
+ * values in the canned prime number list.) */
+
+/* signs */
+#define FP_ZPOS 0
+#define FP_NEG 1
+
+/* return codes */
+#define FP_OKAY 0
+#define FP_VAL -1
+#define FP_MEM -2
+#define FP_NOT_INF -3
+#define FP_WOULDBLOCK -4
+
+/* equalities */
+#define FP_LT -1 /* less than */
+#define FP_EQ 0 /* equal to */
+#define FP_GT 1 /* greater than */
+
+/* replies */
+#define FP_YES 1 /* yes response */
+#define FP_NO 0 /* no response */
+
+#ifdef HAVE_WOLF_BIGINT
+ /* raw big integer */
+ typedef struct WC_BIGINT {
+ byte* buf;
+ word32 len;
+ void* heap;
+ } WC_BIGINT;
+ #define WOLF_BIGINT_DEFINED
+#endif
+
+/* a FP type */
+typedef struct fp_int {
+ int used;
+ int sign;
+#if defined(ALT_ECC_SIZE) || defined(HAVE_WOLF_BIGINT)
+ int size;
+#endif
+ fp_digit dp[FP_SIZE];
+
+#ifdef HAVE_WOLF_BIGINT
+ struct WC_BIGINT raw; /* unsigned binary (big endian) */
+#endif
+} fp_int;
+
+/* Types */
+typedef fp_digit mp_digit;
+typedef fp_word mp_word;
+typedef fp_int mp_int;
+
+
+/* wolf big int and common functions */
+#include <wolfssl/wolfcrypt/wolfmath.h>
+
+
+/* externally define this symbol to ignore the default settings, useful for changing the build from the make process */
+#ifndef TFM_ALREADY_SET
+
+/* do we want the large set of small multiplications ?
+ Enable these if you are going to be doing a lot of small (<= 16 digit) multiplications say in ECC
+ Or if you're on a 64-bit machine doing RSA as a 1024-bit integer == 16 digits ;-)
+ */
+/* need to refactor the function */
+/*#define TFM_SMALL_SET */
+
+/* do we want huge code
+ Enable these if you are doing 20, 24, 28, 32, 48, 64 digit multiplications (useful for RSA)
+ Less important on 64-bit machines as 32 digits == 2048 bits
+ */
+#if 0
+#define TFM_MUL3
+#define TFM_MUL4
+#define TFM_MUL6
+#define TFM_MUL7
+#define TFM_MUL8
+#define TFM_MUL9
+#define TFM_MUL12
+#define TFM_MUL17
+#endif
+#ifdef TFM_HUGE_SET
+#define TFM_MUL20
+#define TFM_MUL24
+#define TFM_MUL28
+#define TFM_MUL32
+#if (FP_MAX_BITS >= 6144) && defined(FP_64BIT)
+ #define TFM_MUL48
+#endif
+#if (FP_MAX_BITS >= 8192) && defined(FP_64BIT)
+ #define TFM_MUL64
+#endif
+#endif
+
+#if 0
+#define TFM_SQR3
+#define TFM_SQR4
+#define TFM_SQR6
+#define TFM_SQR7
+#define TFM_SQR8
+#define TFM_SQR9
+#define TFM_SQR12
+#define TFM_SQR17
+#endif
+#ifdef TFM_HUGE_SET
+#define TFM_SQR20
+#define TFM_SQR24
+#define TFM_SQR28
+#define TFM_SQR32
+#define TFM_SQR48
+#define TFM_SQR64
+#endif
+
+/* Optional math checks (enable WOLFSSL_DEBUG_MATH to print info) */
+/* #define TFM_CHECK */
+
+/* Is the target a P4 Prescott
+ */
+/* #define TFM_PRESCOTT */
+
+/* Do we want timing resistant fp_exptmod() ?
+ * This makes it slower but also timing invariant with respect to the exponent
+ */
+/* #define TFM_TIMING_RESISTANT */
+
+#endif /* TFM_ALREADY_SET */
+
+/* functions */
+
+/* returns a TFM ident string useful for debugging... */
+/*const char *fp_ident(void);*/
+
+/* initialize [or zero] an fp int */
+void fp_init(fp_int *a);
+MP_API void fp_zero(fp_int *a);
+MP_API void fp_clear(fp_int *a); /* uses ForceZero to clear sensitive memory */
+MP_API void fp_forcezero (fp_int * a);
+MP_API void fp_free(fp_int* a);
+
+/* zero/one/even/odd/neg/word ? */
+#define fp_iszero(a) (((a)->used == 0) ? FP_YES : FP_NO)
+#define fp_isone(a) \
+ ((((a)->used == 1) && ((a)->dp[0] == 1) && ((a)->sign == FP_ZPOS)) \
+ ? FP_YES : FP_NO)
+#define fp_iseven(a) \
+ (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? FP_YES : FP_NO)
+#define fp_isodd(a) \
+ (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? FP_YES : FP_NO)
+#define fp_isneg(a) (((a)->sign != FP_ZPOS) ? FP_YES : FP_NO)
+#define fp_isword(a, w) \
+ (((((a)->used == 1) && ((a)->dp[0] == w)) || \
+ ((w == 0) && ((a)->used == 0))) ? FP_YES : FP_NO)
+
+/* set to a small digit */
+void fp_set(fp_int *a, fp_digit b);
+int fp_set_int(fp_int *a, unsigned long b);
+
+/* check if a bit is set */
+int fp_is_bit_set(fp_int *a, fp_digit b);
+/* set the b bit to 1 */
+int fp_set_bit (fp_int * a, fp_digit b);
+
+/* copy from a to b */
+void fp_copy(const fp_int *a, fp_int *b);
+void fp_init_copy(fp_int *a, fp_int *b);
+
+/* clamp digits */
+#define fp_clamp(a) { while ((a)->used && (a)->dp[(a)->used-1] == 0) --((a)->used); (a)->sign = (a)->used ? (a)->sign : FP_ZPOS; }
+#define mp_clamp(a) fp_clamp(a)
+#define mp_grow(a,s) MP_OKAY
+
+/* negate and absolute */
+#define fp_neg(a, b) { fp_copy(a, b); (b)->sign ^= 1; fp_clamp(b); }
+#define fp_abs(a, b) { fp_copy(a, b); (b)->sign = 0; }
+
+/* right shift x digits */
+void fp_rshd(fp_int *a, int x);
+
+/* right shift x bits */
+void fp_rshb(fp_int *a, int x);
+
+/* left shift x digits */
+int fp_lshd(fp_int *a, int x);
+
+/* signed comparison */
+int fp_cmp(fp_int *a, fp_int *b);
+
+/* unsigned comparison */
+int fp_cmp_mag(fp_int *a, fp_int *b);
+
+/* power of 2 operations */
+void fp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d);
+void fp_mod_2d(fp_int *a, int b, fp_int *c);
+int fp_mul_2d(fp_int *a, int b, fp_int *c);
+void fp_2expt (fp_int *a, int b);
+int fp_mul_2(fp_int *a, fp_int *c);
+void fp_div_2(fp_int *a, fp_int *c);
+/* c = a / 2 (mod b) - constant time (a < b and positive) */
+int fp_div_2_mod_ct(fp_int *a, fp_int *b, fp_int *c);
+
+
+/* Counts the number of lsbs which are zero before the first zero bit */
+int fp_cnt_lsb(fp_int *a);
+
+/* c = a + b */
+int fp_add(fp_int *a, fp_int *b, fp_int *c);
+
+/* c = a - b */
+int fp_sub(fp_int *a, fp_int *b, fp_int *c);
+
+/* c = a * b */
+int fp_mul(fp_int *a, fp_int *b, fp_int *c);
+
+/* b = a*a */
+int fp_sqr(fp_int *a, fp_int *b);
+
+/* a/b => cb + d == a */
+int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
+
+/* c = a mod b, 0 <= c < b */
+int fp_mod(fp_int *a, fp_int *b, fp_int *c);
+
+/* compare against a single digit */
+int fp_cmp_d(fp_int *a, fp_digit b);
+
+/* c = a + b */
+int fp_add_d(fp_int *a, fp_digit b, fp_int *c);
+
+/* c = a - b */
+int fp_sub_d(fp_int *a, fp_digit b, fp_int *c);
+
+/* c = a * b */
+int fp_mul_d(fp_int *a, fp_digit b, fp_int *c);
+
+/* a/b => cb + d == a */
+/*int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d);*/
+
+/* c = a mod b, 0 <= c < b */
+/*int fp_mod_d(fp_int *a, fp_digit b, fp_digit *c);*/
+
+/* ---> number theory <--- */
+/* d = a + b (mod c) */
+/*int fp_addmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);*/
+
+/* d = a - b (mod c) */
+/*int fp_submod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);*/
+
+/* d = a * b (mod c) */
+int fp_mulmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
+
+/* d = a - b (mod c) */
+int fp_submod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
+
+/* d = a + b (mod c) */
+int fp_addmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
+
+/* d = a - b (mod c) - constant time (a < c and b < c) */
+int fp_submod_ct(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
+
+/* d = a + b (mod c) - constant time (a < c and b < c) */
+int fp_addmod_ct(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
+
+/* c = a * a (mod b) */
+int fp_sqrmod(fp_int *a, fp_int *b, fp_int *c);
+
+/* c = 1/a (mod b) */
+int fp_invmod(fp_int *a, fp_int *b, fp_int *c);
+int fp_invmod_mont_ct(fp_int *a, fp_int *b, fp_int *c, fp_digit mp);
+
+/* c = (a, b) */
+/*int fp_gcd(fp_int *a, fp_int *b, fp_int *c);*/
+
+/* c = [a, b] */
+/*int fp_lcm(fp_int *a, fp_int *b, fp_int *c);*/
+
+/* setups the montgomery reduction */
+int fp_montgomery_setup(fp_int *a, fp_digit *mp);
+
+/* computes a = B**n mod b without division or multiplication useful for
+ * normalizing numbers in a Montgomery system.
+ */
+int fp_montgomery_calc_normalization(fp_int *a, fp_int *b);
+
+/* computes x/R == x (mod N) via Montgomery Reduction */
+int fp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp);
+int fp_montgomery_reduce_ex(fp_int *a, fp_int *m, fp_digit mp, int ct);
+
+/* d = a**b (mod c) */
+int fp_exptmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
+int fp_exptmod_ex(fp_int *a, fp_int *b, int minDigits, fp_int *c, fp_int *d);
+int fp_exptmod_nct(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
+
+#ifdef WC_RSA_NONBLOCK
+
+enum tfmExptModNbState {
+ TFM_EXPTMOD_NB_INIT = 0,
+ TFM_EXPTMOD_NB_MONT,
+ TFM_EXPTMOD_NB_MONT_RED,
+ TFM_EXPTMOD_NB_MONT_MUL,
+ TFM_EXPTMOD_NB_MONT_MOD,
+ TFM_EXPTMOD_NB_MONT_MODCHK,
+ TFM_EXPTMOD_NB_NEXT,
+ TFM_EXPTMOD_NB_MUL,
+ TFM_EXPTMOD_NB_MUL_RED,
+ TFM_EXPTMOD_NB_SQR,
+ TFM_EXPTMOD_NB_SQR_RED,
+ TFM_EXPTMOD_NB_RED,
+ TFM_EXPTMOD_NB_COUNT /* last item for total state count only */
+};
+
+typedef struct {
+#ifndef WC_NO_CACHE_RESISTANT
+ fp_int R[3];
+#else
+ fp_int R[2];
+#endif
+ fp_digit buf;
+ fp_digit mp;
+ int bitcnt;
+ int digidx;
+ int y;
+ int state; /* tfmExptModNbState */
+#ifdef WC_RSA_NONBLOCK_TIME
+ word32 maxBlockInst; /* maximum instructions to block */
+ word32 totalInst; /* tracks total instructions */
+#endif
+} exptModNb_t;
+
+#ifdef WC_RSA_NONBLOCK_TIME
+enum {
+ TFM_EXPTMOD_NB_STOP = 0, /* stop and return FP_WOULDBLOCK */
+ TFM_EXPTMOD_NB_CONTINUE = 1, /* keep blocking */
+};
+#endif
+
+/* non-blocking version of timing resistant fp_exptmod function */
+/* supports cache resistance */
+int fp_exptmod_nb(exptModNb_t* nb, fp_int* G, fp_int* X, fp_int* P, fp_int* Y);
+
+#endif /* WC_RSA_NONBLOCK */
+
+/* primality stuff */
+
+/* perform a Miller-Rabin test of a to the base b and store result in "result" */
+/*void fp_prime_miller_rabin (fp_int * a, fp_int * b, int *result);*/
+
+#define FP_PRIME_SIZE 256
+/* 256 trial divisions + 8 Miller-Rabins, returns FP_YES if probable prime */
+/*int fp_isprime(fp_int *a);*/
+/* extended version of fp_isprime, do 't' Miller-Rabins instead of only 8 */
+/*int fp_isprime_ex(fp_int *a, int t, int* result);*/
+
+/* Primality generation flags */
+/*#define TFM_PRIME_BBS 0x0001 */ /* BBS style prime */
+/*#define TFM_PRIME_SAFE 0x0002 */ /* Safe prime (p-1)/2 == prime */
+/*#define TFM_PRIME_2MSB_OFF 0x0004 */ /* force 2nd MSB to 0 */
+/*#define TFM_PRIME_2MSB_ON 0x0008 */ /* force 2nd MSB to 1 */
+
+/* callback for fp_prime_random, should fill dst with random bytes and return how many read [up to len] */
+/*typedef int tfm_prime_callback(unsigned char *dst, int len, void *dat);*/
+
+/*#define fp_prime_random(a, t, size, bbs, cb, dat) fp_prime_random_ex(a, t, ((size) * 8) + 1, (bbs==1)?TFM_PRIME_BBS:0, cb, dat)*/
+
+/*int fp_prime_random_ex(fp_int *a, int t, int size, int flags, tfm_prime_callback cb, void *dat);*/
+
+/* radix conversions */
+int fp_count_bits(const fp_int *a);
+int fp_leading_bit(fp_int *a);
+
+int fp_unsigned_bin_size(const fp_int *a);
+int fp_read_unsigned_bin(fp_int *a, const unsigned char *b, int c);
+int fp_to_unsigned_bin(fp_int *a, unsigned char *b);
+int fp_to_unsigned_bin_len(fp_int *a, unsigned char *b, int c);
+int fp_to_unsigned_bin_at_pos(int x, fp_int *t, unsigned char *b);
+
+/*int fp_read_radix(fp_int *a, char *str, int radix);*/
+/*int fp_toradix(fp_int *a, char *str, int radix);*/
+/*int fp_toradix_n(fp_int * a, char *str, int radix, int maxlen);*/
+
+
+/* VARIOUS LOW LEVEL STUFFS */
+int s_fp_add(fp_int *a, fp_int *b, fp_int *c);
+void s_fp_sub(fp_int *a, fp_int *b, fp_int *c);
+void fp_reverse(unsigned char *s, int len);
+
+int fp_mul_comba(fp_int *a, fp_int *b, fp_int *c);
+
+int fp_mul_comba_small(fp_int *a, fp_int *b, fp_int *c);
+int fp_mul_comba3(fp_int *a, fp_int *b, fp_int *c);
+int fp_mul_comba4(fp_int *a, fp_int *b, fp_int *c);
+int fp_mul_comba6(fp_int *a, fp_int *b, fp_int *c);
+int fp_mul_comba7(fp_int *a, fp_int *b, fp_int *c);
+int fp_mul_comba8(fp_int *a, fp_int *b, fp_int *c);
+int fp_mul_comba9(fp_int *a, fp_int *b, fp_int *c);
+int fp_mul_comba12(fp_int *a, fp_int *b, fp_int *c);
+int fp_mul_comba17(fp_int *a, fp_int *b, fp_int *c);
+int fp_mul_comba20(fp_int *a, fp_int *b, fp_int *c);
+int fp_mul_comba24(fp_int *a, fp_int *b, fp_int *c);
+int fp_mul_comba28(fp_int *a, fp_int *b, fp_int *c);
+int fp_mul_comba32(fp_int *a, fp_int *b, fp_int *c);
+int fp_mul_comba48(fp_int *a, fp_int *b, fp_int *c);
+int fp_mul_comba64(fp_int *a, fp_int *b, fp_int *c);
+int fp_sqr_comba(fp_int *a, fp_int *b);
+int fp_sqr_comba_small(fp_int *a, fp_int *b);
+int fp_sqr_comba3(fp_int *a, fp_int *b);
+int fp_sqr_comba4(fp_int *a, fp_int *b);
+int fp_sqr_comba6(fp_int *a, fp_int *b);
+int fp_sqr_comba7(fp_int *a, fp_int *b);
+int fp_sqr_comba8(fp_int *a, fp_int *b);
+int fp_sqr_comba9(fp_int *a, fp_int *b);
+int fp_sqr_comba12(fp_int *a, fp_int *b);
+int fp_sqr_comba17(fp_int *a, fp_int *b);
+int fp_sqr_comba20(fp_int *a, fp_int *b);
+int fp_sqr_comba24(fp_int *a, fp_int *b);
+int fp_sqr_comba28(fp_int *a, fp_int *b);
+int fp_sqr_comba32(fp_int *a, fp_int *b);
+int fp_sqr_comba48(fp_int *a, fp_int *b);
+int fp_sqr_comba64(fp_int *a, fp_int *b);
+
+
+/**
+ * Used by wolfSSL
+ */
+
+/* Constants */
+#define MP_LT FP_LT /* less than */
+#define MP_EQ FP_EQ /* equal to */
+#define MP_GT FP_GT /* greater than */
+#define MP_VAL FP_VAL /* invalid */
+#define MP_MEM FP_MEM /* memory error */
+#define MP_NOT_INF FP_NOT_INF /* point not at infinity */
+#define MP_OKAY FP_OKAY /* ok result */
+#define MP_NO FP_NO /* yes/no result */
+#define MP_YES FP_YES /* yes/no result */
+#define MP_ZPOS FP_ZPOS
+#define MP_NEG FP_NEG
+#define MP_MASK FP_MASK
+
+/* Prototypes */
+#define mp_zero(a) fp_zero(a)
+#define mp_isone(a) fp_isone(a)
+#define mp_iseven(a) fp_iseven(a)
+#define mp_isneg(a) fp_isneg(a)
+#define mp_isword(a, w) fp_isword(a, w)
+
+#define MP_RADIX_BIN 2
+#define MP_RADIX_OCT 8
+#define MP_RADIX_DEC 10
+#define MP_RADIX_HEX 16
+#define MP_RADIX_MAX 64
+
+#define mp_tobinary(M, S) mp_toradix((M), (S), MP_RADIX_BIN)
+#define mp_tooctal(M, S) mp_toradix((M), (S), MP_RADIX_OCT)
+#define mp_todecimal(M, S) mp_toradix((M), (S), MP_RADIX_DEC)
+#define mp_tohex(M, S) mp_toradix((M), (S), MP_RADIX_HEX)
+
+MP_API int mp_init (mp_int * a);
+MP_API int mp_init_copy(fp_int * a, fp_int * b);
+MP_API void mp_clear (mp_int * a);
+MP_API void mp_free (mp_int * a);
+MP_API void mp_forcezero (mp_int * a);
+MP_API int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e,
+ mp_int* f);
+
+MP_API int mp_add (mp_int * a, mp_int * b, mp_int * c);
+MP_API int mp_sub (mp_int * a, mp_int * b, mp_int * c);
+MP_API int mp_add_d (mp_int * a, mp_digit b, mp_int * c);
+
+MP_API int mp_mul (mp_int * a, mp_int * b, mp_int * c);
+MP_API int mp_mul_d (mp_int * a, mp_digit b, mp_int * c);
+MP_API int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
+MP_API int mp_submod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
+MP_API int mp_addmod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
+MP_API int mp_submod_ct (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
+MP_API int mp_addmod_ct (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
+MP_API int mp_mod(mp_int *a, mp_int *b, mp_int *c);
+MP_API int mp_invmod(mp_int *a, mp_int *b, mp_int *c);
+MP_API int mp_invmod_mont_ct(mp_int *a, mp_int *b, mp_int *c, fp_digit mp);
+MP_API int mp_exptmod (mp_int * g, mp_int * x, mp_int * p, mp_int * y);
+MP_API int mp_exptmod_ex (mp_int * g, mp_int * x, int minDigits, mp_int * p,
+ mp_int * y);
+MP_API int mp_exptmod_nct (mp_int * g, mp_int * x, mp_int * p, mp_int * y);
+MP_API int mp_mul_2d(mp_int *a, int b, mp_int *c);
+MP_API int mp_2expt(mp_int* a, int b);
+
+MP_API int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d);
+
+MP_API int mp_cmp(mp_int *a, mp_int *b);
+MP_API int mp_cmp_d(mp_int *a, mp_digit b);
+
+MP_API int mp_unsigned_bin_size(const mp_int * a);
+MP_API int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c);
+MP_API int mp_to_unsigned_bin_at_pos(int x, mp_int *t, unsigned char *b);
+MP_API int mp_to_unsigned_bin (mp_int * a, unsigned char *b);
+MP_API int mp_to_unsigned_bin_len(mp_int * a, unsigned char *b, int c);
+
+MP_API int mp_sub_d(fp_int *a, fp_digit b, fp_int *c);
+MP_API int mp_copy(const fp_int* a, fp_int* b);
+MP_API int mp_isodd(mp_int* a);
+MP_API int mp_iszero(mp_int* a);
+MP_API int mp_count_bits(const mp_int *a);
+MP_API int mp_leading_bit(mp_int *a);
+MP_API int mp_set_int(mp_int *a, unsigned long b);
+MP_API int mp_is_bit_set (mp_int * a, mp_digit b);
+MP_API int mp_set_bit (mp_int * a, mp_digit b);
+MP_API void mp_rshb(mp_int *a, int x);
+MP_API void mp_rshd(mp_int *a, int x);
+MP_API int mp_toradix (mp_int *a, char *str, int radix);
+MP_API int mp_radix_size (mp_int * a, int radix, int *size);
+
+#ifdef WOLFSSL_DEBUG_MATH
+ MP_API void mp_dump(const char* desc, mp_int* a, byte verbose);
+#else
+ #define mp_dump(desc, a, verbose)
+#endif
+
+#if !defined(NO_DSA) || defined(HAVE_ECC)
+ MP_API int mp_read_radix(mp_int* a, const char* str, int radix);
+#endif
+
+#ifdef HAVE_ECC
+ MP_API int mp_sqr(fp_int *a, fp_int *b);
+ MP_API int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp);
+ MP_API int mp_montgomery_reduce_ex(fp_int *a, fp_int *m, fp_digit mp,
+ int ct);
+ MP_API int mp_montgomery_setup(fp_int *a, fp_digit *rho);
+ MP_API int mp_div_2(fp_int * a, fp_int * b);
+ MP_API int mp_div_2_mod_ct(mp_int *a, mp_int *b, mp_int *c);
+#endif
+
+#if defined(HAVE_ECC) || !defined(NO_RSA) || !defined(NO_DSA) || \
+ defined(WOLFSSL_KEY_GEN)
+ MP_API int mp_set(fp_int *a, fp_digit b);
+#endif
+
+#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || \
+ !defined(NO_DSA) || !defined(NO_DH)
+ MP_API int mp_sqrmod(mp_int* a, mp_int* b, mp_int* c);
+ MP_API int mp_montgomery_calc_normalization(mp_int *a, mp_int *b);
+#endif
+
+#if !defined(NO_DH) || !defined(NO_DSA) || !defined(NO_RSA) || defined(WOLFSSL_KEY_GEN)
+MP_API int mp_prime_is_prime(mp_int* a, int t, int* result);
+MP_API int mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng);
+#endif /* !NO_DH || !NO_DSA || !NO_RSA || WOLFSSL_KEY_GEN */
+#ifdef WOLFSSL_KEY_GEN
+MP_API int mp_gcd(fp_int *a, fp_int *b, fp_int *c);
+MP_API int mp_lcm(fp_int *a, fp_int *b, fp_int *c);
+MP_API int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap);
+MP_API int mp_exch(mp_int *a, mp_int *b);
+#endif /* WOLFSSL_KEY_GEN */
+MP_API int mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m);
+
+MP_API int mp_cnt_lsb(fp_int *a);
+MP_API int mp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d);
+MP_API int mp_mod_d(fp_int* a, fp_digit b, fp_digit* c);
+MP_API int mp_lshd (mp_int * a, int b);
+MP_API int mp_abs(mp_int* a, mp_int* b);
+
+WOLFSSL_API word32 CheckRunTimeFastMath(void);
+
+/* If user uses RSA, DH, DSA, or ECC math lib directly then fast math FP_SIZE
+ must match, return 1 if a match otherwise 0 */
+#define CheckFastMathSettings() (FP_SIZE == CheckRunTimeFastMath())
+
+
+#ifdef __cplusplus
+ }
+#endif
+
+#endif /* WOLF_CRYPT_TFM_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/types.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/types.h
new file mode 100644
index 0000000..54cfce6
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/types.h
@@ -0,0 +1,1103 @@
+/* types.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/types.h
+*/
+/*
+DESCRIPTION
+This library defines the primitive data types and abstraction macros to
+decouple library dependencies with standard string, memory and so on.
+
+*/
+#ifndef WOLF_CRYPT_TYPES_H
+#define WOLF_CRYPT_TYPES_H
+
+ #include <wolfssl/wolfcrypt/settings.h>
+ #include <wolfssl/wolfcrypt/wc_port.h>
+
+ #ifdef __cplusplus
+ extern "C" {
+ #endif
+
+
+ #define WOLFSSL_ABI
+ /* Tag for all the APIs that are a part of the fixed ABI. */
+
+ /*
+ * This struct is used multiple time by other structs and
+ * needs to be defined somwhere that all structs can import
+ * (with minimal depencencies).
+ */
+ #if defined(HAVE_EX_DATA) || defined(FORTRESS)
+ #ifdef HAVE_EX_DATA_CLEANUP_HOOKS
+ typedef void (*wolfSSL_ex_data_cleanup_routine_t)(void *data);
+ #endif
+ typedef struct WOLFSSL_CRYPTO_EX_DATA {
+ void* ex_data[MAX_EX_DATA];
+ #ifdef HAVE_EX_DATA_CLEANUP_HOOKS
+ wolfSSL_ex_data_cleanup_routine_t ex_data_cleanup_routines[MAX_EX_DATA];
+ #endif
+ } WOLFSSL_CRYPTO_EX_DATA;
+ #endif
+
+ #if defined(WORDS_BIGENDIAN)
+ #define BIG_ENDIAN_ORDER
+ #endif
+
+ #ifndef BIG_ENDIAN_ORDER
+ #define LITTLE_ENDIAN_ORDER
+ #endif
+
+ #ifndef WOLFSSL_TYPES
+ #ifndef byte
+ typedef unsigned char byte;
+ typedef signed char sword8;
+ typedef unsigned char word8;
+ #endif
+ #ifdef WC_16BIT_CPU
+ typedef int sword16;
+ typedef unsigned int word16;
+ typedef long sword32;
+ typedef unsigned long word32;
+ #else
+ typedef short sword16;
+ typedef unsigned short word16;
+ typedef int sword32;
+ typedef unsigned int word32;
+ #endif
+ typedef byte word24[3];
+ #endif
+
+
+ /* constant pointer to a constant char */
+ #ifdef WOLFSSL_NO_CONSTCHARCONST
+ typedef const char* wcchar;
+ #else
+ typedef const char* const wcchar;
+ #endif
+
+
+ /* try to set SIZEOF_LONG or SIZEOF_LONG_LONG if user didn't */
+ #if defined(_MSC_VER) || defined(HAVE_LIMITS_H)
+ /* make sure both SIZEOF_LONG_LONG and SIZEOF_LONG are set,
+ * otherwise causes issues with CTC_SETTINGS */
+ #if !defined(SIZEOF_LONG_LONG) || !defined(SIZEOF_LONG)
+ #include <limits.h>
+ #if !defined(SIZEOF_LONG) && defined(ULONG_MAX) && \
+ (ULONG_MAX == 0xffffffffUL)
+ #define SIZEOF_LONG 4
+ #endif
+ #if !defined(SIZEOF_LONG_LONG) && defined(ULLONG_MAX) && \
+ (ULLONG_MAX == 0xffffffffffffffffULL)
+ #define SIZEOF_LONG_LONG 8
+ #endif
+ #endif
+ #elif !defined(__BCPLUSPLUS__) && !defined(__EMSCRIPTEN__)
+ #if !defined(SIZEOF_LONG_LONG) && !defined(SIZEOF_LONG)
+ #if (defined(__alpha__) || defined(__ia64__) || \
+ defined(_ARCH_PPC64) || defined(__mips64) || \
+ defined(__x86_64__) || defined(__s390x__ ) || \
+ ((defined(sun) || defined(__sun)) && \
+ (defined(LP64) || defined(_LP64))))
+ /* long should be 64bit */
+ #define SIZEOF_LONG 8
+ #elif defined(__i386__) || defined(__CORTEX_M3__)
+ /* long long should be 64bit */
+ #define SIZEOF_LONG_LONG 8
+ #endif
+ #endif
+ #endif
+
+ #if defined(_MSC_VER) || defined(__BCPLUSPLUS__)
+ #define WORD64_AVAILABLE
+ #define W64LIT(x) x##ui64
+ typedef __int64 sword64;
+ typedef unsigned __int64 word64;
+ #elif defined(__EMSCRIPTEN__)
+ #define WORD64_AVAILABLE
+ #define W64LIT(x) x##ull
+ typedef long long sword64;
+ typedef unsigned long long word64;
+ #elif defined(SIZEOF_LONG) && SIZEOF_LONG == 8
+ #define WORD64_AVAILABLE
+ #define W64LIT(x) x##LL
+ typedef long sword64;
+ typedef unsigned long word64;
+ #elif defined(SIZEOF_LONG_LONG) && SIZEOF_LONG_LONG == 8
+ #define WORD64_AVAILABLE
+ #define W64LIT(x) x##LL
+ typedef long long sword64;
+ typedef unsigned long long word64;
+ #elif defined(__SIZEOF_LONG_LONG__) && __SIZEOF_LONG_LONG__ == 8
+ #define WORD64_AVAILABLE
+ #define W64LIT(x) x##LL
+ typedef long long sword64;
+ typedef unsigned long long word64;
+ #endif
+
+#if defined(WORD64_AVAILABLE) && !defined(WC_16BIT_CPU)
+ /* These platforms have 64-bit CPU registers. */
+ #if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || \
+ defined(__mips64) || defined(__x86_64__) || defined(_M_X64)) || \
+ defined(__aarch64__) || defined(__sparc64__) || defined(__s390x__ ) || \
+ (defined(__riscv_xlen) && (__riscv_xlen == 64)) || defined(_M_ARM64)
+ #define WC_64BIT_CPU
+ #elif (defined(sun) || defined(__sun)) && \
+ (defined(LP64) || defined(_LP64))
+ /* LP64 with GNU GCC compiler is reserved for when long int is 64 bits
+ * and int uses 32 bits. When using Solaris Studio sparc and __sparc are
+ * available for 32 bit detection but __sparc64__ could be missed. This
+ * uses LP64 for checking 64 bit CPU arch. */
+ #define WC_64BIT_CPU
+ #else
+ #define WC_32BIT_CPU
+ #endif
+
+ #if defined(NO_64BIT)
+ typedef word32 wolfssl_word;
+ #undef WORD64_AVAILABLE
+ #else
+ #ifdef WC_64BIT_CPU
+ typedef word64 wolfssl_word;
+ #else
+ typedef word32 wolfssl_word;
+ #ifdef WORD64_AVAILABLE
+ #define WOLFCRYPT_SLOW_WORD64
+ #endif
+ #endif
+ #endif
+
+#elif defined(WC_16BIT_CPU)
+ #undef WORD64_AVAILABLE
+ typedef word16 wolfssl_word;
+ #define MP_16BIT /* for mp_int, mp_word needs to be twice as big as
+ mp_digit, no 64 bit type so make mp_digit 16 bit */
+
+#else
+ #undef WORD64_AVAILABLE
+ typedef word32 wolfssl_word;
+ #define MP_16BIT /* for mp_int, mp_word needs to be twice as big as
+ mp_digit, no 64 bit type so make mp_digit 16 bit */
+#endif
+
+#ifdef WC_PTR_TYPE /* Allow user suppied type */
+ typedef WC_PTR_TYPE wc_ptr_t;
+#elif defined(HAVE_UINTPTR_T)
+ #include <stdint.h>
+ typedef uintptr_t wc_ptr_t;
+#else /* fallback to architecture size_t for pointer size */
+ #include <stddef.h> /* included for getting size_t type */
+ typedef size_t wc_ptr_t;
+#endif
+
+ enum {
+ WOLFSSL_WORD_SIZE = sizeof(wolfssl_word),
+ WOLFSSL_BIT_SIZE = 8,
+ WOLFSSL_WORD_BITS = WOLFSSL_WORD_SIZE * WOLFSSL_BIT_SIZE
+ };
+
+ #define WOLFSSL_MAX_16BIT 0xffffU
+
+ /* use inlining if compiler allows */
+ #ifndef WC_INLINE
+ #ifndef NO_INLINE
+ #ifdef _MSC_VER
+ #define WC_INLINE __inline
+ #elif defined(__GNUC__)
+ #ifdef WOLFSSL_VXWORKS
+ #define WC_INLINE __inline__
+ #else
+ #define WC_INLINE inline
+ #endif
+ #elif defined(__IAR_SYSTEMS_ICC__)
+ #define WC_INLINE inline
+ #elif defined(THREADX)
+ #define WC_INLINE _Inline
+ #elif defined(__ghc__)
+ #ifndef __cplusplus
+ #define WC_INLINE __inline
+ #else
+ #define WC_INLINE inline
+ #endif
+ #elif defined(__CCRX__)
+ #define WC_INLINE inline
+ #else
+ #define WC_INLINE
+ #endif
+ #else
+ #ifdef __GNUC__
+ #define WC_INLINE __attribute__((unused))
+ #else
+ #define WC_INLINE
+ #endif
+ #endif
+ #endif
+
+ #if defined(HAVE_FIPS) || defined(HAVE_SELFTEST)
+ #define INLINE WC_INLINE
+ #endif
+
+
+ /* set up rotate style */
+ #if (defined(_MSC_VER) || defined(__BCPLUSPLUS__)) && \
+ !defined(WOLFSSL_SGX) && !defined(INTIME_RTOS)
+ #define INTEL_INTRINSICS
+ #define FAST_ROTATE
+ #elif defined(__MWERKS__) && TARGET_CPU_PPC
+ #define PPC_INTRINSICS
+ #define FAST_ROTATE
+ #elif defined(__CCRX__)
+ #define FAST_ROTATE
+ #elif defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__))
+ /* GCC does peephole optimizations which should result in using rotate
+ instructions */
+ #define FAST_ROTATE
+ #endif
+
+
+ /* set up thread local storage if available */
+ #ifdef HAVE_THREAD_LS
+ #if defined(_MSC_VER)
+ #define THREAD_LS_T __declspec(thread)
+ /* Thread local storage only in FreeRTOS v8.2.1 and higher */
+ #elif defined(FREERTOS) || defined(FREERTOS_TCP) || \
+ defined(WOLFSSL_ZEPHYR)
+ #define THREAD_LS_T
+ #else
+ #define THREAD_LS_T __thread
+ #endif
+ #else
+ #define THREAD_LS_T
+ #endif
+
+ /* GCC 7 has new switch() fall-through detection */
+ /* default to FALL_THROUGH stub */
+ #ifndef FALL_THROUGH
+ #define FALL_THROUGH
+
+ #if defined(__GNUC__)
+ #if ((__GNUC__ > 7) || ((__GNUC__ == 7) && (__GNUC_MINOR__ >= 1)))
+ #undef FALL_THROUGH
+ #if defined(WOLFSSL_LINUXKM) && defined(fallthrough)
+ #define FALL_THROUGH fallthrough
+ #else
+ #define FALL_THROUGH __attribute__ ((fallthrough));
+ #endif
+ #endif
+ #endif
+ #endif /* FALL_THROUGH */
+
+ /* Micrium will use Visual Studio for compilation but not the Win32 API */
+ #if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \
+ !defined(FREERTOS_TCP) && !defined(EBSNET) && \
+ !defined(WOLFSSL_UTASKER) && !defined(INTIME_RTOS)
+ #define USE_WINDOWS_API
+ #endif
+
+ #define XSTR_SIZEOF(x) (sizeof(x) - 1) /* -1 to not count the null char */
+
+ /* idea to add global alloc override by Moises Guimaraes */
+ /* default to libc stuff */
+ /* XREALLOC is used once in normal math lib, not in fast math lib */
+ /* XFREE on some embedded systems doesn't like free(0) so test */
+ #if defined(HAVE_IO_POOL)
+ WOLFSSL_API void* XMALLOC(size_t n, void* heap, int type);
+ WOLFSSL_API void* XREALLOC(void *p, size_t n, void* heap, int type);
+ WOLFSSL_API void XFREE(void *p, void* heap, int type);
+ #elif (defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_INTEL_QA)) || \
+ defined(HAVE_INTEL_QA_SYNC)
+ #ifndef HAVE_INTEL_QA_SYNC
+ #include <wolfssl/wolfcrypt/port/intel/quickassist_mem.h>
+ #undef USE_WOLFSSL_MEMORY
+ #ifdef WOLFSSL_DEBUG_MEMORY
+ #define XMALLOC(s, h, t) IntelQaMalloc((s), (h), (t), __func__, __LINE__)
+ #define XFREE(p, h, t) IntelQaFree((p), (h), (t), __func__, __LINE__)
+ #define XREALLOC(p, n, h, t) IntelQaRealloc((p), (n), (h), (t), __func__, __LINE__)
+ #else
+ #define XMALLOC(s, h, t) IntelQaMalloc((s), (h), (t))
+ #define XFREE(p, h, t) IntelQaFree((p), (h), (t))
+ #define XREALLOC(p, n, h, t) IntelQaRealloc((p), (n), (h), (t))
+ #endif /* WOLFSSL_DEBUG_MEMORY */
+ #else
+ #include <wolfssl/wolfcrypt/port/intel/quickassist_sync.h>
+ #undef USE_WOLFSSL_MEMORY
+ #ifdef WOLFSSL_DEBUG_MEMORY
+ #define XMALLOC(s, h, t) wc_CryptoCb_IntelQaMalloc((s), (h), (t), __func__, __LINE__)
+ #define XFREE(p, h, t) wc_CryptoCb_IntelQaFree((p), (h), (t), __func__, __LINE__)
+ #define XREALLOC(p, n, h, t) wc_CryptoCb_IntelQaRealloc((p), (n), (h), (t), __func__, __LINE__)
+ #else
+ #define XMALLOC(s, h, t) wc_CryptoCb_IntelQaMalloc((s), (h), (t))
+ #define XFREE(p, h, t) wc_CryptoCb_IntelQaFree((p), (h), (t))
+ #define XREALLOC(p, n, h, t) wc_CryptoCb_IntelQaRealloc((p), (n), (h), (t))
+ #endif /* WOLFSSL_DEBUG_MEMORY */
+ #endif
+ #elif defined(XMALLOC_USER)
+ /* prototypes for user heap override functions */
+ #include <stddef.h> /* for size_t */
+ extern void *XMALLOC(size_t n, void* heap, int type);
+ extern void *XREALLOC(void *p, size_t n, void* heap, int type);
+ extern void XFREE(void *p, void* heap, int type);
+ #elif defined(WOLFSSL_MEMORY_LOG)
+ #define XMALLOC(n, h, t) xmalloc(n, h, t, __func__, __FILE__, __LINE__)
+ #define XREALLOC(p, n, h, t) xrealloc(p, n, h, t, __func__, __FILE__, __LINE__)
+ #define XFREE(p, h, t) xfree(p, h, t, __func__, __FILE__, __LINE__)
+
+ /* prototypes for user heap override functions */
+ #include <stddef.h> /* for size_t */
+ #include <stdlib.h>
+ WOLFSSL_API void *xmalloc(size_t n, void* heap, int type,
+ const char* func, const char* file, unsigned int line);
+ WOLFSSL_API void *xrealloc(void *p, size_t n, void* heap, int type,
+ const char* func, const char* file, unsigned int line);
+ WOLFSSL_API void xfree(void *p, void* heap, int type, const char* func,
+ const char* file, unsigned int line);
+ #elif defined(XMALLOC_OVERRIDE)
+ /* override the XMALLOC, XFREE and XREALLOC macros */
+ #elif defined(WOLFSSL_TELIT_M2MB)
+ /* Telit M2MB SDK requires use m2mb_os API's, not std malloc/free */
+ /* Use of malloc/free will cause CPU reboot */
+ #define XMALLOC(s, h, t) ((void)h, (void)t, m2mb_os_malloc((s)))
+ #define XFREE(p, h, t) {void* xp = (p); if((xp)) m2mb_os_free((xp));}
+ #define XREALLOC(p, n, h, t) m2mb_os_realloc((p), (n))
+
+ #elif defined(NO_WOLFSSL_MEMORY)
+ #ifdef WOLFSSL_NO_MALLOC
+ /* this platform does not support heap use */
+ #ifdef WOLFSSL_MALLOC_CHECK
+ #include <stdio.h>
+ static inline void* malloc_check(size_t sz) {
+ printf("wolfSSL_malloc failed");
+ return NULL;
+ };
+ #define XMALLOC(s, h, t) malloc_check((s))
+ #define XFREE(p, h, t)
+ #define XREALLOC(p, n, h, t) (NULL)
+ #else
+ #define XMALLOC(s, h, t) (NULL)
+ #define XFREE(p, h, t)
+ #define XREALLOC(p, n, h, t) (NULL)
+ #endif
+ #else
+ /* just use plain C stdlib stuff if desired */
+ #include <stdlib.h>
+ #define XMALLOC(s, h, t) malloc((size_t)(s))
+ #define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));}
+ #define XREALLOC(p, n, h, t) realloc((p), (size_t)(n))
+ #endif
+
+ #elif defined(WOLFSSL_LINUXKM)
+ /* the requisite linux/slab.h is included in wc_port.h, with incompatible warnings masked out. */
+ #define XMALLOC(s, h, t) ({(void)(h); (void)(t); kmalloc(s, GFP_KERNEL);})
+ #define XFREE(p, h, t) ({void* _xp; (void)(h); _xp = (p); if(_xp) kfree(_xp);})
+ #define XREALLOC(p, n, h, t) ({(void)(h); (void)(t); krealloc((p), (n), GFP_KERNEL);})
+
+ #elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \
+ && !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \
+ && !defined(FREESCALE_KSDK_MQX) && !defined(FREESCALE_FREE_RTOS) \
+ && !defined(WOLFSSL_LEANPSK) && !defined(WOLFSSL_uITRON4)
+ /* default C runtime, can install different routines at runtime via cbs */
+ #include <wolfssl/wolfcrypt/memory.h>
+ #ifdef WOLFSSL_STATIC_MEMORY
+ #ifdef WOLFSSL_DEBUG_MEMORY
+ #define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t), __func__, __LINE__)
+ #define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t), __func__, __LINE__);}
+ #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t), __func__, __LINE__)
+ #else
+ #define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t))
+ #define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t));}
+ #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t))
+ #endif /* WOLFSSL_DEBUG_MEMORY */
+ #elif !defined(FREERTOS) && !defined(FREERTOS_TCP)
+ #ifdef WOLFSSL_DEBUG_MEMORY
+ #define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s), __func__, __LINE__))
+ #define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), __func__, __LINE__);}
+ #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), __func__, __LINE__)
+ #else
+ #define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s)))
+ #define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp));}
+ #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n))
+ #endif /* WOLFSSL_DEBUG_MEMORY */
+ #endif /* WOLFSSL_STATIC_MEMORY */
+ #endif
+
+ /* declare/free variable handling for async and smallstack */
+ #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_SMALL_STACK)
+ #define DECLARE_VAR_IS_HEAP_ALLOC
+ #define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \
+ VAR_TYPE* VAR_NAME = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT)
+ #define DECLARE_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \
+ VAR_TYPE* VAR_NAME[VAR_ITEMS]; \
+ int idx##VAR_NAME, inner_idx_##VAR_NAME; \
+ for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \
+ VAR_NAME[idx##VAR_NAME] = (VAR_TYPE*)XMALLOC(VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \
+ if (VAR_NAME[idx##VAR_NAME] == NULL) { \
+ for (inner_idx_##VAR_NAME = 0; inner_idx_##VAR_NAME < idx##VAR_NAME; inner_idx_##VAR_NAME++) { \
+ XFREE(VAR_NAME[inner_idx_##VAR_NAME], HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \
+ VAR_NAME[inner_idx_##VAR_NAME] = NULL; \
+ } \
+ for (inner_idx_##VAR_NAME = idx##VAR_NAME + 1; inner_idx_##VAR_NAME < VAR_ITEMS; inner_idx_##VAR_NAME++) { \
+ VAR_NAME[inner_idx_##VAR_NAME] = NULL; \
+ } \
+ break; \
+ } \
+ }
+ #define FREE_VAR(VAR_NAME, HEAP) \
+ XFREE(VAR_NAME, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT);
+ #define FREE_ARRAY(VAR_NAME, VAR_ITEMS, HEAP) \
+ for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \
+ XFREE(VAR_NAME[idx##VAR_NAME], (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \
+ }
+
+ #define DECLARE_ARRAY_DYNAMIC_DEC(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \
+ DECLARE_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP)
+ #define DECLARE_ARRAY_DYNAMIC_EXE(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP)
+ #define FREE_ARRAY_DYNAMIC(VAR_NAME, VAR_ITEMS, HEAP) \
+ FREE_ARRAY(VAR_NAME, VAR_ITEMS, HEAP)
+ #else
+ #undef DECLARE_VAR_IS_HEAP_ALLOC
+ #define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \
+ VAR_TYPE VAR_NAME[VAR_SIZE]
+ #define DECLARE_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \
+ VAR_TYPE VAR_NAME[VAR_ITEMS][VAR_SIZE]
+ #define FREE_VAR(VAR_NAME, HEAP) /* nothing to free, its stack */
+ #define FREE_ARRAY(VAR_NAME, VAR_ITEMS, HEAP) /* nothing to free, its stack */
+
+ #define DECLARE_ARRAY_DYNAMIC_DEC(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \
+ VAR_TYPE* VAR_NAME[VAR_ITEMS]; \
+ int idx##VAR_NAME, inner_idx_##VAR_NAME;
+ #define DECLARE_ARRAY_DYNAMIC_EXE(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \
+ for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \
+ VAR_NAME[idx##VAR_NAME] = (VAR_TYPE*)XMALLOC(VAR_SIZE, (HEAP), DYNAMIC_TYPE_TMP_BUFFER); \
+ if (VAR_NAME[idx##VAR_NAME] == NULL) { \
+ for (inner_idx_##VAR_NAME = 0; inner_idx_##VAR_NAME < idx##VAR_NAME; inner_idx_##VAR_NAME++) { \
+ XFREE(VAR_NAME[inner_idx_##VAR_NAME], HEAP, DYNAMIC_TYPE_TMP_BUFFER); \
+ VAR_NAME[inner_idx_##VAR_NAME] = NULL; \
+ } \
+ for (inner_idx_##VAR_NAME = idx##VAR_NAME + 1; inner_idx_##VAR_NAME < VAR_ITEMS; inner_idx_##VAR_NAME++) { \
+ VAR_NAME[inner_idx_##VAR_NAME] = NULL; \
+ } \
+ break; \
+ } \
+ }
+ #define FREE_ARRAY_DYNAMIC(VAR_NAME, VAR_ITEMS, HEAP) \
+ for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \
+ XFREE(VAR_NAME[idx##VAR_NAME], (HEAP), DYNAMIC_TYPE_TMP_BUFFER); \
+ }
+ #endif
+
+ #if !defined(USE_WOLF_STRTOK) && \
+ ((defined(__MINGW32__) && !defined(__MINGW64_VERSION_MAJOR)) || \
+ defined(WOLFSSL_TIRTOS) || defined(WOLF_C99))
+ #define USE_WOLF_STRTOK
+ #endif
+ #if !defined(USE_WOLF_STRSEP) && (defined(WOLF_C99))
+ #define USE_WOLF_STRSEP
+ #endif
+
+ #ifndef STRING_USER
+ #if defined(WOLFSSL_LINUXKM)
+ #include <linux/string.h>
+ #else
+ #include <string.h>
+ #endif
+
+ #define XMEMCPY(d,s,l) memcpy((d),(s),(l))
+ #define XMEMSET(b,c,l) memset((b),(c),(l))
+ #define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n))
+ #define XMEMMOVE(d,s,l) memmove((d),(s),(l))
+
+ #define XSTRLEN(s1) strlen((s1))
+ #define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
+ /* strstr, strncmp, strcmp, and strncat only used by wolfSSL proper,
+ * not required for wolfCrypt only */
+ #define XSTRSTR(s1,s2) strstr((s1),(s2))
+ #define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n))
+ #define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
+ #define XSTRCMP(s1,s2) strcmp((s1),(s2))
+ #define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n))
+
+ #ifdef USE_WOLF_STRSEP
+ #define XSTRSEP(s1,d) wc_strsep((s1),(d))
+ #else
+ #define XSTRSEP(s1,d) strsep((s1),(d))
+ #endif
+
+ #ifndef XSTRNCASECMP
+ #if defined(MICROCHIP_PIC32) || defined(WOLFSSL_TIRTOS) || \
+ defined(WOLFSSL_ZEPHYR)
+ /* XC32 does not support strncasecmp, so use case sensitive one */
+ #define XSTRNCASECMP(s1,s2,n) strncmp((s1),(s2),(n))
+ #elif defined(USE_WINDOWS_API) || defined(FREERTOS_TCP_WINSIM)
+ #define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n))
+ #else
+ #if defined(HAVE_STRINGS_H) && defined(WOLF_C99) && \
+ !defined(WOLFSSL_SGX)
+ #include <strings.h>
+ #endif
+ #if defined(WOLFSSL_DEOS)
+ #define XSTRNCASECMP(s1,s2,n) strnicmp((s1),(s2),(n))
+ #elif defined(WOLFSSL_CMSIS_RTOSv2)
+ #define XSTRNCASECMP(s1,s2,n) strncmp((s1),(s2),(n))
+ #else
+ #define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
+ #endif
+ #endif
+ #endif /* !XSTRNCASECMP */
+
+ /* snprintf is used in asn.c for GetTimeString, PKCS7 test, and when
+ debugging is turned on */
+ #ifndef USE_WINDOWS_API
+ #ifndef XSNPRINTF
+ #if defined(NO_FILESYSTEM) && (defined(OPENSSL_EXTRA) || \
+ defined(HAVE_PKCS7)) && !defined(NO_STDIO_FILESYSTEM)
+ /* case where stdio is not included else where but is needed
+ for snprintf */
+ #include <stdio.h>
+ #endif
+ #if defined(WOLFSSL_ESPIDF) && \
+ (!defined(NO_ASN_TIME) && defined(HAVE_PKCS7))
+ #include<stdarg.h>
+ /* later gcc than 7.1 introduces -Wformat-truncation */
+ /* In cases when truncation is expected the caller needs*/
+ /* to check the return value from the function so that */
+ /* compiler doesn't complain. */
+ /* xtensa-esp32-elf v8.2.0 warns trancation at */
+ /* GetAsnTimeString() */
+ static WC_INLINE
+ int _xsnprintf_(char *s, size_t n, const char *format, ...)
+ {
+ va_list ap;
+ int ret;
+
+ if ((int)n <= 0) return -1;
+
+ va_start(ap, format);
+
+ ret = XVSNPRINTF(s, n, format, ap);
+ if (ret < 0)
+ ret = -1;
+
+ va_end(ap);
+
+ return ret;
+ }
+ #define XSNPRINTF _xsnprintf_
+ #else
+ #define XSNPRINTF snprintf
+ #endif
+ #endif
+ #else
+ #if defined(_MSC_VER) || defined(__CYGWIN__) || defined(__MINGW32__)
+ #if defined(_MSC_VER) && (_MSC_VER >= 1900)
+ /* Beginning with the UCRT in Visual Studio 2015 and
+ Windows 10, snprintf is no longer identical to
+ _snprintf. The snprintf function behavior is now
+ C99 standard compliant. */
+ #include <stdio.h>
+ #define XSNPRINTF snprintf
+ #else
+ /* 4996 warning to use MS extensions e.g., _sprintf_s
+ instead of _snprintf */
+ #if !defined(__MINGW32__)
+ #pragma warning(disable: 4996)
+ #endif
+ static WC_INLINE
+ int xsnprintf(char *buffer, size_t bufsize,
+ const char *format, ...) {
+ va_list ap;
+ int ret;
+
+ if ((int)bufsize <= 0) return -1;
+ va_start(ap, format);
+ ret = XVSNPRINTF(buffer, bufsize, format, ap);
+ if (ret >= (int)bufsize)
+ ret = -1;
+ va_end(ap);
+ return ret;
+ }
+ #define XSNPRINTF xsnprintf
+ #endif /* (_MSC_VER >= 1900) */
+ #else
+ #define XSNPRINTF snprintf
+ #endif /* _MSC_VER */
+ #endif /* USE_WINDOWS_API */
+
+ #if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) \
+ || defined(HAVE_ALPN)
+ /* use only Thread Safe version of strtok */
+ #if defined(USE_WOLF_STRTOK)
+ #define XSTRTOK(s1,d,ptr) wc_strtok((s1),(d),(ptr))
+ #elif defined(USE_WINDOWS_API) || defined(INTIME_RTOS)
+ #define XSTRTOK(s1,d,ptr) strtok_s((s1),(d),(ptr))
+ #else
+ #define XSTRTOK(s1,d,ptr) strtok_r((s1),(d),(ptr))
+ #endif
+ #endif
+
+ #if defined(WOLFSSL_CERT_EXT) || defined(HAVE_OCSP) || \
+ defined(HAVE_CRL_IO) || defined(HAVE_HTTP_CLIENT) || \
+ !defined(NO_CRYPT_BENCHMARK)
+
+ #ifndef XATOI /* if custom XATOI is not already defined */
+ #include <stdlib.h>
+ #define XATOI(s) atoi((s))
+ #endif
+ #endif
+ #endif
+
+ #ifdef USE_WOLF_STRTOK
+ WOLFSSL_API char* wc_strtok(char *str, const char *delim, char **nextp);
+ #endif
+ #ifdef USE_WOLF_STRSEP
+ WOLFSSL_API char* wc_strsep(char **stringp, const char *delim);
+ #endif
+
+ #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
+ !defined(NO_STDIO_FILESYSTEM)
+ #ifndef XGETENV
+ #include <stdlib.h>
+ #define XGETENV getenv
+ #endif
+ #endif /* OPENSSL_EXTRA */
+
+ #ifndef CTYPE_USER
+ #ifndef WOLFSSL_LINUXKM
+ #include <ctype.h>
+ #endif
+ #if defined(HAVE_ECC) || defined(HAVE_OCSP) || \
+ defined(WOLFSSL_KEY_GEN) || !defined(NO_DSA) || \
+ defined(OPENSSL_EXTRA)
+ #define XTOUPPER(c) toupper((c))
+ #endif
+ #ifdef OPENSSL_ALL
+ #define XISALNUM(c) isalnum((c))
+ #define XISASCII(c) isascii((c))
+ #define XISSPACE(c) isspace((c))
+ #endif
+ /* needed by wolfSSL_check_domain_name() */
+ #define XTOLOWER(c) tolower((c))
+ #endif
+
+
+ /* memory allocation types for user hints */
+ enum {
+ DYNAMIC_TYPE_CA = 1,
+ DYNAMIC_TYPE_CERT = 2,
+ DYNAMIC_TYPE_KEY = 3,
+ DYNAMIC_TYPE_FILE = 4,
+ DYNAMIC_TYPE_SUBJECT_CN = 5,
+ DYNAMIC_TYPE_PUBLIC_KEY = 6,
+ DYNAMIC_TYPE_SIGNER = 7,
+ DYNAMIC_TYPE_NONE = 8,
+ DYNAMIC_TYPE_BIGINT = 9,
+ DYNAMIC_TYPE_RSA = 10,
+ DYNAMIC_TYPE_METHOD = 11,
+ DYNAMIC_TYPE_OUT_BUFFER = 12,
+ DYNAMIC_TYPE_IN_BUFFER = 13,
+ DYNAMIC_TYPE_INFO = 14,
+ DYNAMIC_TYPE_DH = 15,
+ DYNAMIC_TYPE_DOMAIN = 16,
+ DYNAMIC_TYPE_SSL = 17,
+ DYNAMIC_TYPE_CTX = 18,
+ DYNAMIC_TYPE_WRITEV = 19,
+ DYNAMIC_TYPE_OPENSSL = 20,
+ DYNAMIC_TYPE_DSA = 21,
+ DYNAMIC_TYPE_CRL = 22,
+ DYNAMIC_TYPE_REVOKED = 23,
+ DYNAMIC_TYPE_CRL_ENTRY = 24,
+ DYNAMIC_TYPE_CERT_MANAGER = 25,
+ DYNAMIC_TYPE_CRL_MONITOR = 26,
+ DYNAMIC_TYPE_OCSP_STATUS = 27,
+ DYNAMIC_TYPE_OCSP_ENTRY = 28,
+ DYNAMIC_TYPE_ALTNAME = 29,
+ DYNAMIC_TYPE_SUITES = 30,
+ DYNAMIC_TYPE_CIPHER = 31,
+ DYNAMIC_TYPE_RNG = 32,
+ DYNAMIC_TYPE_ARRAYS = 33,
+ DYNAMIC_TYPE_DTLS_POOL = 34,
+ DYNAMIC_TYPE_SOCKADDR = 35,
+ DYNAMIC_TYPE_LIBZ = 36,
+ DYNAMIC_TYPE_ECC = 37,
+ DYNAMIC_TYPE_TMP_BUFFER = 38,
+ DYNAMIC_TYPE_DTLS_MSG = 39,
+ DYNAMIC_TYPE_X509 = 40,
+ DYNAMIC_TYPE_TLSX = 41,
+ DYNAMIC_TYPE_OCSP = 42,
+ DYNAMIC_TYPE_SIGNATURE = 43,
+ DYNAMIC_TYPE_HASHES = 44,
+ DYNAMIC_TYPE_SRP = 45,
+ DYNAMIC_TYPE_COOKIE_PWD = 46,
+ DYNAMIC_TYPE_USER_CRYPTO = 47,
+ DYNAMIC_TYPE_OCSP_REQUEST = 48,
+ DYNAMIC_TYPE_X509_EXT = 49,
+ DYNAMIC_TYPE_X509_STORE = 50,
+ DYNAMIC_TYPE_X509_CTX = 51,
+ DYNAMIC_TYPE_URL = 52,
+ DYNAMIC_TYPE_DTLS_FRAG = 53,
+ DYNAMIC_TYPE_DTLS_BUFFER = 54,
+ DYNAMIC_TYPE_SESSION_TICK = 55,
+ DYNAMIC_TYPE_PKCS = 56,
+ DYNAMIC_TYPE_MUTEX = 57,
+ DYNAMIC_TYPE_PKCS7 = 58,
+ DYNAMIC_TYPE_AES_BUFFER = 59,
+ DYNAMIC_TYPE_WOLF_BIGINT = 60,
+ DYNAMIC_TYPE_ASN1 = 61,
+ DYNAMIC_TYPE_LOG = 62,
+ DYNAMIC_TYPE_WRITEDUP = 63,
+ DYNAMIC_TYPE_PRIVATE_KEY = 64,
+ DYNAMIC_TYPE_HMAC = 65,
+ DYNAMIC_TYPE_ASYNC = 66,
+ DYNAMIC_TYPE_ASYNC_NUMA = 67,
+ DYNAMIC_TYPE_ASYNC_NUMA64 = 68,
+ DYNAMIC_TYPE_CURVE25519 = 69,
+ DYNAMIC_TYPE_ED25519 = 70,
+ DYNAMIC_TYPE_SECRET = 71,
+ DYNAMIC_TYPE_DIGEST = 72,
+ DYNAMIC_TYPE_RSA_BUFFER = 73,
+ DYNAMIC_TYPE_DCERT = 74,
+ DYNAMIC_TYPE_STRING = 75,
+ DYNAMIC_TYPE_PEM = 76,
+ DYNAMIC_TYPE_DER = 77,
+ DYNAMIC_TYPE_CERT_EXT = 78,
+ DYNAMIC_TYPE_ALPN = 79,
+ DYNAMIC_TYPE_ENCRYPTEDINFO= 80,
+ DYNAMIC_TYPE_DIRCTX = 81,
+ DYNAMIC_TYPE_HASHCTX = 82,
+ DYNAMIC_TYPE_SEED = 83,
+ DYNAMIC_TYPE_SYMMETRIC_KEY= 84,
+ DYNAMIC_TYPE_ECC_BUFFER = 85,
+ DYNAMIC_TYPE_QSH = 86,
+ DYNAMIC_TYPE_SALT = 87,
+ DYNAMIC_TYPE_HASH_TMP = 88,
+ DYNAMIC_TYPE_BLOB = 89,
+ DYNAMIC_TYPE_NAME_ENTRY = 90,
+ DYNAMIC_TYPE_CURVE448 = 91,
+ DYNAMIC_TYPE_ED448 = 92,
+ DYNAMIC_TYPE_AES = 93,
+ DYNAMIC_TYPE_CMAC = 94,
+ DYNAMIC_TYPE_SNIFFER_SERVER = 1000,
+ DYNAMIC_TYPE_SNIFFER_SESSION = 1001,
+ DYNAMIC_TYPE_SNIFFER_PB = 1002,
+ DYNAMIC_TYPE_SNIFFER_PB_BUFFER = 1003,
+ DYNAMIC_TYPE_SNIFFER_TICKET_ID = 1004,
+ DYNAMIC_TYPE_SNIFFER_NAMED_KEY = 1005,
+ };
+
+ /* max error buffer string size */
+ #ifndef WOLFSSL_MAX_ERROR_SZ
+ #define WOLFSSL_MAX_ERROR_SZ 80
+ #endif
+
+ /* stack protection */
+ enum {
+ MIN_STACK_BUFFER = 8
+ };
+
+
+ /* Algorithm Types */
+ enum wc_AlgoType {
+ WC_ALGO_TYPE_NONE = 0,
+ WC_ALGO_TYPE_HASH = 1,
+ WC_ALGO_TYPE_CIPHER = 2,
+ WC_ALGO_TYPE_PK = 3,
+ WC_ALGO_TYPE_RNG = 4,
+ WC_ALGO_TYPE_SEED = 5,
+ WC_ALGO_TYPE_HMAC = 6,
+ WC_ALGO_TYPE_CMAC = 7,
+
+ WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_CMAC
+ };
+
+ /* hash types */
+ enum wc_HashType {
+ #if defined(HAVE_SELFTEST) || defined(HAVE_FIPS) && \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION <= 2))
+ /* In selftest build, WC_* types are not mapped to WC_HASH_TYPE types.
+ * Values here are based on old selftest hmac.h enum, with additions.
+ * These values are fixed for backwards FIPS compatibility */
+ WC_HASH_TYPE_NONE = 15,
+ WC_HASH_TYPE_MD2 = 16,
+ WC_HASH_TYPE_MD4 = 17,
+ WC_HASH_TYPE_MD5 = 0,
+ WC_HASH_TYPE_SHA = 1, /* SHA-1 (not old SHA-0) */
+ WC_HASH_TYPE_SHA224 = 8,
+ WC_HASH_TYPE_SHA256 = 2,
+ WC_HASH_TYPE_SHA384 = 5,
+ WC_HASH_TYPE_SHA512 = 4,
+ WC_HASH_TYPE_MD5_SHA = 18,
+ WC_HASH_TYPE_SHA3_224 = 10,
+ WC_HASH_TYPE_SHA3_256 = 11,
+ WC_HASH_TYPE_SHA3_384 = 12,
+ WC_HASH_TYPE_SHA3_512 = 13,
+ WC_HASH_TYPE_BLAKE2B = 14,
+ WC_HASH_TYPE_BLAKE2S = 19,
+
+ WC_HASH_TYPE_MAX = WC_HASH_TYPE_BLAKE2S
+ #else
+ WC_HASH_TYPE_NONE = 0,
+ WC_HASH_TYPE_MD2 = 1,
+ WC_HASH_TYPE_MD4 = 2,
+ WC_HASH_TYPE_MD5 = 3,
+ WC_HASH_TYPE_SHA = 4, /* SHA-1 (not old SHA-0) */
+ WC_HASH_TYPE_SHA224 = 5,
+ WC_HASH_TYPE_SHA256 = 6,
+ WC_HASH_TYPE_SHA384 = 7,
+ WC_HASH_TYPE_SHA512 = 8,
+ WC_HASH_TYPE_MD5_SHA = 9,
+ WC_HASH_TYPE_SHA3_224 = 10,
+ WC_HASH_TYPE_SHA3_256 = 11,
+ WC_HASH_TYPE_SHA3_384 = 12,
+ WC_HASH_TYPE_SHA3_512 = 13,
+ WC_HASH_TYPE_BLAKE2B = 14,
+ WC_HASH_TYPE_BLAKE2S = 15,
+
+ WC_HASH_TYPE_MAX = WC_HASH_TYPE_BLAKE2S
+ #endif /* HAVE_SELFTEST */
+ };
+
+ /* cipher types */
+ enum wc_CipherType {
+ WC_CIPHER_NONE = 0,
+ WC_CIPHER_AES = 1,
+ WC_CIPHER_AES_CBC = 2,
+ WC_CIPHER_AES_GCM = 3,
+ WC_CIPHER_AES_CTR = 4,
+ WC_CIPHER_AES_XTS = 5,
+ WC_CIPHER_AES_CFB = 6,
+ WC_CIPHER_DES3 = 7,
+ WC_CIPHER_DES = 8,
+ WC_CIPHER_CHACHA = 9,
+ WC_CIPHER_HC128 = 10,
+ WC_CIPHER_IDEA = 11,
+
+ WC_CIPHER_MAX = WC_CIPHER_HC128
+ };
+
+ /* PK=public key (asymmetric) based algorithms */
+ enum wc_PkType {
+ WC_PK_TYPE_NONE = 0,
+ WC_PK_TYPE_RSA = 1,
+ WC_PK_TYPE_DH = 2,
+ WC_PK_TYPE_ECDH = 3,
+ WC_PK_TYPE_ECDSA_SIGN = 4,
+ WC_PK_TYPE_ECDSA_VERIFY = 5,
+ WC_PK_TYPE_ED25519_SIGN = 6,
+ WC_PK_TYPE_CURVE25519 = 7,
+ WC_PK_TYPE_RSA_KEYGEN = 8,
+ WC_PK_TYPE_EC_KEYGEN = 9,
+ WC_PK_TYPE_RSA_CHECK_PRIV_KEY = 10,
+ WC_PK_TYPE_EC_CHECK_PRIV_KEY = 11,
+ WC_PK_TYPE_ED448 = 12,
+ WC_PK_TYPE_CURVE448 = 13,
+ WC_PK_TYPE_ED25519_VERIFY = 14,
+ WC_PK_TYPE_ED25519_KEYGEN = 15,
+ WC_PK_TYPE_CURVE25519_KEYGEN = 16,
+ WC_PK_TYPE_MAX = WC_PK_TYPE_CURVE25519_KEYGEN
+ };
+
+
+ /* settings detection for compile vs runtime math incompatibilities */
+ enum {
+ #if !defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
+ CTC_SETTINGS = 0x0
+ #elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8)
+ CTC_SETTINGS = 0x1
+ #elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8)
+ CTC_SETTINGS = 0x2
+ #elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4)
+ CTC_SETTINGS = 0x4
+ #elif defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
+ CTC_SETTINGS = 0x8
+ #elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8)
+ CTC_SETTINGS = 0x10
+ #elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8)
+ CTC_SETTINGS = 0x20
+ #elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4)
+ CTC_SETTINGS = 0x40
+ #else
+ #error "bad math long / long long settings"
+ #endif
+ };
+
+
+ WOLFSSL_API word32 CheckRunTimeSettings(void);
+
+ /* If user uses RSA, DH, DSA, or ECC math lib directly then fast math and long
+ types need to match at compile time and run time, CheckCtcSettings will
+ return 1 if a match otherwise 0 */
+ #define CheckCtcSettings() (CTC_SETTINGS == CheckRunTimeSettings())
+
+ /* invalid device id */
+ #define INVALID_DEVID -2
+
+
+ /* AESNI requires alignment and ARMASM gains some performance from it
+ * Xilinx RSA operations require alignment */
+ #if defined(WOLFSSL_AESNI) || defined(WOLFSSL_ARMASM) || \
+ defined(USE_INTEL_SPEEDUP) || defined(WOLFSSL_AFALG_XILINX)
+ #ifndef WOLFSSL_USE_ALIGN
+ #define WOLFSSL_USE_ALIGN
+ #endif
+ #endif /* WOLFSSL_AESNI || WOLFSSL_ARMASM || USE_INTEL_SPEEDUP || WOLFSSL_AFALG_XILINX */
+
+ #ifdef WOLFSSL_USE_ALIGN
+ #if !defined(ALIGN16)
+ #if defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__)
+ #define ALIGN16 __attribute__ ( (aligned (16)))
+ #elif defined(_MSC_VER)
+ /* disable align warning, we want alignment ! */
+ #pragma warning(disable: 4324)
+ #define ALIGN16 __declspec (align (16))
+ #else
+ #define ALIGN16
+ #endif
+ #endif /* !ALIGN16 */
+
+ #if !defined (ALIGN32)
+ #if defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__)
+ #define ALIGN32 __attribute__ ( (aligned (32)))
+ #elif defined(_MSC_VER)
+ /* disable align warning, we want alignment ! */
+ #pragma warning(disable: 4324)
+ #define ALIGN32 __declspec (align (32))
+ #else
+ #define ALIGN32
+ #endif
+ #endif /* !ALIGN32 */
+
+ #if !defined(ALIGN64)
+ #if defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__)
+ #define ALIGN64 __attribute__ ( (aligned (64)))
+ #elif defined(_MSC_VER)
+ /* disable align warning, we want alignment ! */
+ #pragma warning(disable: 4324)
+ #define ALIGN64 __declspec (align (64))
+ #else
+ #define ALIGN64
+ #endif
+ #endif /* !ALIGN64 */
+
+ #if defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__)
+ #define ALIGN128 __attribute__ ( (aligned (128)))
+ #elif defined(_MSC_VER)
+ /* disable align warning, we want alignment ! */
+ #pragma warning(disable: 4324)
+ #define ALIGN128 __declspec (align (128))
+ #else
+ #define ALIGN128
+ #endif
+
+ #if defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__)
+ #define ALIGN256 __attribute__ ( (aligned (256)))
+ #elif defined(_MSC_VER)
+ /* disable align warning, we want alignment ! */
+ #pragma warning(disable: 4324)
+ #define ALIGN256 __declspec (align (256))
+ #else
+ #define ALIGN256
+ #endif
+
+ #else
+ #ifndef ALIGN16
+ #define ALIGN16
+ #endif
+ #ifndef ALIGN32
+ #define ALIGN32
+ #endif
+ #ifndef ALIGN64
+ #define ALIGN64
+ #endif
+ #ifndef ALIGN128
+ #define ALIGN128
+ #endif
+ #ifndef ALIGN256
+ #define ALIGN256
+ #endif
+ #endif /* WOLFSSL_USE_ALIGN */
+
+ #if !defined(PEDANTIC_EXTENSION)
+ #if defined(__GNUC__)
+ #define PEDANTIC_EXTENSION __extension__
+ #else
+ #define PEDANTIC_EXTENSION
+ #endif
+ #endif /* !PEDANTIC_EXTENSION */
+
+
+ #ifndef TRUE
+ #define TRUE 1
+ #endif
+ #ifndef FALSE
+ #define FALSE 0
+ #endif
+
+
+ #if defined(HAVE_STACK_SIZE)
+ #define EXIT_TEST(ret) return (void*)((size_t)(ret))
+ #else
+ #define EXIT_TEST(ret) return ret
+ #endif
+
+
+ #if (defined(__IAR_SYSTEMS_ICC__) && (__IAR_SYSTEMS_ICC__ > 8)) || \
+ defined(__GNUC__)
+ #define WOLFSSL_PACK __attribute__ ((packed))
+ #else
+ #define WOLFSSL_PACK
+ #endif
+
+ #ifndef __GNUC_PREREQ
+ #if defined(__GNUC__) && defined(__GNUC_MINOR__)
+ #define __GNUC_PREREQ(maj, min) \
+ ((__GNUC__ << 16) + __GNUC_MINOR__ >= ((maj) << 16) + (min))
+ #else
+ #define __GNUC_PREREQ(maj, min) (0) /* not GNUC */
+ #endif
+ #endif
+
+ #if defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__)
+ #define WC_NORETURN __attribute__((noreturn))
+ #else
+ #define WC_NORETURN
+ #endif
+
+ #if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || \
+ defined(WOLFSSL_DEBUG_MATH) || defined(DEBUG_WOLFSSL) || \
+ defined(WOLFSSL_PUBLIC_MP) || defined(OPENSSL_EXTRA) || \
+ (defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT))
+ #undef WC_MP_TO_RADIX
+ #define WC_MP_TO_RADIX
+ #endif
+
+ #if defined(__GNUC__) && __GNUC__ > 5
+ #define PRAGMA_GCC_IGNORE(str) _Pragma(str);
+ #define PRAGMA_GCC_POP _Pragma("GCC diagnostic pop");
+ #else
+ #define PRAGMA_GCC_IGNORE(str)
+ #define PRAGMA_GCC_POP
+ #endif
+
+ #ifdef __cplusplus
+ } /* extern "C" */
+ #endif
+
+#endif /* WOLF_CRYPT_TYPES_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/visibility.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/visibility.h
new file mode 100644
index 0000000..46a31a4
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/visibility.h
@@ -0,0 +1,81 @@
+/* visibility.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+/* Visibility control macros */
+
+#ifndef WOLF_CRYPT_VISIBILITY_H
+#define WOLF_CRYPT_VISIBILITY_H
+
+
+/* for compatibility and so that fips is using same name of macro @wc_fips */
+/* The following visibility wrappers are for old FIPS. New FIPS should use
+ * the same as a non-FIPS build. */
+#if defined(HAVE_FIPS) && \
+ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
+ #include <cyassl/ctaocrypt/visibility.h>
+ #define WOLFSSL_API CYASSL_API
+ #define WOLFSSL_LOCAL CYASSL_LOCAL
+#else
+
+/* WOLFSSL_API is used for the public API symbols.
+ It either imports or exports (or does nothing for static builds)
+
+ WOLFSSL_LOCAL is used for non-API symbols (private).
+*/
+
+#if defined(BUILDING_WOLFSSL)
+ #if defined(_MSC_VER) || defined(__MINGW32__) || defined(__CYGWIN__) || \
+ defined(_WIN32_WCE)
+ #if defined(WOLFSSL_DLL)
+ #define WOLFSSL_API __declspec(dllexport)
+ #else
+ #define WOLFSSL_API
+ #endif
+ #define WOLFSSL_LOCAL
+ #elif defined(HAVE_VISIBILITY) && HAVE_VISIBILITY
+ #define WOLFSSL_API __attribute__ ((visibility("default")))
+ #define WOLFSSL_LOCAL __attribute__ ((visibility("hidden")))
+ #elif defined(__SUNPRO_C) && (__SUNPRO_C >= 0x550)
+ #define WOLFSSL_API __global
+ #define WOLFSSL_LOCAL __hidden
+ #else
+ #define WOLFSSL_API
+ #define WOLFSSL_LOCAL
+ #endif /* HAVE_VISIBILITY */
+#else /* BUILDING_WOLFSSL */
+ #if defined(_MSC_VER) || defined(__MINGW32__) || defined(__CYGWIN__) || \
+ defined(_WIN32_WCE)
+ #if defined(WOLFSSL_DLL)
+ #define WOLFSSL_API __declspec(dllimport)
+ #else
+ #define WOLFSSL_API
+ #endif
+ #define WOLFSSL_LOCAL
+ #else
+ #define WOLFSSL_API
+ #define WOLFSSL_LOCAL
+ #endif
+#endif /* BUILDING_WOLFSSL */
+
+#endif /* HAVE_FIPS */
+#endif /* WOLF_CRYPT_VISIBILITY_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/wc_encrypt.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/wc_encrypt.h
new file mode 100644
index 0000000..56d9215
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/wc_encrypt.h
@@ -0,0 +1,126 @@
+/* wc_encrypt.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/wc_encrypt.h
+*/
+
+
+#ifndef WOLF_CRYPT_ENCRYPT_H
+#define WOLF_CRYPT_ENCRYPT_H
+
+#include <wolfssl/wolfcrypt/types.h>
+#ifndef NO_AES
+ #include <wolfssl/wolfcrypt/aes.h>
+#endif
+#ifdef HAVE_CHACHA
+ #include <wolfssl/wolfcrypt/chacha.h>
+#endif
+#ifndef NO_DES3
+ #include <wolfssl/wolfcrypt/des3.h>
+#endif
+#ifndef NO_RC4
+ #include <wolfssl/wolfcrypt/arc4.h>
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* determine max cipher key size - cannot use enum values here, must be define,
+ * since WC_MAX_SYM_KEY_SIZE is used in if macro logic. */
+#ifndef NO_AES
+ #define WC_MAX_SYM_KEY_SIZE (AES_MAX_KEY_SIZE/8)
+#elif defined(HAVE_CHACHA)
+ #define WC_MAX_SYM_KEY_SIZE 32 /* CHACHA_MAX_KEY_SZ */
+#elif !defined(NO_DES3)
+ #define WC_MAX_SYM_KEY_SIZE 24 /* DES3_KEY_SIZE */
+#elif !defined(NO_RC4)
+ #define WC_MAX_SYM_KEY_SIZE 16 /* RC4_KEY_SIZE */
+#else
+ #define WC_MAX_SYM_KEY_SIZE 32
+#endif
+
+
+#if (defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
+ (HAVE_FIPS_VERSION <= 2)) || (defined(HAVE_SELFTEST) && \
+ (!defined(HAVE_SELFTEST_VERSION) || (HAVE_SELFTEST_VERSION < 2)))
+ /* In FIPS cert 3389 and CAVP selftest v1 build, these enums are
+ * not in aes.h. Define them here outside the fips boundary.
+ */
+ #ifndef GCM_NONCE_MID_SZ
+ /* The usual default nonce size for AES-GCM. */
+ #define GCM_NONCE_MID_SZ 12
+ #endif
+ #ifndef CCM_NONCE_MIN_SZ
+ #define CCM_NONCE_MIN_SZ 7
+ #endif
+#endif
+
+
+#if !defined(NO_AES) && defined(HAVE_AES_CBC)
+WOLFSSL_API int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz,
+ const byte* key, word32 keySz,
+ const byte* iv);
+WOLFSSL_API int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
+ const byte* key, word32 keySz,
+ const byte* iv);
+#endif /* !NO_AES */
+
+
+#ifndef NO_DES3
+WOLFSSL_API int wc_Des_CbcDecryptWithKey(byte* out,
+ const byte* in, word32 sz,
+ const byte* key, const byte* iv);
+WOLFSSL_API int wc_Des_CbcEncryptWithKey(byte* out,
+ const byte* in, word32 sz,
+ const byte* key, const byte* iv);
+WOLFSSL_API int wc_Des3_CbcEncryptWithKey(byte* out,
+ const byte* in, word32 sz,
+ const byte* key, const byte* iv);
+WOLFSSL_API int wc_Des3_CbcDecryptWithKey(byte* out,
+ const byte* in, word32 sz,
+ const byte* key, const byte* iv);
+#endif /* !NO_DES3 */
+
+
+
+
+#ifdef WOLFSSL_ENCRYPTED_KEYS
+ struct EncryptedInfo;
+ WOLFSSL_API int wc_BufferKeyDecrypt(struct EncryptedInfo* info, byte* der, word32 derSz,
+ const byte* password, int passwordSz, int hashType);
+ WOLFSSL_API int wc_BufferKeyEncrypt(struct EncryptedInfo* info, byte* der, word32 derSz,
+ const byte* password, int passwordSz, int hashType);
+#endif /* WOLFSSL_ENCRYPTED_KEYS */
+
+#ifndef NO_PWDBASED
+ WOLFSSL_LOCAL int wc_CryptKey(const char* password, int passwordSz,
+ byte* salt, int saltSz, int iterations, int id, byte* input, int length,
+ int version, byte* cbcIv, int enc, int shaOid);
+#endif
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_ENCRYPT_H */
+
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/wc_port.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/wc_port.h
new file mode 100644
index 0000000..ca71bf7
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/wc_port.h
@@ -0,0 +1,1145 @@
+/* wc_port.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/wc_port.h
+*/
+
+#ifndef WOLF_CRYPT_PORT_H
+#define WOLF_CRYPT_PORT_H
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/visibility.h>
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* Detect if compiler supports C99. "NO_WOLF_C99" can be defined in
+ * user_settings.h to disable checking for C99 support. */
+#if !defined(WOLF_C99) && defined(__STDC_VERSION__) && \
+ !defined(WOLFSSL_ARDUINO) && !defined(NO_WOLF_C99)
+ #if __STDC_VERSION__ >= 199901L
+ #define WOLF_C99
+ #endif
+#endif
+
+
+/* GENERIC INCLUDE SECTION */
+#if defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
+ #include <mqx.h>
+ #if (defined(MQX_USE_IO_OLD) && MQX_USE_IO_OLD) || \
+ defined(FREESCALE_MQX_5_0)
+ #include <fio.h>
+ #else
+ #include <nio.h>
+ #endif
+#endif
+
+#ifdef WOLFSSL_LINUXKM
+ #ifdef HAVE_CONFIG_H
+ #ifndef PACKAGE_NAME
+ #error wc_port.h included before config.h
+ #endif
+ /* config.h is autogenerated without gating, and is subject to repeat
+ * inclusions, so gate it out here to keep autodetection masking
+ * intact:
+ */
+ #undef HAVE_CONFIG_H
+ #endif
+
+ #ifdef BUILDING_WOLFSSL
+
+ _Pragma("GCC diagnostic push");
+
+ /* we include all the needed kernel headers with these masked out. else
+ * there are profuse warnings.
+ */
+ _Pragma("GCC diagnostic ignored \"-Wunused-parameter\"");
+ _Pragma("GCC diagnostic ignored \"-Wpointer-arith\"");
+ _Pragma("GCC diagnostic ignored \"-Wshadow\"");
+ _Pragma("GCC diagnostic ignored \"-Wnested-externs\"");
+ _Pragma("GCC diagnostic ignored \"-Wredundant-decls\"");
+ _Pragma("GCC diagnostic ignored \"-Wsign-compare\"");
+ _Pragma("GCC diagnostic ignored \"-Wpointer-sign\"");
+ _Pragma("GCC diagnostic ignored \"-Wbad-function-cast\"");
+ _Pragma("GCC diagnostic ignored \"-Wdiscarded-qualifiers\"");
+ _Pragma("GCC diagnostic ignored \"-Wtype-limits\"");
+
+ /* suppress inclusion of stdint-gcc.h to avoid conflicts with Linux native include/linux/types.h: */
+ #define _GCC_STDINT_H
+
+ #include <linux/kconfig.h>
+ #include <linux/kernel.h>
+ #include <linux/version.h>
+ #include <linux/ctype.h>
+ #include <linux/init.h>
+ #include <linux/module.h>
+ #include <linux/mm.h>
+ #ifndef SINGLE_THREADED
+ #include <linux/kthread.h>
+ #endif
+ #include <linux/net.h>
+ #include <linux/slab.h>
+ #if defined(WOLFSSL_AESNI) || defined(USE_INTEL_SPEEDUP)
+ #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
+ #include <asm/i387.h>
+ #else
+ #include <asm/simd.h>
+ #endif
+ #ifndef SAVE_VECTOR_REGISTERS
+ #define SAVE_VECTOR_REGISTERS() kernel_fpu_begin()
+ #endif
+ #ifndef RESTORE_VECTOR_REGISTERS
+ #define RESTORE_VECTOR_REGISTERS() kernel_fpu_end()
+ #endif
+ #elif defined(WOLFSSL_ARMASM)
+ #include <asm/fpsimd.h>
+ #ifndef SAVE_VECTOR_REGISTERS
+ #define SAVE_VECTOR_REGISTERS() ({ preempt_disable(); fpsimd_preserve_current_state(); })
+ #endif
+ #ifndef RESTORE_VECTOR_REGISTERS
+ #define RESTORE_VECTOR_REGISTERS() ({ fpsimd_restore_current_state(); preempt_enable(); })
+ #endif
+ #else
+ #ifndef SAVE_VECTOR_REGISTERS
+ #define SAVE_VECTOR_REGISTERS() ({})
+ #endif
+ #ifndef RESTORE_VECTOR_REGISTERS
+ #define RESTORE_VECTOR_REGISTERS() ({})
+ #endif
+ #endif
+
+ _Pragma("GCC diagnostic pop");
+
+ /* Linux headers define these using C expressions, but we need
+ * them to be evaluable by the preprocessor, for use in sp_int.h.
+ */
+ _Static_assert(sizeof(ULONG_MAX) == 8, "WOLFSSL_LINUXKM supported only on targets with 64 bit long words.");
+ #undef UCHAR_MAX
+ #define UCHAR_MAX 255
+ #undef USHRT_MAX
+ #define USHRT_MAX 65535
+ #undef UINT_MAX
+ #define UINT_MAX 4294967295U
+ #undef ULONG_MAX
+ #define ULONG_MAX 18446744073709551615UL
+ #undef ULLONG_MAX
+ #define ULLONG_MAX ULONG_MAX
+ #undef INT_MAX
+ #define INT_MAX 2147483647
+ #undef LONG_MAX
+ #define LONG_MAX 9223372036854775807L
+ #undef LLONG_MAX
+ #define LLONG_MAX LONG_MAX
+
+ /* remove this multifariously conflicting macro, picked up from
+ * Linux arch/<arch>/include/asm/current.h.
+ */
+ #undef current
+
+ /* prevent gcc's mm_malloc.h from being included, since it unconditionally
+ * includes stdlib.h, which is kernel-incompatible.
+ */
+ #define _MM_MALLOC_H_INCLUDED
+
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 12, 0)
+ /* kvmalloc()/kvfree() and friends added in linux commit a7c3e901 */
+ #define malloc(x) kvmalloc(x, GFP_KERNEL)
+ #define free(x) kvfree(x)
+ void *lkm_realloc(void *ptr, size_t newsize);
+ #define realloc(x, y) lkm_realloc(x, y)
+#else
+ #define malloc(x) kmalloc(x, GFP_KERNEL)
+ #define free(x) kfree(x)
+ #define realloc(x,y) krealloc(x, y, GFP_KERNEL)
+#endif
+
+ /* min() and max() in linux/kernel.h over-aggressively type-check, producing
+ * myriad spurious -Werrors throughout the codebase.
+ */
+ #undef min
+ #undef max
+
+ /* work around namespace conflict between wolfssl/internal.h (enum HandShakeType)
+ * and linux/key.h (extern int()).
+ */
+ #define key_update wc_key_update
+
+ #define lkm_printf(format, args...) printk(KERN_INFO "wolfssl: %s(): " format, __func__, ## args)
+ #define printf(...) lkm_printf(__VA_ARGS__)
+
+ #endif /* BUILDING_WOLFSSL */
+
+ /* needed to suppress inclusion of stdio.h in wolfssl/wolfcrypt/types.h */
+ #define XSNPRINTF snprintf
+
+ /* the rigmarole around kstrtol() here is to accommodate its warn-unused-result attribute. */
+ #define XATOI(s) ({ \
+ long _xatoi_res = 0; \
+ int _xatoi_ret = kstrtol(s, 10, &_xatoi_res); \
+ if (_xatoi_ret != 0) { \
+ _xatoi_res = 0; \
+ } \
+ (int)_xatoi_res; \
+ })
+
+#else /* ! WOLFSSL_LINUXKM */
+
+ #ifndef SAVE_VECTOR_REGISTERS
+ #define SAVE_VECTOR_REGISTERS() do{}while(0)
+ #endif
+ #ifndef RESTORE_VECTOR_REGISTERS
+ #define RESTORE_VECTOR_REGISTERS() do{}while(0)
+ #endif
+
+#endif /* WOLFSSL_LINUXKM */
+
+/* THREADING/MUTEX SECTION */
+#ifdef USE_WINDOWS_API
+ #ifdef WOLFSSL_GAME_BUILD
+ #include "system/xtl.h"
+ #else
+ #ifndef WIN32_LEAN_AND_MEAN
+ #define WIN32_LEAN_AND_MEAN
+ #endif
+ #ifndef WOLFSSL_SGX
+ #if defined(_WIN32_WCE) || defined(WIN32_LEAN_AND_MEAN)
+ /* On WinCE winsock2.h must be included before windows.h */
+ #include <winsock2.h>
+ #endif
+ #include <windows.h>
+ #endif /* WOLFSSL_SGX */
+ #endif
+#elif defined(THREADX)
+ #ifndef SINGLE_THREADED
+ #ifdef NEED_THREADX_TYPES
+ #include <types.h>
+ #endif
+ #include <tx_api.h>
+ #endif
+#elif defined(WOLFSSL_DEOS)
+ #include "mutexapi.h"
+#elif defined(MICRIUM)
+ /* do nothing, just don't pick Unix */
+#elif defined(FREERTOS) || defined(FREERTOS_TCP) || defined(WOLFSSL_SAFERTOS)
+ /* do nothing */
+#elif defined(RTTHREAD)
+ /* do nothing */
+#elif defined(EBSNET)
+ /* do nothing */
+#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
+ /* do nothing */
+#elif defined(FREESCALE_FREE_RTOS)
+ #include "fsl_os_abstraction.h"
+#elif defined(WOLFSSL_VXWORKS)
+ #include <semLib.h>
+#elif defined(WOLFSSL_uITRON4)
+ #include "stddef.h"
+ #include "kernel.h"
+#elif defined(WOLFSSL_uTKERNEL2)
+ #include "tk/tkernel.h"
+#elif defined(WOLFSSL_CMSIS_RTOS)
+ #include "cmsis_os.h"
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+ #include "cmsis_os2.h"
+#elif defined(WOLFSSL_MDK_ARM)
+ #if defined(WOLFSSL_MDK5)
+ #include "cmsis_os.h"
+ #else
+ #include <rtl.h>
+ #endif
+#elif defined(WOLFSSL_CMSIS_RTOS)
+ #include "cmsis_os.h"
+#elif defined(WOLFSSL_TIRTOS)
+ #include <ti/sysbios/BIOS.h>
+ #include <ti/sysbios/knl/Semaphore.h>
+#elif defined(WOLFSSL_FROSTED)
+ #include <semaphore.h>
+#elif defined(INTIME_RTOS)
+ #include <rt.h>
+ #include <io.h>
+#elif defined(WOLFSSL_NUCLEUS_1_2)
+ /* NU_DEBUG needed struct access in nucleus_realloc */
+ #define NU_DEBUG
+ #include "plus/nucleus.h"
+ #include "nucleus.h"
+#elif defined(WOLFSSL_APACHE_MYNEWT)
+ /* do nothing */
+#elif defined(WOLFSSL_ZEPHYR)
+ #ifndef SINGLE_THREADED
+ #include <kernel.h>
+ #endif
+#elif defined(WOLFSSL_TELIT_M2MB)
+
+ /* Telit SDK uses C++ compile option (--cpp), which causes link issue
+ to API's if wrapped in extern "C" */
+ #ifdef __cplusplus
+ } /* extern "C" */
+ #endif
+
+ #include "m2mb_types.h"
+ #include "m2mb_os_types.h"
+ #include "m2mb_os_api.h"
+ #include "m2mb_os.h"
+ #include "m2mb_os_mtx.h"
+ #ifndef NO_ASN_TIME
+ #include "m2mb_rtc.h"
+ #endif
+ #ifndef NO_FILESYSTEM
+ #include "m2mb_fs_posix.h"
+ #endif
+
+ #undef kB /* eliminate conflict in asn.h */
+
+ #ifdef __cplusplus
+ extern "C" {
+ #endif
+
+#else
+ #ifndef SINGLE_THREADED
+ #ifndef WOLFSSL_USER_MUTEX
+ #if defined(WOLFSSL_LINUXKM)
+ #define WOLFSSL_KTHREADS
+ #else
+ #define WOLFSSL_PTHREADS
+ #include <pthread.h>
+ #endif
+ #endif
+ #endif
+ #if (defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)) && \
+ !defined(NO_FILESYSTEM)
+ #ifdef FUSION_RTOS
+ #include <fclunistd.h>
+ #else
+ #include <unistd.h> /* for close of BIO */
+ #endif
+ #endif
+#endif
+
+/* For FIPS keep the function names the same */
+#ifdef HAVE_FIPS
+#define wc_InitMutex InitMutex
+#define wc_FreeMutex FreeMutex
+#define wc_LockMutex LockMutex
+#define wc_UnLockMutex UnLockMutex
+#endif /* HAVE_FIPS */
+
+#ifdef SINGLE_THREADED
+ typedef int wolfSSL_Mutex;
+#else /* MULTI_THREADED */
+ /* FREERTOS comes first to enable use of FreeRTOS Windows simulator only */
+ #if defined(FREERTOS)
+ typedef xSemaphoreHandle wolfSSL_Mutex;
+ #elif defined(FREERTOS_TCP)
+ #include "FreeRTOS.h"
+ #include "semphr.h"
+ typedef SemaphoreHandle_t wolfSSL_Mutex;
+ #elif defined (RTTHREAD)
+ #include "rtthread.h"
+ typedef rt_mutex_t wolfSSL_Mutex;
+ #elif defined(WOLFSSL_SAFERTOS)
+ typedef struct wolfSSL_Mutex {
+ signed char mutexBuffer[portQUEUE_OVERHEAD_BYTES];
+ xSemaphoreHandle mutex;
+ } wolfSSL_Mutex;
+ #elif defined(USE_WINDOWS_API)
+ typedef CRITICAL_SECTION wolfSSL_Mutex;
+ #elif defined(WOLFSSL_PTHREADS)
+ typedef pthread_mutex_t wolfSSL_Mutex;
+ #elif defined(WOLFSSL_KTHREADS)
+ typedef struct mutex wolfSSL_Mutex;
+ #elif defined(THREADX)
+ typedef TX_MUTEX wolfSSL_Mutex;
+ #elif defined(WOLFSSL_DEOS)
+ typedef mutex_handle_t wolfSSL_Mutex;
+ #elif defined(MICRIUM)
+ typedef OS_MUTEX wolfSSL_Mutex;
+ #elif defined(EBSNET)
+ typedef RTP_MUTEX wolfSSL_Mutex;
+ #elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
+ typedef MUTEX_STRUCT wolfSSL_Mutex;
+ #elif defined(FREESCALE_FREE_RTOS)
+ typedef mutex_t wolfSSL_Mutex;
+ #elif defined(WOLFSSL_VXWORKS)
+ typedef SEM_ID wolfSSL_Mutex;
+ #elif defined(WOLFSSL_uITRON4)
+ typedef struct wolfSSL_Mutex {
+ T_CSEM sem ;
+ ID id ;
+ } wolfSSL_Mutex;
+ #elif defined(WOLFSSL_uTKERNEL2)
+ typedef struct wolfSSL_Mutex {
+ T_CSEM sem ;
+ ID id ;
+ } wolfSSL_Mutex;
+ #elif defined(WOLFSSL_MDK_ARM)
+ #if defined(WOLFSSL_CMSIS_RTOS)
+ typedef osMutexId wolfSSL_Mutex;
+ #else
+ typedef OS_MUT wolfSSL_Mutex;
+ #endif
+ #elif defined(WOLFSSL_CMSIS_RTOS)
+ typedef osMutexId wolfSSL_Mutex;
+ #elif defined(WOLFSSL_CMSIS_RTOSv2)
+ typedef osMutexId_t wolfSSL_Mutex;
+ #elif defined(WOLFSSL_TIRTOS)
+ typedef ti_sysbios_knl_Semaphore_Handle wolfSSL_Mutex;
+ #elif defined(WOLFSSL_FROSTED)
+ typedef mutex_t * wolfSSL_Mutex;
+ #elif defined(INTIME_RTOS)
+ typedef RTHANDLE wolfSSL_Mutex;
+ #elif defined(WOLFSSL_NUCLEUS_1_2)
+ typedef NU_SEMAPHORE wolfSSL_Mutex;
+ #elif defined(WOLFSSL_ZEPHYR)
+ typedef struct k_mutex wolfSSL_Mutex;
+ #elif defined(WOLFSSL_TELIT_M2MB)
+ typedef M2MB_OS_MTX_HANDLE wolfSSL_Mutex;
+ #elif defined(WOLFSSL_USER_MUTEX)
+ /* typedef User_Mutex wolfSSL_Mutex; */
+ #elif defined(WOLFSSL_LINUXKM)
+ typedef struct mutex wolfSSL_Mutex;
+ #else
+ #error Need a mutex type in multithreaded mode
+ #endif /* USE_WINDOWS_API */
+#endif /* SINGLE_THREADED */
+
+/* Enable crypt HW mutex for Freescale MMCAU, PIC32MZ or STM32 */
+#if defined(FREESCALE_MMCAU) || defined(WOLFSSL_MICROCHIP_PIC32MZ) || \
+ defined(STM32_CRYPTO) || defined(STM32_HASH) || defined(STM32_RNG)
+ #ifndef WOLFSSL_CRYPT_HW_MUTEX
+ #define WOLFSSL_CRYPT_HW_MUTEX 1
+ #endif
+#endif /* FREESCALE_MMCAU */
+
+#ifndef WOLFSSL_CRYPT_HW_MUTEX
+ #define WOLFSSL_CRYPT_HW_MUTEX 0
+#endif
+
+#if WOLFSSL_CRYPT_HW_MUTEX
+ /* wolfSSL_CryptHwMutexInit is called on first wolfSSL_CryptHwMutexLock,
+ however it's recommended to call this directly on Hw init to avoid possible
+ race condition where two calls to wolfSSL_CryptHwMutexLock are made at
+ the same time. */
+ int wolfSSL_CryptHwMutexInit(void);
+ int wolfSSL_CryptHwMutexLock(void);
+ int wolfSSL_CryptHwMutexUnLock(void);
+#else
+ /* Define stubs, since HW mutex is disabled */
+ #define wolfSSL_CryptHwMutexInit() 0 /* Success */
+ #define wolfSSL_CryptHwMutexLock() 0 /* Success */
+ #define wolfSSL_CryptHwMutexUnLock() (void)0 /* Success */
+#endif /* WOLFSSL_CRYPT_HW_MUTEX */
+
+/* Mutex functions */
+WOLFSSL_API int wc_InitMutex(wolfSSL_Mutex*);
+WOLFSSL_API wolfSSL_Mutex* wc_InitAndAllocMutex(void);
+WOLFSSL_API int wc_FreeMutex(wolfSSL_Mutex*);
+WOLFSSL_API int wc_LockMutex(wolfSSL_Mutex*);
+WOLFSSL_API int wc_UnLockMutex(wolfSSL_Mutex*);
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+/* dynamically set which mutex to use. unlock / lock is controlled by flag */
+typedef void (mutex_cb)(int flag, int type, const char* file, int line);
+
+WOLFSSL_API int wc_LockMutex_ex(int flag, int type, const char* file, int line);
+WOLFSSL_API int wc_SetMutexCb(mutex_cb* cb);
+#endif
+
+/* main crypto initialization function */
+WOLFSSL_API int wolfCrypt_Init(void);
+WOLFSSL_API int wolfCrypt_Cleanup(void);
+
+#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
+ WOLFSSL_API long wolfCrypt_heap_peakAllocs_checkpoint(void);
+ WOLFSSL_API long wolfCrypt_heap_peakBytes_checkpoint(void);
+#endif
+
+
+/* FILESYSTEM SECTION */
+/* filesystem abstraction layer, used by ssl.c */
+#ifndef NO_FILESYSTEM
+
+#if defined(EBSNET)
+ #include "vfapi.h"
+ #include "vfile.h"
+
+ int ebsnet_fseek(int a, long b, int c); /* Not prototyped in vfile.h per
+ * EBSnet feedback */
+
+ #define XFILE int
+ #define XFOPEN(NAME, MODE) vf_open((const char *)NAME, VO_RDONLY, 0);
+ #define XFSEEK ebsnet_fseek
+ #define XFTELL vf_tell
+ #define XREWIND vf_rewind
+ #define XFREAD(BUF, SZ, AMT, FD) vf_read(FD, BUF, SZ*AMT)
+ #define XFWRITE(BUF, SZ, AMT, FD) vf_write(FD, BUF, SZ*AMT)
+ #define XFCLOSE vf_close
+ #define XSEEK_END VSEEK_END
+ #define XBADFILE -1
+ #define XFGETS(b,s,f) -2 /* Not ported yet */
+
+#elif defined(LSR_FS)
+ #include <fs.h>
+ #define XFILE struct fs_file*
+ #define XFOPEN(NAME, MODE) fs_open((char*)NAME);
+ #define XFSEEK(F, O, W) (void)F
+ #define XFTELL(F) (F)->len
+ #define XREWIND(F) (void)F
+ #define XFREAD(BUF, SZ, AMT, F) fs_read(F, (char*)BUF, SZ*AMT)
+ #define XFWRITE(BUF, SZ, AMT, F) fs_write(F, (char*)BUF, SZ*AMT)
+ #define XFCLOSE fs_close
+ #define XSEEK_END 0
+ #define XBADFILE NULL
+ #define XFGETS(b,s,f) -2 /* Not ported yet */
+
+#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
+ #define XFILE MQX_FILE_PTR
+ #define XFOPEN fopen
+ #define XFSEEK fseek
+ #define XFTELL ftell
+ #define XREWIND(F) fseek(F, 0, IO_SEEK_SET)
+ #define XFREAD fread
+ #define XFWRITE fwrite
+ #define XFCLOSE fclose
+ #define XSEEK_END IO_SEEK_END
+ #define XBADFILE NULL
+ #define XFGETS fgets
+
+#elif defined(WOLFSSL_DEOS)
+ #define NO_FILESYSTEM
+ #warning "TODO - DDC-I Certifiable Fast File System for Deos is not integrated"
+#elif defined(MICRIUM)
+ #include <fs_api.h>
+ #define XFILE FS_FILE*
+ #define XFOPEN fs_fopen
+ #define XFSEEK fs_fseek
+ #define XFTELL fs_ftell
+ #define XREWIND fs_rewind
+ #define XFREAD fs_fread
+ #define XFWRITE fs_fwrite
+ #define XFCLOSE fs_fclose
+ #define XSEEK_END FS_SEEK_END
+ #define XBADFILE NULL
+ #define XFGETS(b,s,f) -2 /* Not ported yet */
+
+#elif defined(WOLFSSL_NUCLEUS_1_2)
+ #include "fal/inc/fal.h"
+ #define XFILE FILE*
+ #define XFOPEN fopen
+ #define XFSEEK fseek
+ #define XFTELL ftell
+ #define XREWIND rewind
+ #define XFREAD fread
+ #define XFWRITE fwrite
+ #define XFCLOSE fclose
+ #define XSEEK_END PSEEK_END
+ #define XBADFILE NULL
+
+#elif defined(WOLFSSL_APACHE_MYNEWT)
+ #include <fs/fs.h>
+ #define XFILE struct fs_file*
+
+ #define XFOPEN mynewt_fopen
+ #define XFSEEK mynewt_fseek
+ #define XFTELL mynewt_ftell
+ #define XREWIND mynewt_rewind
+ #define XFREAD mynewt_fread
+ #define XFWRITE mynewt_fwrite
+ #define XFCLOSE mynewt_fclose
+ #define XSEEK_END 2
+ #define XBADFILE NULL
+ #define XFGETS(b,s,f) -2 /* Not ported yet */
+
+#elif defined(WOLFSSL_ZEPHYR)
+ #include <fs.h>
+
+ #define XFILE struct fs_file_t*
+ #define STAT struct fs_dirent
+
+ XFILE z_fs_open(const char* filename, const char* perm);
+ int z_fs_close(XFILE file);
+
+ #define XFOPEN z_fs_open
+ #define XFCLOSE z_fs_close
+ #define XFSEEK fs_seek
+ #define XFTELL fs_tell
+ #define XFREWIND fs_rewind
+ #define XREWIND(F) fs_seek(F, 0, FS_SEEK_SET)
+ #define XFREAD(P,S,N,F) fs_read(F, P, S*N)
+ #define XFWRITE(P,S,N,F) fs_write(F, P, S*N)
+ #define XSEEK_END FS_SEEK_END
+ #define XBADFILE NULL
+ #define XFGETS(b,s,f) -2 /* Not ported yet */
+
+#elif defined(WOLFSSL_TELIT_M2MB)
+ #define XFILE INT32
+ #define XFOPEN(NAME, MODE) m2mb_fs_open((NAME), 0, (MODE))
+ #define XFSEEK(F, O, W) m2mb_fs_lseek((F), (O), (W))
+ #define XFTELL(F) m2mb_fs_lseek((F), 0, M2MB_SEEK_END)
+ #define XREWIND(F) (void)F
+ #define XFREAD(BUF, SZ, AMT, F) m2mb_fs_read((F), (BUF), (SZ)*(AMT))
+ #define XFWRITE(BUF, SZ, AMT, F) m2mb_fs_write((F), (BUF), (SZ)*(AMT))
+ #define XFCLOSE m2mb_fs_close
+ #define XSEEK_END M2MB_SEEK_END
+ #define XBADFILE -1
+ #define XFGETS(b,s,f) -2 /* Not ported yet */
+
+#elif defined (WOLFSSL_XILINX)
+ #include "xsdps.h"
+ #include "ff.h"
+
+ /* workaround to declare variable and provide type */
+ #define XFILE FIL curFile; FIL*
+ #define XFOPEN(NAME, MODE) ({ FRESULT res; res = f_open(&curFile, (NAME), (FA_OPEN_ALWAYS | FA_WRITE | FA_READ)); (res == FR_OK) ? &curFile : NULL; })
+ #define XFSEEK(F, O, W) f_lseek((F), (O))
+ #define XFTELL(F) f_tell((F))
+ #define XREWIND(F) f_rewind((F))
+ #define XFREAD(BUF, SZ, AMT, F) ({ FRESULT res; UINT br; res = f_read((F), (BUF), (SZ)*(AMT), &br); (void)br; res; })
+ #define XFWRITE(BUF, SZ, AMT, F) ({ FRESULT res; UINT written; res = f_write((F), (BUF), (SZ)*(AMT), &written); (void)written; res; })
+ #define XFCLOSE(F) f_close((F))
+ #define XSEEK_END 0
+ #define XBADFILE NULL
+ #define XFGETS(b,s,f) f_gets((b), (s), (f))
+#elif defined (_WIN32_WCE)
+ /* stdio, WINCE case */
+ #include <stdio.h>
+ #define XFILE FILE*
+ #define XFOPEN fopen
+ #define XFDOPEN fdopen
+ #define XFSEEK fseek
+ #define XFTELL ftell
+ #define XREWIND(F) XFSEEK(F, 0, SEEK_SET)
+ #define XFREAD fread
+ #define XFWRITE fwrite
+ #define XFCLOSE fclose
+ #define XSEEK_END SEEK_END
+ #define XBADFILE NULL
+ #define XFGETS fgets
+ #define XVSNPRINTF _vsnprintf
+
+#elif defined(FUSION_RTOS)
+ #include <fclstdio.h>
+ #include <fclunistd.h>
+ #include <fcldirent.h>
+ #include <sys/fclstat.h>
+ #include <fclstring.h>
+ #include <fcl_os.h>
+ #define XFILE FCL_FILE*
+ #define XFOPEN FCL_FOPEN
+ #define XFSEEK FCL_FSEEK
+ #define XFTELL FCL_FTELL
+ #define XREWIND FCL_REWIND
+ #define XFREAD FCL_FREAD
+ #define XFWRITE FCL_FWRITE
+ #define XFCLOSE FCL_FCLOSE
+ #define XSEEK_END SEEK_END
+ #define XBADFILE NULL
+ #define XFGETS FCL_FGETS
+ #define XFPUTS FCL_FPUTS
+ #define XFPRINTF FCL_FPRINTF
+ #define XVFPRINTF FCL_VFPRINTF
+ #define XVSNPRINTF FCL_VSNPRINTF
+ #define XSNPRINTF FCL_SNPRINTF
+ #define XSPRINTF FCL_SPRINTF
+ #define DIR FCL_DIR
+ #define stat FCL_STAT
+ #define opendir FCL_OPENDIR
+ #define closedir FCL_CLOSEDIR
+ #define readdir FCL_READDIR
+ #define dirent fclDirent
+ #define strncasecmp FCL_STRNCASECMP
+
+ /* FUSION SPECIFIC ERROR CODE */
+ #define FUSION_IO_SEND_E FCL_EWOULDBLOCK
+
+#elif defined(WOLFSSL_USER_FILESYSTEM)
+ /* To be defined in user_settings.h */
+#else
+ /* stdio, default case */
+ #include <stdio.h>
+ #define XFILE FILE*
+ #if defined(WOLFSSL_MDK_ARM)
+ extern FILE * wolfSSL_fopen(const char *name, const char *mode) ;
+ #define XFOPEN wolfSSL_fopen
+ #else
+ #define XFOPEN fopen
+ #endif
+ #define XFDOPEN fdopen
+ #define XFSEEK fseek
+ #define XFTELL ftell
+ #define XREWIND rewind
+ #define XFREAD fread
+ #define XFWRITE fwrite
+ #define XFCLOSE fclose
+ #define XSEEK_END SEEK_END
+ #define XBADFILE NULL
+ #define XFGETS fgets
+ #define XFPRINTF fprintf
+
+ #if !defined(NO_WOLFSSL_DIR)\
+ && !defined(WOLFSSL_NUCLEUS) && !defined(WOLFSSL_NUCLEUS_1_2)
+ #if defined(USE_WINDOWS_API)
+ #include <sys/stat.h>
+ #define XSTAT _stat
+ #define XS_ISREG(s) (s & _S_IFREG)
+ #define SEPARATOR_CHAR ';'
+
+ #elif defined(INTIME_RTOS)
+ #include <sys/stat.h>
+ #define XSTAT _stat64
+ #define XS_ISREG(s) S_ISREG(s)
+ #define SEPARATOR_CHAR ';'
+ #define XWRITE write
+ #define XREAD read
+ #define XCLOSE close
+
+ #elif defined(WOLFSSL_ZEPHYR)
+ #define XSTAT fs_stat
+ #define XS_ISREG(s) (s == FS_DIR_ENTRY_FILE)
+ #define SEPARATOR_CHAR ':'
+ #elif defined(WOLFSSL_TELIT_M2MB)
+ #define XSTAT m2mb_fs_stat
+ #define XS_ISREG(s) (s & M2MB_S_IFREG)
+ #define SEPARATOR_CHAR ':'
+ #else
+ #include <dirent.h>
+ #include <unistd.h>
+ #include <sys/stat.h>
+ #define XWRITE write
+ #define XREAD read
+ #define XCLOSE close
+ #define XSTAT stat
+ #define XS_ISREG(s) S_ISREG(s)
+ #define SEPARATOR_CHAR ':'
+ #endif
+ #endif
+#endif
+
+/* Defaults, user may over-ride with user_settings.h or in a porting section
+ * above
+ */
+#ifndef XVFPRINTF
+ #define XVFPRINTF vfprintf
+#endif
+#ifndef XVSNPRINTF
+ #define XVSNPRINTF vsnprintf
+#endif
+#ifndef XFPUTS
+ #define XFPUTS fputs
+#endif
+#ifndef XSPRINTF
+ #define XSPRINTF sprintf
+#endif
+
+ #ifndef MAX_FILENAME_SZ
+ #define MAX_FILENAME_SZ 256 /* max file name length */
+ #endif
+ #ifndef MAX_PATH
+ #define MAX_PATH 256
+ #endif
+
+ WOLFSSL_LOCAL int wc_FileLoad(const char* fname, unsigned char** buf,
+ size_t* bufLen, void* heap);
+
+#if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_NUCLEUS) && \
+ !defined(WOLFSSL_NUCLEUS_1_2)
+ typedef struct ReadDirCtx {
+ #ifdef USE_WINDOWS_API
+ WIN32_FIND_DATAA FindFileData;
+ HANDLE hFind;
+ struct XSTAT s;
+ #elif defined(WOLFSSL_ZEPHYR)
+ struct fs_dirent entry;
+ struct fs_dir_t dir;
+ struct fs_dirent s;
+ struct fs_dir_t* dirp;
+
+ #elif defined(WOLFSSL_TELIT_M2MB)
+ M2MB_DIR_T* dir;
+ struct M2MB_DIRENT* entry;
+ struct M2MB_STAT s;
+ #elif defined(INTIME_RTOS)
+ struct stat64 s;
+ struct _find64 FindFileData;
+ #define IntimeFindFirst(name, data) (0 == _findfirst64(name, data))
+ #define IntimeFindNext(data) (0 == _findnext64(data))
+ #define IntimeFindClose(data) (0 == _findclose64(data))
+ #define IntimeFilename(ctx) ctx->FindFileData.f_filename
+ #else
+ struct dirent* entry;
+ DIR* dir;
+ struct XSTAT s;
+ #endif
+ char name[MAX_FILENAME_SZ];
+ } ReadDirCtx;
+
+ #define WC_READDIR_NOFILE -1
+
+ WOLFSSL_API int wc_ReadDirFirst(ReadDirCtx* ctx, const char* path, char** name);
+ WOLFSSL_API int wc_ReadDirNext(ReadDirCtx* ctx, const char* path, char** name);
+ WOLFSSL_API void wc_ReadDirClose(ReadDirCtx* ctx);
+#endif /* !NO_WOLFSSL_DIR */
+ #define WC_ISFILEEXIST_NOFILE -1
+
+ WOLFSSL_API int wc_FileExists(const char* fname);
+
+#endif /* !NO_FILESYSTEM */
+
+
+/* MIN/MAX MACRO SECTION */
+/* Windows API defines its own min() macro. */
+#if defined(USE_WINDOWS_API)
+ #if defined(min) || defined(WOLFSSL_MYSQL_COMPATIBLE)
+ #define WOLFSSL_HAVE_MIN
+ #endif /* min */
+ #if defined(max) || defined(WOLFSSL_MYSQL_COMPATIBLE)
+ #define WOLFSSL_HAVE_MAX
+ #endif /* max */
+#endif /* USE_WINDOWS_API */
+
+#ifdef __QNXNTO__
+ #define WOLFSSL_HAVE_MIN
+ #define WOLFSSL_HAVE_MAX
+#endif
+
+/* TIME SECTION */
+/* Time functions */
+#ifndef NO_ASN_TIME
+#if defined(USER_TIME)
+ /* Use our gmtime and time_t/struct tm types.
+ Only needs seconds since EPOCH using XTIME function.
+ time_t XTIME(time_t * timer) {}
+ */
+ #define WOLFSSL_GMTIME
+ #ifndef HAVE_TM_TYPE
+ #define USE_WOLF_TM
+ #endif
+ #ifndef HAVE_TIME_T_TYPE
+ #define USE_WOLF_TIME_T
+ #endif
+
+#elif defined(TIME_OVERRIDES)
+ /* Override XTIME() and XGMTIME() functionality.
+ Requires user to provide these functions:
+ time_t XTIME(time_t * timer) {}
+ struct tm* XGMTIME(const time_t* timer, struct tm* tmp) {}
+ */
+ #ifndef HAVE_TIME_T_TYPE
+ #define USE_WOLF_TIME_T
+ #endif
+ #ifndef HAVE_TM_TYPE
+ #define USE_WOLF_TM
+ #endif
+ #define NEED_TMP_TIME
+
+#elif defined(WOLFSSL_XILINX)
+ #ifndef XTIME
+ #define XTIME(t1) xilinx_time((t1))
+ #endif
+ #include <time.h>
+
+#elif defined(HAVE_RTP_SYS)
+ #include "os.h" /* dc_rtc_api needs */
+ #include "dc_rtc_api.h" /* to get current time */
+
+ /* uses parital <time.h> structures */
+ #define XTIME(tl) (0)
+ #define XGMTIME(c, t) rtpsys_gmtime((c))
+
+#elif defined(WOLFSSL_DEOS)
+ #include <time.h>
+
+#elif defined(MICRIUM)
+ #include <clk.h>
+ #include <time.h>
+ #define XTIME(t1) micrium_time((t1))
+ #define WOLFSSL_GMTIME
+
+#elif defined(MICROCHIP_TCPIP_V5) || defined(MICROCHIP_TCPIP)
+ #include <time.h>
+ extern time_t pic32_time(time_t* timer);
+ #define XTIME(t1) pic32_time((t1))
+ #define XGMTIME(c, t) gmtime((c))
+
+#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
+ #ifdef FREESCALE_MQX_4_0
+ #include <time.h>
+ extern time_t mqx_time(time_t* timer);
+ #else
+ #define HAVE_GMTIME_R
+ #endif
+ #define XTIME(t1) mqx_time((t1))
+
+#elif defined(FREESCALE_KSDK_BM) || defined(FREESCALE_FREE_RTOS) || defined(FREESCALE_KSDK_FREERTOS)
+ #include <time.h>
+ #ifndef XTIME
+ /*extern time_t ksdk_time(time_t* timer);*/
+ #define XTIME(t1) ksdk_time((t1))
+ #endif
+ #define XGMTIME(c, t) gmtime((c))
+
+#elif defined(WOLFSSL_ATMEL) && defined(WOLFSSL_ATMEL_TIME)
+ #define XTIME(t1) atmel_get_curr_time_and_date((t1))
+ #define WOLFSSL_GMTIME
+ #define USE_WOLF_TM
+ #define USE_WOLF_TIME_T
+
+#elif defined(WOLFSSL_WICED)
+ #include <time.h>
+ time_t wiced_pseudo_unix_epoch_time(time_t * timer);
+ #define XTIME(t1) wiced_pseudo_unix_epoch_time((t1))
+ #define HAVE_GMTIME_R
+
+#elif defined(IDIRECT_DEV_TIME)
+ /*Gets the timestamp from cloak software owned by VT iDirect
+ in place of time() from <time.h> */
+ #include <time.h>
+ #define XTIME(t1) idirect_time((t1))
+ #define XGMTIME(c, t) gmtime((c))
+
+#elif defined(_WIN32_WCE)
+ #include <windows.h>
+ #include <stdlib.h> /* For file system */
+
+ time_t windows_time(time_t* timer);
+
+ #define FindNextFileA(h, d) FindNextFile(h, (LPWIN32_FIND_DATAW) d)
+ #define FindFirstFileA(fn, d) FindFirstFile((LPCWSTR) fn, \
+ (LPWIN32_FIND_DATAW) d)
+ #define XTIME(t1) windows_time((t1))
+ #define WOLFSSL_GMTIME
+
+ /* if struct tm is not defined in WINCE SDK */
+ #ifndef _TM_DEFINED
+ struct tm {
+ int tm_sec; /* seconds */
+ int tm_min; /* minutes */
+ int tm_hour; /* hours */
+ int tm_mday; /* day of month (month specific) */
+ int tm_mon; /* month */
+ int tm_year; /* year */
+ int tm_wday; /* day of week (out of 1-7)*/
+ int tm_yday; /* day of year (out of 365) */
+ int tm_isdst; /* is it daylight savings */
+ };
+ #define _TM_DEFINED
+ #endif
+
+#elif defined(WOLFSSL_APACHE_MYNEWT)
+ #include "os/os_time.h"
+ #define XTIME(t1) mynewt_time((t1))
+ #define WOLFSSL_GMTIME
+ #define USE_WOLF_TM
+ #define USE_WOLF_TIME_T
+
+#elif defined(WOLFSSL_ZEPHYR)
+ #ifndef _POSIX_C_SOURCE
+ #include <posix/time.h>
+ #else
+ #include <sys/time.h>
+ #endif
+
+ typedef signed int time_t;
+
+ time_t z_time(time_t *timer);
+
+ #define XTIME(tl) z_time((tl))
+ #define XGMTIME(c, t) gmtime((c))
+ #define WOLFSSL_GMTIME
+
+ #define USE_WOLF_TM
+
+#elif defined(WOLFSSL_TELIT_M2MB)
+ typedef long time_t;
+ extern time_t m2mb_xtime(time_t * timer);
+ #define XTIME(tl) m2mb_xtime((tl))
+ #ifdef WOLFSSL_TLS13
+ extern time_t m2mb_xtime_ms(time_t * timer);
+ #define XTIME_MS(tl) m2mb_xtime_ms((tl))
+ #endif
+ #ifndef NO_CRYPT_BENCHMARK
+ extern double m2mb_xtime_bench(int reset);
+ #define WOLFSSL_CURRTIME_REMAP m2mb_xtime_bench
+ #endif
+ #define XGMTIME(c, t) gmtime((c))
+ #define WOLFSSL_GMTIME
+ #define USE_WOLF_TM
+
+
+#elif defined(WOLFSSL_LINUXKM)
+ #ifdef BUILDING_WOLFSSL
+
+ /* includes are all above, with incompatible warnings masked out. */
+ #if LINUX_VERSION_CODE < KERNEL_VERSION(5, 5, 0)
+ typedef __kernel_time_t time_t;
+ #else
+ typedef __kernel_time64_t time_t;
+ #endif
+ extern time_t time(time_t * timer);
+ #define XTIME time
+ #define WOLFSSL_GMTIME
+ #define XGMTIME(c, t) gmtime(c)
+ #define NO_TIMEVAL 1
+
+ #endif /* BUILDING_WOLFSSL */
+
+#else
+ /* default */
+ /* uses complete <time.h> facility */
+ #include <time.h>
+ #if defined(HAVE_SYS_TIME_H)
+ #include <sys/time.h>
+ #endif
+
+ /* PowerPC time_t is int */
+ #ifdef __PPC__
+ #define TIME_T_NOT_64BIT
+ #endif
+#endif
+
+#ifdef SIZEOF_TIME_T
+ /* check if size of time_t from autoconf is less than 8 bytes (64bits) */
+ #if SIZEOF_TIME_T < 8
+ #undef TIME_T_NOT_64BIT
+ #define TIME_T_NOT_64BIT
+ #endif
+#endif
+#ifdef TIME_T_NOT_LONG
+ /* one old reference to TIME_T_NOT_LONG in GCC-ARM example README
+ * this keeps support for the old macro name */
+ #undef TIME_T_NOT_64BIT
+ #define TIME_T_NOT_64BIT
+#endif
+
+/* Map default time functions */
+#if !defined(XTIME) && !defined(TIME_OVERRIDES) && !defined(USER_TIME)
+ #ifdef TEST_BEFORE_DATE
+ #define XTIME(tl) (946681200UL) /* Jan 1, 2000 */
+ #else
+ #define XTIME(tl) time((tl))
+ #endif
+#endif
+#if !defined(XGMTIME) && !defined(TIME_OVERRIDES)
+ /* Always use gmtime_r if available. */
+ #if defined(HAVE_GMTIME_R)
+ #define XGMTIME(c, t) gmtime_r((c), (t))
+ #define NEED_TMP_TIME
+ #else
+ #define XGMTIME(c, t) gmtime((c))
+ #endif
+#endif
+#if !defined(XVALIDATE_DATE) && !defined(HAVE_VALIDATE_DATE)
+ #define USE_WOLF_VALIDDATE
+ #define XVALIDATE_DATE(d, f, t) wc_ValidateDate((d), (f), (t))
+#endif
+
+/* wolf struct tm and time_t */
+#if defined(USE_WOLF_TM)
+ struct tm {
+ int tm_sec; /* seconds after the minute [0-60] */
+ int tm_min; /* minutes after the hour [0-59] */
+ int tm_hour; /* hours since midnight [0-23] */
+ int tm_mday; /* day of the month [1-31] */
+ int tm_mon; /* months since January [0-11] */
+ int tm_year; /* years since 1900 */
+ int tm_wday; /* days since Sunday [0-6] */
+ int tm_yday; /* days since January 1 [0-365] */
+ int tm_isdst; /* Daylight Savings Time flag */
+ long tm_gmtoff; /* offset from CUT in seconds */
+ char *tm_zone; /* timezone abbreviation */
+ };
+#endif /* USE_WOLF_TM */
+#if defined(USE_WOLF_TIME_T)
+ typedef long time_t;
+#endif
+#if defined(USE_WOLF_SUSECONDS_T)
+ typedef long suseconds_t;
+#endif
+#if defined(USE_WOLF_TIMEVAL_T)
+ struct timeval
+ {
+ time_t tv_sec;
+ suseconds_t tv_usec;
+ };
+#endif
+
+ /* forward declarations */
+#if defined(USER_TIME)
+ struct tm* gmtime(const time_t* timer);
+ extern time_t XTIME(time_t * timer);
+
+ #ifdef STACK_TRAP
+ /* for stack trap tracking, don't call os gmtime on OS X/linux,
+ uses a lot of stack spce */
+ extern time_t time(time_t * timer);
+ #define XTIME(tl) time((tl))
+ #endif /* STACK_TRAP */
+
+#elif defined(TIME_OVERRIDES)
+ extern time_t XTIME(time_t * timer);
+ extern struct tm* XGMTIME(const time_t* timer, struct tm* tmp);
+#elif defined(WOLFSSL_GMTIME)
+ struct tm* gmtime(const time_t* timer);
+#endif
+#endif /* NO_ASN_TIME */
+
+
+#ifndef WOLFSSL_LEANPSK
+ char* mystrnstr(const char* s1, const char* s2, unsigned int n);
+#endif
+
+#ifndef FILE_BUFFER_SIZE
+ #define FILE_BUFFER_SIZE 1024 /* default static file buffer size for input, \
+ will use dynamic buffer if not big enough */
+#endif
+
+#ifdef HAVE_CAVIUM_OCTEON_SYNC
+ /* By default, the OCTEON's global variables are all thread local. This
+ * tag allows them to be shared between threads. */
+ #include "cvmx-platform.h"
+ #define WOLFSSL_GLOBAL CVMX_SHARED
+#else
+ #define WOLFSSL_GLOBAL
+#endif
+
+#ifdef WOLFSSL_DSP
+ #include "wolfssl_dsp.h"
+
+ /* callbacks for setting handle */
+ typedef int (*wolfSSL_DSP_Handle_cb)(remote_handle64 *handle, int finished,
+ void *ctx);
+ WOLFSSL_API int wolfSSL_GetHandleCbSet();
+ WOLFSSL_API int wolfSSL_SetHandleCb(wolfSSL_DSP_Handle_cb in);
+ WOLFSSL_LOCAL int wolfSSL_InitHandle();
+ WOLFSSL_LOCAL void wolfSSL_CleanupHandle();
+#endif
+
+#ifdef WOLFSSL_SCE
+ #ifndef WOLFSSL_SCE_GSCE_HANDLE
+ #define WOLFSSL_SCE_GSCE_HANDLE g_sce
+ #endif
+#endif
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_PORT_H */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/wolfevent.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/wolfevent.h
new file mode 100644
index 0000000..639f548
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/wolfevent.h
@@ -0,0 +1,120 @@
+/* wolfevent.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef _WOLF_EVENT_H_
+#define _WOLF_EVENT_H_
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#ifndef SINGLE_THREADED
+ #include <wolfssl/wolfcrypt/wc_port.h>
+#endif
+
+typedef struct WOLF_EVENT WOLF_EVENT;
+typedef unsigned short WOLF_EVENT_FLAG;
+
+typedef enum WOLF_EVENT_TYPE {
+ WOLF_EVENT_TYPE_NONE,
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WOLF_EVENT_TYPE_ASYNC_WOLFSSL, /* context is WOLFSSL* */
+ WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT, /* context is WC_ASYNC_DEV */
+ WOLF_EVENT_TYPE_ASYNC_FIRST = WOLF_EVENT_TYPE_ASYNC_WOLFSSL,
+ WOLF_EVENT_TYPE_ASYNC_LAST = WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT,
+#endif /* WOLFSSL_ASYNC_CRYPT */
+} WOLF_EVENT_TYPE;
+
+typedef enum WOLF_EVENT_STATE {
+ WOLF_EVENT_STATE_READY,
+ WOLF_EVENT_STATE_PENDING,
+ WOLF_EVENT_STATE_DONE,
+} WOLF_EVENT_STATE;
+
+struct WOLF_EVENT {
+ /* double linked list */
+ WOLF_EVENT* next;
+ WOLF_EVENT* prev;
+
+ void* context;
+ union {
+ void* ptr;
+#ifdef WOLFSSL_ASYNC_CRYPT
+ struct WC_ASYNC_DEV* async;
+#endif
+ } dev;
+#ifdef HAVE_CAVIUM
+ word64 reqId;
+ #ifdef WOLFSSL_NITROX_DEBUG
+ word32 pendCount;
+ #endif
+#endif
+#ifndef WC_NO_ASYNC_THREADING
+ pthread_t threadId;
+#endif
+ int ret; /* Async return code */
+ unsigned int flags;
+ WOLF_EVENT_TYPE type;
+ WOLF_EVENT_STATE state;
+};
+
+enum WOLF_POLL_FLAGS {
+ WOLF_POLL_FLAG_CHECK_HW = 0x01,
+};
+
+typedef struct {
+ WOLF_EVENT* head; /* head of queue */
+ WOLF_EVENT* tail; /* tail of queue */
+#ifndef SINGLE_THREADED
+ wolfSSL_Mutex lock; /* queue lock */
+#endif
+ int count;
+} WOLF_EVENT_QUEUE;
+
+
+#ifdef HAVE_WOLF_EVENT
+
+/* Event */
+WOLFSSL_API int wolfEvent_Init(WOLF_EVENT* event, WOLF_EVENT_TYPE type, void* context);
+WOLFSSL_API int wolfEvent_Poll(WOLF_EVENT* event, WOLF_EVENT_FLAG flags);
+
+/* Event Queue */
+WOLFSSL_API int wolfEventQueue_Init(WOLF_EVENT_QUEUE* queue);
+WOLFSSL_API int wolfEventQueue_Push(WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event);
+WOLFSSL_API int wolfEventQueue_Pop(WOLF_EVENT_QUEUE* queue, WOLF_EVENT** event);
+WOLFSSL_API int wolfEventQueue_Poll(WOLF_EVENT_QUEUE* queue, void* context_filter,
+ WOLF_EVENT** events, int maxEvents, WOLF_EVENT_FLAG flags, int* eventCount);
+WOLFSSL_API int wolfEventQueue_Count(WOLF_EVENT_QUEUE* queue);
+WOLFSSL_API void wolfEventQueue_Free(WOLF_EVENT_QUEUE* queue);
+
+/* the queue mutex must be locked prior to calling these */
+WOLFSSL_API int wolfEventQueue_Add(WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event);
+WOLFSSL_API int wolfEventQueue_Remove(WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event);
+
+
+#endif /* HAVE_WOLF_EVENT */
+
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* _WOLF_EVENT_H_ */
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/wolfmath.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/wolfmath.h
new file mode 100644
index 0000000..3430033
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/wolfmath.h
@@ -0,0 +1,102 @@
+/* wolfmath.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*
+DESCRIPTION
+This library provides big integer math functions.
+
+*/
+#ifndef __WOLFMATH_H__
+#define __WOLFMATH_H__
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#ifdef WOLFSSL_PUBLIC_MP
+ #define MP_API WOLFSSL_API
+#else
+ #define MP_API WOLFSSL_LOCAL
+#endif
+
+#ifndef MIN
+ #define MIN(x,y) ((x)<(y)?(x):(y))
+#endif
+
+#ifndef MAX
+ #define MAX(x,y) ((x)>(y)?(x):(y))
+#endif
+
+/* timing resistance array */
+#if !defined(WC_NO_CACHE_RESISTANT) && \
+ ((defined(HAVE_ECC) && defined(ECC_TIMING_RESISTANT)) || \
+ (defined(USE_FAST_MATH) && defined(TFM_TIMING_RESISTANT)))
+
+ extern const wc_ptr_t wc_off_on_addr[2];
+#endif
+
+
+/* common math functions */
+MP_API int get_digit_count(const mp_int* a);
+MP_API mp_digit get_digit(const mp_int* a, int n);
+MP_API int get_rand_digit(WC_RNG* rng, mp_digit* d);
+
+WOLFSSL_API int mp_cond_copy(mp_int* a, int copy, mp_int* b);
+WOLFSSL_API int mp_rand(mp_int* a, int digits, WC_RNG* rng);
+
+#define WC_TYPE_HEX_STR 1
+#define WC_TYPE_UNSIGNED_BIN 2
+#if defined(WOLFSSL_QNX_CAAM)
+ #define WC_TYPE_BLACK_KEY 3
+#endif
+
+WOLFSSL_API int wc_export_int(mp_int* mp, byte* buf, word32* len,
+ word32 keySz, int encType);
+
+#ifdef HAVE_WOLF_BIGINT
+ #if !defined(WOLF_BIGINT_DEFINED)
+ /* raw big integer */
+ typedef struct WC_BIGINT {
+ byte* buf;
+ word32 len;
+ void* heap;
+ } WC_BIGINT;
+ #define WOLF_BIGINT_DEFINED
+ #endif
+
+ WOLFSSL_LOCAL void wc_bigint_init(WC_BIGINT* a);
+ WOLFSSL_LOCAL int wc_bigint_alloc(WC_BIGINT* a, word32 sz);
+ WOLFSSL_LOCAL int wc_bigint_from_unsigned_bin(WC_BIGINT* a, const byte* in, word32 inlen);
+ WOLFSSL_LOCAL int wc_bigint_to_unsigned_bin(WC_BIGINT* a, byte* out, word32* outlen);
+ WOLFSSL_LOCAL void wc_bigint_zero(WC_BIGINT* a);
+ WOLFSSL_LOCAL void wc_bigint_free(WC_BIGINT* a);
+
+ WOLFSSL_LOCAL int wc_mp_to_bigint(mp_int* src, WC_BIGINT* dst);
+ WOLFSSL_LOCAL int wc_mp_to_bigint_sz(mp_int* src, WC_BIGINT* dst, word32 sz);
+ WOLFSSL_LOCAL int wc_bigint_to_mp(WC_BIGINT* src, mp_int* dst);
+#endif /* HAVE_WOLF_BIGINT */
+
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* __WOLFMATH_H__ */