diff --git a/ctaocrypt/src/random.c b/ctaocrypt/src/random.c index e9a92416e..0ad5c347e 100644 --- a/ctaocrypt/src/random.c +++ b/ctaocrypt/src/random.c @@ -107,7 +107,7 @@ static int Hash_df(RNG* rng, byte* out, word32 outSz, byte type, byte* inA, word return DBRG_ERROR; Sha256Update(&rng->sha, &ctr, sizeof(ctr)); Sha256Update(&rng->sha, (byte*)&bits, sizeof(bits)); - /* churning V is the only string that doesn't have + /* churning V is the only string that doesn't have * the type added */ if (type != dbrgInitV) Sha256Update(&rng->sha, &type, sizeof(type)); @@ -193,13 +193,13 @@ static INLINE void array_add(byte* d, word32 dLen, byte* s, word32 sLen) if (dLen > 0 && sLen > 0 && dLen >= sLen) { int sIdx, dIdx; - + for (sIdx = sLen - 1, dIdx = dLen - 1; sIdx >= 0; dIdx--, sIdx--) { carry += d[dIdx] + s[sIdx]; d[dIdx] = carry; carry >>= 8; - } + } if (dIdx > 0) d[dIdx] += carry; } @@ -321,7 +321,7 @@ int InitRng(RNG* rng) #ifdef HAVE_CAVIUM if (rng->magic == CYASSL_RNG_CAVIUM_MAGIC) - return 0; + return 0; #endif ret = GenerateSeed(&rng->seed, key, sizeof(key)); @@ -342,7 +342,7 @@ void RNG_GenerateBlock(RNG* rng, byte* output, word32 sz) { #ifdef HAVE_CAVIUM if (rng->magic == CYASSL_RNG_CAVIUM_MAGIC) - return CaviumRNG_GenerateBlock(rng, output, sz); + return CaviumRNG_GenerateBlock(rng, output, sz); #endif XMEMSET(output, 0, sz); Arc4Process(&rng->cipher, output, output, sz); @@ -371,7 +371,7 @@ int InitRngCavium(RNG* rng, int devId) rng->devId = devId; rng->magic = CYASSL_RNG_CAVIUM_MAGIC; - + return 0; } @@ -636,8 +636,8 @@ int GenerateSeed(OS_Seed* os, byte* output, word32 sz) #include "stm32f2xx_rng.h" #include "stm32f2xx_rcc.h" /* - * Generate a RNG seed using the hardware random number generator - * on the STM32F2. Documentation located in STM32F2xx Standard Peripheral + * Generate a RNG seed using the hardware random number generator + * on the STM32F2. Documentation located in STM32F2xx Standard Peripheral * Library document (See note in README). */ int GenerateSeed(OS_Seed* os, byte* output, word32 sz) @@ -674,17 +674,21 @@ int GenerateSeed(OS_Seed* os, byte* output, word32 sz) return 0; } -#elif defined(CYASSL_TYTO) +#elif defined(CUSTOM_RAND_GENERATE) - int GenerateSeed(OS_Seed* os, byte* output, word32 sz) - { - int i; + /* Implement your own random generation function + * word32 rand_gen(void); + * #define CUSTOM_RAND_GENERATE rand_gen */ - for (i = 0; i < sz; i++ ) - output[i] = rand_gen(); + int GenerateSeed(OS_Seed* os, byte* output, word32 sz) + { + int i; - return 0; - } + for (i = 0; i < sz; i++ ) + output[i] = CUSTOM_RAND_GENERATE(); + + return 0; + } #elif defined(NO_DEV_RANDOM) @@ -716,7 +720,7 @@ int GenerateSeed(OS_Seed* os, byte* output, word32 sz) while (sz) { int len = (int)read(os->fd, output, sz); - if (len == -1) { + if (len == -1) { ret = READ_RAN_E; break; } diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index e83bc14da..57419e11f 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -58,10 +58,10 @@ #include #ifdef HAVE_ECC #include -#endif +#endif #ifdef HAVE_BLAKE2 #include -#endif +#endif #ifdef HAVE_LIBZ #include #endif @@ -85,8 +85,8 @@ #if defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048) /* include test cert and key buffers for use with NO_FILESYSTEM */ #if defined(CYASSL_MDK_ARM) - #include "cert_data.h" - /* use certs_test.c for initial data, so other + #include "cert_data.h" + /* use certs_test.c for initial data, so other commands can share the data. */ #else #include @@ -125,14 +125,12 @@ #define printf dc_log_printf #endif -#ifndef CYASSL_TYTO - #include "ctaocrypt/test/test.h" -#endif +#include "ctaocrypt/test/test.h" typedef struct testVector { const char* input; - const char* output; + const char* output; size_t inLen; size_t outLen; } testVector; @@ -227,63 +225,63 @@ void ctaocrypt_test(void* args) #ifndef NO_MD5 - if ( (ret = md5_test()) != 0) + if ( (ret = md5_test()) != 0) err_sys("MD5 test failed!\n", ret); else printf( "MD5 test passed!\n"); #endif #ifdef CYASSL_MD2 - if ( (ret = md2_test()) != 0) + if ( (ret = md2_test()) != 0) err_sys("MD2 test failed!\n", ret); else printf( "MD2 test passed!\n"); #endif #ifndef NO_MD4 - if ( (ret = md4_test()) != 0) + if ( (ret = md4_test()) != 0) err_sys("MD4 test failed!\n", ret); else printf( "MD4 test passed!\n"); #endif #ifndef NO_SHA - if ( (ret = sha_test()) != 0) + if ( (ret = sha_test()) != 0) err_sys("SHA test failed!\n", ret); else printf( "SHA test passed!\n"); #endif #ifndef NO_SHA256 - if ( (ret = sha256_test()) != 0) + if ( (ret = sha256_test()) != 0) err_sys("SHA-256 test failed!\n", ret); else printf( "SHA-256 test passed!\n"); #endif #ifdef CYASSL_SHA384 - if ( (ret = sha384_test()) != 0) + if ( (ret = sha384_test()) != 0) err_sys("SHA-384 test failed!\n", ret); else printf( "SHA-384 test passed!\n"); #endif #ifdef CYASSL_SHA512 - if ( (ret = sha512_test()) != 0) + if ( (ret = sha512_test()) != 0) err_sys("SHA-512 test failed!\n", ret); else printf( "SHA-512 test passed!\n"); #endif #ifdef CYASSL_RIPEMD - if ( (ret = ripemd_test()) != 0) + if ( (ret = ripemd_test()) != 0) err_sys("RIPEMD test failed!\n", ret); else printf( "RIPEMD test passed!\n"); #endif -#ifdef HAVE_BLAKE2 - if ( (ret = blake2b_test()) != 0) +#ifdef HAVE_BLAKE2 + if ( (ret = blake2b_test()) != 0) err_sys("BLAKE2b test failed!\n", ret); else printf( "BLAKE2b test passed!\n"); @@ -291,49 +289,49 @@ void ctaocrypt_test(void* args) #ifndef NO_HMAC #ifndef NO_MD5 - if ( (ret = hmac_md5_test()) != 0) + if ( (ret = hmac_md5_test()) != 0) err_sys("HMAC-MD5 test failed!\n", ret); else printf( "HMAC-MD5 test passed!\n"); #endif #ifndef NO_SHA - if ( (ret = hmac_sha_test()) != 0) + if ( (ret = hmac_sha_test()) != 0) err_sys("HMAC-SHA test failed!\n", ret); else printf( "HMAC-SHA test passed!\n"); #endif #ifndef NO_SHA256 - if ( (ret = hmac_sha256_test()) != 0) + if ( (ret = hmac_sha256_test()) != 0) err_sys("HMAC-SHA256 test failed!\n", ret); else printf( "HMAC-SHA256 test passed!\n"); #endif #ifdef CYASSL_SHA384 - if ( (ret = hmac_sha384_test()) != 0) + if ( (ret = hmac_sha384_test()) != 0) err_sys("HMAC-SHA384 test failed!\n", ret); else printf( "HMAC-SHA384 test passed!\n"); #endif #ifdef CYASSL_SHA512 - if ( (ret = hmac_sha512_test()) != 0) + if ( (ret = hmac_sha512_test()) != 0) err_sys("HMAC-SHA512 test failed!\n", ret); else printf( "HMAC-SHA512 test passed!\n"); #endif - #ifdef HAVE_BLAKE2 - if ( (ret = hmac_blake2b_test()) != 0) + #ifdef HAVE_BLAKE2 + if ( (ret = hmac_blake2b_test()) != 0) err_sys("HMAC-BLAKE2 test failed!\n", ret); else printf( "HMAC-BLAKE2 test passed!\n"); #endif #ifdef HAVE_HKDF - if ( (ret = hkdf_test()) != 0) + if ( (ret = hkdf_test()) != 0) err_sys("HMAC-KDF test failed!\n", ret); else printf( "HMAC-KDF test passed!\n"); @@ -417,47 +415,47 @@ void ctaocrypt_test(void* args) printf( "RANDOM test passed!\n"); #ifndef NO_RSA - if ( (ret = rsa_test()) != 0) + if ( (ret = rsa_test()) != 0) err_sys("RSA test failed!\n", ret); else printf( "RSA test passed!\n"); #endif #ifndef NO_DH - if ( (ret = dh_test()) != 0) + if ( (ret = dh_test()) != 0) err_sys("DH test failed!\n", ret); else printf( "DH test passed!\n"); #endif #ifndef NO_DSA - if ( (ret = dsa_test()) != 0) + if ( (ret = dsa_test()) != 0) err_sys("DSA test failed!\n", ret); else printf( "DSA test passed!\n"); #endif - + #ifndef NO_PWDBASED - if ( (ret = pwdbased_test()) != 0) + if ( (ret = pwdbased_test()) != 0) err_sys("PWDBASED test failed!\n", ret); else printf( "PWDBASED test passed!\n"); #endif - + #ifdef OPENSSL_EXTRA - if ( (ret = openssl_test()) != 0) + if ( (ret = openssl_test()) != 0) err_sys("OPENSSL test failed!\n", ret); else printf( "OPENSSL test passed!\n"); #endif #ifdef HAVE_ECC - if ( (ret = ecc_test()) != 0) + if ( (ret = ecc_test()) != 0) err_sys("ECC test failed!\n", ret); else printf( "ECC test passed!\n"); #ifdef HAVE_ECC_ENCRYPT - if ( (ret = ecc_encrypt_test()) != 0) + if ( (ret = ecc_encrypt_test()) != 0) err_sys("ECC Enc test failed!\n", ret); else printf( "ECC Enc test passed!\n"); @@ -465,7 +463,7 @@ void ctaocrypt_test(void* args) #endif #ifdef HAVE_LIBZ - if ( (ret = compress_test()) != 0) + if ( (ret = compress_test()) != 0) err_sys("COMPRESS test failed!\n", ret); else printf( "COMPRESS test passed!\n"); @@ -519,7 +517,7 @@ static int OpenNitroxDevice(int dma_mode,int dev_id) func_args args; - + #ifdef HAVE_CAVIUM int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); if (ret != 0) @@ -534,7 +532,7 @@ static int OpenNitroxDevice(int dma_mode,int dev_id) #ifdef HAVE_CAVIUM CspShutdown(CAVIUM_DEV_ID); #endif - + return args.return_code; } @@ -615,7 +613,7 @@ int md2_test() return 0; } -#endif +#endif #ifndef NO_MD5 int md5_test(void) @@ -643,21 +641,21 @@ int md5_test(void) c.output = "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00\x7d\xfb\x49\x6c\xca\x67\xe1" "\x3b"; c.inLen = strlen(c.input); - c.outLen = MD5_DIGEST_SIZE; + c.outLen = MD5_DIGEST_SIZE; d.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" "6789"; d.output = "\xd1\x74\xab\x98\xd2\x77\xd9\xf5\xa5\x61\x1c\x2c\x9f\x41\x9d" "\x9f"; d.inLen = strlen(d.input); - d.outLen = MD5_DIGEST_SIZE; + d.outLen = MD5_DIGEST_SIZE; e.input = "1234567890123456789012345678901234567890123456789012345678" "9012345678901234567890"; e.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6" "\x7a"; e.inLen = strlen(e.input); - e.outLen = MD5_DIGEST_SIZE; + e.outLen = MD5_DIGEST_SIZE; test_md5[0] = a; test_md5[1] = b; @@ -692,45 +690,45 @@ int md4_test(void) int times = sizeof(test_md4) / sizeof(testVector), i; a.input = ""; - a.output = "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31\xb7\x3c\x59\xd7\xe0\xc0\x89" + a.output = "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31\xb7\x3c\x59\xd7\xe0\xc0\x89" "\xc0"; a.inLen = strlen(a.input); a.outLen = MD4_DIGEST_SIZE; b.input = "a"; - b.output = "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb" + b.output = "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb" "\x24"; b.inLen = strlen(b.input); - b.outLen = MD4_DIGEST_SIZE; + b.outLen = MD4_DIGEST_SIZE; c.input = "abc"; - c.output = "\xa4\x48\x01\x7a\xaf\x21\xd8\x52\x5f\xc1\x0a\xe8\x7a\xa6\x72" + c.output = "\xa4\x48\x01\x7a\xaf\x21\xd8\x52\x5f\xc1\x0a\xe8\x7a\xa6\x72" "\x9d"; c.inLen = strlen(c.input); c.outLen = MD4_DIGEST_SIZE; d.input = "message digest"; - d.output = "\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01" + d.output = "\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01" "\x4b"; d.inLen = strlen(d.input); d.outLen = MD4_DIGEST_SIZE; e.input = "abcdefghijklmnopqrstuvwxyz"; - e.output = "\xd7\x9e\x1c\x30\x8a\xa5\xbb\xcd\xee\xa8\xed\x63\xdf\x41\x2d" + e.output = "\xd7\x9e\x1c\x30\x8a\xa5\xbb\xcd\xee\xa8\xed\x63\xdf\x41\x2d" "\xa9"; e.inLen = strlen(e.input); e.outLen = MD4_DIGEST_SIZE; f.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" "6789"; - f.output = "\x04\x3f\x85\x82\xf2\x41\xdb\x35\x1c\xe6\x27\xe1\x53\xe7\xf0" + f.output = "\x04\x3f\x85\x82\xf2\x41\xdb\x35\x1c\xe6\x27\xe1\x53\xe7\xf0" "\xe4"; f.inLen = strlen(f.input); f.outLen = MD4_DIGEST_SIZE; g.input = "1234567890123456789012345678901234567890123456789012345678" "9012345678901234567890"; - g.output = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f\xcc\x05" + g.output = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f\xcc\x05" "\x36"; g.inLen = strlen(g.input); g.outLen = MD4_DIGEST_SIZE; @@ -787,7 +785,7 @@ int sha_test(void) c.output = "\x00\x98\xBA\x82\x4B\x5C\x16\x42\x7B\xD7\xA1\x12\x2A\x5A\x44" "\x2A\x25\xEC\x64\x4D"; c.inLen = strlen(c.input); - c.outLen = SHA_DIGEST_SIZE; + c.outLen = SHA_DIGEST_SIZE; d.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" @@ -841,7 +839,7 @@ int ripemd_test(void) b.inLen = strlen(b.input); b.outLen = RIPEMD_DIGEST_SIZE; - c.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; + c.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; c.output = "\x12\xa0\x53\x38\x4a\x9c\x0c\x88\xe4\x05\xa0\x6c\x27\xdc" "\xf4\x9a\xda\x62\xeb\x2b"; c.inLen = strlen(c.input); @@ -850,7 +848,7 @@ int ripemd_test(void) d.input = "12345678901234567890123456789012345678901234567890123456" "789012345678901234567890"; d.output = "\x9b\x75\x2e\x45\x57\x3d\x4b\x39\xf4\xdb\xd3\x32\x3c\xab" - "\x82\xbf\x63\x32\x6b\xfb"; + "\x82\xbf\x63\x32\x6b\xfb"; d.inLen = strlen(d.input); d.outLen = RIPEMD_DIGEST_SIZE; @@ -1012,7 +1010,7 @@ int sha512_test(void) "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88" "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4" "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b" - "\x87\x4b\xe9\x09"; + "\x87\x4b\xe9\x09"; b.inLen = strlen(b.input); b.outLen = SHA512_DIGEST_SIZE; @@ -1062,7 +1060,7 @@ int sha384_test(void) "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91" "\x74\x60\x39"; b.inLen = strlen(b.input); - b.outLen = SHA384_DIGEST_SIZE; + b.outLen = SHA384_DIGEST_SIZE; test_sha[0] = a; test_sha[1] = b; @@ -1133,7 +1131,7 @@ int hmac_md5_test(void) if (i == 1) continue; /* driver can't handle keys <= bytes */ if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) - return -20009; + return -20009; #endif ret = HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i])); if (ret != 0) @@ -1204,7 +1202,7 @@ int hmac_sha_test(void) if (i == 1) continue; /* driver can't handle keys <= bytes */ if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) - return -20010; + return -20010; #endif ret = HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i])); if (ret != 0) @@ -1279,7 +1277,7 @@ int hmac_sha256_test(void) if (i == 1) continue; /* driver can't handle keys <= bytes */ if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) - return -20011; + return -20011; #endif ret = HmacSetKey(&hmac, SHA256, (byte*)keys[i],(word32)strlen(keys[i])); if (ret != 0) @@ -1354,7 +1352,7 @@ int hmac_blake2b_test(void) if (i == 1) continue; /* driver can't handle keys <= bytes */ if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) - return -20011; + return -20011; #endif ret = HmacSetKey(&hmac, BLAKE2B_ID, (byte*)keys[i], (word32)strlen(keys[i])); @@ -1523,8 +1521,8 @@ int arc4_test(void) byte cipher[16]; byte plain[16]; - const char* keys[] = - { + const char* keys[] = + { "\x01\x23\x45\x67\x89\xab\xcd\xef", "\x01\x23\x45\x67\x89\xab\xcd\xef", "\x00\x00\x00\x00\x00\x00\x00\x00", @@ -1570,9 +1568,9 @@ int arc4_test(void) #ifdef HAVE_CAVIUM if (Arc4InitCavium(&enc, CAVIUM_DEV_ID) != 0) - return -20001; + return -20001; if (Arc4InitCavium(&dec, CAVIUM_DEV_ID) != 0) - return -20002; + return -20002; #endif Arc4SetKey(&enc, (byte*)keys[i], keylen); @@ -1605,8 +1603,8 @@ int hc128_test(void) byte cipher[16]; byte plain[16]; - const char* keys[] = - { + const char* keys[] = + { "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD", @@ -1657,8 +1655,8 @@ int hc128_test(void) HC128 dec; /* align keys/ivs in plain/cipher buffers */ - memcpy(plain, keys[i], 16); - memcpy(cipher, ivs[i], 16); + memcpy(plain, keys[i], 16); + memcpy(cipher, ivs[i], 16); Hc128_SetKey(&enc, plain, cipher); Hc128_SetKey(&dec, plain, cipher); @@ -1686,8 +1684,8 @@ int rabbit_test(void) byte cipher[16]; byte plain[16]; - const char* keys[] = - { + const char* keys[] = + { "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", "\xAC\xC3\x51\xDC\xF1\x62\xFC\x3B\xFE\x36\x3D\x2E\x29\x13\x28\x91" @@ -1771,17 +1769,17 @@ int des_test(void) Des enc; Des dec; - const byte key[] = + const byte key[] = { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef }; - const byte iv[] = + const byte iv[] = { 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef }; - const byte verify[] = + const byte verify[] = { 0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8, 0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73, @@ -1826,21 +1824,21 @@ int des3_test(void) Des3 enc; Des3 dec; - const byte key3[] = + const byte key3[] = { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 }; - const byte iv3[] = + const byte iv3[] = { 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef, 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81 - + }; - const byte verify3[] = + const byte verify3[] = { 0x43,0xa0,0x29,0x7e,0xd1,0x84,0xf8,0x0e, 0x89,0x64,0x84,0x32,0x12,0xd5,0x08,0x98, @@ -1852,9 +1850,9 @@ int des3_test(void) #ifdef HAVE_CAVIUM if (Des3_InitCavium(&enc, CAVIUM_DEV_ID) != 0) - return -20005; + return -20005; if (Des3_InitCavium(&dec, CAVIUM_DEV_ID) != 0) - return -20006; + return -20006; #endif ret = Des3_SetKey(&enc, key3, iv3, DES_ENCRYPTION); if (ret != 0) @@ -1896,7 +1894,7 @@ int aes_test(void) 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 }; - const byte verify[] = + const byte verify[] = { 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb @@ -1911,9 +1909,9 @@ int aes_test(void) #ifdef HAVE_CAVIUM if (AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) - return -20003; + return -20003; if (AesInitCavium(&dec, CAVIUM_DEV_ID) != 0) - return -20004; + return -20004; #endif ret = AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); if (ret != 0) @@ -1941,7 +1939,7 @@ int aes_test(void) #endif #ifdef CYASSL_AES_COUNTER { - const byte ctrKey[] = + const byte ctrKey[] = { 0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6, 0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c @@ -2034,7 +2032,7 @@ int aes_test(void) const byte niCipher[] = { 0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c, - 0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8 + 0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8 }; const byte niKey[] = @@ -2042,7 +2040,7 @@ int aes_test(void) 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe, 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81, 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7, - 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 + 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 }; XMEMSET(cipher, 0, AES_BLOCK_SIZE); @@ -2089,7 +2087,7 @@ int aesgcm_test(void) 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88 }; - + const byte p[] = { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, @@ -2101,14 +2099,14 @@ int aesgcm_test(void) 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, 0xba, 0x63, 0x7b, 0x39 }; - + const byte a[] = { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xab, 0xad, 0xda, 0xd2 }; - + const byte c[] = { 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, @@ -2287,7 +2285,7 @@ int aesccm_test(void) const byte t[] = { - 0x17, 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0 + 0x17, 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0 }; byte t2[sizeof(t)]; @@ -2356,7 +2354,7 @@ typedef struct { int camellia_test(void) { /* Camellia ECB Test Plaintext */ - static const byte pte[] = + static const byte pte[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 @@ -2408,26 +2406,26 @@ int camellia_test(void) static const byte ptc[] = { 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96, - 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A + 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A }; /* Camellia CBC Test Initialization Vector */ static const byte ivc[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }; /* Test 4: Camellia-CBC 128-bit key */ static const byte k4[] = { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, - 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C + 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C }; static const byte c4[] = { 0x16, 0x07, 0xCF, 0x49, 0x4B, 0x36, 0xBB, 0xF0, - 0x0D, 0xAE, 0xB0, 0xB5, 0x03, 0xC8, 0x31, 0xAB + 0x0D, 0xAE, 0xB0, 0xB5, 0x03, 0xC8, 0x31, 0xAB }; /* Test 5: Camellia-CBC 192-bit key */ @@ -2435,12 +2433,12 @@ int camellia_test(void) { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52, 0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5, - 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B + 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B }; static const byte c5[] = { 0x2A, 0x48, 0x30, 0xAB, 0x5A, 0xC4, 0xA1, 0xA2, - 0x40, 0x59, 0x55, 0xFD, 0x21, 0x95, 0xCF, 0x93 + 0x40, 0x59, 0x55, 0xFD, 0x21, 0x95, 0xCF, 0x93 }; /* Test 6: CBC 256-bit key */ @@ -2449,12 +2447,12 @@ int camellia_test(void) 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE, 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81, 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7, - 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 + 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 }; static const byte c6[] = { 0xE6, 0xCF, 0xA3, 0x5F, 0xC0, 0x2B, 0x13, 0x4A, - 0x4D, 0x2C, 0x0B, 0x67, 0x37, 0xAC, 0x3E, 0xDA + 0x4D, 0x2C, 0x0B, 0x67, 0x37, 0xAC, 0x3E, 0xDA }; byte out[CAMELLIA_BLOCK_SIZE]; @@ -2518,7 +2516,7 @@ int camellia_test(void) if (CamelliaSetIV(&cam, NULL) != 0 || XMEMCMP(cam.reg, ive, CAMELLIA_BLOCK_SIZE)) return -1; - + /* First parameter should never be null */ if (CamelliaSetIV(NULL, NULL) == 0) return -1; @@ -2601,7 +2599,7 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out) #ifdef HAVE_ECC static const char* eccCaKeyFile = "a:\\certs\\ecc-key.der"; static const char* eccCaCertFile = "a:\\certs\\server-ecc.pem"; - #endif + #endif #endif #elif defined(CYASSL_MKD_SHELL) static char* clientKey = "certs/client-key.der"; @@ -2618,7 +2616,7 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out) static const char* eccCaCertFile = "certs/server-ecc.pem"; void set_eccCaKeyFile (char * key) { eccCaKeyFile = key ; } void set_eccCaCertFile(char * cert) { eccCaCertFile = cert ; } - #endif + #endif #endif #else static const char* clientKey = "./certs/client-key.der"; @@ -2629,7 +2627,7 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out) #ifdef HAVE_ECC static const char* eccCaKeyFile = "./certs/ecc-key.der"; static const char* eccCaCertFile = "./certs/server-ecc.pem"; - #endif + #endif #endif #endif #endif @@ -2677,11 +2675,11 @@ int rsa_test(void) bytes = fread(tmp, 1, FOURK_BUF, file); fclose(file); #endif /* USE_CERT_BUFFERS */ - + #ifdef HAVE_CAVIUM RsaInitCavium(&key, CAVIUM_DEV_ID); -#endif - ret = InitRsaKey(&key, 0); +#endif + ret = InitRsaKey(&key, 0); if (ret != 0) return -39; ret = RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes); if (ret != 0) return -41; @@ -2727,7 +2725,7 @@ int rsa_test(void) #ifdef sizeof #undef sizeof -#endif +#endif #ifdef CYASSL_TEST_CERT InitDecodedCert(&cert, tmp, (word32)bytes, 0); @@ -2780,7 +2778,7 @@ int rsa_test(void) return -304; pemFile = fopen("./key.pem", "wb"); - if (!pemFile) + if (!pemFile) return -305; ret = (int)fwrite(pem, pemSz, 1, pemFile); fclose(pemFile); @@ -2833,7 +2831,7 @@ int rsa_test(void) myCert.isCA = 1; myCert.sigType = CTC_SHA256wRSA; - certSz = MakeSelfCert(&myCert, derCert, FOURK_BUF, &key, &rng); + certSz = MakeSelfCert(&myCert, derCert, FOURK_BUF, &key, &rng); if (certSz < 0) return -401; @@ -2893,8 +2891,8 @@ int rsa_test(void) bytes3 = fread(tmp, 1, FOURK_BUF, file3); fclose(file3); - - ret = InitRsaKey(&caKey, 0); + + ret = InitRsaKey(&caKey, 0); if (ret != 0) return -411; ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3); if (ret != 0) return -413; @@ -2913,7 +2911,7 @@ int rsa_test(void) if (ret < 0) return -405; - certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, NULL, &rng); + certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, NULL, &rng); if (certSz < 0) return -407; @@ -2982,13 +2980,13 @@ int rsa_test(void) bytes3 = fread(tmp, 1, FOURK_BUF, file3); fclose(file3); - - ecc_init(&caKey); + + ecc_init(&caKey); ret = EccPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3); if (ret != 0) return -5413; InitCert(&myCert); - myCert.sigType = CTC_SHA256wECDSA; + myCert.sigType = CTC_SHA256wECDSA; strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); @@ -3002,7 +3000,7 @@ int rsa_test(void) if (ret < 0) return -5405; - certSz = MakeCert(&myCert, derCert, FOURK_BUF, NULL, &caKey, &rng); + certSz = MakeCert(&myCert, derCert, FOURK_BUF, NULL, &caKey, &rng); if (certSz < 0) return -5407; @@ -3095,8 +3093,8 @@ int rsa_test(void) bytes = fread(tmp, 1, FOURK_BUF, caFile); fclose(caFile); - - ret = InitRsaKey(&caKey, 0); + + ret = InitRsaKey(&caKey, 0); if (ret != 0) return -459; ret = RsaPrivateKeyDecode(tmp, &idx, &caKey, (word32)bytes); if (ret != 0) return -454; @@ -3116,7 +3114,7 @@ int rsa_test(void) return -455; certSz = MakeNtruCert(&myCert, derCert, FOURK_BUF, public_key, - public_key_len, &rng); + public_key_len, &rng); if (certSz < 0) return -456; @@ -3224,7 +3222,7 @@ int rsa_test(void) FreeRsaKey(&key); #ifdef HAVE_CAVIUM RsaFreeCavium(&key); -#endif +#endif free(tmp); return 0; @@ -3258,8 +3256,8 @@ int dh_test(void) DhKey key; DhKey key2; RNG rng; - - + + #ifdef USE_CERT_BUFFERS_1024 XMEMCPY(tmp, dh_key_der_1024, sizeof_dh_key_der_1024); bytes = sizeof_dh_key_der_1024; @@ -3276,8 +3274,8 @@ int dh_test(void) fclose(file); #endif /* USE_CERT_BUFFERS */ - InitDhKey(&key); - InitDhKey(&key2); + InitDhKey(&key); + InitDhKey(&key2); ret = DhKeyDecode(tmp, &idx, &key, bytes); if (ret != 0) return -51; @@ -3290,7 +3288,7 @@ int dh_test(void) ret = InitRng(&rng); if (ret != 0) return -53; - + ret = DhGenerateKeyPair(&key, &rng, priv, &privSz, pub, &pubSz); ret += DhGenerateKeyPair(&key2, &rng, priv2, &privSz2, pub2, &pubSz2); if (ret != 0) @@ -3335,7 +3333,7 @@ int dsa_test(void) byte hash[SHA_DIGEST_SIZE]; byte signature[40]; - + #ifdef USE_CERT_BUFFERS_1024 XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024); bytes = sizeof_dsa_key_der_1024; @@ -3351,7 +3349,7 @@ int dsa_test(void) bytes = (word32) fread(tmp, 1, sizeof(tmp), file); fclose(file); #endif /* USE_CERT_BUFFERS */ - + ret = InitSha(&sha); if (ret != 0) return -4002; @@ -3371,9 +3369,9 @@ int dsa_test(void) ret = DsaVerify(hash, signature, &key, &answer); if (ret != 0) return -64; if (answer != 1) return -65; - + FreeDsaKey(&key); - + return 0; } @@ -3448,7 +3446,7 @@ int openssl_test(void) e.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b" "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0" "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91" - "\x74\x60\x39"; + "\x74\x60\x39"; e.inLen = strlen(e.input); e.outLen = SHA384_DIGEST_SIZE; @@ -3472,9 +3470,9 @@ int openssl_test(void) "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88" "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4" "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b" - "\x87\x4b\xe9\x09"; + "\x87\x4b\xe9\x09"; f.inLen = strlen(f.input); - f.outLen = SHA512_DIGEST_SIZE; + f.outLen = SHA512_DIGEST_SIZE; EVP_MD_CTX_init(&md_ctx); EVP_DigestInit(&md_ctx, EVP_sha512()); @@ -3490,7 +3488,7 @@ int openssl_test(void) if (RAND_bytes(hash, sizeof(hash)) != 1) return -73; - + c.input = "what do ya want for nothing?"; c.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7" "\x38"; @@ -3512,19 +3510,19 @@ int openssl_test(void) byte plain[24]; byte cipher[24]; - const_DES_cblock key = + const_DES_cblock key = { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef }; - DES_cblock iv = + DES_cblock iv = { 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef }; DES_key_schedule sched; - const byte verify[] = + const byte verify[] = { 0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8, 0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73, @@ -3561,7 +3559,7 @@ int openssl_test(void) 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 }; - const byte verify[] = + const byte verify[] = { 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb @@ -3607,11 +3605,11 @@ int openssl_test(void) int pkcs12_test(void) { const byte passwd[] = { 0x00, 0x73, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x67, - 0x00, 0x00 }; + 0x00, 0x00 }; const byte salt[] = { 0x0a, 0x58, 0xCF, 0x64, 0x53, 0x0d, 0x82, 0x3f }; const byte passwd2[] = { 0x00, 0x71, 0x00, 0x75, 0x00, 0x65, 0x00, 0x65, - 0x00, 0x67, 0x00, 0x00 }; + 0x00, 0x67, 0x00, 0x00 }; const byte salt2[] = { 0x16, 0x82, 0xC0, 0xfC, 0x5b, 0x3f, 0x7e, 0xc5 }; byte derived[64]; @@ -3640,7 +3638,7 @@ int pkcs12_test(void) return -104; iterations = 1000; - ret = PKCS12_PBKDF(derived, passwd2, sizeof(passwd2), salt2, 8, iterations, + ret = PKCS12_PBKDF(derived, passwd2, sizeof(passwd2), salt2, 8, iterations, kLen, SHA, id); if (ret < 0) return -105; @@ -3760,7 +3758,7 @@ int hkdf_test(void) if (memcmp(okm1, res1, L) != 0) return -2002; - + ret = HKDF(SHA, ikm1, 11, salt1, 13, info1, 10, okm1, L); if (ret != 0) return -2003; @@ -3821,10 +3819,10 @@ int ecc_test(void) x = sizeof(sharedA); ret = ecc_shared_secret(&userA, &userB, sharedA, &x); - + y = sizeof(sharedB); ret = ecc_shared_secret(&userB, &userA, sharedB, &y); - + if (ret != 0) return -1003; @@ -3841,12 +3839,12 @@ int ecc_test(void) ret = ecc_import_x963(exportBuf, x, &pubKey); - if (ret != 0) + if (ret != 0) return -1007; y = sizeof(sharedB); ret = ecc_shared_secret(&userB, &pubKey, sharedB, &y); - + if (ret != 0) return -1008; @@ -3859,7 +3857,7 @@ int ecc_test(void) x = sizeof(sig); ret = ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &userA); - + verify = 0; ret = ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &userA); @@ -3924,7 +3922,7 @@ int ecc_encrypt_test(void) if (memcmp(plain, msg, sizeof(msg)) != 0) return -3005; - + { /* let's verify message exchange works, A is client, B is server */ ecEncCtx* cliCtx = ecc_ctx_new(REQ_RESP_CLIENT, &rng); ecEncCtx* srvCtx = ecc_ctx_new(REQ_RESP_SERVER, &rng); @@ -4118,7 +4116,7 @@ int compress_test(void) if (ret == 0 && memcmp(d, sample_text, dSz)) ret = -303; - + if (c) free(c); if (d) free(d); diff --git a/cyassl/ctaocrypt/logging.h b/cyassl/ctaocrypt/logging.h index 04ad59e24..d1931e065 100644 --- a/cyassl/ctaocrypt/logging.h +++ b/cyassl/ctaocrypt/logging.h @@ -58,7 +58,7 @@ CYASSL_API int CyaSSL_SetLoggingCb(CyaSSL_Logging_cb log_function); #define CYASSL_ENTER(m) #define CYASSL_LEAVE(m, r) - #define CYASSL_ERROR(e) + #define CYASSL_ERROR(e) printf("Cyassl Error 0x%x\n", e); #define CYASSL_MSG(m) #endif /* DEBUG_CYASSL */ diff --git a/cyassl/ctaocrypt/settings.h b/cyassl/ctaocrypt/settings.h index d3b665355..33d41cfdb 100644 --- a/cyassl/ctaocrypt/settings.h +++ b/cyassl/ctaocrypt/settings.h @@ -97,6 +97,11 @@ #endif +#ifdef CYASSL_USER_SETTINGS + #include +#endif + + #ifdef COMVERGE #define THREADX #define HAVE_NETX @@ -185,41 +190,6 @@ #define CYASSL_CMSIS_RTOS #endif -#ifdef CYASSL_TYTO - #include "rand.h" - #define FREERTOS - #define NO_FILESYSTEM - #define NO_MAIN_DRIVER - #define CYASSL_USER_IO - #define NO_DEV_RANDOM - #define HAVE_ECC - #define HAVE_ECC_ENCRYPT - #define ECC_SHAMIR - #define HAVE_HKDF - #define USE_FAST_MATH - #define TFM_TIMING_RESISTANT - #define FP_MAX_BITS 512 - #define NO_OLD_TLS - #define NO_MD4 - #define NO_RABBIT - #define NO_HC128 - #define NO_RSA - #define NO_DSA - #define NO_PWDBASED - #define NO_PSK - #define FP_LUT 4 - #define FP_MAX_BITS 512 - - /* remove features */ - #define NO_OLD_TLS - #define NO_MD4 - #define NO_RABBIT - #define NO_HC128 - #define NO_RSA - #define NO_DSA - #define NO_PWDBASED - #define NO_PSK -#endif #ifdef CYASSL_EROAD #define FREESCALE_MQX diff --git a/cyassl/ctaocrypt/types.h b/cyassl/ctaocrypt/types.h index 462bd116d..6542d979e 100644 --- a/cyassl/ctaocrypt/types.h +++ b/cyassl/ctaocrypt/types.h @@ -52,7 +52,7 @@ #if !defined(_MSC_VER) && !defined(__BCPLUSPLUS__) #if !defined(SIZEOF_LONG_LONG) && !defined(SIZEOF_LONG) #if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) \ - || defined(__mips64) || defined(__x86_64__)) + || defined(__mips64) || defined(__x86_64__)) /* long should be 64bit */ #define SIZEOF_LONG 8 #elif defined(__i386__) || defined(__CORTEX_M3__) @@ -71,11 +71,11 @@ #define WORD64_AVAILABLE #define W64LIT(x) x##LL typedef unsigned long word64; -#elif defined(SIZEOF_LONG_LONG) && SIZEOF_LONG_LONG == 8 +#elif defined(SIZEOF_LONG_LONG) && SIZEOF_LONG_LONG == 8 #define WORD64_AVAILABLE #define W64LIT(x) x##LL typedef unsigned long long word64; -#elif defined(__SIZEOF_LONG_LONG__) && __SIZEOF_LONG_LONG__ == 8 +#elif defined(__SIZEOF_LONG_LONG__) && __SIZEOF_LONG_LONG__ == 8 #define WORD64_AVAILABLE #define W64LIT(x) x##LL typedef unsigned long long word64; @@ -87,7 +87,7 @@ /* These platforms have 64-bit CPU registers. */ #if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || \ - defined(__mips64) || defined(__x86_64__) || defined(_M_X64)) + defined(__mips64) || defined(__x86_64__) || defined(_M_X64)) typedef word64 word; #else typedef word32 word; @@ -117,10 +117,10 @@ enum { #elif defined(THREADX) #define INLINE _Inline #else - #define INLINE + #define INLINE #endif #else - #define INLINE + #define INLINE #endif #endif @@ -211,9 +211,7 @@ enum { #endif #ifndef CTYPE_USER - #ifndef CYASSL_TYTO - #include - #endif + #include #if defined(HAVE_ECC) || defined(HAVE_OCSP) #define XTOUPPER(c) toupper((c)) #define XISALPHA(c) isalpha((c)) diff --git a/src/ssl.c b/src/ssl.c index 058e997d9..5a185648d 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -25,7 +25,7 @@ #include -#ifdef HAVE_ERRNO_H +#ifdef HAVE_ERRNO_H #include #endif @@ -124,6 +124,9 @@ static volatile int initRefCount = 0; static CyaSSL_Mutex count_mutex; /* init ref count mutex */ +#undef CYASSL_MSG +#define CYASSL_MSG(m) printf("%s\n", m); + CYASSL_CTX* CyaSSL_CTX_new(CYASSL_METHOD* method) { @@ -270,7 +273,7 @@ int CyaSSL_dtls_set_peer(CYASSL* ssl, void* peer, unsigned int peerSz) int CyaSSL_dtls_get_peer(CYASSL* ssl, void* peer, unsigned int* peerSz) { #ifdef CYASSL_DTLS - if (peer != NULL && peerSz != NULL + if (peer != NULL && peerSz != NULL && *peerSz >= ssl->buffers.dtlsCtx.peer.sz) { *peerSz = ssl->buffers.dtlsCtx.peer.sz; XMEMCPY(peer, ssl->buffers.dtlsCtx.peer.sa, *peerSz); @@ -428,7 +431,7 @@ int CyaSSL_write(CYASSL* ssl, const void* data, int sz) if (ssl == NULL || data == NULL || sz < 0) return BAD_FUNC_ARG; -#ifdef HAVE_ERRNO_H +#ifdef HAVE_ERRNO_H errno = 0; #endif @@ -445,14 +448,14 @@ int CyaSSL_write(CYASSL* ssl, const void* data, int sz) static int CyaSSL_read_internal(CYASSL* ssl, void* data, int sz, int peek) { - int ret; + int ret; CYASSL_ENTER("CyaSSL_read_internal()"); if (ssl == NULL || data == NULL || sz < 0) return BAD_FUNC_ARG; -#ifdef HAVE_ERRNO_H +#ifdef HAVE_ERRNO_H errno = 0; #endif #ifdef CYASSL_DTLS @@ -675,14 +678,14 @@ int CyaSSL_CTX_UseSupportedCurve(CYASSL_CTX* ctx, word16 name) #ifndef CYASSL_LEANPSK int CyaSSL_send(CYASSL* ssl, const void* data, int sz, int flags) { - int ret; + int ret; int oldFlags; CYASSL_ENTER("CyaSSL_send()"); if (ssl == NULL || data == NULL || sz < 0) return BAD_FUNC_ARG; - + oldFlags = ssl->wflags; ssl->wflags = flags; @@ -697,7 +700,7 @@ int CyaSSL_send(CYASSL* ssl, const void* data, int sz, int flags) int CyaSSL_recv(CYASSL* ssl, void* data, int sz, int flags) { - int ret; + int ret; int oldFlags; CYASSL_ENTER("CyaSSL_recv()"); @@ -727,7 +730,7 @@ int CyaSSL_shutdown(CYASSL* ssl) return SSL_FATAL_ERROR; if (ssl->options.quietShutdown) { - CYASSL_MSG("quiet shutdown, no close notify sent"); + CYASSL_MSG("quiet shutdown, no close notify sent"); return SSL_SUCCESS; } @@ -766,7 +769,7 @@ int CyaSSL_get_error(CYASSL* ssl, int ret) return SSL_ERROR_WANT_READ; /* convert to OpenSSL type */ else if (ssl->error == WANT_WRITE) return SSL_ERROR_WANT_WRITE; /* convert to OpenSSL type */ - else if (ssl->error == ZERO_RETURN) + else if (ssl->error == ZERO_RETURN) return SSL_ERROR_ZERO_RETURN; /* convert to OpenSSL type */ return ssl->error; } @@ -955,7 +958,7 @@ int CyaSSL_GetKeySize(CYASSL* ssl) { if (ssl) return ssl->specs.key_size; - + return BAD_FUNC_ARG; } @@ -1074,7 +1077,7 @@ void CyaSSL_CertManagerFree(CYASSL_CERT_MANAGER* cm) if (cm) { #ifdef HAVE_CRL - if (cm->crl) + if (cm->crl) FreeCRL(cm->crl, 1); #endif #ifdef HAVE_OCSP @@ -1122,12 +1125,12 @@ int CyaSSL_CertPemToDer(const unsigned char* pem, int pemSz, CYASSL_ENTER("CyaSSL_CertPemToDer"); if (pem == NULL || buff == NULL || buffSz <= 0) { - CYASSL_MSG("Bad pem der args"); + CYASSL_MSG("Bad pem der args"); return BAD_FUNC_ARG; } if (type != CERT_TYPE && type != CA_TYPE && type != CERTREQ_TYPE) { - CYASSL_MSG("Bad cert type"); + CYASSL_MSG("Bad cert type"); return BAD_FUNC_ARG; } @@ -1138,7 +1141,7 @@ int CyaSSL_CertPemToDer(const unsigned char* pem, int pemSz, ret = PemToDer(pem, pemSz, type, &der, NULL, &info, &eccKey); if (ret < 0) { - CYASSL_MSG("Bad Pem To Der"); + CYASSL_MSG("Bad Pem To Der"); } else { if (der.length <= (word32)buffSz) { @@ -1188,7 +1191,7 @@ int CyaSSL_KeyPemToDer(const unsigned char* pem, int pemSz, unsigned char* buff, CYASSL_ENTER("CyaSSL_KeyPemToDer"); if (pem == NULL || buff == NULL || buffSz <= 0) { - CYASSL_MSG("Bad pem der args"); + CYASSL_MSG("Bad pem der args"); return BAD_FUNC_ARG; } @@ -1209,7 +1212,7 @@ int CyaSSL_KeyPemToDer(const unsigned char* pem, int pemSz, unsigned char* buff, ret = PemToDer(pem, pemSz, PRIVATEKEY_TYPE, &der, NULL, &info, &eccKey); if (ret < 0) { - CYASSL_MSG("Bad Pem To Der"); + CYASSL_MSG("Bad Pem To Der"); } else { if (der.length <= (word32)buffSz) { @@ -1500,7 +1503,7 @@ int AddCA(CYASSL_CERT_MANAGER* cm, buffer der, int type, int verify) else if (ret == 0 && AlreadySigner(cm, subjectHash)) { CYASSL_MSG(" Already have this CA, not adding again"); (void)ret; - } + } else if (ret == 0) { /* take over signer parts */ signer = MakeSigner(cm->heap); @@ -1588,7 +1591,7 @@ int AddCA(CYASSL_CERT_MANAGER* cm, buffer der, int type, int verify) #define SESSION_ROWS 211 #elif defined(SMALL_SESSION_CACHE) #define SESSIONS_PER_ROW 2 - #define SESSION_ROWS 3 + #define SESSION_ROWS 3 #else #define SESSIONS_PER_ROW 3 #define SESSION_ROWS 11 @@ -1653,7 +1656,7 @@ int CyaSSL_Init(void) #ifndef NO_CERTS - /* Remove PEM header/footer, convert to ASN1, store any encrypted data + /* Remove PEM header/footer, convert to ASN1, store any encrypted data info->consumed tracks of PEM bytes consumed in case multiple parts */ int PemToDer(const unsigned char* buff, long longSz, int type, buffer* der, void* heap, EncryptedInfo* info, int* eccKey) @@ -1704,7 +1707,7 @@ int CyaSSL_Init(void) if (!headerEnd && type == PRIVATEKEY_TYPE) { /* may be pkcs8 */ XSTRNCPY(header, "-----BEGIN PRIVATE KEY-----", sizeof(header)); XSTRNCPY(footer, "-----END PRIVATE KEY-----", sizeof(footer)); - + headerEnd = XSTRNSTR((char*)buff, header, sz); if (headerEnd) pkcs8 = 1; @@ -1724,7 +1727,7 @@ int CyaSSL_Init(void) if (!headerEnd && type == PRIVATEKEY_TYPE) { /* may be ecc */ XSTRNCPY(header, "-----BEGIN EC PRIVATE KEY-----", sizeof(header)); XSTRNCPY(footer, "-----END EC PRIVATE KEY-----", sizeof(footer)); - + headerEnd = XSTRNSTR((char*)buff, header, sz); if (headerEnd) *eccKey = 1; @@ -1732,7 +1735,7 @@ int CyaSSL_Init(void) if (!headerEnd && type == PRIVATEKEY_TYPE) { /* may be dsa */ XSTRNCPY(header, "-----BEGIN DSA PRIVATE KEY-----", sizeof(header)); XSTRNCPY(footer, "-----END DSA PRIVATE KEY-----", sizeof(footer)); - + headerEnd = XSTRNSTR((char*)buff, header, sz); } if (!headerEnd) { @@ -1758,13 +1761,13 @@ int CyaSSL_Init(void) char* newline; char* finish; char* start = XSTRNSTR(line, "DES", PEM_LINE_LEN); - + if (!start) start = XSTRNSTR(line, "AES", PEM_LINE_LEN); - + if (!start) return SSL_BAD_FILE; if (!info) return SSL_BAD_FILE; - + finish = XSTRNSTR(start, ",", PEM_LINE_LEN); if (start && finish && (start < finish)) { @@ -1883,7 +1886,7 @@ int CyaSSL_Init(void) if (used) *used = sz; /* used bytes default to sz, PEM chain may shorten*/ - if (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM + if (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM && format != SSL_FILETYPE_RAW) return SSL_BAD_FILETYPE; @@ -2061,7 +2064,7 @@ int CyaSSL_Init(void) if (ret == 0) ret = AesCbcDecrypt(&enc, der.buffer,der.buffer,der.length); } - else { + else { XFREE(der.buffer, heap, dynamicType); return SSL_BAD_FILE; } @@ -2116,15 +2119,15 @@ int CyaSSL_Init(void) if (type == PRIVATEKEY_TYPE && format != SSL_FILETYPE_RAW) { #ifndef NO_RSA - if (!eccKey) { + if (!eccKey) { /* make sure RSA key can be used */ RsaKey key; word32 idx = 0; - + ret = InitRsaKey(&key, 0); if (ret != 0) return ret; if (RsaPrivateKeyDecode(der.buffer,&idx,&key,der.length) != 0) { -#ifdef HAVE_ECC +#ifdef HAVE_ECC /* could have DER ECC (or pkcs8 ecc), no easy way to tell */ eccKey = 1; /* so try it out */ #endif @@ -2139,7 +2142,7 @@ int CyaSSL_Init(void) FreeRsaKey(&key); } #endif -#ifdef HAVE_ECC +#ifdef HAVE_ECC if (!rsaKey) { /* make sure ECC key can be used */ word32 idx = 0; @@ -2167,8 +2170,8 @@ int CyaSSL_Init(void) if (DecodeToKey(&cert, 0) < 0) { CYASSL_MSG("Decode to key failed"); - return SSL_BAD_FILE; - } + return SSL_BAD_FILE; + } switch (cert.signatureOID) { case CTC_SHAwECDSA: case CTC_SHA256wECDSA: @@ -2249,9 +2252,9 @@ int CyaSSL_CertManagerVerifyBuffer(CYASSL_CERT_MANAGER* cm, const byte* buff, der.buffer = NULL; der.length = 0; - if (format == SSL_FILETYPE_PEM) { + if (format == SSL_FILETYPE_PEM) { EncryptedInfo info; - + info.set = 0; info.ctx = NULL; info.consumed = 0; @@ -2296,7 +2299,7 @@ int ProcessFile(CYASSL_CTX* ctx, const char* fname, int format, int type, int dynamic = 0; int ret; long sz = 0; - XFILE file; + XFILE file; void* heapHint = ctx ? ctx->heap : NULL; (void)crl; @@ -2304,7 +2307,7 @@ int ProcessFile(CYASSL_CTX* ctx, const char* fname, int format, int type, if (fname == NULL) return SSL_BAD_FILE; - file = XFOPEN(fname, "rb"); + file = XFOPEN(fname, "rb"); if (file == XBADFILE) return SSL_BAD_FILE; XFSEEK(file, 0, XSEEK_END); sz = XFTELL(file); @@ -2327,7 +2330,7 @@ int ProcessFile(CYASSL_CTX* ctx, const char* fname, int format, int type, if ( (ret = (int)XFREAD(myBuffer, sz, 1, file)) < 0) ret = SSL_BAD_FILE; else { - if (type == CA_TYPE && format == SSL_FILETYPE_PEM) + if (type == CA_TYPE && format == SSL_FILETYPE_PEM) ret = ProcessChainBuffer(ctx, myBuffer, sz, format, type, ssl); #ifdef HAVE_CRL else if (type == CRL_TYPE) @@ -2362,7 +2365,7 @@ int CyaSSL_CTX_load_verify_locations(CYASSL_CTX* ctx, const char* file, if (ret == SSL_SUCCESS && path) { /* try to load each regular file in path */ - #ifdef USE_WINDOWS_API + #ifdef USE_WINDOWS_API WIN32_FIND_DATAA FindFileData; HANDLE hFind; char name[MAX_FILENAME_SZ]; @@ -2433,7 +2436,7 @@ int CyaSSL_CertManagerVerify(CYASSL_CERT_MANAGER* cm, const char* fname, byte* myBuffer = staticBuffer; int dynamic = 0; long sz = 0; - XFILE file = XFOPEN(fname, "rb"); + XFILE file = XFOPEN(fname, "rb"); CYASSL_ENTER("CyaSSL_CertManagerVerify"); @@ -2460,7 +2463,7 @@ int CyaSSL_CertManagerVerify(CYASSL_CERT_MANAGER* cm, const char* fname, if ( (ret = (int)XFREAD(myBuffer, sz, 1, file)) < 0) ret = SSL_BAD_FILE; - else + else ret = CyaSSL_CertManagerVerifyBuffer(cm, myBuffer, sz, format); XFCLOSE(file); @@ -2632,7 +2635,7 @@ int CyaSSL_CertManagerDisableOCSP(CYASSL_CERT_MANAGER* cm) int CyaSSL_CTX_check_private_key(CYASSL_CTX* ctx) { /* TODO: check private against public for RSA match */ - (void)ctx; + (void)ctx; CYASSL_ENTER("SSL_CTX_check_private_key"); return SSL_SUCCESS; } @@ -2978,7 +2981,7 @@ int CyaSSL_CTX_der_load_verify_locations(CYASSL_CTX* ctx, const char* file, #ifdef CYASSL_CERT_GEN /* load pem cert from file into der buffer, return der size or error */ -int CyaSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz) +int CyaSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz) { byte staticBuffer[FILE_BUFFER_SIZE]; byte* fileBuf = staticBuffer; @@ -2986,7 +2989,7 @@ int CyaSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz) int ret; int ecc = 0; long sz = 0; - XFILE file = XFOPEN(fileName, "rb"); + XFILE file = XFOPEN(fileName, "rb"); EncryptedInfo info; buffer converted; @@ -3023,11 +3026,11 @@ int CyaSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz) } else ret = BUFFER_E; - } + } - XFREE(converted.buffer, 0, DYNAMIC_TYPE_CA); + XFREE(converted.buffer, 0, DYNAMIC_TYPE_CA); if (dynamic) - XFREE(fileBuf, 0, DYNAMIC_TYPE_FILE); + XFREE(fileBuf, 0, DYNAMIC_TYPE_FILE); XFCLOSE(file); return ret; @@ -3205,7 +3208,7 @@ static int CyaSSL_SetTmpDH_file_wrapper(CYASSL_CTX* ctx, CYASSL* ssl, int dynamic = 0; int ret; long sz = 0; - XFILE file = XFOPEN(fname, "rb"); + XFILE file = XFOPEN(fname, "rb"); if (file == XBADFILE) return SSL_BAD_FILE; XFSEEK(file, 0, XSEEK_END); @@ -3502,7 +3505,7 @@ typedef struct { 3) ClientCache update CYASSL_CACHE_VERSION if change layout for the following - PERSISTENT_SESSION_CACHE functions + PERSISTENT_SESSION_CACHE functions */ @@ -3560,7 +3563,7 @@ int CyaSSL_memsave_session_cache(void* mem, int sz) CYASSL_LEAVE("CyaSSL_memsave_session_cache", SSL_SUCCESS); - return SSL_SUCCESS; + return SSL_SUCCESS; } @@ -3593,7 +3596,7 @@ int CyaSSL_memrestore_session_cache(const void* mem, int sz) if (LockMutex(&session_mutex) != 0) { CYASSL_MSG("Session cache mutex lock failed"); - return BAD_MUTEX_E; + return BAD_MUTEX_E; } for (i = 0; i < cache_header.rows; ++i) @@ -3618,7 +3621,7 @@ int CyaSSL_memrestore_session_cache(const void* mem, int sz) /* doesn't use memsave because of additional memory use */ int CyaSSL_save_session_cache(const char *fname) { - XFILE file; + XFILE file; int ret; int rc = SSL_SUCCESS; int i; @@ -3626,7 +3629,7 @@ int CyaSSL_save_session_cache(const char *fname) CYASSL_ENTER("CyaSSL_save_session_cache"); - file = XFOPEN(fname, "w+b"); + file = XFOPEN(fname, "w+b"); if (file == XBADFILE) { CYASSL_MSG("Couldn't open session cache save file"); return SSL_BAD_FILE; @@ -3685,15 +3688,15 @@ int CyaSSL_save_session_cache(const char *fname) /* doesn't use memstore because of additional memory use */ int CyaSSL_restore_session_cache(const char *fname) { - XFILE file; - int rc = SSL_SUCCESS; - int ret; + XFILE file; + int rc = SSL_SUCCESS; + int ret; int i; cache_header_t cache_header; CYASSL_ENTER("CyaSSL_restore_session_cache"); - file = XFOPEN(fname, "rb"); + file = XFOPEN(fname, "rb"); if (file == XBADFILE) { CYASSL_MSG("Couldn't open session cache save file"); return SSL_BAD_FILE; @@ -3718,7 +3721,7 @@ int CyaSSL_restore_session_cache(const char *fname) if (LockMutex(&session_mutex) != 0) { CYASSL_MSG("Session cache mutex lock failed"); XFCLOSE(file); - return BAD_MUTEX_E; + return BAD_MUTEX_E; } /* session cache */ @@ -3882,7 +3885,7 @@ static INLINE void SetCertHeaderColumns(CYASSL_CERT_MANAGER* cm, int* columns) /* Restore whole cert row from memory, have lock, return bytes consumed, < 0 on error, have lock */ -static INLINE int RestoreCertRow(CYASSL_CERT_MANAGER* cm, byte* current, +static INLINE int RestoreCertRow(CYASSL_CERT_MANAGER* cm, byte* current, int row, int listSz, const byte* end) { int idx = 0; @@ -3916,7 +3919,7 @@ static INLINE int RestoreCertRow(CYASSL_CERT_MANAGER* cm, byte* current, /* keyOID */ XMEMCPY(&signer->keyOID, current + idx, sizeof(signer->keyOID)); idx += (int)sizeof(signer->keyOID); - + /* pulicKey */ if (start + minSz + signer->pubKeySize > end) { CYASSL_MSG("Would overread restore buffer"); @@ -4069,7 +4072,7 @@ int CM_SaveCertCache(CYASSL_CERT_MANAGER* cm, const char* fname) } memSz = GetCertCacheMemSize(cm); - mem = (byte*)XMALLOC(memSz, cm->heap, DYNAMIC_TYPE_TMP_BUFFER); + mem = (byte*)XMALLOC(memSz, cm->heap, DYNAMIC_TYPE_TMP_BUFFER); if (mem == NULL) { CYASSL_MSG("Alloc for tmp buffer failed"); rc = MEMORY_E; @@ -4084,7 +4087,7 @@ int CM_SaveCertCache(CYASSL_CERT_MANAGER* cm, const char* fname) } XFREE(mem, cm->heap, DYNAMIC_TYPE_TMP_BUFFER); } - + UnLockMutex(&cm->caLock); XFCLOSE(file); @@ -4384,7 +4387,7 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl) CYASSL_ENTER("SSL_connect()"); - #ifdef HAVE_ERRNO_H + #ifdef HAVE_ERRNO_H errno = 0; #endif @@ -4481,7 +4484,7 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl) } #endif #ifdef CYASSL_SHA384 - if ( (ssl->error = + if ( (ssl->error = InitSha384(&ssl->hashSha384)) != 0) { CYASSL_ERROR(ssl->error); return SSL_FATAL_ERROR; @@ -4503,7 +4506,7 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl) if (ssl->options.dtls) { neededState = ssl->options.resuming ? SERVER_FINISHED_COMPLETE : SERVER_HELLODONE_COMPLETE; - + /* get response */ while (ssl->options.serverState < neededState) { if ( (ssl->error = ProcessReply(ssl)) < 0) { @@ -4530,7 +4533,7 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl) } CYASSL_MSG("sent: certificate"); } - + #endif ssl->options.connectState = FIRST_REPLY_FIRST; CYASSL_MSG("connect state: FIRST_REPLY_FIRST"); @@ -4585,7 +4588,7 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl) CYASSL_ERROR(ssl->error); return SSL_FATAL_ERROR; } - + ssl->options.connectState = SECOND_REPLY_DONE; CYASSL_MSG("connect state: SECOND_REPLY_DONE"); @@ -4656,7 +4659,7 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl) byte havePSK = 0; CYASSL_ENTER("SSL_accept()"); - #ifdef HAVE_ERRNO_H + #ifdef HAVE_ERRNO_H errno = 0; #endif @@ -4688,8 +4691,8 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl) ssl->eccTempKey) != 0) { ssl->error = ECC_MAKEKEY_ERROR; CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } + return SSL_FATAL_ERROR; + } ssl->eccTempKeyPresent = 1; } #endif @@ -4720,7 +4723,7 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl) } switch (ssl->options.acceptState) { - + case ACCEPT_BEGIN : /* get response */ while (ssl->options.clientState < CLIENT_HELLO_COMPLETE) @@ -4791,7 +4794,7 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl) case SERVER_HELLO_SENT : #ifndef NO_CERTS - if (!ssl->options.resuming) + if (!ssl->options.resuming) if ( (ssl->error = SendCertificate(ssl)) != 0) { CYASSL_ERROR(ssl->error); return SSL_FATAL_ERROR; @@ -4801,7 +4804,7 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl) CYASSL_MSG("accept state CERT_SENT"); case CERT_SENT : - if (!ssl->options.resuming) + if (!ssl->options.resuming) if ( (ssl->error = SendServerKeyExchange(ssl)) != 0) { CYASSL_ERROR(ssl->error); return SSL_FATAL_ERROR; @@ -4811,7 +4814,7 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl) case KEY_EXCHANGE_SENT : #ifndef NO_CERTS - if (!ssl->options.resuming) + if (!ssl->options.resuming) if (ssl->options.verifyPeer) if ( (ssl->error = SendCertificateRequest(ssl)) != 0) { CYASSL_ERROR(ssl->error); @@ -4822,7 +4825,7 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl) CYASSL_MSG("accept state CERT_REQ_SENT"); case CERT_REQ_SENT : - if (!ssl->options.resuming) + if (!ssl->options.resuming) if ( (ssl->error = SendServerHelloDone(ssl)) != 0) { CYASSL_ERROR(ssl->error); return SSL_FATAL_ERROR; @@ -4840,8 +4843,8 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl) } ssl->options.acceptState = ACCEPT_SECOND_REPLY_DONE; CYASSL_MSG("accept state ACCEPT_SECOND_REPLY_DONE"); - - case ACCEPT_SECOND_REPLY_DONE : + + case ACCEPT_SECOND_REPLY_DONE : if ( (ssl->error = SendChangeCipher(ssl)) != 0) { CYASSL_ERROR(ssl->error); return SSL_FATAL_ERROR; @@ -4849,7 +4852,7 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl) ssl->options.acceptState = CHANGE_CIPHER_SENT; CYASSL_MSG("accept state CHANGE_CIPHER_SENT"); - case CHANGE_CIPHER_SENT : + case CHANGE_CIPHER_SENT : if ( (ssl->error = SendFinished(ssl)) != 0) { CYASSL_ERROR(ssl->error); return SSL_FATAL_ERROR; @@ -5047,7 +5050,7 @@ CYASSL_SESSION* GetSessionClient(CYASSL* ssl, const byte* id, int len) CYASSL_MSG("Lock session mutex failed"); return NULL; } - + /* start from most recently used */ count = min((word32)ClientCache[row].totalCount, SESSIONS_PER_ROW); idx = ClientCache[row].nextIdx - 1; @@ -5062,7 +5065,7 @@ CYASSL_SESSION* GetSessionClient(CYASSL* ssl, const byte* id, int len) CYASSL_MSG("Bad idx"); break; } - + clSess = ClientCache[row].Clients[idx]; current = &SessionCache[clSess.serverRow].Sessions[clSess.serverIdx]; @@ -5081,8 +5084,8 @@ CYASSL_SESSION* GetSessionClient(CYASSL* ssl, const byte* id, int len) } UnLockMutex(&session_mutex); - - return ret; + + return ret; } #endif /* NO_CLIENT_CACHE */ @@ -5096,7 +5099,7 @@ CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret) int idx; int count; int error = 0; - + if (ssl->options.sessionCacheOff) return NULL; @@ -5116,8 +5119,8 @@ CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret) if (LockMutex(&session_mutex) != 0) return 0; - - /* start from most recently used */ + + /* start from most recently used */ count = min((word32)SessionCache[row].totalCount, SESSIONS_PER_ROW); idx = SessionCache[row].nextIdx - 1; if (idx < 0) @@ -5125,7 +5128,7 @@ CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret) for (; count > 0; --count, idx = idx ? idx - 1 : SESSIONS_PER_ROW - 1) { CYASSL_SESSION* current; - + if (idx >= SESSIONS_PER_ROW || idx < 0) { /* sanity check */ CYASSL_MSG("Bad idx"); break; @@ -5145,11 +5148,11 @@ CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret) break; /* no more sessionIDs whether valid or not that match */ } else { CYASSL_MSG("SessionID not a match at this idx"); - } + } } UnLockMutex(&session_mutex); - + return ret; } @@ -5190,7 +5193,7 @@ int AddSession(CYASSL* ssl) if (error != 0) { CYASSL_MSG("Hash session failed"); return error; - } + } if (LockMutex(&session_mutex) != 0) return BAD_MUTEX_E; @@ -5325,7 +5328,7 @@ CYASSL_X509_CHAIN* CyaSSL_SESSION_get_peer_chain(CYASSL_SESSION* session) int i; double E; /* expected freq */ double chiSquare = 0; - + for (i = 0; i < SESSION_ROWS; i++) { totalSessionsSeen += SessionCache[i].totalCount; @@ -5335,7 +5338,7 @@ CYASSL_X509_CHAIN* CyaSSL_SESSION_get_peer_chain(CYASSL_SESSION* session) rowNow = 0; else rowNow = SessionCache[i].nextIdx; - + totalSessionsNow += rowNow; } @@ -5376,7 +5379,7 @@ CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret) (void)ssl; (void)masterSecret; - return NULL; + return NULL; } #endif /* NO_SESSION_CACHE */ @@ -5422,7 +5425,7 @@ int CyaSSL_set_compression(CYASSL* ssl) } -#ifndef USE_WINDOWS_API +#ifndef USE_WINDOWS_API #ifndef NO_WRITEV /* simulate writev semantics, doesn't actually do block at a time though @@ -5519,7 +5522,7 @@ int CyaSSL_set_compression(CYASSL* ssl) Itimerval myTimeout; Itimerval oldTimeout; /* if old timer adjust from total time to reset */ struct sigaction act, oact; - + #define ERR_OUT(x) { ssl->hsInfoOn = 0; ssl->toInfoOn = 0; return x; } if (hsCb) { @@ -5529,7 +5532,7 @@ int CyaSSL_set_compression(CYASSL* ssl) if (toCb) { ssl->toInfoOn = 1; InitTimeoutInfo(&ssl->timeoutInfo); - + if (gettimeofday(&startTime, 0) < 0) ERR_OUT(GETTIME_ERROR); @@ -5543,16 +5546,16 @@ int CyaSSL_set_compression(CYASSL* ssl) if (oldTimeout.it_value.tv_sec || oldTimeout.it_value.tv_usec) { oldTimerOn = 1; - + /* is old timer going to expire before ours */ - if (CmpTimes(oldTimeout.it_value, timeout, <)) { + if (CmpTimes(oldTimeout.it_value, timeout, <)) { timeout.tv_sec = oldTimeout.it_value.tv_sec; timeout.tv_usec = oldTimeout.it_value.tv_usec; - } + } } myTimeout.it_value.tv_sec = timeout.tv_sec; myTimeout.it_value.tv_usec = timeout.tv_usec; - + /* set up signal handler, don't restart socket send/recv */ act.sa_handler = myHandler; sigemptyset(&act.sa_mask); @@ -5576,8 +5579,8 @@ int CyaSSL_set_compression(CYASSL* ssl) if (ssl->options.side == CYASSL_SERVER_END) ret = CyaSSL_accept(ssl); #endif - - /* do callbacks */ + + /* do callbacks */ if (toCb) { if (oldTimerOn) { gettimeofday(&endTime, 0); @@ -5600,7 +5603,7 @@ int CyaSSL_set_compression(CYASSL* ssl) /* use old settings which may turn off (expired or not there) */ if (setitimer(ITIMER_REAL, &oldTimeout, 0) < 0) ret = SETITIMER_ERROR; - + /* if we had a timeout call callback */ if (ssl->timeoutInfo.timeoutName[0]) { ssl->timeoutInfo.timeoutValue.tv_sec = timeout.tv_sec; @@ -5807,7 +5810,7 @@ int CyaSSL_set_compression(CYASSL* ssl) const unsigned char* in, long sz, int format) { CYASSL_ENTER("CyaSSL_use_PrivateKey_buffer"); - return ProcessBuffer(ssl->ctx, in, sz, format, PRIVATEKEY_TYPE, + return ProcessBuffer(ssl->ctx, in, sz, format, PRIVATEKEY_TYPE, ssl, NULL, 0); } @@ -5826,7 +5829,7 @@ int CyaSSL_set_compression(CYASSL* ssl) int CyaSSL_UnloadCertsKeys(CYASSL* ssl) { if (ssl == NULL) { - CYASSL_MSG("Null function arg"); + CYASSL_MSG("Null function arg"); return BAD_FUNC_ARG; } @@ -5914,8 +5917,8 @@ int CyaSSL_set_compression(CYASSL* ssl) void CyaSSL_CTX_set_client_CA_list(CYASSL_CTX* ctx, STACK_OF(CYASSL_X509_NAME)* names) { - (void)ctx; - (void)names; + (void)ctx; + (void)names; } @@ -5929,7 +5932,7 @@ int CyaSSL_set_compression(CYASSL* ssl) int CyaSSL_CTX_set_default_verify_paths(CYASSL_CTX* ctx) { /* TODO:, not needed in goahead */ - (void)ctx; + (void)ctx; return SSL_NOT_IMPLEMENTED; } @@ -5960,7 +5963,7 @@ int CyaSSL_set_compression(CYASSL* ssl) *msLen = SECRET_LEN; *srLen = RAN_LEN; *crLen = RAN_LEN; - + return SSL_SUCCESS; } @@ -6003,24 +6006,24 @@ int CyaSSL_set_compression(CYASSL* ssl) void CyaSSL_CTX_set_tmp_rsa_callback(CYASSL_CTX* ctx, CYASSL_RSA*(*f)(CYASSL*, int, int)) { - /* CyaSSL verifies all these internally */ - (void)ctx; - (void)f; + /* CyaSSL verifies all these internally */ + (void)ctx; + (void)f; } void CyaSSL_set_shutdown(CYASSL* ssl, int opt) { - (void)ssl; - (void)opt; + (void)ssl; + (void)opt; } long CyaSSL_CTX_set_options(CYASSL_CTX* ctx, long opt) { - /* goahead calls with 0, do nothing */ + /* goahead calls with 0, do nothing */ CYASSL_ENTER("SSL_CTX_set_options"); - (void)ctx; + (void)ctx; return opt; } @@ -6052,10 +6055,10 @@ int CyaSSL_set_compression(CYASSL* ssl) { /* no tmp key needed, actual generation not supported */ CYASSL_ENTER("RSA_generate_key"); - (void)len; - (void)bits; - (void)f; - (void)data; + (void)len; + (void)bits; + (void)f; + (void)data; return NULL; } @@ -6064,7 +6067,7 @@ int CyaSSL_set_compression(CYASSL* ssl) CYASSL_X509* CyaSSL_X509_STORE_CTX_get_current_cert( CYASSL_X509_STORE_CTX* ctx) { - (void)ctx; + (void)ctx; return 0; } @@ -6079,7 +6082,7 @@ int CyaSSL_set_compression(CYASSL* ssl) int CyaSSL_X509_STORE_CTX_get_error_depth(CYASSL_X509_STORE_CTX* ctx) { - (void)ctx; + (void)ctx; return 0; } @@ -6099,8 +6102,8 @@ int CyaSSL_set_compression(CYASSL* ssl) { /* CyaSSL has internal buffer, compatibility only */ CYASSL_ENTER("BIO_set_write_buffer_size"); - (void)bio; - return size; + (void)bio; + return size; } @@ -6121,7 +6124,7 @@ int CyaSSL_set_compression(CYASSL* ssl) DYNAMIC_TYPE_OPENSSL); CYASSL_ENTER("BIO_new_socket"); - if (bio) { + if (bio) { bio->type = BIO_SOCKET; bio->close = (byte)closeF; bio->eof = 0; @@ -6132,7 +6135,7 @@ int CyaSSL_set_compression(CYASSL* ssl) bio->mem = NULL; bio->memLen = 0; } - return bio; + return bio; } @@ -6142,7 +6145,7 @@ int CyaSSL_set_compression(CYASSL* ssl) if (b->eof) return 1; - return 0; + return 0; } @@ -6211,7 +6214,7 @@ int CyaSSL_set_compression(CYASSL* ssl) } -#ifdef USE_WINDOWS_API +#ifdef USE_WINDOWS_API #define CloseSocket(s) closesocket(s) #elif defined(CYASSL_MDK_ARM) #define CloseSocket(s) closesocket(s) @@ -6322,7 +6325,7 @@ int CyaSSL_set_compression(CYASSL* ssl) { /* for CyaSSL no flushing needed */ CYASSL_ENTER("BIO_flush"); - (void)bio; + (void)bio; return 1; } @@ -6353,12 +6356,12 @@ int CyaSSL_set_compression(CYASSL* ssl) void CyaSSL_set_locking_callback(void (*f)(int, int, const char*, int)) { - (void)f; + (void)f; } void CyaSSL_set_id_callback(unsigned long (*f)(void)) { - (void)f; + (void)f; } unsigned long CyaSSL_ERR_get_error(void) @@ -6468,7 +6471,7 @@ int CyaSSL_set_compression(CYASSL* ssl) const char* CyaSSLeay_version(int type) { static const char* version = "SSLeay CyaSSL compatibility"; - (void)type; + (void)type; return version; } @@ -6677,8 +6680,8 @@ int CyaSSL_set_compression(CYASSL* ssl) void CyaSSL_EVP_MD_CTX_init(CYASSL_EVP_MD_CTX* ctx) { CYASSL_ENTER("EVP_CIPHER_MD_CTX_init"); - (void)ctx; - /* do nothing */ + (void)ctx; + /* do nothing */ } @@ -6765,7 +6768,7 @@ int CyaSSL_set_compression(CYASSL* ssl) int CyaSSL_EVP_MD_CTX_cleanup(CYASSL_EVP_MD_CTX* ctx) { CYASSL_ENTER("EVP_MD_CTX_cleanup"); - (void)ctx; + (void)ctx; return 0; } @@ -6792,7 +6795,7 @@ int CyaSSL_set_compression(CYASSL* ssl) } return SSL_SUCCESS; - } + } /* SSL_SUCCESS on ok */ @@ -6973,13 +6976,13 @@ int CyaSSL_set_compression(CYASSL* ssl) if (ctx->keyLen == 0) /* user may have already set */ ctx->keyLen = 16; /* default to 128 */ if (key) - Arc4SetKey(&ctx->cipher.arc4, key, ctx->keyLen); + Arc4SetKey(&ctx->cipher.arc4, key, ctx->keyLen); } else if (ctx->cipherType == NULL_CIPHER_TYPE || (type && XSTRNCMP(type, "NULL", 4) == 0)) { CYASSL_MSG("NULL cipher"); ctx->cipherType = NULL_CIPHER_TYPE; - ctx->keyLen = 0; + ctx->keyLen = 0; } else return 0; /* failure */ @@ -7026,7 +7029,7 @@ int CyaSSL_set_compression(CYASSL* ssl) return 0; /* failure */ } - if (ctx->cipherType == 0xff) { + if (ctx->cipherType == 0xff) { CYASSL_MSG("no init"); return 0; /* failure */ } @@ -7058,7 +7061,7 @@ int CyaSSL_set_compression(CYASSL* ssl) else Des_CbcDecrypt(&ctx->cipher.des, dst, src, len); break; - + case DES_EDE3_CBC_TYPE : if (ctx->enc) ret = Des3_CbcEncrypt(&ctx->cipher.des3, dst, src, len); @@ -7082,11 +7085,11 @@ int CyaSSL_set_compression(CYASSL* ssl) if (ret != 0) { CYASSL_MSG("CyaSSL_EVP_Cipher failure"); - return 0; /* failuer */ + return 0; /* failuer */ } CYASSL_MSG("CyaSSL_EVP_Cipher success"); - return SSL_SUCCESS; /* success */ + return SSL_SUCCESS; /* success */ } @@ -7099,7 +7102,7 @@ int CyaSSL_set_compression(CYASSL* ssl) CYASSL_MSG("Bad function argument"); return SSL_FATAL_ERROR; } - + switch (ctx->cipherType) { case AES_128_CBC_TYPE : @@ -7122,7 +7125,7 @@ int CyaSSL_set_compression(CYASSL* ssl) CYASSL_MSG("DES CBC"); memcpy(ctx->iv, &ctx->cipher.des.reg, DES_BLOCK_SIZE); break; - + case DES_EDE3_CBC_TYPE : CYASSL_MSG("DES EDE3 CBC"); memcpy(ctx->iv, &ctx->cipher.des.reg, DES_BLOCK_SIZE); @@ -7140,7 +7143,7 @@ int CyaSSL_set_compression(CYASSL* ssl) CYASSL_MSG("bad type"); return SSL_FATAL_ERROR; } - } + } return SSL_SUCCESS; } @@ -7155,7 +7158,7 @@ int CyaSSL_set_compression(CYASSL* ssl) CYASSL_MSG("Bad function argument"); return SSL_FATAL_ERROR; } - + switch (ctx->cipherType) { case AES_128_CBC_TYPE : @@ -7178,7 +7181,7 @@ int CyaSSL_set_compression(CYASSL* ssl) CYASSL_MSG("DES CBC"); memcpy(&ctx->cipher.des.reg, ctx->iv, DES_BLOCK_SIZE); break; - + case DES_EDE3_CBC_TYPE : CYASSL_MSG("DES EDE3 CBC"); memcpy(&ctx->cipher.des.reg, ctx->iv, DES_BLOCK_SIZE); @@ -7196,7 +7199,7 @@ int CyaSSL_set_compression(CYASSL* ssl) CYASSL_MSG("bad type"); return SSL_FATAL_ERROR; } - } + } return SSL_SUCCESS; } @@ -7229,7 +7232,7 @@ int CyaSSL_set_compression(CYASSL* ssl) else if (XSTRNCMP(type, "SHA", 3) == 0) { ctx->macType = SHA; CyaSSL_SHA_Init((SHA_CTX*)&ctx->hash); - } + } else return BAD_FUNC_ARG; @@ -7242,20 +7245,20 @@ int CyaSSL_set_compression(CYASSL* ssl) unsigned long sz) { CYASSL_ENTER("EVP_DigestUpdate"); - if (ctx->macType == MD5) + if (ctx->macType == MD5) CyaSSL_MD5_Update((MD5_CTX*)&ctx->hash, data, (unsigned long)sz); - else if (ctx->macType == SHA) + else if (ctx->macType == SHA) CyaSSL_SHA_Update((SHA_CTX*)&ctx->hash, data, (unsigned long)sz); - else if (ctx->macType == SHA256) + else if (ctx->macType == SHA256) CyaSSL_SHA256_Update((SHA256_CTX*)&ctx->hash, data, (unsigned long)sz); #ifdef CYASSL_SHA384 - else if (ctx->macType == SHA384) + else if (ctx->macType == SHA384) CyaSSL_SHA384_Update((SHA384_CTX*)&ctx->hash, data, (unsigned long)sz); #endif #ifdef CYASSL_SHA512 - else if (ctx->macType == SHA512) + else if (ctx->macType == SHA512) CyaSSL_SHA512_Update((SHA512_CTX*)&ctx->hash, data, (unsigned long)sz); #endif @@ -7326,7 +7329,7 @@ int CyaSSL_set_compression(CYASSL* ssl) if (md_len) *md_len = MD5_DIGEST_SIZE; } else if (XSTRNCMP(evp_md, "SHA", 3) == 0) { - ret = HmacSetKey(&hmac, SHA, (const byte*)key, key_len); + ret = HmacSetKey(&hmac, SHA, (const byte*)key, key_len); if (md_len) *md_len = SHA_DIGEST_SIZE; } else @@ -7337,7 +7340,7 @@ int CyaSSL_set_compression(CYASSL* ssl) HmacUpdate(&hmac, d, n); HmacFinal(&hmac, md); - + return md; } @@ -7364,7 +7367,7 @@ int CyaSSL_set_compression(CYASSL* ssl) to take control */ } - + /* SSL_SUCCESS on ok */ int CyaSSL_DES_key_sched(CYASSL_const_DES_cblock* key, CYASSL_DES_key_schedule* schedule) @@ -7425,7 +7428,7 @@ int CyaSSL_set_compression(CYASSL* ssl) void CyaSSL_ERR_remove_state(unsigned long state) { /* TODO: GetErrors().Remove(); */ - (void)state; + (void)state; } @@ -7456,7 +7459,7 @@ int CyaSSL_set_compression(CYASSL* ssl) long CyaSSL_CTX_get_mode(CYASSL_CTX* ctx) { /* TODO: */ - (void)ctx; + (void)ctx; return 0; } @@ -7464,8 +7467,8 @@ int CyaSSL_set_compression(CYASSL* ssl) void CyaSSL_CTX_set_default_read_ahead(CYASSL_CTX* ctx, int m) { /* TODO: maybe? */ - (void)ctx; - (void)m; + (void)ctx; + (void)m; } @@ -7474,9 +7477,9 @@ int CyaSSL_set_compression(CYASSL* ssl) unsigned int sid_ctx_len) { /* No application specific context needed for cyaSSL */ - (void)ctx; - (void)sid_ctx; - (void)sid_ctx_len; + (void)ctx; + (void)sid_ctx; + (void)sid_ctx_len; return SSL_SUCCESS; } @@ -7484,7 +7487,7 @@ int CyaSSL_set_compression(CYASSL* ssl) long CyaSSL_CTX_sess_get_cache_size(CYASSL_CTX* ctx) { /* TODO: maybe? */ - (void)ctx; + (void)ctx; return (~0); } @@ -7492,10 +7495,10 @@ int CyaSSL_set_compression(CYASSL* ssl) const char** data, int *flags) { /* Not implemented */ - (void)file; - (void)line; - (void)data; - (void)flags; + (void)file; + (void)line; + (void)data; + (void)flags; return 0; } @@ -7521,7 +7524,7 @@ int CyaSSL_set_compression(CYASSL* ssl) void CyaSSL_FreeX509(CYASSL_X509* x509) { CYASSL_ENTER("CyaSSL_FreeX509"); - FreeX509(x509); + FreeX509(x509); } @@ -7851,7 +7854,7 @@ int CyaSSL_set_compression(CYASSL* ssl) } - /* write X509 serial number in unsigned binary to buffer + /* write X509 serial number in unsigned binary to buffer buffer needs to be at least EXTERNAL_SERIAL_SIZE (32) for all cases return SSL_SUCCESS on success */ int CyaSSL_X509_get_serial_number(CYASSL_X509* x509, byte* in, int* inOutSz) @@ -7869,9 +7872,9 @@ int CyaSSL_set_compression(CYASSL* ssl) const byte* CyaSSL_X509_get_der(CYASSL_X509* x509, int* outSz) - { + { CYASSL_ENTER("CyaSSL_X509_get_der"); - + if (x509 == NULL || outSz == NULL) return NULL; @@ -7916,7 +7919,7 @@ int CyaSSL_set_compression(CYASSL* ssl) #ifdef CYASSL_SEP /* copy oid into in buffer, at most *inOutSz bytes, if buffer is null will - malloc buffer, call responsible for freeing. Actual size returned in + malloc buffer, call responsible for freeing. Actual size returned in *inOutSz. Requires inOutSz be non-null */ byte* CyaSSL_X509_get_device_type(CYASSL_X509* x509, byte* in, int *inOutSz) { @@ -8185,7 +8188,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) void CyaSSL_set_connect_state(CYASSL* ssl) { (void)ssl; - /* client by default */ + /* client by default */ } #endif @@ -8417,7 +8420,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) return "TLS_RSA_WITH_AES_128_CBC_SHA256"; case TLS_RSA_WITH_AES_256_CBC_SHA256 : return "TLS_RSA_WITH_AES_256_CBC_SHA256"; - #ifdef HAVE_BLAKE2 + #ifdef HAVE_BLAKE2 case TLS_RSA_WITH_AES_128_CBC_B2B256: return "TLS_RSA_WITH_AES_128_CBC_B2B256"; case TLS_RSA_WITH_AES_256_CBC_B2B256: @@ -8474,7 +8477,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) case TLS_RSA_WITH_HC_128_SHA : return "TLS_RSA_WITH_HC_128_SHA"; #endif - #ifdef HAVE_BLAKE2 + #ifdef HAVE_BLAKE2 case TLS_RSA_WITH_HC_128_B2B256: return "TLS_RSA_WITH_HC_128_B2B256"; #endif @@ -8644,9 +8647,9 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) /* make sure we have a big enough buffer */ typedef char ok[sizeof(md4->buffer) >= sizeof(Md4) ? 1 : -1]; (void) sizeof(ok); - + CYASSL_ENTER("MD4_Init"); - InitMd4((Md4*)md4); + InitMd4((Md4*)md4); } @@ -8654,14 +8657,14 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) unsigned long len) { CYASSL_ENTER("MD4_Update"); - Md4Update((Md4*)md4, (const byte*)data, (word32)len); + Md4Update((Md4*)md4, (const byte*)data, (word32)len); } void CyaSSL_MD4_Final(unsigned char* digest, CYASSL_MD4_CTX* md4) { CYASSL_ENTER("MD4_Final"); - Md4Final((Md4*)md4, digest); + Md4Final((Md4*)md4, digest); } #endif /* NO_MD4 */ @@ -8709,7 +8712,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) void CyaSSL_RAND_screen(void) { - + } @@ -8928,7 +8931,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) if (ctx != NULL) CyaSSL_X509_STORE_CTX_init(ctx, NULL, NULL, NULL); - + return ctx; } @@ -8974,7 +8977,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) { if (ctx != NULL && ctx->store != NULL && ctx->store->cm != NULL && ctx->current_cert != NULL) { - return CyaSSL_CertManagerVerifyBuffer(ctx->store->cm, + return CyaSSL_CertManagerVerifyBuffer(ctx->store->cm, ctx->current_cert->derCert.buffer, ctx->current_cert->derCert.length, SSL_FILETYPE_ASN1); @@ -9202,7 +9205,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) (void)key; return 0; } - + long CyaSSL_CTX_sess_accept(CYASSL_CTX* ctx) { @@ -9301,7 +9304,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) (void)myDes; } - + void CyaSSL_DES_ecb_encrypt(CYASSL_DES_cblock* desa, CYASSL_DES_cblock* desb, CYASSL_DES_key_schedule* key, int len) { @@ -9325,7 +9328,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) (void)a; return 0; } - + int CyaSSL_sk_num(CYASSL_X509_REVOKED* rev) { @@ -9425,7 +9428,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) (void)a; (void)b; (void)c; - return 0; + return 0; } #endif /* OPENSSL_EXTRA */ @@ -9466,7 +9469,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) info.consumed = 0; fileDer.buffer = 0; - file = XFOPEN(fname, "rb"); + file = XFOPEN(fname, "rb"); if (file == XBADFILE) return SSL_BAD_FILE; XFSEEK(file, 0, XSEEK_END); sz = XFTELL(file); @@ -9475,7 +9478,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) CYASSL_MSG("Getting dynamic buffer"); myBuffer = (byte*) XMALLOC(sz, ctx->heap, DYNAMIC_TYPE_FILE); } - + if ((myBuffer != NULL) && (sz > 0) && (XFREAD(myBuffer, sz, 1, file) > 0) && @@ -9528,14 +9531,14 @@ static int initGlobalRNG = 0; int CyaSSL_RAND_bytes(unsigned char* buf, int num) { RNG tmpRNG; - RNG* rng = &tmpRNG; + RNG* rng = &tmpRNG; CYASSL_ENTER("RAND_bytes"); if (InitRng(&tmpRNG) != 0) { CYASSL_MSG("Bad RNG Init, trying global"); if (initGlobalRNG == 0) { CYASSL_MSG("Global RNG no Init"); - return 0; + return 0; } rng = &globalRNG; } @@ -9571,7 +9574,7 @@ static int initGlobalRNG = 0; static void InitCyaSSL_BigNum(CYASSL_BIGNUM* bn) - { + { CYASSL_MSG("InitCyaSSL_BigNum"); if (bn) { bn->neg = 0; @@ -9604,7 +9607,7 @@ static int initGlobalRNG = 0; InitCyaSSL_BigNum(external); external->internal = mpi; if (mp_init(mpi) != MP_OKAY) { - CyaSSL_BN_free(external); + CyaSSL_BN_free(external); return NULL; } @@ -9786,7 +9789,7 @@ static int initGlobalRNG = 0; if (mp_read_unsigned_bin((mp_int*)ret->internal, str, len) != 0) { CYASSL_MSG("mp_read_unsigned_bin failure"); return NULL; - } + } } else { CYASSL_MSG("CyaSSL_BN_bin2bn wants return bignum"); @@ -9811,7 +9814,7 @@ static int initGlobalRNG = 0; { byte buff[1024]; RNG tmpRNG; - RNG* rng = &tmpRNG; + RNG* rng = &tmpRNG; int len = bits/8; (void)top; @@ -9820,7 +9823,7 @@ static int initGlobalRNG = 0; if (bn == NULL || bn->internal == NULL) { CYASSL_MSG("Bad function arguments"); - return 0; + return 0; } if (bits % 8) @@ -9830,7 +9833,7 @@ static int initGlobalRNG = 0; CYASSL_MSG("Bad RNG Init, trying global"); if (initGlobalRNG == 0) { CYASSL_MSG("Global RNG no Init"); - return 0; + return 0; } rng = &globalRNG; } @@ -9843,7 +9846,7 @@ static int initGlobalRNG = 0; CYASSL_MSG("mp read bin failed"); return 0; } - + return SSL_SUCCESS; } @@ -10031,7 +10034,7 @@ static int initGlobalRNG = 0; } - static int SetDhInternal(CYASSL_DH* dh) + static int SetDhInternal(CYASSL_DH* dh) { unsigned char p[1024]; unsigned char g[1024]; @@ -10057,7 +10060,7 @@ static int initGlobalRNG = 0; pSz = CyaSSL_BN_bn2bin(dh->p, p); gSz = CyaSSL_BN_bn2bin(dh->g, g); - + if (pSz <= 0 || gSz <= 0) { CYASSL_MSG("Bad BN2bin set"); return SSL_FATAL_ERROR; @@ -10093,19 +10096,19 @@ static int initGlobalRNG = 0; word32 pubSz = sizeof(pub); word32 privSz = sizeof(priv); RNG tmpRNG; - RNG* rng = &tmpRNG; + RNG* rng = &tmpRNG; CYASSL_MSG("CyaSSL_DH_generate_key"); if (dh == NULL || dh->p == NULL || dh->g == NULL) { CYASSL_MSG("Bad function arguments"); - return 0; + return 0; } if (dh->inSet == 0) { if (SetDhInternal(dh) < 0) { CYASSL_MSG("Bad DH set internal"); - return 0; + return 0; } } @@ -10113,7 +10116,7 @@ static int initGlobalRNG = 0; CYASSL_MSG("Bad RNG Init, trying global"); if (initGlobalRNG == 0) { CYASSL_MSG("Global RNG no Init"); - return 0; + return 0; } rng = &globalRNG; } @@ -10121,7 +10124,7 @@ static int initGlobalRNG = 0; if (DhGenerateKeyPair((DhKey*)dh->internal, rng, priv, &privSz, pub, &pubSz) < 0) { CYASSL_MSG("Bad DhGenerateKeyPair"); - return 0; + return 0; } if (dh->pub_key) @@ -10129,7 +10132,7 @@ static int initGlobalRNG = 0; dh->pub_key = CyaSSL_BN_new(); if (dh->pub_key == NULL) { CYASSL_MSG("Bad DH new pub"); - return 0; + return 0; } if (dh->priv_key) @@ -10137,17 +10140,17 @@ static int initGlobalRNG = 0; dh->priv_key = CyaSSL_BN_new(); if (dh->priv_key == NULL) { CYASSL_MSG("Bad DH new priv"); - return 0; + return 0; } if (CyaSSL_BN_bin2bn(pub, pubSz, dh->pub_key) == NULL) { CYASSL_MSG("Bad DH bn2bin error pub"); - return 0; + return 0; } if (CyaSSL_BN_bin2bn(priv, privSz, dh->priv_key) == NULL) { CYASSL_MSG("Bad DH bn2bin error priv"); - return 0; + return 0; } CYASSL_MSG("CyaSSL_generate_key success"); @@ -10169,7 +10172,7 @@ static int initGlobalRNG = 0; if (dh == NULL || dh->priv_key == NULL || otherPub == NULL) { CYASSL_MSG("Bad function arguments"); - return 0; + return 0; } keySz = (word32)DH_size(dh); @@ -10190,7 +10193,7 @@ static int initGlobalRNG = 0; privSz = CyaSSL_BN_bn2bin(dh->priv_key, priv); pubSz = CyaSSL_BN_bn2bin(otherPub, pub); - + if (privSz <= 0 || pubSz <= 0) { CYASSL_MSG("Bad BN2bin set"); return 0; @@ -10520,7 +10523,7 @@ static int initGlobalRNG = 0; (void)bits; (void)cb; (void)bn; - + if (InitRng(&rng) < 0) { CYASSL_MSG("RNG init failed"); return SSL_FATAL_ERROR; @@ -10607,7 +10610,7 @@ static int initGlobalRNG = 0; CYASSL_DSA* dsa) { RNG tmpRNG; - RNG* rng = &tmpRNG; + RNG* rng = &tmpRNG; CYASSL_MSG("CyaSSL_DSA_do_sign"); @@ -10625,7 +10628,7 @@ static int initGlobalRNG = 0; CYASSL_MSG("Bad RNG Init, trying global"); if (initGlobalRNG == 0) { CYASSL_MSG("Global RNG no Init"); - return SSL_FATAL_ERROR; + return SSL_FATAL_ERROR; } rng = &globalRNG; } @@ -10649,7 +10652,7 @@ static int initGlobalRNG = 0; word32 outLen; word32 signSz; RNG tmpRNG; - RNG* rng = &tmpRNG; + RNG* rng = &tmpRNG; CYASSL_MSG("CyaSSL_RSA_sign"); @@ -10668,12 +10671,12 @@ static int initGlobalRNG = 0; CYASSL_MSG("Bad RSA size"); return 0; } - + if (InitRng(&tmpRNG) != 0) { CYASSL_MSG("Bad RNG Init, trying global"); if (initGlobalRNG == 0) { CYASSL_MSG("Global RNG no Init"); - return 0; + return 0; } rng = &globalRNG; } @@ -10745,18 +10748,21 @@ static int initGlobalRNG = 0; } err = mp_sub_d((mp_int*)rsa->p->internal, 1, &tmp); - if (err != MP_OKAY) + if (err != MP_OKAY) { CYASSL_MSG("mp_sub_d error"); + } else err = mp_mod((mp_int*)rsa->d->internal, &tmp, (mp_int*)rsa->dmp1->internal); - if (err != MP_OKAY) + if (err != MP_OKAY) { CYASSL_MSG("mp_mod error"); + } else err = mp_sub_d((mp_int*)rsa->q->internal, 1, &tmp); - if (err != MP_OKAY) + if (err != MP_OKAY) { CYASSL_MSG("mp_sub_d error"); + } else err = mp_mod((mp_int*)rsa->d->internal, &tmp, (mp_int*)rsa->dmq1->internal); @@ -10791,7 +10797,7 @@ static int initGlobalRNG = 0; CYASSL_MSG("sha256 hmac"); ctx->type = SHA256; } - + /* has to be last since would pick or 256, 384, or 512 too */ else if (XSTRNCMP(type, "SHA", 3) == 0) { CYASSL_MSG("sha hmac"); @@ -11013,7 +11019,7 @@ static int initGlobalRNG = 0; /* has to be last since would pick or 256, 384, or 512 too */ else if (XSTRNCMP(type, "SHA", 3) == 0) { return SHA_DIGEST_SIZE; - } + } return BAD_FUNC_ARG; } @@ -11042,7 +11048,7 @@ static int initGlobalRNG = 0; case DES_CBC_TYPE : CYASSL_MSG("DES CBC"); return DES_BLOCK_SIZE; - + case DES_EDE3_CBC_TYPE : CYASSL_MSG("DES EDE3 CBC"); return DES_BLOCK_SIZE; @@ -11058,7 +11064,7 @@ static int initGlobalRNG = 0; default: { CYASSL_MSG("bad type"); } - } + } return 0; } @@ -11282,7 +11288,7 @@ CYASSL_X509* CyaSSL_get_chain_X509(CYASSL_X509_CHAIN* chain, int idx) /* Get peer's PEM ceritifcate at index (idx), output to buffer if inLen big - enough else return error (-1), output length is in *outLen + enough else return error (-1), output length is in *outLen SSL_SUCCESS on ok */ int CyaSSL_get_chain_cert_pem(CYASSL_X509_CHAIN* chain, int idx, unsigned char* buf, int inLen, int* outLen) @@ -11318,7 +11324,7 @@ int CyaSSL_get_chain_cert_pem(CYASSL_X509_CHAIN* chain, int idx, if ( (i + footerLen) > inLen) return BAD_FUNC_ARG; XMEMCPY(buf + i, footer, footerLen); - *outLen += headerLen + footerLen; + *outLen += headerLen + footerLen; return SSL_SUCCESS; } @@ -11390,7 +11396,7 @@ void* CyaSSL_GetEccVerifyCtx(CYASSL* ssl) #endif /* HAVE_ECC */ -#ifndef NO_RSA +#ifndef NO_RSA void CyaSSL_CTX_SetRsaSignCb(CYASSL_CTX* ctx, CallbackRsaSign cb) {