-
-#ifndef NO_MAIN_DRIVER
- #define ECHO_OUT
-#endif
-
-#include "examples/echoserver/echoserver.h"
-
-
-#ifdef SESSION_STATS
- CYASSL_API void PrintSessionStats(void);
-#endif
-
-#define SVR_COMMAND_SIZE 256
-
-static void SignalReady(void* args, word16 port)
-{
-#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
- /* signal ready to tcp_accept */
- func_args* server_args = (func_args*)args;
- tcp_ready* ready = server_args->signal;
- pthread_mutex_lock(&ready->mutex);
- ready->ready = 1;
- ready->port = port;
- pthread_cond_signal(&ready->cond);
- pthread_mutex_unlock(&ready->mutex);
-#endif
- (void)args;
- (void)port;
-}
-
-
-THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
-{
- SOCKET_T sockfd = 0;
- CYASSL_METHOD* method = 0;
- CYASSL_CTX* ctx = 0;
-
- int doDTLS = 0;
- int doPSK = 0;
- int outCreated = 0;
- int shutDown = 0;
- int useAnyAddr = 0;
- word16 port = yasslPort;
- int argc = ((func_args*)args)->argc;
- char** argv = ((func_args*)args)->argv;
-
-#ifdef ECHO_OUT
- FILE* fout = stdout;
- if (argc >= 2) {
- fout = fopen(argv[1], "w");
- outCreated = 1;
- }
- if (!fout) err_sys("can't open output file");
-#endif
- (void)outCreated;
- (void)argc;
- (void)argv;
-
- ((func_args*)args)->return_code = -1; /* error state */
-
-#ifdef CYASSL_DTLS
- doDTLS = 1;
-#endif
-
-#ifdef CYASSL_LEANPSK
- doPSK = 1;
-#endif
-
-#if defined(NO_RSA) && !defined(HAVE_ECC)
- doPSK = 1;
-#endif
-
- #if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && \
- !defined(CYASSL_SNIFFER) && !defined(CYASSL_MDK_SHELL)
- port = 0;
- #endif
- #if defined(USE_ANY_ADDR)
- useAnyAddr = 1;
- #endif
- tcp_listen(&sockfd, &port, useAnyAddr, doDTLS);
-
-#if defined(CYASSL_DTLS)
- method = CyaDTLSv1_server_method();
-#elif !defined(NO_TLS)
- method = CyaSSLv23_server_method();
-#else
- method = wolfSSLv3_server_method();
-#endif
- ctx = CyaSSL_CTX_new(method);
- /* CyaSSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); */
-
-#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
- CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
-#endif
-
-#ifndef NO_FILESYSTEM
- if (doPSK == 0) {
- #ifdef HAVE_NTRU
- /* ntru */
- if (CyaSSL_CTX_use_certificate_file(ctx, ntruCert, SSL_FILETYPE_PEM)
- != SSL_SUCCESS)
- err_sys("can't load ntru cert file, "
- "Please run from CyaSSL home dir");
-
- if (CyaSSL_CTX_use_NTRUPrivateKey_file(ctx, ntruKey)
- != SSL_SUCCESS)
- err_sys("can't load ntru key file, "
- "Please run from CyaSSL home dir");
- #elif defined(HAVE_ECC)
- /* ecc */
- if (CyaSSL_CTX_use_certificate_file(ctx, eccCert, SSL_FILETYPE_PEM)
- != SSL_SUCCESS)
- err_sys("can't load server cert file, "
- "Please run from CyaSSL home dir");
-
- if (CyaSSL_CTX_use_PrivateKey_file(ctx, eccKey, SSL_FILETYPE_PEM)
- != SSL_SUCCESS)
- err_sys("can't load server key file, "
- "Please run from CyaSSL home dir");
- #elif defined(NO_CERTS)
- /* do nothing, just don't load cert files */
- #else
- /* normal */
- if (CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)
- != SSL_SUCCESS)
- err_sys("can't load server cert file, "
- "Please run from CyaSSL home dir");
-
- if (CyaSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM)
- != SSL_SUCCESS)
- err_sys("can't load server key file, "
- "Please run from CyaSSL home dir");
- #endif
- } /* doPSK */
-#elif !defined(NO_CERTS)
- if (!doPSK) {
- load_buffer(ctx, svrCert, CYASSL_CERT);
- load_buffer(ctx, svrKey, CYASSL_KEY);
- }
-#endif
-
-#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
- /* don't use EDH, can't sniff tmp keys */
- CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA");
-#endif
-
- if (doPSK) {
-#ifndef NO_PSK
- const char *defaultCipherList;
-
- CyaSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
- CyaSSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
- #ifdef HAVE_NULL_CIPHER
- defaultCipherList = "PSK-NULL-SHA256";
- #else
- defaultCipherList = "PSK-AES128-CBC-SHA256";
- #endif
- if (CyaSSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS)
- err_sys("server can't set cipher list 2");
-#endif
- }
-
- SignalReady(args, port);
-
- while (!shutDown) {
- CYASSL* ssl = 0;
- char command[SVR_COMMAND_SIZE+1];
- int echoSz = 0;
- int clientfd;
- int firstRead = 1;
- int gotFirstG = 0;
-
-#ifndef CYASSL_DTLS
- SOCKADDR_IN_T client;
- socklen_t client_len = sizeof(client);
- clientfd = accept(sockfd, (struct sockaddr*)&client,
- (ACCEPT_THIRD_T)&client_len);
-#else
- clientfd = udp_read_connect(sockfd);
-#endif
- if (clientfd == -1) err_sys("tcp accept failed");
-
- ssl = CyaSSL_new(ctx);
- if (ssl == NULL) err_sys("SSL_new failed");
- CyaSSL_set_fd(ssl, clientfd);
- #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA)
- CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
- #elif !defined(NO_CERTS)
- SetDH(ssl); /* will repick suites with DHE, higher than PSK */
- #endif
- if (CyaSSL_accept(ssl) != SSL_SUCCESS) {
- printf("SSL_accept failed\n");
- CyaSSL_free(ssl);
- CloseSocket(clientfd);
- continue;
- }
-#if defined(PEER_INFO)
- showPeer(ssl);
-#endif
-
- while ( (echoSz = CyaSSL_read(ssl, command, sizeof(command)-1)) > 0) {
-
- if (firstRead == 1) {
- firstRead = 0; /* browser may send 1 byte 'G' to start */
- if (echoSz == 1 && command[0] == 'G') {
- gotFirstG = 1;
- continue;
- }
- }
- else if (gotFirstG == 1 && strncmp(command, "ET /", 4) == 0) {
- strncpy(command, "GET", 4);
- /* fall through to normal GET */
- }
-
- if ( strncmp(command, "quit", 4) == 0) {
- printf("client sent quit command: shutting down!\n");
- shutDown = 1;
- break;
- }
- if ( strncmp(command, "break", 5) == 0) {
- printf("client sent break command: closing session!\n");
- break;
- }
-#ifdef SESSION_STATS
- if ( strncmp(command, "printstats", 10) == 0) {
- PrintSessionStats();
- break;
- }
-#endif
- if ( strncmp(command, "GET", 3) == 0) {
- char type[] = "HTTP/1.0 200 ok\r\nContent-type:"
- " text/html\r\n\r\n";
- char header[] = "\n\n";
- char body[] = "greetings from CyaSSL\n";
- char footer[] = "\r\n\r\n";
-
- strncpy(command, type, sizeof(type));
- echoSz = sizeof(type) - 1;
-
- strncpy(&command[echoSz], header, sizeof(header));
- echoSz += (int)sizeof(header) - 1;
- strncpy(&command[echoSz], body, sizeof(body));
- echoSz += (int)sizeof(body) - 1;
- strncpy(&command[echoSz], footer, sizeof(footer));
- echoSz += (int)sizeof(footer);
-
- if (CyaSSL_write(ssl, command, echoSz) != echoSz)
- err_sys("SSL_write failed");
- break;
- }
- command[echoSz] = 0;
-
- #ifdef ECHO_OUT
- fputs(command, fout);
- #endif
-
- if (CyaSSL_write(ssl, command, echoSz) != echoSz)
- err_sys("SSL_write failed");
- }
-#ifndef CYASSL_DTLS
- CyaSSL_shutdown(ssl);
-#endif
- CyaSSL_free(ssl);
- CloseSocket(clientfd);
-#ifdef CYASSL_DTLS
- tcp_listen(&sockfd, &port, useAnyAddr, doDTLS);
- SignalReady(args, port);
-#endif
- }
-
- CloseSocket(sockfd);
- CyaSSL_CTX_free(ctx);
-
-#ifdef ECHO_OUT
- if (outCreated)
- fclose(fout);
-#endif
-
- ((func_args*)args)->return_code = 0;
- return 0;
-}
-
-
-/* so overall tests can pull in test function */
-#ifndef NO_MAIN_DRIVER
-
- int main(int argc, char** argv)
- {
- func_args args;
-
-#ifdef HAVE_CAVIUM
- int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
- if (ret != 0)
- err_sys("Cavium OpenNitroxDevice failed");
-#endif /* HAVE_CAVIUM */
-
- StartTCP();
-
- args.argc = argc;
- args.argv = argv;
-
- CyaSSL_Init();
-#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
- CyaSSL_Debugging_ON();
-#endif
- if (CurrentDir("echoserver"))
- ChangeDirBack(2);
- else if (CurrentDir("Debug") || CurrentDir("Release"))
- ChangeDirBack(3);
- echoserver_test(&args);
- CyaSSL_Cleanup();
-
-#ifdef HAVE_CAVIUM
- CspShutdown(CAVIUM_DEV_ID);
-#endif
- return args.return_code;
- }
-
-
-#endif /* NO_MAIN_DRIVER */
-
-
-
-
diff --git a/IDE/MDK5-ARM/Projects/CyaSSL-Full/main.c b/IDE/MDK5-ARM/Projects/CyaSSL-Full/main.c
deleted file mode 100644
index ae487e705..000000000
--- a/IDE/MDK5-ARM/Projects/CyaSSL-Full/main.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/* main.c
- *
- * Copyright (C) 2006-2015 wolfSSL Inc.
- *
- * This file is part of wolfSSL. (formerly known as CyaSSL)
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
- */
-
-#ifdef HAVE_CONFIG_H
- #include
-#endif
-
-#include
-#include
-
-#include "cmsis_os.h"
-#if !defined(NO_FILESYSTEM)
-#include "rl_fs.h"
-#endif
-#include "rl_net.h"
-#include
-#include "cyassl_MDK_ARM.h"
-#include
-
-/*-----------------------------------------------------------------------------
- * Initialize a Flash Memory Card
- *----------------------------------------------------------------------------*/
-#if !defined(NO_FILESYSTEM)
-static void init_filesystem (void) {
- int32_t retv;
-
- retv = finit ("M0:");
- if (retv == 0) {
- retv = fmount ("M0:");
- if (retv == 0) {
- printf ("Drive M0 ready!\n");
- }
- else {
- printf ("Drive M0 mount failed!\n");
- }
- }
- else {
- printf ("Drive M0 initialization failed!\n");
- }
-}
-#endif
-
-/*-----------------------------------------------------------------------------
- * TCP/IP tasks
- *----------------------------------------------------------------------------*/
-void tcp_poll (void const *arg)
-{
- CYASSL_MSG("TCP polling started.\n") ;
- while (1) {
- net_main ();
- osDelay(1) ;
- }
-}
-
-extern void shell_main(void * args) ;
-extern void init_time(void) ;
-
-osThreadDef (tcp_poll, osPriorityHigh, 1, 0) ;
-/*-----------------------------------------------------------------------------
- * mian entry
- *----------------------------------------------------------------------------*/
-int myoptind = 0;
-char* myoptarg = NULL;
-
-int main()
-{
- void *arg = NULL ;
-
- #if !defined(NO_FILESYSTEM)
- init_filesystem ();
- #endif
-
- net_initialize() ;
-
- osThreadCreate (osThread (tcp_poll), NULL);
- osDelay(10000) ; /* wait for DHCP */
- #if defined(DEBUG_CYASSL)
- printf("Turning ON Debug message\n") ;
- CyaSSL_Debugging_ON() ;
- #endif
-
- shell_main(arg) ;
-
-}
diff --git a/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c b/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c
deleted file mode 100644
index 4c79540c8..000000000
--- a/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c
+++ /dev/null
@@ -1,605 +0,0 @@
-/* server.c
- *
- * Copyright (C) 2006-2015 wolfSSL Inc.
- *
- * This file is part of wolfSSL. (formerly known as CyaSSL)
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
- */
-
-#ifdef HAVE_CONFIG_H
- #include
-#endif
-
-#include
-
-#if !defined(CYASSL_TRACK_MEMORY) && !defined(NO_MAIN_DRIVER)
- /* in case memory tracker wants stats */
- #define CYASSL_TRACK_MEMORY
-#endif
-
-#if defined(CYASSL_MDK_ARM)
- #include
- #include
-
- #if defined(CYASSL_MDK5)
- #include "cmsis_os.h"
- #include "rl_fs.h"
- #include "rl_net.h"
- #else
- #include "rtl.h"
- #endif
-
- #include "cyassl_MDK_ARM.h"
-#endif
-#include
-#include
-
-#include "examples/server/server.h"
-
-
-#ifdef CYASSL_CALLBACKS
- int srvHandShakeCB(HandShakeInfo*);
- int srvTimeoutCB(TimeoutInfo*);
- Timeval srvTo;
-#endif
-
-static void NonBlockingSSL_Accept(SSL* ssl)
-{
-#ifndef CYASSL_CALLBACKS
- int ret = SSL_accept(ssl);
-#else
- int ret = CyaSSL_accept_ex(ssl, srvHandShakeCB, srvTimeoutCB, srvTo);
-#endif
- int error = SSL_get_error(ssl, 0);
- SOCKET_T sockfd = (SOCKET_T)CyaSSL_get_fd(ssl);
- int select_ret;
-
- while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ ||
- error == SSL_ERROR_WANT_WRITE)) {
- int currTimeout = 1;
-
- if (error == SSL_ERROR_WANT_READ)
- printf("... server would read block\n");
- else
- printf("... server would write block\n");
-
-#ifdef CYASSL_DTLS
- currTimeout = CyaSSL_dtls_get_current_timeout(ssl);
-#endif
- select_ret = tcp_select(sockfd, currTimeout);
-
- if ((select_ret == TEST_RECV_READY) ||
- (select_ret == TEST_ERROR_READY)) {
- #ifndef CYASSL_CALLBACKS
- ret = SSL_accept(ssl);
- #else
- ret = CyaSSL_accept_ex(ssl,
- srvHandShakeCB, srvTimeoutCB, srvTo);
- #endif
- error = SSL_get_error(ssl, 0);
- }
- else if (select_ret == TEST_TIMEOUT && !CyaSSL_dtls(ssl)) {
- error = SSL_ERROR_WANT_READ;
- }
-#ifdef CYASSL_DTLS
- else if (select_ret == TEST_TIMEOUT && CyaSSL_dtls(ssl) &&
- CyaSSL_dtls_got_timeout(ssl) >= 0) {
- error = SSL_ERROR_WANT_READ;
- }
-#endif
- else {
- error = SSL_FATAL_ERROR;
- }
- }
- if (ret != SSL_SUCCESS)
- err_sys("SSL_accept failed");
-}
-
-
-static void Usage(void)
-{
- printf("server " LIBCYASSL_VERSION_STRING
- " NOTE: All files relative to CyaSSL home dir\n");
- printf("-? Help, print this usage\n");
- printf("-p Port to listen on, not 0, default %d\n", yasslPort);
- printf("-v SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n",
- SERVER_DEFAULT_VERSION);
- printf("-l Cipher list\n");
- printf("-c Certificate file, default %s\n", svrCert);
- printf("-k Key file, default %s\n", svrKey);
- printf("-A Certificate Authority file, default %s\n", cliCert);
- printf("-d Disable client cert check\n");
- printf("-b Bind to any interface instead of localhost only\n");
- printf("-s Use pre Shared keys\n");
- printf("-t Track CyaSSL memory use\n");
- printf("-u Use UDP DTLS,"
- " add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n");
- printf("-f Fewer packets/group messages\n");
- printf("-N Use Non-blocking sockets\n");
- printf("-S Use Host Name Indication\n");
-#ifdef HAVE_OCSP
- printf("-o Perform OCSP lookup on peer certificate\n");
- printf("-O Perform OCSP lookup using as responder\n");
-#endif
-#ifdef HAVE_PK_CALLBACKS
- printf("-P Public Key Callbacks\n");
-#endif
-}
-
-THREAD_RETURN CYASSL_THREAD server_test(void* args)
-{
- SOCKET_T sockfd = 0;
- SOCKET_T clientfd = 0;
-
- SSL_METHOD* method = 0;
- SSL_CTX* ctx = 0;
- SSL* ssl = 0;
-
- char msg[] = "I hear you fa shizzle!";
- char input[80];
- int idx;
- int ch;
- int version = SERVER_DEFAULT_VERSION;
- int doCliCertCheck = 0; /* = 0 for no Realtime Clock environment */
- int useAnyAddr = 0;
- word16 port = yasslPort;
- int usePsk = 0;
- int doDTLS = 0;
- int useNtruKey = 0;
- int nonBlocking = 0;
- int trackMemory = 0;
- int fewerPackets = 0;
- int pkCallbacks = 0;
- char* cipherList = NULL;
- char* verifyCert = (char*)cliCert;
- char* ourCert = (char*)svrCert;
- char* ourKey = (char*)svrKey;
- int argc = ((func_args*)args)->argc;
- char** argv = ((func_args*)args)->argv;
-
-#ifdef HAVE_SNI
- char* sniHostName = NULL;
-#endif
-
-#ifdef HAVE_OCSP
- int useOcsp = 0;
- char* ocspUrl = NULL;
-#endif
-
- ((func_args*)args)->return_code = -1; /* error state */
-
-#ifdef NO_RSA
- verifyCert = (char*)cliEccCert;
- ourCert = (char*)eccCert;
- ourKey = (char*)eccKey;
-#endif
- (void)trackMemory;
- (void)pkCallbacks;
-
- while ((ch = mygetopt(argc, argv, "?dbstnNufPp:v:l:A:c:k:S:oO:")) != -1) {
- switch (ch) {
- case '?' :
- Usage();
- exit(EXIT_SUCCESS);
-
- case 'd' :
- doCliCertCheck = 0;
- break;
-
- case 'b' :
- useAnyAddr = 1;
- break;
-
- case 's' :
- usePsk = 1;
- break;
-
- case 't' :
- #ifdef USE_CYASSL_MEMORY
- trackMemory = 1;
- #endif
- break;
-
- case 'n' :
- useNtruKey = 1;
- break;
-
- case 'u' :
- doDTLS = 1;
- break;
-
- case 'f' :
- fewerPackets = 1;
- break;
-
- case 'P' :
- #ifdef HAVE_PK_CALLBACKS
- pkCallbacks = 1;
- #endif
- break;
-
- case 'p' :
- port = (word16)atoi(myoptarg);
- #if !defined(NO_MAIN_DRIVER) || defined(USE_WINDOWS_API)
- if (port == 0)
- err_sys("port number cannot be 0");
- #endif
- break;
-
- case 'v' :
- version = atoi(myoptarg);
- if (version < 0 || version > 3) {
- Usage();
- exit(MY_EX_USAGE);
- }
- break;
-
- case 'l' :
- cipherList = myoptarg;
- break;
-
- case 'A' :
- verifyCert = myoptarg;
- break;
-
- case 'c' :
- ourCert = myoptarg;
- break;
-
- case 'k' :
- ourKey = myoptarg;
- break;
-
- case 'N':
- nonBlocking = 1;
- break;
-
- case 'S' :
- #ifdef HAVE_SNI
- sniHostName = myoptarg;
- #endif
- break;
-
- case 'o' :
- #ifdef HAVE_OCSP
- useOcsp = 1;
- #endif
- break;
-
- case 'O' :
- #ifdef HAVE_OCSP
- useOcsp = 1;
- ocspUrl = myoptarg;
- #endif
- break;
-
- default:
- Usage();
- exit(MY_EX_USAGE);
- }
- }
-
- myoptind = 0; /* reset for test cases */
-
- /* sort out DTLS versus TLS versions */
- if (version == CLIENT_INVALID_VERSION) {
- if (doDTLS)
- version = CLIENT_DTLS_DEFAULT_VERSION;
- else
- version = CLIENT_DEFAULT_VERSION;
- }
- else {
- if (doDTLS) {
- if (version == 3)
- version = -2;
- else
- version = -1;
- }
- }
-
-#ifdef USE_CYASSL_MEMORY
- if (trackMemory)
- InitMemoryTracker();
-#endif
-
- switch (version) {
-#ifndef NO_OLD_TLS
- case 0:
- method = SSLv3_server_method();
- break;
-
- #ifndef NO_TLS
- case 1:
- method = TLSv1_server_method();
- break;
-
-
- case 2:
- method = TLSv1_1_server_method();
- break;
-
- #endif
-#endif
-
-#ifndef NO_TLS
- case 3:
- method = TLSv1_2_server_method();
- break;
-#endif
-
-#ifdef CYASSL_DTLS
- case -1:
- method = DTLSv1_server_method();
- break;
-
- case -2:
- method = DTLSv1_2_server_method();
- break;
-#endif
-
- default:
- err_sys("Bad SSL version");
- }
-
- if (method == NULL)
- err_sys("unable to get method");
-
- ctx = SSL_CTX_new(method);
- if (ctx == NULL)
- err_sys("unable to get ctx");
-
- if (cipherList)
- if (SSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS)
- err_sys("server can't set cipher list 1");
-
-#ifdef CYASSL_LEANPSK
- usePsk = 1;
-#endif
-
-#if defined(NO_RSA) && !defined(HAVE_ECC)
- usePsk = 1;
-#endif
-
- if (fewerPackets)
- CyaSSL_CTX_set_group_messages(ctx);
-
-#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
- SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
-#endif
-
-#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
- if (!usePsk) {
- if (SSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM)
- != SSL_SUCCESS)
- err_sys("can't load server cert file, check file and run from"
- " CyaSSL home dir");
- }
-#endif
-
-#ifdef HAVE_NTRU
- if (useNtruKey) {
- if (CyaSSL_CTX_use_NTRUPrivateKey_file(ctx, ourKey)
- != SSL_SUCCESS)
- err_sys("can't load ntru key file, "
- "Please run from CyaSSL home dir");
- }
-#endif
-
-#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
- if (!useNtruKey && !usePsk) {
- if (SSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM)
- != SSL_SUCCESS)
- err_sys("can't load server private key file, check file and run "
- "from CyaSSL home dir");
- }
-#endif
-
- if (usePsk) {
-#ifndef NO_PSK
- SSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
- SSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
- if (cipherList == NULL) {
- const char *defaultCipherList;
- #ifdef HAVE_NULL_CIPHER
- defaultCipherList = "PSK-NULL-SHA256";
- #else
- defaultCipherList = "PSK-AES128-CBC-SHA256";
- #endif
- if (SSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS)
- err_sys("server can't set cipher list 2");
- }
-#endif
- }
-
-#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
- /* if not using PSK, verify peer with certs */
- if (doCliCertCheck && usePsk == 0) {
- SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER |
- SSL_VERIFY_FAIL_IF_NO_PEER_CERT,0);
- if (SSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS)
- err_sys("can't load ca file, Please run from CyaSSL home dir");
- }
-#endif
-
-#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
- /* don't use EDH, can't sniff tmp keys */
- if (cipherList == NULL) {
- if (SSL_CTX_set_cipher_list(ctx, "AES256-SHA256") != SSL_SUCCESS)
- err_sys("server can't set cipher list 3");
- }
-#endif
-
-#ifdef HAVE_SNI
- if (sniHostName)
- if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName,
- XSTRLEN(sniHostName)) != SSL_SUCCESS)
- err_sys("UseSNI failed");
-#endif
-
- ssl = SSL_new(ctx);
- if (ssl == NULL)
- err_sys("unable to get SSL");
-
-#ifdef HAVE_CRL
- CyaSSL_EnableCRL(ssl, 0);
- CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, CYASSL_CRL_MONITOR |
- CYASSL_CRL_START_MON);
- CyaSSL_SetCRL_Cb(ssl, CRL_CallBack);
-#endif
-#ifdef HAVE_OCSP
- if (useOcsp) {
- if (ocspUrl != NULL) {
- CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
- CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE
- | CYASSL_OCSP_URL_OVERRIDE);
- }
- else
- CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE);
- }
-#endif
-#ifdef HAVE_PK_CALLBACKS
- if (pkCallbacks)
- SetupPkCallbacks(ctx, ssl);
-#endif
-
- tcp_accept(&sockfd, &clientfd, (func_args*)args, port, useAnyAddr, doDTLS,
- 0);
- if (!doDTLS)
- CloseSocket(sockfd);
-
- SSL_set_fd(ssl, clientfd);
- if (usePsk == 0) {
- #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA)
- CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
- #elif !defined(NO_CERTS)
- SetDH(ssl); /* repick suites with DHE, higher priority than PSK */
- #endif
- }
-
-#ifndef CYASSL_CALLBACKS
- if (nonBlocking) {
- CyaSSL_set_using_nonblock(ssl, 1);
- tcp_set_nonblocking(&clientfd);
- NonBlockingSSL_Accept(ssl);
- } else if (SSL_accept(ssl) != SSL_SUCCESS) {
- int err = SSL_get_error(ssl, 0);
- char buffer[CYASSL_MAX_ERROR_SZ];
- printf("error = %d, %s\n", err, ERR_error_string(err, buffer));
- err_sys("SSL_accept failed");
- }
-#else
- NonBlockingSSL_Accept(ssl);
-#endif
- showPeer(ssl);
-
- idx = SSL_read(ssl, input, sizeof(input)-1);
- if (idx > 0) {
- input[idx] = 0;
- printf("Client message: %s\n", input);
-
- }
- else if (idx < 0) {
- int readErr = SSL_get_error(ssl, 0);
- if (readErr != SSL_ERROR_WANT_READ)
- err_sys("SSL_read failed");
- }
-
- if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
- err_sys("SSL_write failed");
-
- #if defined(CYASSL_MDK_SHELL) && defined(HAVE_MDK_RTX)
- os_dly_wait(500) ;
- #endif
-
- SSL_shutdown(ssl);
- SSL_free(ssl);
- SSL_CTX_free(ctx);
-
- CloseSocket(clientfd);
- ((func_args*)args)->return_code = 0;
-
-#ifdef USE_CYASSL_MEMORY
- if (trackMemory)
- ShowMemoryTracker();
-#endif /* USE_CYASSL_MEMORY */
-
- return 0;
-}
-
-
-/* so overall tests can pull in test function */
-#ifndef NO_MAIN_DRIVER
-
- int main(int argc, char** argv)
- {
- func_args args;
-
-#ifdef HAVE_CAVIUM
- int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
- if (ret != 0)
- err_sys("Cavium OpenNitroxDevice failed");
-#endif /* HAVE_CAVIUM */
-
- StartTCP();
-
- args.argc = argc;
- args.argv = argv;
-
- CyaSSL_Init();
-#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
- CyaSSL_Debugging_ON();
-#endif
- if (CurrentDir("server"))
- ChangeDirBack(2);
- else if (CurrentDir("Debug") || CurrentDir("Release"))
- ChangeDirBack(3);
-
-#ifdef HAVE_STACK_SIZE
- StackSizeCheck(&args, server_test);
-#else
- server_test(&args);
-#endif
- CyaSSL_Cleanup();
-
-#ifdef HAVE_CAVIUM
- CspShutdown(CAVIUM_DEV_ID);
-#endif
- return args.return_code;
- }
-
- int myoptind = 0;
- char* myoptarg = NULL;
-
-#endif /* NO_MAIN_DRIVER */
-
-
-#ifdef CYASSL_CALLBACKS
-
- int srvHandShakeCB(HandShakeInfo* info)
- {
- (void)info;
- return 0;
- }
-
-
- int srvTimeoutCB(TimeoutInfo* info)
- {
- (void)info;
- return 0;
- }
-
-#endif
-
diff --git a/IDE/MDK5-ARM/Projects/CyaSSL-Full/shell.c b/IDE/MDK5-ARM/Projects/CyaSSL-Full/shell.c
deleted file mode 100644
index 7103e5731..000000000
--- a/IDE/MDK5-ARM/Projects/CyaSSL-Full/shell.c
+++ /dev/null
@@ -1,657 +0,0 @@
-/*shell.c
- *
- * Copyright (C) 2006-2015 wolfSSL Inc.
- *
- * This file is part of wolfSSL. (formerly known as CyaSSL)
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
- */
-
- /*** tiny Shell for CyaSSL apps ***/
-
- #ifdef HAVE_CONFIG_H
- #include
-#endif
-
-#include "cyassl/internal.h"
-#undef RNG
-#include
-
-#if defined(CYASSL_MDK_ARM)
- #include
- #include
- #include
- #if defined(CYASSL_MDK5)
- #include "cmsis_os.h"
- #include "rl_fs.h"
- #else
- #include
- #endif
- #include "cyassl_MDK_ARM.h"
-#endif
-
-#ifdef CYASSL_KEIL_NET
-#include "cyassl/test.h"
-#else
-typedef struct func_args {
- int argc;
- char** argv;
- int return_code;
-} func_args;
-#endif
-
-#ifdef NO_ECHOCLIENT
-#define echoclient_test command_not_found
-#endif
-#ifdef NO_ECHOSERVER
-#define echoserver_test command_not_found
-#endif
-#ifdef NO_SIMPLE_CLIENT
-#define client_test command_not_found
-#endif
-#ifdef NO_SIMPLE_SERVER
-#define server_test command_not_found
-#endif
-#ifdef NO_CRYPT_BENCHMARK
-#define benchmark_test command_not_found
-#endif
-#ifdef NO_CRYPT_TEST
-#define ctaocrypt_test command_not_found
-#endif
-
-#ifndef CYASSL_KEIL_NET
-#define ipaddr_comm command_not_found
-#endif
-
-#if !defined(HAVE_KEIL_RTX)
-#define stack_comm command_not_found
-#endif
-
-
-#if !defined(DEBUG_CYASSL)
-#define dbg_comm command_not_found
-#endif
-
-
-void command_not_found(void *argv) {
- printf("Command not found\n") ;
-}
-
-extern void echoclient_test(void *args) ;
-extern void echoserver_test(void *args) ;
-extern void benchmark_test(void *args) ;
-extern void ctaocrypt_test(void *args) ;
-extern void client_test(void *args) ;
-extern void server_test(void *args) ;
-extern void kill_task(void *args) ;
-extern void ipaddr_comm(void *args) ;
-extern void stack_comm(void *args) ;
-extern void for_command(void *args) ;
-extern void dbg_comm(void *arg) ;
-extern void help_comm(void *arg) ;
-
-#if !defined(NO_CRYPT_TEST)
-
-#ifndef NO_MD5
-extern void md5_test(void *arg) ;
-#endif
-#ifdef CYASSL_MD2
-extern void md2_test(void *arg) ;
-#endif
-#ifndef NO_MD4
-extern void md4_test(void *arg) ;
-#endif
-
-extern void sha_test(void *arg) ;
-
-#ifndef NO_SHA256
-extern void sha256_test(void *arg) ;
-#endif
-#ifdef CYASSL_SHA384
-extern void sha384_test(void *arg) ;
-#endif
-
-#ifdef CYASSL_SHA512
-extern void sha512_test(void *arg) ;
-#endif
-
-#ifdef CYASSL_RIPEMD
-extern void ripemd_test(void *arg) ;
-#endif
-#ifndef NO_HMAC
- #ifndef NO_MD5
-extern void hmac_md5_test(void *arg) ;
- #endif
-extern void hmac_sha_test(void *arg) ;
-
- #ifndef NO_SHA256
-extern void hmac_sha256_test(void *arg) ;
- #endif
-
- #ifdef CYASSL_SHA384
-extern void hmac_sha384_test(void *arg) ;
- #endif
-#endif
-#ifndef NO_RC4
-extern void arc4_test(void *arg) ;
-#endif
-
-#ifndef NO_HC128
-extern void hc128_test(void *arg) ;
-#endif
-
-#ifndef NO_RABBIT
-extern void rabbit_test(void *arg) ;
-#endif
-
-#ifndef NO_DES3
-extern void des_test(void *arg) ;
-extern void des3_test(void *arg) ;
-#endif
-
-#ifndef NO_AES
-extern void aes_test(void *arg) ;
-#ifdef HAVE_AESGCM
-extern void aesgcm_test(void *arg) ;
-#endif
-
-#ifdef HAVE_AESCCM
-extern void aesccm_test(void *arg) ;
-#endif
-#endif
-
-#ifdef HAVE_CAMELLIA
-extern void camellia_test(void *arg) ;
-#endif
-extern void random_test(void *arg) ;
-
-#ifndef NO_RSA
-extern void rsa_test(void *arg) ;
-#endif
-
-#ifndef NO_DH
-extern void dh_test(void *arg) ;
-#endif
-
-#ifndef NO_DSA
-extern void dsa_test(void *arg) ;
-#endif
-
-#ifndef NO_PWDBASED
-extern void pwdbased_test(void *arg) ;
-#endif
-
-#ifdef OPENSSL_EXTRA
-extern void openssl_test(void *arg) ;
-#endif
-
-#ifdef HAVE_ECC
-extern void ecc_test(void *arg) ;
-#endif
-
-#endif /* NO_CRYPT_TEST */
-
-static struct {
- const char *command ;
- void (*func)(void *args) ;
-} commandTable[] = {
- "echoclient", echoclient_test,
- "echoserver", echoserver_test,
- "benchmark", benchmark_test,
- "test", ctaocrypt_test,
- "client", client_test,
- "server", server_test,
- "ipaddr", ipaddr_comm, /* TBD */
- "stack", stack_comm, /* On/Off check stack size */
- "for", for_command, /* iterate next command X times */
- "debug", dbg_comm, /* On/Off debug message */
- "help", help_comm, /* Breif description about the commands */
-
- /** short name **/
- "ec", echoclient_test,
- "es", echoserver_test,
- "bm", benchmark_test,
- "te", ctaocrypt_test,
- "cl", client_test,
- "sv", server_test,
- "ip", ipaddr_comm,
- "st", stack_comm,
- "dbg", dbg_comm,
- "?", help_comm,
-
-/*** test suites ****/
-#if !defined(NO_CRYPT_TEST)
-#ifndef NO_MD5
- "md5", md5_test,
-#endif
-#ifdef CYASSL_MD2
- "md2", md2_test,
-#endif
-#ifndef NO_MD4
- "md4", md4_test,
-#endif
- "sha", sha_test,
-#ifndef NO_SHA256
- "sha256", sha256_test,
-#endif
-#ifdef CYASSL_SHA384
- "sha384", sha384_test,
-#endif
-#ifdef CYASSL_SHA512
- "sha512", sha512_test,
-#endif
-#ifdef CYASSL_RIPEMD
- "ripemd", ripemd_test,
-#endif
-#ifndef NO_HMAC
- #ifndef NO_MD5
- "hmac_md5", hmac_md5_test,
- #endif
- "hmac_sha", hmac_sha_test,
- #ifndef NO_SHA256
- "hmac_sha256", hmac_sha256_test,
- #endif
- #ifdef CYASSL_SHA384
- "hmac_sha384", hmac_sha384_test,
- #endif
-#endif
-#ifndef NO_RC4
- "arc4", arc4_test,
-#endif
-#ifndef NO_HC128
- "hc128", hc128_test,
-#endif
-#ifndef NO_RABBIT
- "rabbit", rabbit_test,
-#endif
-#ifndef NO_DES3
- "des", des_test,
- "des3", des3_test,
-#endif
-#ifndef NO_AES
- "aes", aes_test,
- #ifdef HAVE_AESGCM
- "aesgcm", aesgcm_test,
- #endif
- #ifdef HAVE_AESCCM
- "aesccm", aesccm_test,
- #endif
-#endif
-
-#ifdef HAVE_CAMELLIA
- "camellia", camellia_test,
-#endif
- "random", random_test,
-#ifndef NO_RSA
- "rsa", rsa_test,
-#endif
-#ifndef NO_DH
- "dh", dh_test,
-#endif
-#ifndef NO_DSA
- "dsa", dsa_test,
-#endif
-#ifndef NO_PWDBASED
- "pwdbased", pwdbased_test,
-#endif
-#ifdef OPENSSL_EXTRA
- "openssl", openssl_test,
-#endif
-#ifdef HAVE_ECC
- "ecc", ecc_test,
-#endif
-
-#endif /* NO_CRYPT_TEST */
-
- "", NULL
-} ;
-
-enum jobtype { FORGROUND, BACKGROUND } ;
-
-#define IF_DELIMITER(ch) ((ch) == ' ' || (ch) == '\n')
-
-static int BackGround = 0 ; /* 1: background job is running */
-
-/******* Get Command Line *****************************/
-static int getline(char * line, int sz, func_args *args, int*bf_flg)
-{
- char * ret ;
- int i ;
-
- #define MAXARGS 10
- #define MAXARGLEN 30
- static char *argv[MAXARGS] ;
- args->argv = argv ;
-
- putchar('>') ;
- fflush(stdout) ;
- ret = fgets(line, sz, stdin) ;
-
- #define SHELL_ERROR_FGETS -102
- if(ret != line) return(SHELL_ERROR_FGETS) ;
-
- if(line[strlen(line)-2] == '&') {
- (*bf_flg) = BACKGROUND ;
- line[strlen(line)-2] = '\n' ;
- } else {
- (*bf_flg) = FORGROUND ;
- }
- args->argc = 0 ;
- for(i=0; iargv[args->argc] = &(line[i]) ;
- while(!IF_DELIMITER(line[i])) i++ ;
- args->argc++ ;
- if(line[i] == '\n') {
- line[i] = '\0' ;
- break ;
- } else {
- line[i] = '\0' ;
- }
- }
- return i ;
-}
-
-
-/************* Embedded Shell Commands **********************************/
-#define IP_SIZE 16
-
-#ifdef CYASSL_KEIL_NET
-static void ipaddr_comm(void *args)
-{
- if(((func_args *)args)->argc == 1) {
- printf("IP addr: %s, port %d\n", yasslIP, yasslPort) ;
- } else {
- if(BackGround != 0) {
- printf("Cannot change IP addr while background server is running\n") ;
- } else if(((func_args *)args)->argc == 3 &&
- ((func_args *)args)->argv[1][0] == '-'&&
- ((func_args *)args)->argv[1][1] == 'a' ) {
-/* strcpy(yasslIP, ((func_args *)args)->argv[2]) ; */
- } else if(((func_args *)args)->argc == 3 &&
- ((func_args *)args)->argv[1][0] == '-' &&
- ((func_args *)args)->argv[1][1] == 'p' ) {
-/* yasslPort = atoi(((func_args *)args)->argv[2]) ; */
- } else printf("Invalid argument\n") ;
- }
-}
-
-#endif
-
-
-
-#if defined(HAVE_KEIL_RTX)
-static int stack_ck = 0 ;
-
-void stack_comm(void *args)
-{
- if(stack_ck) {
- printf("Stack Check: Off\n") ;
- stack_ck = 0 ;
- } else {
- printf("Stack Check: On\n") ;
- stack_ck = 1 ;
- }
-}
-
-#define FILL_PATTERN 0xa596695a
-void stack_fill(char * stack, int size)
-{
- int i ;
-
- if(stack_ck == 0)return ;
- for(i=1; iargc == 1) {
- printf("For %d times\n", for_iteration) ;
- } else if( args == NULL || ((func_args *)args)->argc == 2) {
- for_iteration = atoi(((func_args *)args)->argv[1]) ;
- } else printf("Invalid argument\n") ;
-}
-
-
-#if defined(DEBUG_CYASSL)
-
-static int CyasslDebug = 1 ;
-
-static void dbg_comm(void *args)
-{
- if(CyasslDebug == 1) {
- CyasslDebug = 0 ;
- printf("Turning OFF Debug message\n") ;
- CyaSSL_Debugging_OFF() ;
- } else {
- CyasslDebug = 1 ;
- printf("Turning ON Debug message\n") ;
- CyaSSL_Debugging_ON() ;
- }
-}
-#endif
-
-static void help_comm(void *args)
-{
- static char *commands[] = {
- "test",
- "benchmark",
- "echoserver& : simple echo server in background mode",
- "echoclient : simple echo client followed by any input string, or \"quit\", \"break\"",
- "server& : simple server in background mode",
- "client : simple client",
- "client -g -v [0123] -h xxx.xxx.xxx.xxx -p 443 : usage example",
- "server/client -h : help for server/client command",
- "help",
- ""
- } ;
-
- int i ;
- printf("Commands:\n") ;
- for(i=0; commands[i][0] ; i++)
- printf(" %s\n", commands[i]) ;
-
-}
-
-
-
-#define BG_JOB_STACK_SIZE 8000
-#if (!defined(NO_SIMPLE_SERVER) && !defined(NO_ECHOSERVER)) && \
- defined(HAVE_KEIL_RTX)
-#if !defined(CYASSL_CMSIS_RTOS)
-static char bg_job_stack[BG_JOB_STACK_SIZE] ;
-#endif
-
-#endif
-
-#define COMMAND_STACK_SIZE 10000
-#if defined(HAVE_KEIL_RTX) && !defined(CYASSL_CMSIS_RTOS)
-static char command_stack[COMMAND_STACK_SIZE] ;
-#endif
-
-
-#ifdef HAVE_KEIL_RTX
-static CyaSSL_Mutex command_mutex ;
-#endif
-
-void exit_command(void) {
- printf("Command Aborted\n") ;
- #ifdef CYASSL_CMSIS_RTOS
- osThreadTerminate(osThreadGetId()) ;
- #else
- os_tsk_delete_self() ;
- #endif
-}
-
-
-/*********** Invoke Forground Command *********************/
-static void command_invoke(void const *args)
-{
- void (*func)(void const * ) ;
- int i,iteration ;
-
- func = (void(*)(void const *))((func_args *)args)->argv[0] ;
- #ifdef HAVE_KEIL_RTX
- LockMutex((CyaSSL_Mutex *)&command_mutex) ;
- #endif
- iteration = for_iteration ;
- for(i=0; i< iteration; i++) {
- if(iteration > 1) printf("--- Start for %d ---->\n", i) ;
- #if defined(HAVE_KEIL_RTX) && !defined(CYASSL_CMSIS_RTOS)
- stack_fill(command_stack, COMMAND_STACK_SIZE) ;
- #endif
-
- func(args) ; /* invoke command */
-
- #if defined(HAVE_KEIL_RTX)&& !defined(CYASSL_CMSIS_RTOS)
- stack_check(command_stack, COMMAND_STACK_SIZE) ;
- #endif
- }
-
- if(iteration > 1)
- for_iteration = 1 ;
- osDelay(20000) ;
- #ifdef HAVE_KEIL_RTX
- UnLockMutex((CyaSSL_Mutex *)&command_mutex) ;
- #ifdef CYASSL_CMSIS_RTOS
- osThreadTerminate(osThreadGetId()) ;
- #else
- os_tsk_delete_self() ;
- #endif
- #endif
-}
-
-#if defined(HAVE_KEIL_RTX)
-/******* Invoke Background Job *******************************/
-static void bg_job_invoke(void const *args)
-{
- void (*func)(void const * ) ;
- BackGround = 1 ;
- #if defined(HAVE_KEIL_RTX)&& !defined(CYASSL_CMSIS_RTOS)
- stack_fill(bg_job_stack, BG_JOB_STACK_SIZE) ;
- #endif
-
- func = (void(*)(void const *))((func_args *)args)->argv[0] ;
- func(args) ; /* invoke command */
- #if defined(HAVE_KEIL_RTX) && !defined(CYASSL_CMSIS_RTOS)
- stack_check(bg_job_stack, BG_JOB_STACK_SIZE) ;
- #endif
-
- osDelay(20000) ;
- BackGround = 0 ;
-
- #ifdef CYASSL_CMSIS_RTOS
- osThreadTerminate(osThreadGetId()) ;
- #else
- os_tsk_delete_self() ; ;
- #endif
-}
-#endif
-
-#define LINESIZE 100
-static char line[LINESIZE] ;
-
-#if defined(CYASSL_CMSIS_RTOS)
- osThreadDef (command_invoke, osPriorityAboveNormal , 1, COMMAND_STACK_SIZE) ;
- osThreadDef (bg_job_invoke, osPriorityNormal , 1 , BG_JOB_STACK_SIZE) ;
-#endif
-/********* SHEULL MAIN LOOP ***********************************/
-void shell_main(void *arg) {
- int i ;
- func_args args ;
- int bf_flg ;
-
- i = BackGround ;
- /* Dummy for avoiding warning: BackGround is defined but not used. */
-
- #if defined(HAVE_KEIL_RTX)
- InitMutex(&command_mutex) ;
-#endif
- help_comm(NULL) ;
-
- printf("Starting Shell\n") ;
- while(1) {
- if(getline(line, LINESIZE, &args, &bf_flg) > 0) {
- for(i=0; commandTable[i].func != NULL; i++) {
- if(strcmp(commandTable[i].command, args.argv[0]) == 0) {
- args.argv[0] = (char *) commandTable[i].func ;
- if(bf_flg == FORGROUND) {
- #if defined(HAVE_KEIL_RTX) && !defined(CYASSL_CMSIS_RTOS)
- UnLockMutex((CyaSSL_Mutex *)&command_mutex) ;
- os_tsk_create_user_ex( (void(*)(void *))&command_invoke, 7,
- command_stack, COMMAND_STACK_SIZE, &args) ;
- #else
- #if defined(CYASSL_CMSIS_RTOS)
- UnLockMutex((CyaSSL_Mutex *)&command_mutex) ;
- osThreadCreate (osThread (command_invoke) , &args);
- #else
- command_invoke(&args) ;
- #endif
- #endif
- #ifdef HAVE_KEIL_RTX
- LockMutex((CyaSSL_Mutex *)&command_mutex) ;
- #endif
- } else {
- #if (!defined(NO_SIMPLE_SERVER) && \
- !defined(NO_ECHOSERVER)) && \
- defined(HAVE_KEIL_RTX)
- if(BackGround != 0) {
- printf("Multiple background servers not supported.\n") ;
- } else {
- printf("\"%s\" is running with the background mode.\n",
- commandTable[i].command) ;
- #if defined(HAVE_KEIL_RTX) && !defined(CYASSL_CMSIS_RTOS)
- os_tsk_create_user_ex( (void(*)(void *))&bg_job_invoke,
- 6, bg_job_stack, BG_JOB_STACK_SIZE, &args) ;
- #else
- osThreadCreate (osThread (bg_job_invoke), &args);
- osDelay (500) ;
- #endif
- }
- #else
- printf("Invalid Command: no background job\n") ;
- #endif
- }
- break ;
- }
- }
- if(commandTable[i].func == NULL)
- printf("Command not found\n") ;
- }
- }
-}
-
diff --git a/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c b/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c
deleted file mode 100644
index 751cfdf85..000000000
--- a/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c
+++ /dev/null
@@ -1,4758 +0,0 @@
-/* test.c
- *
- * Copyright (C) 2006-2015 wolfSSL Inc.
- *
- * This file is part of wolfSSL. (formerly known as CyaSSL)
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
- */
-
-#ifdef HAVE_CONFIG_H
- #include
-#endif
-
-#include
-
-#ifdef XMALLOC_USER
- #include /* we're using malloc / free direct here */
-#endif
-
-#ifndef NO_CRYPT_TEST
-
-#ifdef CYASSL_TEST_CERT
- #include
-#else
- #include
-#endif
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#ifdef HAVE_ECC
- #include
-#endif
-#ifdef HAVE_BLAKE2
- #include
-#endif
-#ifdef HAVE_LIBZ
- #include
-#endif
-#ifdef HAVE_PKCS7
- #include
-#endif
-
-#ifdef _MSC_VER
- /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
- #pragma warning(disable: 4996)
-#endif
-
-#ifdef OPENSSL_EXTRA
- #include
- #include
- #include
- #include
-#endif
-
-
-#if defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048)
- /* include test cert and key buffers for use with NO_FILESYSTEM */
- #if defined(CYASSL_MDK_ARM)
- #include "cert_data.h"
- /* use certs_test.c for initial data, so other
- commands can share the data. */
- #else
- #include
- #endif
-#endif
-
-#if defined(CYASSL_MDK_ARM)
- #include
- #include
- extern FILE * CyaSSL_fopen(const char *fname, const char *mode) ;
- #define fopen CyaSSL_fopen
-#endif
-
-#ifdef HAVE_NTRU
- #include "crypto_ntru.h"
-#endif
-#ifdef HAVE_CAVIUM
- #include "cavium_sysdep.h"
- #include "cavium_common.h"
- #include "cavium_ioctl.h"
-#endif
-
-#ifdef FREESCALE_MQX
- #include
- #include
- #include
-#else
- #include
-#endif
-
-
-#ifdef THREADX
- /* since just testing, use THREADX log printf instead */
- int dc_log_printf(char*, ...);
- #undef printf
- #define printf dc_log_printf
-#endif
-
-#include "ctaocrypt/test/test.h"
-
-
-typedef struct testVector {
- const char* input;
- const char* output;
- size_t inLen;
- size_t outLen;
-} testVector;
-
-int md2_test(void);
-int md5_test(void);
-int md4_test(void);
-int sha_test(void);
-int sha256_test(void);
-int sha512_test(void);
-int sha384_test(void);
-int hmac_md5_test(void);
-int hmac_sha_test(void);
-int hmac_sha256_test(void);
-int hmac_sha384_test(void);
-int hmac_sha512_test(void);
-int hmac_blake2b_test(void);
-int hkdf_test(void);
-int arc4_test(void);
-int hc128_test(void);
-int rabbit_test(void);
-int des_test(void);
-int des3_test(void);
-int aes_test(void);
-int aesgcm_test(void);
-int gmac_test(void);
-int aesccm_test(void);
-int camellia_test(void);
-int rsa_test(void);
-int dh_test(void);
-int dsa_test(void);
-int random_test(void);
-int pwdbased_test(void);
-int ripemd_test(void);
-int openssl_test(void); /* test mini api */
-int pbkdf1_test(void);
-int pkcs12_test(void);
-int pbkdf2_test(void);
-#ifdef HAVE_ECC
- int ecc_test(void);
- #ifdef HAVE_ECC_ENCRYPT
- int ecc_encrypt_test(void);
- #endif
-#endif
-#ifdef HAVE_BLAKE2
- int blake2b_test(void);
-#endif
-#ifdef HAVE_LIBZ
- int compress_test(void);
-#endif
-#ifdef HAVE_PKCS7
- int pkcs7enveloped_test(void);
- int pkcs7signed_test(void);
-#endif
-
-
-
-static void err_sys(const char* msg, int es)
-{
- printf("%s error = %d\n", msg, es);
- #if !defined(THREADX) && !defined(CYASSL_MDK_ARM)
- if (msg)
- exit(es);
- #endif
- return;
-}
-
-/* func_args from test.h, so don't have to pull in other junk */
-typedef struct func_args {
- int argc;
- char** argv;
- int return_code;
-} func_args;
-
-
-
-void ctaocrypt_test(void* args)
-{
- int ret = 0;
-
- ((func_args*)args)->return_code = -1; /* error state */
-
-#if !defined(NO_BIG_INT)
- if (CheckCtcSettings() != 1)
- err_sys("Build vs runtime math mismatch\n", -1234);
-
-#ifdef USE_FAST_MATH
- if (CheckFastMathSettings() != 1)
- err_sys("Build vs runtime fastmath FP_MAX_BITS mismatch\n", -1235);
-#endif /* USE_FAST_MATH */
-#endif /* !NO_BIG_INT */
-
-
-#ifndef NO_MD5
- if ( (ret = md5_test()) != 0)
- err_sys("MD5 test failed!\n", ret);
- else
- printf( "MD5 test passed!\n");
-#endif
-
-#ifdef CYASSL_MD2
- if ( (ret = md2_test()) != 0)
- err_sys("MD2 test failed!\n", ret);
- else
- printf( "MD2 test passed!\n");
-#endif
-
-#ifndef NO_MD4
- if ( (ret = md4_test()) != 0)
- err_sys("MD4 test failed!\n", ret);
- else
- printf( "MD4 test passed!\n");
-#endif
-
-#ifndef NO_SHA
- if ( (ret = sha_test()) != 0)
- err_sys("SHA test failed!\n", ret);
- else
- printf( "SHA test passed!\n");
-#endif
-
-#ifndef NO_SHA256
- if ( (ret = sha256_test()) != 0)
- err_sys("SHA-256 test failed!\n", ret);
- else
- printf( "SHA-256 test passed!\n");
-#endif
-
-#ifdef CYASSL_SHA384
- if ( (ret = sha384_test()) != 0)
- err_sys("SHA-384 test failed!\n", ret);
- else
- printf( "SHA-384 test passed!\n");
-#endif
-
-#ifdef CYASSL_SHA512
- if ( (ret = sha512_test()) != 0)
- err_sys("SHA-512 test failed!\n", ret);
- else
- printf( "SHA-512 test passed!\n");
-#endif
-
-#ifdef CYASSL_RIPEMD
- if ( (ret = ripemd_test()) != 0)
- err_sys("RIPEMD test failed!\n", ret);
- else
- printf( "RIPEMD test passed!\n");
-#endif
-
-#ifdef HAVE_BLAKE2
- if ( (ret = blake2b_test()) != 0)
- err_sys("BLAKE2b test failed!\n", ret);
- else
- printf( "BLAKE2b test passed!\n");
-#endif
-
-#ifndef NO_HMAC
- #ifndef NO_MD5
- if ( (ret = hmac_md5_test()) != 0)
- err_sys("HMAC-MD5 test failed!\n", ret);
- else
- printf( "HMAC-MD5 test passed!\n");
- #endif
-
- #ifndef NO_SHA
- if ( (ret = hmac_sha_test()) != 0)
- err_sys("HMAC-SHA test failed!\n", ret);
- else
- printf( "HMAC-SHA test passed!\n");
- #endif
-
- #ifndef NO_SHA256
- if ( (ret = hmac_sha256_test()) != 0)
- err_sys("HMAC-SHA256 test failed!\n", ret);
- else
- printf( "HMAC-SHA256 test passed!\n");
- #endif
-
- #ifdef CYASSL_SHA384
- if ( (ret = hmac_sha384_test()) != 0)
- err_sys("HMAC-SHA384 test failed!\n", ret);
- else
- printf( "HMAC-SHA384 test passed!\n");
- #endif
-
- #ifdef CYASSL_SHA512
- if ( (ret = hmac_sha512_test()) != 0)
- err_sys("HMAC-SHA512 test failed!\n", ret);
- else
- printf( "HMAC-SHA512 test passed!\n");
- #endif
-
- #ifdef HAVE_BLAKE2
- if ( (ret = hmac_blake2b_test()) != 0)
- err_sys("HMAC-BLAKE2 test failed!\n", ret);
- else
- printf( "HMAC-BLAKE2 test passed!\n");
- #endif
-
- #ifdef HAVE_HKDF
- if ( (ret = hkdf_test()) != 0)
- err_sys("HMAC-KDF test failed!\n", ret);
- else
- printf( "HMAC-KDF test passed!\n");
- #endif
-
-#endif
-
-#ifdef HAVE_AESGCM
- if ( (ret = gmac_test()) != 0)
- err_sys("GMAC test passed!\n", ret);
- else
- printf( "GMAC test passed!\n");
-#endif
-
-#ifndef NO_RC4
- if ( (ret = arc4_test()) != 0)
- err_sys("ARC4 test failed!\n", ret);
- else
- printf( "ARC4 test passed!\n");
-#endif
-
-#ifndef NO_HC128
- if ( (ret = hc128_test()) != 0)
- err_sys("HC-128 test failed!\n", ret);
- else
- printf( "HC-128 test passed!\n");
-#endif
-
-#ifndef NO_RABBIT
- if ( (ret = rabbit_test()) != 0)
- err_sys("Rabbit test failed!\n", ret);
- else
- printf( "Rabbit test passed!\n");
-#endif
-
-#ifndef NO_DES3
- if ( (ret = des_test()) != 0)
- err_sys("DES test failed!\n", ret);
- else
- printf( "DES test passed!\n");
-#endif
-
-#ifndef NO_DES3
- if ( (ret = des3_test()) != 0)
- err_sys("DES3 test failed!\n", ret);
- else
- printf( "DES3 test passed!\n");
-#endif
-
-#ifndef NO_AES
- if ( (ret = aes_test()) != 0)
- err_sys("AES test failed!\n", ret);
- else
- printf( "AES test passed!\n");
-
-#ifdef HAVE_AESGCM
- if ( (ret = aesgcm_test()) != 0)
- err_sys("AES-GCM test failed!\n", ret);
- else
- printf( "AES-GCM test passed!\n");
-#endif
-
-#ifdef HAVE_AESCCM
- if ( (ret = aesccm_test()) != 0)
- err_sys("AES-CCM test failed!\n", ret);
- else
- printf( "AES-CCM test passed!\n");
-#endif
-#endif
-
-#ifdef HAVE_CAMELLIA
- if ( (ret = camellia_test()) != 0)
- err_sys("CAMELLIA test failed!\n", ret);
- else
- printf( "CAMELLIA test passed!\n");
-#endif
-
- if ( (ret = random_test()) != 0)
- err_sys("RANDOM test failed!\n", ret);
- else
- printf( "RANDOM test passed!\n");
-
-#ifndef NO_RSA
- if ( (ret = rsa_test()) != 0)
- err_sys("RSA test failed!\n", ret);
- else
- printf( "RSA test passed!\n");
-#endif
-
-#ifndef NO_DH
- if ( (ret = dh_test()) != 0)
- err_sys("DH test failed!\n", ret);
- else
- printf( "DH test passed!\n");
-#endif
-
-#ifndef NO_DSA
- if ( (ret = dsa_test()) != 0)
- err_sys("DSA test failed!\n", ret);
- else
- printf( "DSA test passed!\n");
-#endif
-
-#ifndef NO_PWDBASED
- if ( (ret = pwdbased_test()) != 0)
- err_sys("PWDBASED test failed!\n", ret);
- else
- printf( "PWDBASED test passed!\n");
-#endif
-
-#ifdef OPENSSL_EXTRA
- if ( (ret = openssl_test()) != 0)
- err_sys("OPENSSL test failed!\n", ret);
- else
- printf( "OPENSSL test passed!\n");
-#endif
-
-#ifdef HAVE_ECC
- if ( (ret = ecc_test()) != 0)
- err_sys("ECC test failed!\n", ret);
- else
- printf( "ECC test passed!\n");
- #ifdef HAVE_ECC_ENCRYPT
- if ( (ret = ecc_encrypt_test()) != 0)
- err_sys("ECC Enc test failed!\n", ret);
- else
- printf( "ECC Enc test passed!\n");
- #endif
-#endif
-
-#ifdef HAVE_LIBZ
- if ( (ret = compress_test()) != 0)
- err_sys("COMPRESS test failed!\n", ret);
- else
- printf( "COMPRESS test passed!\n");
-#endif
-
-#ifdef HAVE_PKCS7
- if ( (ret = pkcs7enveloped_test()) != 0)
- err_sys("PKCS7enveloped test failed!\n", ret);
- else
- printf( "PKCS7enveloped test passed!\n");
-
- if ( (ret = pkcs7signed_test()) != 0)
- err_sys("PKCS7signed test failed!\n", ret);
- else
- printf( "PKCS7signed test passed!\n");
-#endif
-
- ((func_args*)args)->return_code = ret;
-}
-
-
-#ifndef NO_MAIN_DRIVER
-
-#ifdef HAVE_CAVIUM
-
-static int OpenNitroxDevice(int dma_mode,int dev_id)
-{
- Csp1CoreAssignment core_assign;
- Uint32 device;
-
- if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID))
- return -1;
- if (Csp1GetDevType(&device))
- return -1;
- if (device != NPX_DEVICE) {
- if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT,
- (Uint32 *)&core_assign)!= 0)
- return -1;
- }
- CspShutdown(CAVIUM_DEV_ID);
-
- return CspInitialize(dma_mode, dev_id);
-}
-
-#endif /* HAVE_CAVIUM */
-
- /* so overall tests can pull in test function */
-
- int main(int argc, char** argv)
- {
-
- func_args args;
-
-
-#ifdef HAVE_CAVIUM
- int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
- if (ret != 0)
- err_sys("Cavium OpenNitroxDevice failed", -1236);
-#endif /* HAVE_CAVIUM */
-
- args.argc = argc;
- args.argv = argv;
-
- ctaocrypt_test(&args);
-
-#ifdef HAVE_CAVIUM
- CspShutdown(CAVIUM_DEV_ID);
-#endif
-
- return args.return_code;
- }
-
-#endif /* NO_MAIN_DRIVER */
-
-
-#ifdef CYASSL_MD2
-int md2_test()
-{
- Md2 md2;
- byte hash[MD2_DIGEST_SIZE];
-
- testVector a, b, c, d, e, f, g;
- testVector test_md2[7];
- int times = sizeof(test_md2) / sizeof(testVector), i;
-
- a.input = "";
- a.output = "\x83\x50\xe5\xa3\xe2\x4c\x15\x3d\xf2\x27\x5c\x9f\x80\x69"
- "\x27\x73";
- a.inLen = strlen(a.input);
- a.outLen = MD2_DIGEST_SIZE;
-
- b.input = "a";
- b.output = "\x32\xec\x01\xec\x4a\x6d\xac\x72\xc0\xab\x96\xfb\x34\xc0"
- "\xb5\xd1";
- b.inLen = strlen(b.input);
- b.outLen = MD2_DIGEST_SIZE;
-
- c.input = "abc";
- c.output = "\xda\x85\x3b\x0d\x3f\x88\xd9\x9b\x30\x28\x3a\x69\xe6\xde"
- "\xd6\xbb";
- c.inLen = strlen(c.input);
- c.outLen = MD2_DIGEST_SIZE;
-
- d.input = "message digest";
- d.output = "\xab\x4f\x49\x6b\xfb\x2a\x53\x0b\x21\x9f\xf3\x30\x31\xfe"
- "\x06\xb0";
- d.inLen = strlen(d.input);
- d.outLen = MD2_DIGEST_SIZE;
-
- e.input = "abcdefghijklmnopqrstuvwxyz";
- e.output = "\x4e\x8d\xdf\xf3\x65\x02\x92\xab\x5a\x41\x08\xc3\xaa\x47"
- "\x94\x0b";
- e.inLen = strlen(e.input);
- e.outLen = MD2_DIGEST_SIZE;
-
- f.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345"
- "6789";
- f.output = "\xda\x33\xde\xf2\xa4\x2d\xf1\x39\x75\x35\x28\x46\xc3\x03"
- "\x38\xcd";
- f.inLen = strlen(f.input);
- f.outLen = MD2_DIGEST_SIZE;
-
- g.input = "1234567890123456789012345678901234567890123456789012345678"
- "9012345678901234567890";
- g.output = "\xd5\x97\x6f\x79\xd8\x3d\x3a\x0d\xc9\x80\x6c\x3c\x66\xf3"
- "\xef\xd8";
- g.inLen = strlen(g.input);
- g.outLen = MD2_DIGEST_SIZE;
-
- test_md2[0] = a;
- test_md2[1] = b;
- test_md2[2] = c;
- test_md2[3] = d;
- test_md2[4] = e;
- test_md2[5] = f;
- test_md2[6] = g;
-
- InitMd2(&md2);
-
- for (i = 0; i < times; ++i) {
- Md2Update(&md2, (byte*)test_md2[i].input, (word32)test_md2[i].inLen);
- Md2Final(&md2, hash);
-
- if (memcmp(hash, test_md2[i].output, MD2_DIGEST_SIZE) != 0)
- return -155 - i;
- }
-
- return 0;
-}
-#endif
-
-#ifndef NO_MD5
-int md5_test(void)
-{
- Md5 md5;
- byte hash[MD5_DIGEST_SIZE];
-
- testVector a, b, c, d, e;
- testVector test_md5[5];
- int times = sizeof(test_md5) / sizeof(testVector), i;
-
- a.input = "abc";
- a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f"
- "\x72";
- a.inLen = strlen(a.input);
- a.outLen = MD5_DIGEST_SIZE;
-
- b.input = "message digest";
- b.output = "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61"
- "\xd0";
- b.inLen = strlen(b.input);
- b.outLen = MD5_DIGEST_SIZE;
-
- c.input = "abcdefghijklmnopqrstuvwxyz";
- c.output = "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00\x7d\xfb\x49\x6c\xca\x67\xe1"
- "\x3b";
- c.inLen = strlen(c.input);
- c.outLen = MD5_DIGEST_SIZE;
-
- d.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345"
- "6789";
- d.output = "\xd1\x74\xab\x98\xd2\x77\xd9\xf5\xa5\x61\x1c\x2c\x9f\x41\x9d"
- "\x9f";
- d.inLen = strlen(d.input);
- d.outLen = MD5_DIGEST_SIZE;
-
- e.input = "1234567890123456789012345678901234567890123456789012345678"
- "9012345678901234567890";
- e.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6"
- "\x7a";
- e.inLen = strlen(e.input);
- e.outLen = MD5_DIGEST_SIZE;
-
- test_md5[0] = a;
- test_md5[1] = b;
- test_md5[2] = c;
- test_md5[3] = d;
- test_md5[4] = e;
-
- InitMd5(&md5);
-
- for (i = 0; i < times; ++i) {
- Md5Update(&md5, (byte*)test_md5[i].input, (word32)test_md5[i].inLen);
- Md5Final(&md5, hash);
-
- if (memcmp(hash, test_md5[i].output, MD5_DIGEST_SIZE) != 0)
- return -5 - i;
- }
-
- return 0;
-}
-#endif /* NO_MD5 */
-
-
-#ifndef NO_MD4
-
-int md4_test(void)
-{
- Md4 md4;
- byte hash[MD4_DIGEST_SIZE];
-
- testVector a, b, c, d, e, f, g;
- testVector test_md4[7];
- int times = sizeof(test_md4) / sizeof(testVector), i;
-
- a.input = "";
- a.output = "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31\xb7\x3c\x59\xd7\xe0\xc0\x89"
- "\xc0";
- a.inLen = strlen(a.input);
- a.outLen = MD4_DIGEST_SIZE;
-
- b.input = "a";
- b.output = "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb"
- "\x24";
- b.inLen = strlen(b.input);
- b.outLen = MD4_DIGEST_SIZE;
-
- c.input = "abc";
- c.output = "\xa4\x48\x01\x7a\xaf\x21\xd8\x52\x5f\xc1\x0a\xe8\x7a\xa6\x72"
- "\x9d";
- c.inLen = strlen(c.input);
- c.outLen = MD4_DIGEST_SIZE;
-
- d.input = "message digest";
- d.output = "\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01"
- "\x4b";
- d.inLen = strlen(d.input);
- d.outLen = MD4_DIGEST_SIZE;
-
- e.input = "abcdefghijklmnopqrstuvwxyz";
- e.output = "\xd7\x9e\x1c\x30\x8a\xa5\xbb\xcd\xee\xa8\xed\x63\xdf\x41\x2d"
- "\xa9";
- e.inLen = strlen(e.input);
- e.outLen = MD4_DIGEST_SIZE;
-
- f.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345"
- "6789";
- f.output = "\x04\x3f\x85\x82\xf2\x41\xdb\x35\x1c\xe6\x27\xe1\x53\xe7\xf0"
- "\xe4";
- f.inLen = strlen(f.input);
- f.outLen = MD4_DIGEST_SIZE;
-
- g.input = "1234567890123456789012345678901234567890123456789012345678"
- "9012345678901234567890";
- g.output = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f\xcc\x05"
- "\x36";
- g.inLen = strlen(g.input);
- g.outLen = MD4_DIGEST_SIZE;
-
- test_md4[0] = a;
- test_md4[1] = b;
- test_md4[2] = c;
- test_md4[3] = d;
- test_md4[4] = e;
- test_md4[5] = f;
- test_md4[6] = g;
-
- InitMd4(&md4);
-
- for (i = 0; i < times; ++i) {
- Md4Update(&md4, (byte*)test_md4[i].input, (word32)test_md4[i].inLen);
- Md4Final(&md4, hash);
-
- if (memcmp(hash, test_md4[i].output, MD4_DIGEST_SIZE) != 0)
- return -205 - i;
- }
-
- return 0;
-}
-
-#endif /* NO_MD4 */
-
-#ifndef NO_SHA
-
-int sha_test(void)
-{
- Sha sha;
- byte hash[SHA_DIGEST_SIZE];
-
- testVector a, b, c, d;
- testVector test_sha[4];
- int ret;
- int times = sizeof(test_sha) / sizeof(struct testVector), i;
-
- a.input = "abc";
- a.output = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2"
- "\x6C\x9C\xD0\xD8\x9D";
- a.inLen = strlen(a.input);
- a.outLen = SHA_DIGEST_SIZE;
-
- b.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
- b.output = "\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29"
- "\xE5\xE5\x46\x70\xF1";
- b.inLen = strlen(b.input);
- b.outLen = SHA_DIGEST_SIZE;
-
- c.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
- "aaaaaa";
- c.output = "\x00\x98\xBA\x82\x4B\x5C\x16\x42\x7B\xD7\xA1\x12\x2A\x5A\x44"
- "\x2A\x25\xEC\x64\x4D";
- c.inLen = strlen(c.input);
- c.outLen = SHA_DIGEST_SIZE;
-
- d.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
- "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
- "aaaaaaaaaa";
- d.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7"
- "\x53\x99\x5E\x26\xA0";
- d.inLen = strlen(d.input);
- d.outLen = SHA_DIGEST_SIZE;
-
- test_sha[0] = a;
- test_sha[1] = b;
- test_sha[2] = c;
- test_sha[3] = d;
-
- ret = InitSha(&sha);
- if (ret != 0)
- return -4001;
-
- for (i = 0; i < times; ++i) {
- ShaUpdate(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen);
- ShaFinal(&sha, hash);
-
- if (memcmp(hash, test_sha[i].output, SHA_DIGEST_SIZE) != 0)
- return -10 - i;
- }
-
- return 0;
-}
-
-#endif /* NO_SHA */
-
-#ifdef CYASSL_RIPEMD
-int ripemd_test(void)
-{
- RipeMd ripemd;
- byte hash[RIPEMD_DIGEST_SIZE];
-
- testVector a, b, c, d;
- testVector test_ripemd[4];
- int times = sizeof(test_ripemd) / sizeof(struct testVector), i;
-
- a.input = "abc";
- a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6"
- "\xb0\x87\xf1\x5a\x0b\xfc";
- a.inLen = strlen(a.input);
- a.outLen = RIPEMD_DIGEST_SIZE;
-
- b.input = "message digest";
- b.output = "\x5d\x06\x89\xef\x49\xd2\xfa\xe5\x72\xb8\x81\xb1\x23\xa8"
- "\x5f\xfa\x21\x59\x5f\x36";
- b.inLen = strlen(b.input);
- b.outLen = RIPEMD_DIGEST_SIZE;
-
- c.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
- c.output = "\x12\xa0\x53\x38\x4a\x9c\x0c\x88\xe4\x05\xa0\x6c\x27\xdc"
- "\xf4\x9a\xda\x62\xeb\x2b";
- c.inLen = strlen(c.input);
- c.outLen = RIPEMD_DIGEST_SIZE;
-
- d.input = "12345678901234567890123456789012345678901234567890123456"
- "789012345678901234567890";
- d.output = "\x9b\x75\x2e\x45\x57\x3d\x4b\x39\xf4\xdb\xd3\x32\x3c\xab"
- "\x82\xbf\x63\x32\x6b\xfb";
- d.inLen = strlen(d.input);
- d.outLen = RIPEMD_DIGEST_SIZE;
-
- test_ripemd[0] = a;
- test_ripemd[1] = b;
- test_ripemd[2] = c;
- test_ripemd[3] = d;
-
- InitRipeMd(&ripemd);
-
- for (i = 0; i < times; ++i) {
- RipeMdUpdate(&ripemd, (byte*)test_ripemd[i].input,
- (word32)test_ripemd[i].inLen);
- RipeMdFinal(&ripemd, hash);
-
- if (memcmp(hash, test_ripemd[i].output, RIPEMD_DIGEST_SIZE) != 0)
- return -10 - i;
- }
-
- return 0;
-}
-#endif /* CYASSL_RIPEMD */
-
-
-#ifdef HAVE_BLAKE2
-
-
-#define BLAKE2_TESTS 3
-
-static const byte blake2b_vec[BLAKE2_TESTS][BLAKE2B_OUTBYTES] =
-{
- {
- 0x78, 0x6A, 0x02, 0xF7, 0x42, 0x01, 0x59, 0x03,
- 0xC6, 0xC6, 0xFD, 0x85, 0x25, 0x52, 0xD2, 0x72,
- 0x91, 0x2F, 0x47, 0x40, 0xE1, 0x58, 0x47, 0x61,
- 0x8A, 0x86, 0xE2, 0x17, 0xF7, 0x1F, 0x54, 0x19,
- 0xD2, 0x5E, 0x10, 0x31, 0xAF, 0xEE, 0x58, 0x53,
- 0x13, 0x89, 0x64, 0x44, 0x93, 0x4E, 0xB0, 0x4B,
- 0x90, 0x3A, 0x68, 0x5B, 0x14, 0x48, 0xB7, 0x55,
- 0xD5, 0x6F, 0x70, 0x1A, 0xFE, 0x9B, 0xE2, 0xCE
- },
- {
- 0x2F, 0xA3, 0xF6, 0x86, 0xDF, 0x87, 0x69, 0x95,
- 0x16, 0x7E, 0x7C, 0x2E, 0x5D, 0x74, 0xC4, 0xC7,
- 0xB6, 0xE4, 0x8F, 0x80, 0x68, 0xFE, 0x0E, 0x44,
- 0x20, 0x83, 0x44, 0xD4, 0x80, 0xF7, 0x90, 0x4C,
- 0x36, 0x96, 0x3E, 0x44, 0x11, 0x5F, 0xE3, 0xEB,
- 0x2A, 0x3A, 0xC8, 0x69, 0x4C, 0x28, 0xBC, 0xB4,
- 0xF5, 0xA0, 0xF3, 0x27, 0x6F, 0x2E, 0x79, 0x48,
- 0x7D, 0x82, 0x19, 0x05, 0x7A, 0x50, 0x6E, 0x4B
- },
- {
- 0x1C, 0x08, 0x79, 0x8D, 0xC6, 0x41, 0xAB, 0xA9,
- 0xDE, 0xE4, 0x35, 0xE2, 0x25, 0x19, 0xA4, 0x72,
- 0x9A, 0x09, 0xB2, 0xBF, 0xE0, 0xFF, 0x00, 0xEF,
- 0x2D, 0xCD, 0x8E, 0xD6, 0xF8, 0xA0, 0x7D, 0x15,
- 0xEA, 0xF4, 0xAE, 0xE5, 0x2B, 0xBF, 0x18, 0xAB,
- 0x56, 0x08, 0xA6, 0x19, 0x0F, 0x70, 0xB9, 0x04,
- 0x86, 0xC8, 0xA7, 0xD4, 0x87, 0x37, 0x10, 0xB1,
- 0x11, 0x5D, 0x3D, 0xEB, 0xBB, 0x43, 0x27, 0xB5
- }
-};
-
-
-
-int blake2b_test(void)
-{
- Blake2b b2b;
- byte digest[64];
- byte input[64];
- int i, ret;
-
- for (i = 0; i < (int)sizeof(input); i++)
- input[i] = (byte)i;
-
- for (i = 0; i < BLAKE2_TESTS; i++) {
- ret = InitBlake2b(&b2b, 64);
- if (ret != 0)
- return -4002;
-
- ret = Blake2bUpdate(&b2b, input, i);
- if (ret != 0)
- return -4003;
-
- ret = Blake2bFinal(&b2b, digest, 64);
- if (ret != 0)
- return -4004;
-
- if (memcmp(digest, blake2b_vec[i], 64) != 0) {
- return -300 - i;
- }
- }
-
- return 0;
-}
-#endif /* HAVE_BLAKE2 */
-
-
-#ifndef NO_SHA256
-int sha256_test(void)
-{
- Sha256 sha;
- byte hash[SHA256_DIGEST_SIZE];
-
- testVector a, b;
- testVector test_sha[2];
- int ret;
- int times = sizeof(test_sha) / sizeof(struct testVector), i;
-
- a.input = "abc";
- a.output = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
- "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
- "\x15\xAD";
- a.inLen = strlen(a.input);
- a.outLen = SHA256_DIGEST_SIZE;
-
- b.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
- b.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
- "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
- "\x06\xC1";
- b.inLen = strlen(b.input);
- b.outLen = SHA256_DIGEST_SIZE;
-
- test_sha[0] = a;
- test_sha[1] = b;
-
- ret = InitSha256(&sha);
- if (ret != 0)
- return -4005;
-
- for (i = 0; i < times; ++i) {
- ret = Sha256Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
- if (ret != 0)
- return -4006;
- ret = Sha256Final(&sha, hash);
- if (ret != 0)
- return -4007;
-
- if (memcmp(hash, test_sha[i].output, SHA256_DIGEST_SIZE) != 0)
- return -10 - i;
- }
-
- return 0;
-}
-#endif
-
-
-#ifdef CYASSL_SHA512
-int sha512_test(void)
-{
- Sha512 sha;
- byte hash[SHA512_DIGEST_SIZE];
- int ret;
-
- testVector a, b;
- testVector test_sha[2];
- int times = sizeof(test_sha) / sizeof(struct testVector), i;
-
- a.input = "abc";
- a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
- "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55"
- "\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3"
- "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f"
- "\xa5\x4c\xa4\x9f";
- a.inLen = strlen(a.input);
- a.outLen = SHA512_DIGEST_SIZE;
-
- b.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
- "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
- b.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14"
- "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88"
- "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4"
- "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b"
- "\x87\x4b\xe9\x09";
- b.inLen = strlen(b.input);
- b.outLen = SHA512_DIGEST_SIZE;
-
- test_sha[0] = a;
- test_sha[1] = b;
-
- ret = InitSha512(&sha);
- if (ret != 0)
- return -4009;
-
- for (i = 0; i < times; ++i) {
- ret = Sha512Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
- if (ret != 0)
- return -4010;
-
- ret = Sha512Final(&sha, hash);
- if (ret != 0)
- return -4011;
-
- if (memcmp(hash, test_sha[i].output, SHA512_DIGEST_SIZE) != 0)
- return -10 - i;
- }
-
- return 0;
-}
-#endif
-
-
-#ifdef CYASSL_SHA384
-int sha384_test(void)
-{
- Sha384 sha;
- byte hash[SHA384_DIGEST_SIZE];
- int ret;
-
- testVector a, b;
- testVector test_sha[2];
- int times = sizeof(test_sha) / sizeof(struct testVector), i;
-
- a.input = "abc";
- a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
- "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
- "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
- "\xc8\x25\xa7";
- a.inLen = strlen(a.input);
- a.outLen = SHA384_DIGEST_SIZE;
-
- b.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
- "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
- b.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b"
- "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0"
- "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91"
- "\x74\x60\x39";
- b.inLen = strlen(b.input);
- b.outLen = SHA384_DIGEST_SIZE;
-
- test_sha[0] = a;
- test_sha[1] = b;
-
- ret = InitSha384(&sha);
- if (ret != 0)
- return -4012;
-
- for (i = 0; i < times; ++i) {
- ret = Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
- if (ret != 0)
- return -4013;
-
- ret = Sha384Final(&sha, hash);
- if (ret != 0)
- return -4014;
-
- if (memcmp(hash, test_sha[i].output, SHA384_DIGEST_SIZE) != 0)
- return -10 - i;
- }
-
- return 0;
-}
-#endif /* CYASSL_SHA384 */
-
-
-#if !defined(NO_HMAC) && !defined(NO_MD5)
-int hmac_md5_test(void)
-{
- Hmac hmac;
- byte hash[MD5_DIGEST_SIZE];
-
- const char* keys[]=
- {
- "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",
- "Jefe",
- "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
- };
-
- testVector a, b, c;
- testVector test_hmac[3];
-
- int ret;
- int times = sizeof(test_hmac) / sizeof(testVector), i;
-
- a.input = "Hi There";
- a.output = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc"
- "\x9d";
- a.inLen = strlen(a.input);
- a.outLen = MD5_DIGEST_SIZE;
-
- b.input = "what do ya want for nothing?";
- b.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7"
- "\x38";
- b.inLen = strlen(b.input);
- b.outLen = MD5_DIGEST_SIZE;
-
- c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD";
- c.output = "\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3"
- "\xf6";
- c.inLen = strlen(c.input);
- c.outLen = MD5_DIGEST_SIZE;
-
- test_hmac[0] = a;
- test_hmac[1] = b;
- test_hmac[2] = c;
-
- for (i = 0; i < times; ++i) {
-#ifdef HAVE_CAVIUM
- if (i == 1)
- continue; /* driver can't handle keys <= bytes */
- if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
- return -20009;
-#endif
- ret = HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i]));
- if (ret != 0)
- return -4015;
- ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
- (word32)test_hmac[i].inLen);
- if (ret != 0)
- return -4016;
- ret = HmacFinal(&hmac, hash);
- if (ret != 0)
- return -4017;
-
- if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0)
- return -20 - i;
-#ifdef HAVE_CAVIUM
- HmacFreeCavium(&hmac);
-#endif
- }
-
- return 0;
-}
-#endif /* NO_HMAC && NO_MD5 */
-
-#if !defined(NO_HMAC) && !defined(NO_SHA)
-int hmac_sha_test(void)
-{
- Hmac hmac;
- byte hash[SHA_DIGEST_SIZE];
-
- const char* keys[]=
- {
- "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
- "\x0b\x0b\x0b",
- "Jefe",
- "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
- "\xAA\xAA\xAA"
- };
-
- testVector a, b, c;
- testVector test_hmac[3];
-
- int ret;
- int times = sizeof(test_hmac) / sizeof(testVector), i;
-
- a.input = "Hi There";
- a.output = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c"
- "\x8e\xf1\x46\xbe\x00";
- a.inLen = strlen(a.input);
- a.outLen = SHA_DIGEST_SIZE;
-
- b.input = "what do ya want for nothing?";
- b.output = "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf"
- "\x9c\x25\x9a\x7c\x79";
- b.inLen = strlen(b.input);
- b.outLen = SHA_DIGEST_SIZE;
-
- c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD";
- c.output = "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b"
- "\x4f\x63\xf1\x75\xd3";
- c.inLen = strlen(c.input);
- c.outLen = SHA_DIGEST_SIZE;
-
- test_hmac[0] = a;
- test_hmac[1] = b;
- test_hmac[2] = c;
-
- for (i = 0; i < times; ++i) {
-#ifdef HAVE_CAVIUM
- if (i == 1)
- continue; /* driver can't handle keys <= bytes */
- if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
- return -20010;
-#endif
- ret = HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i]));
- if (ret != 0)
- return -4018;
- ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
- (word32)test_hmac[i].inLen);
- if (ret != 0)
- return -4019;
- ret = HmacFinal(&hmac, hash);
- if (ret != 0)
- return -4020;
-
- if (memcmp(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0)
- return -20 - i;
-#ifdef HAVE_CAVIUM
- HmacFreeCavium(&hmac);
-#endif
- }
-
- return 0;
-}
-#endif
-
-
-#if !defined(NO_HMAC) && !defined(NO_SHA256)
-int hmac_sha256_test(void)
-{
- Hmac hmac;
- byte hash[SHA256_DIGEST_SIZE];
-
- const char* keys[]=
- {
- "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
- "\x0b\x0b\x0b",
- "Jefe",
- "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
- "\xAA\xAA\xAA"
- };
-
- testVector a, b, c;
- testVector test_hmac[3];
-
- int ret;
- int times = sizeof(test_hmac) / sizeof(testVector), i;
-
- a.input = "Hi There";
- a.output = "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1"
- "\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32"
- "\xcf\xf7";
- a.inLen = strlen(a.input);
- a.outLen = SHA256_DIGEST_SIZE;
-
- b.input = "what do ya want for nothing?";
- b.output = "\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75"
- "\xc7\x5a\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec"
- "\x38\x43";
- b.inLen = strlen(b.input);
- b.outLen = SHA256_DIGEST_SIZE;
-
- c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD";
- c.output = "\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81"
- "\xa7\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5"
- "\x65\xfe";
- c.inLen = strlen(c.input);
- c.outLen = SHA256_DIGEST_SIZE;
-
- test_hmac[0] = a;
- test_hmac[1] = b;
- test_hmac[2] = c;
-
- for (i = 0; i < times; ++i) {
-#ifdef HAVE_CAVIUM
- if (i == 1)
- continue; /* driver can't handle keys <= bytes */
- if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
- return -20011;
-#endif
- ret = HmacSetKey(&hmac, SHA256, (byte*)keys[i],(word32)strlen(keys[i]));
- if (ret != 0)
- return -4021;
- ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
- (word32)test_hmac[i].inLen);
- if (ret != 0)
- return -4022;
- ret = HmacFinal(&hmac, hash);
- if (ret != 0)
- return -4023;
-
- if (memcmp(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0)
- return -20 - i;
-#ifdef HAVE_CAVIUM
- HmacFreeCavium(&hmac);
-#endif
- }
-
- return 0;
-}
-#endif
-
-
-#if !defined(NO_HMAC) && defined(HAVE_BLAKE2)
-int hmac_blake2b_test(void)
-{
- Hmac hmac;
- byte hash[BLAKE2B_256];
-
- const char* keys[]=
- {
- "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
- "\x0b\x0b\x0b",
- "Jefe",
- "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
- "\xAA\xAA\xAA"
- };
-
- testVector a, b, c;
- testVector test_hmac[3];
-
- int ret;
- int times = sizeof(test_hmac) / sizeof(testVector), i;
-
- a.input = "Hi There";
- a.output = "\x72\x93\x0d\xdd\xf5\xf7\xe1\x78\x38\x07\x44\x18\x0b\x3f\x51"
- "\x37\x25\xb5\x82\xc2\x08\x83\x2f\x1c\x99\xfd\x03\xa0\x16\x75"
- "\xac\xfd";
- a.inLen = strlen(a.input);
- a.outLen = BLAKE2B_256;
-
- b.input = "what do ya want for nothing?";
- b.output = "\x3d\x20\x50\x71\x05\xc0\x8c\x0c\x38\x44\x1e\xf7\xf9\xd1\x67"
- "\x21\xff\x64\xf5\x94\x00\xcf\xf9\x75\x41\xda\x88\x61\x9d\x7c"
- "\xda\x2b";
- b.inLen = strlen(b.input);
- b.outLen = BLAKE2B_256;
-
- c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD";
- c.output = "\xda\xfe\x2a\x24\xfc\xe7\xea\x36\x34\xbe\x41\x92\xc7\x11\xa7"
- "\x00\xae\x53\x9c\x11\x9c\x80\x74\x55\x22\x25\x4a\xb9\x55\xd3"
- "\x0f\x87";
- c.inLen = strlen(c.input);
- c.outLen = BLAKE2B_256;
-
- test_hmac[0] = a;
- test_hmac[1] = b;
- test_hmac[2] = c;
-
- for (i = 0; i < times; ++i) {
-#ifdef HAVE_CAVIUM
- if (i == 1)
- continue; /* driver can't handle keys <= bytes */
- if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
- return -20011;
-#endif
- ret = HmacSetKey(&hmac, BLAKE2B_ID, (byte*)keys[i],
- (word32)strlen(keys[i]));
- if (ret != 0)
- return -4024;
- ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
- (word32)test_hmac[i].inLen);
- if (ret != 0)
- return -4025;
- ret = HmacFinal(&hmac, hash);
- if (ret != 0)
- return -4026;
-
- if (memcmp(hash, test_hmac[i].output, BLAKE2B_256) != 0)
- return -20 - i;
-#ifdef HAVE_CAVIUM
- HmacFreeCavium(&hmac);
-#endif
- }
-
- return 0;
-}
-#endif
-
-
-#if !defined(NO_HMAC) && defined(CYASSL_SHA384)
-int hmac_sha384_test(void)
-{
- Hmac hmac;
- byte hash[SHA384_DIGEST_SIZE];
-
- const char* keys[]=
- {
- "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
- "\x0b\x0b\x0b",
- "Jefe",
- "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
- "\xAA\xAA\xAA"
- };
-
- testVector a, b, c;
- testVector test_hmac[3];
-
- int ret;
- int times = sizeof(test_hmac) / sizeof(testVector), i;
-
- a.input = "Hi There";
- a.output = "\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90"
- "\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb"
- "\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2"
- "\xfa\x9c\xb6";
- a.inLen = strlen(a.input);
- a.outLen = SHA384_DIGEST_SIZE;
-
- b.input = "what do ya want for nothing?";
- b.output = "\xaf\x45\xd2\xe3\x76\x48\x40\x31\x61\x7f\x78\xd2\xb5\x8a\x6b"
- "\x1b\x9c\x7e\xf4\x64\xf5\xa0\x1b\x47\xe4\x2e\xc3\x73\x63\x22"
- "\x44\x5e\x8e\x22\x40\xca\x5e\x69\xe2\xc7\x8b\x32\x39\xec\xfa"
- "\xb2\x16\x49";
- b.inLen = strlen(b.input);
- b.outLen = SHA384_DIGEST_SIZE;
-
- c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD";
- c.output = "\x88\x06\x26\x08\xd3\xe6\xad\x8a\x0a\xa2\xac\xe0\x14\xc8\xa8"
- "\x6f\x0a\xa6\x35\xd9\x47\xac\x9f\xeb\xe8\x3e\xf4\xe5\x59\x66"
- "\x14\x4b\x2a\x5a\xb3\x9d\xc1\x38\x14\xb9\x4e\x3a\xb6\xe1\x01"
- "\xa3\x4f\x27";
- c.inLen = strlen(c.input);
- c.outLen = SHA384_DIGEST_SIZE;
-
- test_hmac[0] = a;
- test_hmac[1] = b;
- test_hmac[2] = c;
-
- for (i = 0; i < times; ++i) {
- ret = HmacSetKey(&hmac, SHA384, (byte*)keys[i],(word32)strlen(keys[i]));
- if (ret != 0)
- return -4027;
- ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
- (word32)test_hmac[i].inLen);
- if (ret != 0)
- return -4028;
- ret = HmacFinal(&hmac, hash);
- if (ret != 0)
- return -4029;
-
- if (memcmp(hash, test_hmac[i].output, SHA384_DIGEST_SIZE) != 0)
- return -20 - i;
- }
-
- return 0;
-}
-#endif
-
-
-#if !defined(NO_HMAC) && defined(CYASSL_SHA512)
-int hmac_sha512_test(void)
-{
- Hmac hmac;
- byte hash[SHA512_DIGEST_SIZE];
-
- const char* keys[]=
- {
- "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
- "\x0b\x0b\x0b",
- "Jefe",
- "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
- "\xAA\xAA\xAA"
- };
-
- testVector a, b, c;
- testVector test_hmac[3];
-
- int ret;
- int times = sizeof(test_hmac) / sizeof(testVector), i;
-
- a.input = "Hi There";
- a.output = "\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c"
- "\xb0\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0\xb3\x05\x45\xe1"
- "\x7c\xde\xda\xa8\x33\xb7\xd6\xb8\xa7\x02\x03\x8b\x27\x4e\xae"
- "\xa3\xf4\xe4\xbe\x9d\x91\x4e\xeb\x61\xf1\x70\x2e\x69\x6c\x20"
- "\x3a\x12\x68\x54";
- a.inLen = strlen(a.input);
- a.outLen = SHA512_DIGEST_SIZE;
-
- b.input = "what do ya want for nothing?";
- b.output = "\x16\x4b\x7a\x7b\xfc\xf8\x19\xe2\xe3\x95\xfb\xe7\x3b\x56\xe0"
- "\xa3\x87\xbd\x64\x22\x2e\x83\x1f\xd6\x10\x27\x0c\xd7\xea\x25"
- "\x05\x54\x97\x58\xbf\x75\xc0\x5a\x99\x4a\x6d\x03\x4f\x65\xf8"
- "\xf0\xe6\xfd\xca\xea\xb1\xa3\x4d\x4a\x6b\x4b\x63\x6e\x07\x0a"
- "\x38\xbc\xe7\x37";
- b.inLen = strlen(b.input);
- b.outLen = SHA512_DIGEST_SIZE;
-
- c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD";
- c.output = "\xfa\x73\xb0\x08\x9d\x56\xa2\x84\xef\xb0\xf0\x75\x6c\x89\x0b"
- "\xe9\xb1\xb5\xdb\xdd\x8e\xe8\x1a\x36\x55\xf8\x3e\x33\xb2\x27"
- "\x9d\x39\xbf\x3e\x84\x82\x79\xa7\x22\xc8\x06\xb4\x85\xa4\x7e"
- "\x67\xc8\x07\xb9\x46\xa3\x37\xbe\xe8\x94\x26\x74\x27\x88\x59"
- "\xe1\x32\x92\xfb";
- c.inLen = strlen(c.input);
- c.outLen = SHA512_DIGEST_SIZE;
-
- test_hmac[0] = a;
- test_hmac[1] = b;
- test_hmac[2] = c;
-
- for (i = 0; i < times; ++i) {
- ret = HmacSetKey(&hmac, SHA512, (byte*)keys[i],(word32)strlen(keys[i]));
- if (ret != 0)
- return -4030;
- ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
- (word32)test_hmac[i].inLen);
- if (ret != 0)
- return -4031;
- ret = HmacFinal(&hmac, hash);
- if (ret != 0)
- return -4032;
-
- if (memcmp(hash, test_hmac[i].output, SHA512_DIGEST_SIZE) != 0)
- return -20 - i;
- }
-
- return 0;
-}
-#endif
-
-
-#ifndef NO_RC4
-int arc4_test(void)
-{
- byte cipher[16];
- byte plain[16];
-
- const char* keys[] =
- {
- "\x01\x23\x45\x67\x89\xab\xcd\xef",
- "\x01\x23\x45\x67\x89\xab\xcd\xef",
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- "\xef\x01\x23\x45"
- };
-
- testVector a, b, c, d;
- testVector test_arc4[4];
-
- int times = sizeof(test_arc4) / sizeof(testVector), i;
-
- a.input = "\x01\x23\x45\x67\x89\xab\xcd\xef";
- a.output = "\x75\xb7\x87\x80\x99\xe0\xc5\x96";
- a.inLen = 8;
- a.outLen = 8;
-
- b.input = "\x00\x00\x00\x00\x00\x00\x00\x00";
- b.output = "\x74\x94\xc2\xe7\x10\x4b\x08\x79";
- b.inLen = 8;
- b.outLen = 8;
-
- c.input = "\x00\x00\x00\x00\x00\x00\x00\x00";
- c.output = "\xde\x18\x89\x41\xa3\x37\x5d\x3a";
- c.inLen = 8;
- c.outLen = 8;
-
- d.input = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
- d.output = "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf\xbd\x61";
- d.inLen = 10;
- d.outLen = 10;
-
- test_arc4[0] = a;
- test_arc4[1] = b;
- test_arc4[2] = c;
- test_arc4[3] = d;
-
- for (i = 0; i < times; ++i) {
- Arc4 enc;
- Arc4 dec;
- int keylen = 8; /* strlen with key 0x00 not good */
- if (i == 3)
- keylen = 4;
-
-#ifdef HAVE_CAVIUM
- if (Arc4InitCavium(&enc, CAVIUM_DEV_ID) != 0)
- return -20001;
- if (Arc4InitCavium(&dec, CAVIUM_DEV_ID) != 0)
- return -20002;
-#endif
-
- Arc4SetKey(&enc, (byte*)keys[i], keylen);
- Arc4SetKey(&dec, (byte*)keys[i], keylen);
-
- Arc4Process(&enc, cipher, (byte*)test_arc4[i].input,
- (word32)test_arc4[i].outLen);
- Arc4Process(&dec, plain, cipher, (word32)test_arc4[i].outLen);
-
- if (memcmp(plain, test_arc4[i].input, test_arc4[i].outLen))
- return -20 - i;
-
- if (memcmp(cipher, test_arc4[i].output, test_arc4[i].outLen))
- return -20 - 5 - i;
-
-#ifdef HAVE_CAVIUM
- Arc4FreeCavium(&enc);
- Arc4FreeCavium(&dec);
-#endif
- }
-
- return 0;
-}
-#endif
-
-
-int hc128_test(void)
-{
-#ifdef HAVE_HC128
- byte cipher[16];
- byte plain[16];
-
- const char* keys[] =
- {
- "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD",
- "\x0F\x62\xB5\x08\x5B\xAE\x01\x54\xA7\xFA\x4D\xA0\xF3\x46\x99\xEC"
- };
-
- const char* ivs[] =
- {
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- "\x0D\x74\xDB\x42\xA9\x10\x77\xDE\x45\xAC\x13\x7A\xE1\x48\xAF\x16",
- "\x28\x8F\xF6\x5D\xC4\x2B\x92\xF9\x60\xC7\x2E\x95\xFC\x63\xCA\x31"
- };
-
-
- testVector a, b, c, d;
- testVector test_hc128[4];
-
- int times = sizeof(test_hc128) / sizeof(testVector), i;
-
- a.input = "\x00\x00\x00\x00\x00\x00\x00\x00";
- a.output = "\x37\x86\x02\xB9\x8F\x32\xA7\x48";
- a.inLen = 8;
- a.outLen = 8;
-
- b.input = "\x00\x00\x00\x00\x00\x00\x00\x00";
- b.output = "\x33\x7F\x86\x11\xC6\xED\x61\x5F";
- b.inLen = 8;
- b.outLen = 8;
-
- c.input = "\x00\x00\x00\x00\x00\x00\x00\x00";
- c.output = "\x2E\x1E\xD1\x2A\x85\x51\xC0\x5A";
- c.inLen = 8;
- c.outLen = 8;
-
- d.input = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
- d.output = "\x1C\xD8\xAE\xDD\xFE\x52\xE2\x17\xE8\x35\xD0\xB7\xE8\x4E\x29";
- d.inLen = 15;
- d.outLen = 15;
-
- test_hc128[0] = a;
- test_hc128[1] = b;
- test_hc128[2] = c;
- test_hc128[3] = d;
-
- for (i = 0; i < times; ++i) {
- HC128 enc;
- HC128 dec;
-
- /* align keys/ivs in plain/cipher buffers */
- memcpy(plain, keys[i], 16);
- memcpy(cipher, ivs[i], 16);
-
- Hc128_SetKey(&enc, plain, cipher);
- Hc128_SetKey(&dec, plain, cipher);
-
- /* align input */
- memcpy(plain, test_hc128[i].input, test_hc128[i].outLen);
- Hc128_Process(&enc, cipher, plain, (word32)test_hc128[i].outLen);
- Hc128_Process(&dec, plain, cipher, (word32)test_hc128[i].outLen);
-
- if (memcmp(plain, test_hc128[i].input, test_hc128[i].outLen))
- return -120 - i;
-
- if (memcmp(cipher, test_hc128[i].output, test_hc128[i].outLen))
- return -120 - 5 - i;
- }
-
-#endif /* HAVE_HC128 */
- return 0;
-}
-
-
-#ifndef NO_RABBIT
-int rabbit_test(void)
-{
- byte cipher[16];
- byte plain[16];
-
- const char* keys[] =
- {
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- "\xAC\xC3\x51\xDC\xF1\x62\xFC\x3B\xFE\x36\x3D\x2E\x29\x13\x28\x91"
- };
-
- const char* ivs[] =
- {
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- "\x59\x7E\x26\xC1\x75\xF5\x73\xC3",
- 0
- };
-
- testVector a, b, c;
- testVector test_rabbit[3];
-
- int times = sizeof(test_rabbit) / sizeof(testVector), i;
-
- a.input = "\x00\x00\x00\x00\x00\x00\x00\x00";
- a.output = "\xED\xB7\x05\x67\x37\x5D\xCD\x7C";
- a.inLen = 8;
- a.outLen = 8;
-
- b.input = "\x00\x00\x00\x00\x00\x00\x00\x00";
- b.output = "\x6D\x7D\x01\x22\x92\xCC\xDC\xE0";
- b.inLen = 8;
- b.outLen = 8;
-
- c.input = "\x00\x00\x00\x00\x00\x00\x00\x00";
- c.output = "\x04\xCE\xCA\x7A\x1A\x86\x6E\x77";
- c.inLen = 8;
- c.outLen = 8;
-
- test_rabbit[0] = a;
- test_rabbit[1] = b;
- test_rabbit[2] = c;
-
- for (i = 0; i < times; ++i) {
- Rabbit enc;
- Rabbit dec;
- byte* iv;
-
- /* align keys/ivs in plain/cipher buffers */
- memcpy(plain, keys[i], 16);
- if (ivs[i]) {
- memcpy(cipher, ivs[i], 8);
- iv = cipher;
- } else
- iv = NULL;
- RabbitSetKey(&enc, plain, iv);
- RabbitSetKey(&dec, plain, iv);
-
- /* align input */
- memcpy(plain, test_rabbit[i].input, test_rabbit[i].outLen);
- RabbitProcess(&enc, cipher, plain, (word32)test_rabbit[i].outLen);
- RabbitProcess(&dec, plain, cipher, (word32)test_rabbit[i].outLen);
-
- if (memcmp(plain, test_rabbit[i].input, test_rabbit[i].outLen))
- return -130 - i;
-
- if (memcmp(cipher, test_rabbit[i].output, test_rabbit[i].outLen))
- return -130 - 5 - i;
- }
-
- return 0;
-}
-#endif /* NO_RABBIT */
-
-
-#ifndef NO_DES3
-int des_test(void)
-{
- const byte vector[] = { /* "now is the time for all " w/o trailing 0 */
- 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
- 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
- 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
- };
-
- byte plain[24];
- byte cipher[24];
-
- Des enc;
- Des dec;
-
- const byte key[] =
- {
- 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
- };
-
- const byte iv[] =
- {
- 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
- };
-
- const byte verify[] =
- {
- 0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8,
- 0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73,
- 0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b
- };
-
- int ret;
-
- ret = Des_SetKey(&enc, key, iv, DES_ENCRYPTION);
- if (ret != 0)
- return -31;
-
- Des_CbcEncrypt(&enc, cipher, vector, sizeof(vector));
- ret = Des_SetKey(&dec, key, iv, DES_DECRYPTION);
- if (ret != 0)
- return -32;
- Des_CbcDecrypt(&dec, plain, cipher, sizeof(cipher));
-
- if (memcmp(plain, vector, sizeof(plain)))
- return -33;
-
- if (memcmp(cipher, verify, sizeof(cipher)))
- return -34;
-
- return 0;
-}
-#endif /* NO_DES3 */
-
-
-#ifndef NO_DES3
-int des3_test(void)
-{
- const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */
- 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
- 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
- 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
- };
-
- byte plain[24];
- byte cipher[24];
-
- Des3 enc;
- Des3 dec;
-
- const byte key3[] =
- {
- 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
- 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
- 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
- };
- const byte iv3[] =
- {
- 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
- 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
- 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
-
- };
-
- const byte verify3[] =
- {
- 0x43,0xa0,0x29,0x7e,0xd1,0x84,0xf8,0x0e,
- 0x89,0x64,0x84,0x32,0x12,0xd5,0x08,0x98,
- 0x18,0x94,0x15,0x74,0x87,0x12,0x7d,0xb0
- };
-
- int ret;
-
-
-#ifdef HAVE_CAVIUM
- if (Des3_InitCavium(&enc, CAVIUM_DEV_ID) != 0)
- return -20005;
- if (Des3_InitCavium(&dec, CAVIUM_DEV_ID) != 0)
- return -20006;
-#endif
- ret = Des3_SetKey(&enc, key3, iv3, DES_ENCRYPTION);
- if (ret != 0)
- return -31;
- ret = Des3_SetKey(&dec, key3, iv3, DES_DECRYPTION);
- if (ret != 0)
- return -32;
- ret = Des3_CbcEncrypt(&enc, cipher, vector, sizeof(vector));
- if (ret != 0)
- return -33;
- ret = Des3_CbcDecrypt(&dec, plain, cipher, sizeof(cipher));
- if (ret != 0)
- return -34;
-
- if (memcmp(plain, vector, sizeof(plain)))
- return -35;
-
- if (memcmp(cipher, verify3, sizeof(cipher)))
- return -36;
-
-#ifdef HAVE_CAVIUM
- Des3_FreeCavium(&enc);
- Des3_FreeCavium(&dec);
-#endif
- return 0;
-}
-#endif /* NO_DES */
-
-
-#ifndef NO_AES
-int aes_test(void)
-{
- Aes enc;
- Aes dec;
-
- const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */
- 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
- 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
- 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
- };
-
- const byte verify[] =
- {
- 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53,
- 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb
- };
-
- byte key[] = "0123456789abcdef "; /* align */
- byte iv[] = "1234567890abcdef "; /* align */
-
- byte cipher[AES_BLOCK_SIZE * 4];
- byte plain [AES_BLOCK_SIZE * 4];
- int ret;
-
-#ifdef HAVE_CAVIUM
- if (AesInitCavium(&enc, CAVIUM_DEV_ID) != 0)
- return -20003;
- if (AesInitCavium(&dec, CAVIUM_DEV_ID) != 0)
- return -20004;
-#endif
- ret = AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
- if (ret != 0)
- return -1001;
- ret = AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION);
- if (ret != 0)
- return -1002;
-
- ret = AesCbcEncrypt(&enc, cipher, msg, AES_BLOCK_SIZE);
- if (ret != 0)
- return -1005;
- ret = AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE);
- if (ret != 0)
- return -1006;
-
- if (memcmp(plain, msg, AES_BLOCK_SIZE))
- return -60;
-
- if (memcmp(cipher, verify, AES_BLOCK_SIZE))
- return -61;
-
-#ifdef HAVE_CAVIUM
- AesFreeCavium(&enc);
- AesFreeCavium(&dec);
-#endif
-#ifdef CYASSL_AES_COUNTER
- {
- const byte ctrKey[] =
- {
- 0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6,
- 0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c
- };
-
- const byte ctrIv[] =
- {
- 0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7,
- 0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff
- };
-
-
- const byte ctrPlain[] =
- {
- 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
- 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a,
- 0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c,
- 0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51,
- 0x30,0xc8,0x1c,0x46,0xa3,0x5c,0xe4,0x11,
- 0xe5,0xfb,0xc1,0x19,0x1a,0x0a,0x52,0xef,
- 0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17,
- 0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10
- };
-
- const byte ctrCipher[] =
- {
- 0x87,0x4d,0x61,0x91,0xb6,0x20,0xe3,0x26,
- 0x1b,0xef,0x68,0x64,0x99,0x0d,0xb6,0xce,
- 0x98,0x06,0xf6,0x6b,0x79,0x70,0xfd,0xff,
- 0x86,0x17,0x18,0x7b,0xb9,0xff,0xfd,0xff,
- 0x5a,0xe4,0xdf,0x3e,0xdb,0xd5,0xd3,0x5e,
- 0x5b,0x4f,0x09,0x02,0x0d,0xb0,0x3e,0xab,
- 0x1e,0x03,0x1d,0xda,0x2f,0xbe,0x03,0xd1,
- 0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee
- };
-
- const byte oddCipher[] =
- {
- 0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0,
- 0xc2
- };
-
- AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
- /* Ctr only uses encrypt, even on key setup */
- AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
-
- AesCtrEncrypt(&enc, cipher, ctrPlain, AES_BLOCK_SIZE*4);
- AesCtrEncrypt(&dec, plain, cipher, AES_BLOCK_SIZE*4);
-
- if (memcmp(plain, ctrPlain, AES_BLOCK_SIZE*4))
- return -66;
-
- if (memcmp(cipher, ctrCipher, AES_BLOCK_SIZE*4))
- return -67;
-
- /* let's try with just 9 bytes, non block size test */
- AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
- /* Ctr only uses encrypt, even on key setup */
- AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
-
- AesCtrEncrypt(&enc, cipher, ctrPlain, 9);
- AesCtrEncrypt(&dec, plain, cipher, 9);
-
- if (memcmp(plain, ctrPlain, 9))
- return -68;
-
- if (memcmp(cipher, ctrCipher, 9))
- return -69;
-
- /* and an additional 9 bytes to reuse tmp left buffer */
- AesCtrEncrypt(&enc, cipher, ctrPlain, 9);
- AesCtrEncrypt(&dec, plain, cipher, 9);
-
- if (memcmp(plain, ctrPlain, 9))
- return -70;
-
- if (memcmp(cipher, oddCipher, 9))
- return -71;
- }
-#endif /* CYASSL_AES_COUNTER */
-
-#if defined(CYASSL_AESNI) && defined(CYASSL_AES_DIRECT)
- {
- const byte niPlain[] =
- {
- 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
- 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
- };
-
- const byte niCipher[] =
- {
- 0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c,
- 0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8
- };
-
- const byte niKey[] =
- {
- 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
- 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
- 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
- 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
- };
-
- XMEMSET(cipher, 0, AES_BLOCK_SIZE);
- ret = AesSetKey(&enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION);
- if (ret != 0)
- return -1003;
- AesEncryptDirect(&enc, cipher, niPlain);
- if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0)
- return -20006;
-
- XMEMSET(plain, 0, AES_BLOCK_SIZE);
- ret = AesSetKey(&dec, niKey, sizeof(niKey), plain, AES_DECRYPTION);
- if (ret != 0)
- return -1004;
- AesDecryptDirect(&dec, plain, niCipher);
- if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0)
- return -20007;
- }
-#endif /* CYASSL_AESNI && CYASSL_AES_DIRECT */
-
- return 0;
-}
-
-#ifdef HAVE_AESGCM
-int aesgcm_test(void)
-{
- Aes enc;
-
- /*
- * This is Test Case 16 from the document Galois/
- * Counter Mode of Operation (GCM) by McGrew and
- * Viega.
- */
- const byte k[] =
- {
- 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
- 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
- 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
- 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
- };
-
- const byte iv[] =
- {
- 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
- 0xde, 0xca, 0xf8, 0x88
- };
-
- const byte p[] =
- {
- 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
- 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
- 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
- 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
- 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
- 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
- 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
- 0xba, 0x63, 0x7b, 0x39
- };
-
- const byte a[] =
- {
- 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
- 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
- 0xab, 0xad, 0xda, 0xd2
- };
-
- const byte c[] =
- {
- 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
- 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
- 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
- 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
- 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
- 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
- 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
- 0xbc, 0xc9, 0xf6, 0x62
- };
-
- const byte t[] =
- {
- 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
- 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b
- };
-
- byte t2[sizeof(t)];
- byte p2[sizeof(c)];
- byte c2[sizeof(p)];
-
- int result;
-
- memset(t2, 0, sizeof(t2));
- memset(c2, 0, sizeof(c2));
- memset(p2, 0, sizeof(p2));
-
- AesGcmSetKey(&enc, k, sizeof(k));
- /* AES-GCM encrypt and decrypt both use AES encrypt internally */
- AesGcmEncrypt(&enc, c2, p, sizeof(c2), iv, sizeof(iv),
- t2, sizeof(t2), a, sizeof(a));
- if (memcmp(c, c2, sizeof(c2)))
- return -68;
- if (memcmp(t, t2, sizeof(t2)))
- return -69;
-
- result = AesGcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv),
- t2, sizeof(t2), a, sizeof(a));
- if (result != 0)
- return -70;
- if (memcmp(p, p2, sizeof(p2)))
- return -71;
-
- return 0;
-}
-
-int gmac_test(void)
-{
- Gmac gmac;
-
- const byte k1[] =
- {
- 0x89, 0xc9, 0x49, 0xe9, 0xc8, 0x04, 0xaf, 0x01,
- 0x4d, 0x56, 0x04, 0xb3, 0x94, 0x59, 0xf2, 0xc8
- };
- const byte iv1[] =
- {
- 0xd1, 0xb1, 0x04, 0xc8, 0x15, 0xbf, 0x1e, 0x94,
- 0xe2, 0x8c, 0x8f, 0x16
- };
- const byte a1[] =
- {
- 0x82, 0xad, 0xcd, 0x63, 0x8d, 0x3f, 0xa9, 0xd9,
- 0xf3, 0xe8, 0x41, 0x00, 0xd6, 0x1e, 0x07, 0x77
- };
- const byte t1[] =
- {
- 0x88, 0xdb, 0x9d, 0x62, 0x17, 0x2e, 0xd0, 0x43,
- 0xaa, 0x10, 0xf1, 0x6d, 0x22, 0x7d, 0xc4, 0x1b
- };
-
- const byte k2[] =
- {
- 0x40, 0xf7, 0xec, 0xb2, 0x52, 0x6d, 0xaa, 0xd4,
- 0x74, 0x25, 0x1d, 0xf4, 0x88, 0x9e, 0xf6, 0x5b
- };
- const byte iv2[] =
- {
- 0xee, 0x9c, 0x6e, 0x06, 0x15, 0x45, 0x45, 0x03,
- 0x1a, 0x60, 0x24, 0xa7
- };
- const byte a2[] =
- {
- 0x94, 0x81, 0x2c, 0x87, 0x07, 0x4e, 0x15, 0x18,
- 0x34, 0xb8, 0x35, 0xaf, 0x1c, 0xa5, 0x7e, 0x56
- };
- const byte t2[] =
- {
- 0xc6, 0x81, 0x79, 0x8e, 0x3d, 0xda, 0xb0, 0x9f,
- 0x8d, 0x83, 0xb0, 0xbb, 0x14, 0xb6, 0x91
- };
-
- const byte k3[] =
- {
- 0xb8, 0xe4, 0x9a, 0x5e, 0x37, 0xf9, 0x98, 0x2b,
- 0xb9, 0x6d, 0xd0, 0xc9, 0xb6, 0xab, 0x26, 0xac
- };
- const byte iv3[] =
- {
- 0xe4, 0x4a, 0x42, 0x18, 0x8c, 0xae, 0x94, 0x92,
- 0x6a, 0x9c, 0x26, 0xb0
- };
- const byte a3[] =
- {
- 0x9d, 0xb9, 0x61, 0x68, 0xa6, 0x76, 0x7a, 0x31,
- 0xf8, 0x29, 0xe4, 0x72, 0x61, 0x68, 0x3f, 0x8a
- };
- const byte t3[] =
- {
- 0x23, 0xe2, 0x9f, 0x66, 0xe4, 0xc6, 0x52, 0x48
- };
-
- byte tag[16];
-
- memset(tag, 0, sizeof(tag));
- GmacSetKey(&gmac, k1, sizeof(k1));
- GmacUpdate(&gmac, iv1, sizeof(iv1), a1, sizeof(a1), tag, sizeof(t1));
- if (memcmp(t1, tag, sizeof(t1)) != 0)
- return -126;
-
- memset(tag, 0, sizeof(tag));
- GmacSetKey(&gmac, k2, sizeof(k2));
- GmacUpdate(&gmac, iv2, sizeof(iv2), a2, sizeof(a2), tag, sizeof(t2));
- if (memcmp(t2, tag, sizeof(t2)) != 0)
- return -127;
-
- memset(tag, 0, sizeof(tag));
- GmacSetKey(&gmac, k3, sizeof(k3));
- GmacUpdate(&gmac, iv3, sizeof(iv3), a3, sizeof(a3), tag, sizeof(t3));
- if (memcmp(t3, tag, sizeof(t3)) != 0)
- return -128;
-
- return 0;
-}
-#endif /* HAVE_AESGCM */
-
-#ifdef HAVE_AESCCM
-int aesccm_test(void)
-{
- Aes enc;
-
- /* key */
- const byte k[] =
- {
- 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
- 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf
- };
-
- /* nonce */
- const byte iv[] =
- {
- 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0,
- 0xa1, 0xa2, 0xa3, 0xa4, 0xa5
- };
-
- /* plaintext */
- const byte p[] =
- {
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
- 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e
- };
-
- const byte a[] =
- {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
- };
-
- const byte c[] =
- {
- 0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2,
- 0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80,
- 0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84
- };
-
- const byte t[] =
- {
- 0x17, 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0
- };
-
- byte t2[sizeof(t)];
- byte p2[sizeof(p)];
- byte c2[sizeof(c)];
-
- int result;
-
- memset(t2, 0, sizeof(t2));
- memset(c2, 0, sizeof(c2));
- memset(p2, 0, sizeof(p2));
-
- AesCcmSetKey(&enc, k, sizeof(k));
- /* AES-CCM encrypt and decrypt both use AES encrypt internally */
- AesCcmEncrypt(&enc, c2, p, sizeof(c2), iv, sizeof(iv),
- t2, sizeof(t2), a, sizeof(a));
- if (memcmp(c, c2, sizeof(c2)))
- return -107;
- if (memcmp(t, t2, sizeof(t2)))
- return -108;
-
- result = AesCcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv),
- t2, sizeof(t2), a, sizeof(a));
- if (result != 0)
- return -109;
- if (memcmp(p, p2, sizeof(p2)))
- return -110;
-
- /* Test the authentication failure */
- t2[0]++; /* Corrupt the authentication tag. */
- result = AesCcmDecrypt(&enc, p2, c, sizeof(p2), iv, sizeof(iv),
- t2, sizeof(t2), a, sizeof(a));
- if (result == 0)
- return -111;
-
- /* Clear c2 to compare against p2. p2 should be set to zero in case of
- * authentication fail. */
- memset(c2, 0, sizeof(c2));
- if (memcmp(p2, c2, sizeof(p2)))
- return -112;
-
- return 0;
-}
-#endif /* HAVE_AESCCM */
-
-
-#endif /* NO_AES */
-
-
-#ifdef HAVE_CAMELLIA
-
-enum {
- CAM_ECB_ENC, CAM_ECB_DEC, CAM_CBC_ENC, CAM_CBC_DEC
-};
-
-typedef struct {
- int type;
- const byte* plaintext;
- const byte* iv;
- const byte* ciphertext;
- const byte* key;
- word32 keySz;
- int errorCode;
-} test_vector_t;
-
-int camellia_test(void)
-{
- /* Camellia ECB Test Plaintext */
- static const byte pte[] =
- {
- 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
- 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
- };
-
- /* Camellia ECB Test Initialization Vector */
- static const byte ive[] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
-
- /* Test 1: Camellia ECB 128-bit key */
- static const byte k1[] =
- {
- 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
- 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
- };
- static const byte c1[] =
- {
- 0x67, 0x67, 0x31, 0x38, 0x54, 0x96, 0x69, 0x73,
- 0x08, 0x57, 0x06, 0x56, 0x48, 0xea, 0xbe, 0x43
- };
-
- /* Test 2: Camellia ECB 192-bit key */
- static const byte k2[] =
- {
- 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
- 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
- 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
- };
- static const byte c2[] =
- {
- 0xb4, 0x99, 0x34, 0x01, 0xb3, 0xe9, 0x96, 0xf8,
- 0x4e, 0xe5, 0xce, 0xe7, 0xd7, 0x9b, 0x09, 0xb9
- };
-
- /* Test 3: Camellia ECB 256-bit key */
- static const byte k3[] =
- {
- 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
- 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
- 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
- 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
- };
- static const byte c3[] =
- {
- 0x9a, 0xcc, 0x23, 0x7d, 0xff, 0x16, 0xd7, 0x6c,
- 0x20, 0xef, 0x7c, 0x91, 0x9e, 0x3a, 0x75, 0x09
- };
-
- /* Camellia CBC Test Plaintext */
- static const byte ptc[] =
- {
- 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
- 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A
- };
-
- /* Camellia CBC Test Initialization Vector */
- static const byte ivc[] =
- {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
- };
-
- /* Test 4: Camellia-CBC 128-bit key */
- static const byte k4[] =
- {
- 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
- 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C
- };
- static const byte c4[] =
- {
- 0x16, 0x07, 0xCF, 0x49, 0x4B, 0x36, 0xBB, 0xF0,
- 0x0D, 0xAE, 0xB0, 0xB5, 0x03, 0xC8, 0x31, 0xAB
- };
-
- /* Test 5: Camellia-CBC 192-bit key */
- static const byte k5[] =
- {
- 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52,
- 0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5,
- 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B
- };
- static const byte c5[] =
- {
- 0x2A, 0x48, 0x30, 0xAB, 0x5A, 0xC4, 0xA1, 0xA2,
- 0x40, 0x59, 0x55, 0xFD, 0x21, 0x95, 0xCF, 0x93
- };
-
- /* Test 6: CBC 256-bit key */
- static const byte k6[] =
- {
- 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
- 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
- 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
- 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4
- };
- static const byte c6[] =
- {
- 0xE6, 0xCF, 0xA3, 0x5F, 0xC0, 0x2B, 0x13, 0x4A,
- 0x4D, 0x2C, 0x0B, 0x67, 0x37, 0xAC, 0x3E, 0xDA
- };
-
- byte out[CAMELLIA_BLOCK_SIZE];
- Camellia cam;
- int i, testsSz;
- const test_vector_t testVectors[] =
- {
- {CAM_ECB_ENC, pte, ive, c1, k1, sizeof(k1), -114},
- {CAM_ECB_ENC, pte, ive, c2, k2, sizeof(k2), -115},
- {CAM_ECB_ENC, pte, ive, c3, k3, sizeof(k3), -116},
- {CAM_ECB_DEC, pte, ive, c1, k1, sizeof(k1), -117},
- {CAM_ECB_DEC, pte, ive, c2, k2, sizeof(k2), -118},
- {CAM_ECB_DEC, pte, ive, c3, k3, sizeof(k3), -119},
- {CAM_CBC_ENC, ptc, ivc, c4, k4, sizeof(k4), -120},
- {CAM_CBC_ENC, ptc, ivc, c5, k5, sizeof(k5), -121},
- {CAM_CBC_ENC, ptc, ivc, c6, k6, sizeof(k6), -122},
- {CAM_CBC_DEC, ptc, ivc, c4, k4, sizeof(k4), -123},
- {CAM_CBC_DEC, ptc, ivc, c5, k5, sizeof(k5), -124},
- {CAM_CBC_DEC, ptc, ivc, c6, k6, sizeof(k6), -125}
- };
-
- testsSz = sizeof(testVectors)/sizeof(test_vector_t);
- for (i = 0; i < testsSz; i++) {
- if (CamelliaSetKey(&cam, testVectors[i].key, testVectors[i].keySz,
- testVectors[i].iv) != 0)
- return testVectors[i].errorCode;
-
- switch (testVectors[i].type) {
- case CAM_ECB_ENC:
- CamelliaEncryptDirect(&cam, out, testVectors[i].plaintext);
- if (memcmp(out, testVectors[i].ciphertext, CAMELLIA_BLOCK_SIZE))
- return testVectors[i].errorCode;
- break;
- case CAM_ECB_DEC:
- CamelliaDecryptDirect(&cam, out, testVectors[i].ciphertext);
- if (memcmp(out, testVectors[i].plaintext, CAMELLIA_BLOCK_SIZE))
- return testVectors[i].errorCode;
- break;
- case CAM_CBC_ENC:
- CamelliaCbcEncrypt(&cam, out, testVectors[i].plaintext,
- CAMELLIA_BLOCK_SIZE);
- if (memcmp(out, testVectors[i].ciphertext, CAMELLIA_BLOCK_SIZE))
- return testVectors[i].errorCode;
- break;
- case CAM_CBC_DEC:
- CamelliaCbcDecrypt(&cam, out, testVectors[i].ciphertext,
- CAMELLIA_BLOCK_SIZE);
- if (memcmp(out, testVectors[i].plaintext, CAMELLIA_BLOCK_SIZE))
- return testVectors[i].errorCode;
- break;
- default:
- break;
- }
- }
-
- /* Setting the IV and checking it was actually set. */
- CamelliaSetIV(&cam, ivc);
- if (XMEMCMP(cam.reg, ivc, CAMELLIA_BLOCK_SIZE))
- return -1;
-
- /* Setting the IV to NULL should be same as all zeros IV */
- if (CamelliaSetIV(&cam, NULL) != 0 ||
- XMEMCMP(cam.reg, ive, CAMELLIA_BLOCK_SIZE))
- return -1;
-
- /* First parameter should never be null */
- if (CamelliaSetIV(NULL, NULL) == 0)
- return -1;
-
- /* First parameter should never be null, check it fails */
- if (CamelliaSetKey(NULL, k1, sizeof(k1), NULL) == 0)
- return -1;
-
- /* Key should have a size of 16, 24, or 32 */
- if (CamelliaSetKey(&cam, k1, 0, NULL) == 0)
- return -1;
-
- return 0;
-}
-#endif /* HAVE_CAMELLIA */
-
-
-int random_test(void)
-{
- WC_RNG rng;
- byte block[32];
- int ret;
-
-#ifdef HAVE_CAVIUM
- ret = InitRngCavium(&rng, CAVIUM_DEV_ID);
- if (ret != 0) return -2007;
-#endif
- ret = InitRng(&rng);
- if (ret != 0) return -39;
-
- ret = RNG_GenerateBlock(&rng, block, sizeof(block));
- if (ret != 0) return -40;
-
- return 0;
-}
-
-
-#ifdef HAVE_NTRU
-
-byte GetEntropy(ENTROPY_CMD cmd, byte* out);
-
-byte GetEntropy(ENTROPY_CMD cmd, byte* out)
-{
- static WC_RNG rng;
-
- if (cmd == INIT)
- return (InitRng(&rng) == 0) ? 1 : 0;
-
- if (out == NULL)
- return 0;
-
- if (cmd == GET_BYTE_OF_ENTROPY)
- return (RNG_GenerateBlock(&rng, out, 1) == 0) ? 1 : 0;
-
- if (cmd == GET_NUM_BYTES_PER_BYTE_OF_ENTROPY) {
- *out = 1;
- return 1;
- }
-
- return 0;
-}
-
-#endif /* HAVE_NTRU */
-
-#ifndef NO_RSA
-
-#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
- #ifdef FREESCALE_MQX
- static const char* clientKey = "a:\\certs\\client-key.der";
- static const char* clientCert = "a:\\certs\\client-cert.der";
- #ifdef CYASSL_CERT_GEN
- static const char* caKeyFile = "a:\\certs\\ca-key.der";
- static const char* caCertFile = "a:\\certs\\ca-cert.pem";
- #ifdef HAVE_ECC
- static const char* eccCaKeyFile = "a:\\certs\\ecc-key.der";
- static const char* eccCaCertFile = "a:\\certs\\server-ecc.pem";
- #endif
- #endif
- #elif defined(CYASSL_MKD_SHELL)
- static char* clientKey = "certs/client-key.der";
- static char* clientCert = "certs/client-cert.der";
- void set_clientKey(char *key) { clientKey = key ; }
- void set_clientCert(char *cert) { clientCert = cert ; }
- #ifdef CYASSL_CERT_GEN
- static char* caKeyFile = "certs/ca-key.der";
- static char* caCertFile = "certs/ca-cert.pem";
- void set_caKeyFile (char * key) { caKeyFile = key ; }
- void set_caCertFile(char * cert) { caCertFile = cert ; }
- #ifdef HAVE_ECC
- static const char* eccCaKeyFile = "certs/ecc-key.der";
- static const char* eccCaCertFile = "certs/server-ecc.pem";
- void set_eccCaKeyFile (char * key) { eccCaKeyFile = key ; }
- void set_eccCaCertFile(char * cert) { eccCaCertFile = cert ; }
- #endif
- #endif
- #else
- static const char* clientKey = "./certs/client-key.der";
- static const char* clientCert = "./certs/client-cert.der";
- #ifdef CYASSL_CERT_GEN
- static const char* caKeyFile = "./certs/ca-key.der";
- static const char* caCertFile = "./certs/ca-cert.pem";
- #ifdef HAVE_ECC
- static const char* eccCaKeyFile = "./certs/ecc-key.der";
- static const char* eccCaCertFile = "./certs/server-ecc.pem";
- #endif
- #endif
- #endif
-#endif
-
-
-
-#define FOURK_BUF 4096
-
-int rsa_test(void)
-{
- byte* tmp;
- size_t bytes;
- RsaKey key;
- WC_RNG rng;
- word32 idx = 0;
- int ret;
- byte in[] = "Everyone gets Friday off.";
- word32 inLen = (word32)strlen((char*)in);
- byte out[256];
- byte plain[256];
-#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
- FILE* file, * file2;
-#endif
-#ifdef CYASSL_TEST_CERT
- DecodedCert cert;
-#endif
-
- tmp = (byte*)malloc(FOURK_BUF);
- if (tmp == NULL)
- return -40;
-
-#ifdef USE_CERT_BUFFERS_1024
- XMEMCPY(tmp, client_key_der_1024, sizeof_client_key_der_1024);
- bytes = sizeof_client_key_der_1024;
-#elif defined(USE_CERT_BUFFERS_2048)
- XMEMCPY(tmp, client_key_der_2048, sizeof_client_key_der_2048);
- bytes = sizeof_client_key_der_2048;
-#else
- file = fopen(clientKey, "rb");
-
- if (!file)
- err_sys("can't open ./certs/client-key.der, "
- "Please run from CyaSSL home dir", -40);
-
- bytes = fread(tmp, 1, FOURK_BUF, file);
- fclose(file);
-#endif /* USE_CERT_BUFFERS */
-
-#ifdef HAVE_CAVIUM
- RsaInitCavium(&key, CAVIUM_DEV_ID);
-#endif
- ret = InitRsaKey(&key, 0);
- if (ret != 0) return -39;
- ret = RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes);
- if (ret != 0) return -41;
-
- ret = InitRng(&rng);
- if (ret != 0) return -42;
-
- ret = RsaPublicEncrypt(in, inLen, out, sizeof(out), &key, &rng);
- if (ret < 0) return -43;
-
- ret = RsaPrivateDecrypt(out, ret, plain, sizeof(plain), &key);
- if (ret < 0) return -44;
-
- if (memcmp(plain, in, inLen)) return -45;
-
- ret = RsaSSL_Sign(in, inLen, out, sizeof(out), &key, &rng);
- if (ret < 0) return -46;
-
- memset(plain, 0, sizeof(plain));
- ret = RsaSSL_Verify(out, ret, plain, sizeof(plain), &key);
- if (ret < 0) return -47;
-
- if (memcmp(plain, in, ret)) return -48;
-
-#if defined(CYASSL_MDK_ARM)
- #define sizeof(s) strlen((char *)(s))
-#endif
-
-#ifdef USE_CERT_BUFFERS_1024
- XMEMCPY(tmp, client_cert_der_1024, sizeof_client_cert_der_1024);
- bytes = sizeof_client_cert_der_1024;
-#elif defined(USE_CERT_BUFFERS_2048)
- XMEMCPY(tmp, client_cert_der_2048, sizeof_client_cert_der_2048);
- bytes = sizeof_client_cert_der_2048;
-#else
- file2 = fopen(clientCert, "rb");
- if (!file2)
- return -49;
-
- bytes = fread(tmp, 1, FOURK_BUF, file2);
- fclose(file2);
-#endif
-
-#ifdef sizeof
- #undef sizeof
-#endif
-
-#ifdef CYASSL_TEST_CERT
- InitDecodedCert(&cert, tmp, (word32)bytes, 0);
-
- ret = ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0);
- if (ret != 0) return -491;
-
- FreeDecodedCert(&cert);
-#else
- (void)bytes;
-#endif
-
-
-#ifdef CYASSL_KEY_GEN
- {
- byte* der;
- byte* pem;
- int derSz = 0;
- int pemSz = 0;
- RsaKey derIn;
- RsaKey genKey;
- FILE* keyFile;
- FILE* pemFile;
-
- ret = InitRsaKey(&genKey, 0);
- if (ret != 0)
- return -300;
- ret = MakeRsaKey(&genKey, 1024, 65537, &rng);
- if (ret != 0)
- return -301;
-
- der = (byte*)malloc(FOURK_BUF);
- if (der == NULL) {
- FreeRsaKey(&genKey);
- return -307;
- }
- pem = (byte*)malloc(FOURK_BUF);
- if (pem == NULL) {
- free(der);
- FreeRsaKey(&genKey);
- return -308;
- }
-
- derSz = RsaKeyToDer(&genKey, der, FOURK_BUF);
- if (derSz < 0) {
- free(der);
- free(pem);
- return -302;
- }
-
- keyFile = fopen("./key.der", "wb");
- if (!keyFile) {
- free(der);
- free(pem);
- FreeRsaKey(&genKey);
- return -303;
- }
- ret = (int)fwrite(der, 1, derSz, keyFile);
- fclose(keyFile);
- if (ret != derSz) {
- free(der);
- free(pem);
- FreeRsaKey(&genKey);
- return -313;
- }
-
- pemSz = DerToPem(der, derSz, pem, FOURK_BUF, PRIVATEKEY_TYPE);
- if (pemSz < 0) {
- free(der);
- free(pem);
- FreeRsaKey(&genKey);
- return -304;
- }
-
- pemFile = fopen("./key.pem", "wb");
- if (!pemFile) {
- free(der);
- free(pem);
- FreeRsaKey(&genKey);
- return -305;
- }
- ret = (int)fwrite(pem, 1, pemSz, pemFile);
- fclose(pemFile);
- if (ret != pemSz) {
- free(der);
- free(pem);
- FreeRsaKey(&genKey);
- return -314;
- }
-
- ret = InitRsaKey(&derIn, 0);
- if (ret != 0) {
- free(der);
- free(pem);
- FreeRsaKey(&genKey);
- return -3060;
- }
- idx = 0;
- ret = RsaPrivateKeyDecode(der, &idx, &derIn, derSz);
- if (ret != 0) {
- free(der);
- free(pem);
- FreeRsaKey(&derIn);
- FreeRsaKey(&genKey);
- return -306;
- }
-
- FreeRsaKey(&derIn);
- FreeRsaKey(&genKey);
- free(pem);
- free(der);
- }
-#endif /* CYASSL_KEY_GEN */
-
-
-#ifdef CYASSL_CERT_GEN
- /* self signed */
- {
- Cert myCert;
- byte* derCert;
- byte* pem;
- FILE* derFile;
- FILE* pemFile;
- int certSz;
- int pemSz;
-#ifdef CYASSL_TEST_CERT
- DecodedCert decode;
-#endif
-
- derCert = (byte*)malloc(FOURK_BUF);
- if (derCert == NULL)
- return -309;
- pem = (byte*)malloc(FOURK_BUF);
- if (pem == NULL) {
- free(derCert);
- return -310;
- }
-
- InitCert(&myCert);
-
- strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
- strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
- strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
- strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE);
- strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
- strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
- strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
- myCert.isCA = 1;
- myCert.sigType = CTC_SHA256wRSA;
-
- certSz = MakeSelfCert(&myCert, derCert, FOURK_BUF, &key, &rng);
- if (certSz < 0) {
- free(derCert);
- free(pem);
- return -401;
- }
-
-#ifdef CYASSL_TEST_CERT
- InitDecodedCert(&decode, derCert, certSz, 0);
- ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
- if (ret != 0) {
- free(derCert);
- free(pem);
- return -402;
- }
- FreeDecodedCert(&decode);
-#endif
- derFile = fopen("./cert.der", "wb");
- if (!derFile) {
- free(derCert);
- free(pem);
- return -403;
- }
- ret = (int)fwrite(derCert, 1, certSz, derFile);
- fclose(derFile);
- if (ret != certSz) {
- free(derCert);
- free(pem);
- return -414;
- }
-
- pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
- if (pemSz < 0) {
- free(derCert);
- free(pem);
- return -404;
- }
-
- pemFile = fopen("./cert.pem", "wb");
- if (!pemFile) {
- free(derCert);
- free(pem);
- return -405;
- }
- ret = (int)fwrite(pem, 1, pemSz, pemFile);
- fclose(pemFile);
- if (ret != pemSz) {
- free(derCert);
- free(pem);
- return -406;
- }
- free(pem);
- free(derCert);
- }
- /* CA style */
- {
- RsaKey caKey;
- Cert myCert;
- byte* derCert;
- byte* pem;
- FILE* derFile;
- FILE* pemFile;
- int certSz;
- int pemSz;
- size_t bytes3;
- word32 idx3 = 0;
- FILE* file3 ;
-#ifdef CYASSL_TEST_CERT
- DecodedCert decode;
-#endif
-
- derCert = (byte*)malloc(FOURK_BUF);
- if (derCert == NULL)
- return -311;
- pem = (byte*)malloc(FOURK_BUF);
- if (pem == NULL) {
- free(derCert);
- return -312;
- }
-
- file3 = fopen(caKeyFile, "rb");
-
- if (!file3) {
- free(derCert);
- free(pem);
- return -412;
- }
-
- bytes3 = fread(tmp, 1, FOURK_BUF, file3);
- fclose(file3);
-
- ret = InitRsaKey(&caKey, 0);
- if (ret != 0) {
- free(derCert);
- free(pem);
- return -411;
- }
- ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3);
- if (ret != 0) {
- free(derCert);
- free(pem);
- FreeRsaKey(&caKey);
- return -413;
- }
-
- InitCert(&myCert);
-
- strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
- strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
- strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
- strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE);
- strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
- strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
- strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
-
- ret = SetIssuer(&myCert, caCertFile);
- if (ret < 0) {
- free(derCert);
- free(pem);
- FreeRsaKey(&caKey);
- return -405;
- }
-
- certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, NULL, &rng);
- if (certSz < 0) {
- free(derCert);
- free(pem);
- FreeRsaKey(&caKey);
- return -407;
- }
-
- certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
- &caKey, NULL, &rng);
- if (certSz < 0) {
- free(derCert);
- free(pem);
- FreeRsaKey(&caKey);
- return -408;
- }
-
-
-#ifdef CYASSL_TEST_CERT
- InitDecodedCert(&decode, derCert, certSz, 0);
- ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
- if (ret != 0) {
- free(derCert);
- free(pem);
- FreeRsaKey(&caKey);
- return -409;
- }
- FreeDecodedCert(&decode);
-#endif
-
- derFile = fopen("./othercert.der", "wb");
- if (!derFile) {
- free(derCert);
- free(pem);
- FreeRsaKey(&caKey);
- return -410;
- }
- ret = (int)fwrite(derCert, 1, certSz, derFile);
- fclose(derFile);
- if (ret != certSz) {
- free(derCert);
- free(pem);
- FreeRsaKey(&caKey);
- return -416;
- }
-
- pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
- if (pemSz < 0) {
- free(derCert);
- free(pem);
- FreeRsaKey(&caKey);
- return -411;
- }
-
- pemFile = fopen("./othercert.pem", "wb");
- if (!pemFile) {
- free(derCert);
- free(pem);
- FreeRsaKey(&caKey);
- return -412;
- }
- ret = (int)fwrite(pem, 1, pemSz, pemFile);
- if (ret != pemSz) {
- free(derCert);
- free(pem);
- FreeRsaKey(&caKey);
- return -415;
- }
- fclose(pemFile);
- free(pem);
- free(derCert);
- FreeRsaKey(&caKey);
- }
-#ifdef HAVE_ECC
- /* ECC CA style */
- {
- ecc_key caKey;
- Cert myCert;
- byte* derCert;
- byte* pem;
- FILE* derFile;
- FILE* pemFile;
- int certSz;
- int pemSz;
- size_t bytes3;
- word32 idx3 = 0;
- FILE* file3;
-#ifdef CYASSL_TEST_CERT
- DecodedCert decode;
-#endif
-
- derCert = (byte*)malloc(FOURK_BUF);
- if (derCert == NULL)
- return -5311;
- pem = (byte*)malloc(FOURK_BUF);
- if (pem == NULL) {
- free(derCert);
- return -5312;
- }
-
- file3 = fopen(eccCaKeyFile, "rb");
-
- if (!file3) {
- free(derCert);
- free(pem);
- return -5412;
- }
-
- bytes3 = fread(tmp, 1, FOURK_BUF, file3);
- fclose(file3);
-
- ecc_init(&caKey);
- ret = EccPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3);
- if (ret != 0) {
- free(derCert);
- free(pem);
- return -5413;
- }
-
- InitCert(&myCert);
- myCert.sigType = CTC_SHA256wECDSA;
-
- strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
- strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
- strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
- strncpy(myCert.subject.org, "wolfSSL", CTC_NAME_SIZE);
- strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
- strncpy(myCert.subject.commonName, "www.wolfssl.com", CTC_NAME_SIZE);
- strncpy(myCert.subject.email, "info@wolfssl.com", CTC_NAME_SIZE);
-
- ret = SetIssuer(&myCert, eccCaCertFile);
- if (ret < 0) {
- free(pem);
- free(derCert);
- ecc_free(&caKey);
- return -5405;
- }
-
- certSz = MakeCert(&myCert, derCert, FOURK_BUF, NULL, &caKey, &rng);
- if (certSz < 0) {
- free(pem);
- free(derCert);
- ecc_free(&caKey);
- return -5407;
- }
-
- certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
- NULL, &caKey, &rng);
- if (certSz < 0) {
- free(pem);
- free(derCert);
- ecc_free(&caKey);
- return -5408;
- }
-
-#ifdef CYASSL_TEST_CERT
- InitDecodedCert(&decode, derCert, certSz, 0);
- ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
- if (ret != 0) {
- free(pem);
- free(derCert);
- ecc_free(&caKey);
- return -5409;
- }
- FreeDecodedCert(&decode);
-#endif
-
- derFile = fopen("./certecc.der", "wb");
- if (!derFile) {
- free(pem);
- free(derCert);
- ecc_free(&caKey);
- return -5410;
- }
- ret = (int)fwrite(derCert, 1, certSz, derFile);
- fclose(derFile);
- if (ret != certSz) {
- free(pem);
- free(derCert);
- ecc_free(&caKey);
- return -5414;
- }
-
- pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
- if (pemSz < 0) {
- free(pem);
- free(derCert);
- ecc_free(&caKey);
- return -5411;
- }
-
- pemFile = fopen("./certecc.pem", "wb");
- if (!pemFile) {
- free(pem);
- free(derCert);
- ecc_free(&caKey);
- return -5412;
- }
- ret = (int)fwrite(pem, 1, pemSz, pemFile);
- if (ret != pemSz) {
- free(pem);
- free(derCert);
- ecc_free(&caKey);
- return -5415;
- }
- fclose(pemFile);
- free(pem);
- free(derCert);
- ecc_free(&caKey);
- }
-#endif /* HAVE_ECC */
-#ifdef HAVE_NTRU
- {
- RsaKey caKey;
- Cert myCert;
- byte* derCert;
- byte* pem;
- FILE* derFile;
- FILE* pemFile;
- FILE* caFile;
- FILE* ntruPrivFile;
- int certSz;
- int pemSz;
- word32 idx3;
-#ifdef CYASSL_TEST_CERT
- DecodedCert decode;
-#endif
- derCert = (byte*)malloc(FOURK_BUF);
- if (derCert == NULL)
- return -311;
- pem = (byte*)malloc(FOURK_BUF);
- if (pem == NULL) {
- free(derCert);
- return -312;
- }
-
- byte public_key[557]; /* sized for EES401EP2 */
- word16 public_key_len; /* no. of octets in public key */
- byte private_key[607]; /* sized for EES401EP2 */
- word16 private_key_len; /* no. of octets in private key */
- DRBG_HANDLE drbg;
- static uint8_t const pers_str[] = {
- 'C', 'y', 'a', 'S', 'S', 'L', ' ', 't', 'e', 's', 't'
- };
- word32 rc = crypto_drbg_instantiate(112, pers_str, sizeof(pers_str),
- GetEntropy, &drbg);
- if (rc != DRBG_OK) {
- free(derCert);
- free(pem);
- return -450;
- }
-
- rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
- NULL, &private_key_len, NULL);
- if (rc != NTRU_OK) {
- free(derCert);
- free(pem);
- return -451;
- }
-
- rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
- public_key, &private_key_len, private_key);
- crypto_drbg_uninstantiate(drbg);
-
- if (rc != NTRU_OK) {
- free(derCert);
- free(pem);
- return -452;
- }
-
- caFile = fopen(caKeyFile, "rb");
-
- if (!caFile) {
- free(derCert);
- free(pem);
- return -453;
- }
-
- bytes = fread(tmp, 1, FOURK_BUF, caFile);
- fclose(caFile);
-
- ret = InitRsaKey(&caKey, 0);
- if (ret != 0) {
- free(derCert);
- free(pem);
- return -459;
- }
- ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes);
- if (ret != 0) {
- free(derCert);
- free(pem);
- return -454;
- }
-
- InitCert(&myCert);
-
- strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
- strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
- strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
- strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE);
- strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
- strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
- strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
-
- ret = SetIssuer(&myCert, caCertFile);
- if (ret < 0) {
- free(derCert);
- free(pem);
- FreeRsaKey(&caKey);
- return -455;
- }
-
- certSz = MakeNtruCert(&myCert, derCert, FOURK_BUF, public_key,
- public_key_len, &rng);
- if (certSz < 0) {
- free(derCert);
- free(pem);
- FreeRsaKey(&caKey);
- return -456;
- }
-
- certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
- &caKey, NULL, &rng);
- FreeRsaKey(&caKey);
- if (certSz < 0) {
- free(derCert);
- free(pem);
- return -457;
- }
-
-
-#ifdef CYASSL_TEST_CERT
- InitDecodedCert(&decode, derCert, certSz, 0);
- ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
- if (ret != 0) {
- free(derCert);
- free(pem);
- return -458;
- }
- FreeDecodedCert(&decode);
-#endif
- derFile = fopen("./ntru-cert.der", "wb");
- if (!derFile) {
- free(derCert);
- free(pem);
- return -459;
- }
- ret = (int)fwrite(derCert, 1, certSz, derFile);
- fclose(derFile);
- if (ret != certSz) {
- free(derCert);
- free(pem);
- return -473;
- }
-
- pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
- if (pemSz < 0) {
- free(derCert);
- free(pem);
- return -460;
- }
-
- pemFile = fopen("./ntru-cert.pem", "wb");
- if (!pemFile) {
- free(derCert);
- free(pem);
- return -461;
- }
- ret = (int)fwrite(pem, 1, pemSz, pemFile);
- fclose(pemFile);
- if (ret != pemSz) {
- free(derCert);
- free(pem);
- return -474;
- }
-
- ntruPrivFile = fopen("./ntru-key.raw", "wb");
- if (!ntruPrivFile) {
- free(derCert);
- free(pem);
- return -462;
- }
- ret = (int)fwrite(private_key, 1, private_key_len, ntruPrivFile);
- fclose(ntruPrivFile);
- if (ret != private_key_len) {
- free(pem);
- free(derCert);
- return -475;
- }
- free(pem);
- free(derCert);
- }
-#endif /* HAVE_NTRU */
-#ifdef CYASSL_CERT_REQ
- {
- Cert req;
- byte* der;
- byte* pem;
- int derSz;
- int pemSz;
- FILE* reqFile;
-
- der = (byte*)malloc(FOURK_BUF);
- if (der == NULL)
- return -463;
- pem = (byte*)malloc(FOURK_BUF);
- if (pem == NULL) {
- free(der);
- return -464;
- }
-
- InitCert(&req);
-
- req.version = 0;
- req.isCA = 1;
- strncpy(req.challengePw, "yassl123", CTC_NAME_SIZE);
- strncpy(req.subject.country, "US", CTC_NAME_SIZE);
- strncpy(req.subject.state, "OR", CTC_NAME_SIZE);
- strncpy(req.subject.locality, "Portland", CTC_NAME_SIZE);
- strncpy(req.subject.org, "yaSSL", CTC_NAME_SIZE);
- strncpy(req.subject.unit, "Development", CTC_NAME_SIZE);
- strncpy(req.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
- strncpy(req.subject.email, "info@yassl.com", CTC_NAME_SIZE);
- req.sigType = CTC_SHA256wRSA;
-
- derSz = MakeCertReq(&req, der, FOURK_BUF, &key, NULL);
- if (derSz < 0) {
- free(pem);
- free(der);
- return -465;
- }
-
- derSz = SignCert(req.bodySz, req.sigType, der, FOURK_BUF,
- &key, NULL, &rng);
- if (derSz < 0) {
- free(pem);
- free(der);
- return -466;
- }
-
- pemSz = DerToPem(der, derSz, pem, FOURK_BUF, CERTREQ_TYPE);
- if (pemSz < 0) {
- free(pem);
- free(der);
- return -467;
- }
-
- reqFile = fopen("./certreq.der", "wb");
- if (!reqFile) {
- free(pem);
- free(der);
- return -468;
- }
-
- ret = (int)fwrite(der, 1, derSz, reqFile);
- fclose(reqFile);
- if (ret != derSz) {
- free(pem);
- free(der);
- return -471;
- }
-
- reqFile = fopen("./certreq.pem", "wb");
- if (!reqFile) {
- free(pem);
- free(der);
- return -469;
- }
- ret = (int)fwrite(pem, 1, pemSz, reqFile);
- fclose(reqFile);
- if (ret != pemSz) {
- free(pem);
- free(der);
- return -470;
- }
-
- free(pem);
- free(der);
- }
-#endif /* CYASSL_CERT_REQ */
-#endif /* CYASSL_CERT_GEN */
-
- FreeRsaKey(&key);
-#ifdef HAVE_CAVIUM
- RsaFreeCavium(&key);
-#endif
- free(tmp);
-
- return 0;
-}
-
-#endif
-
-
-#ifndef NO_DH
-
-#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
- #ifdef FREESCALE_MQX
- static const char* dhKey = "a:\certs\\dh2048.der";
- #else
- static const char* dhKey = "./certs/dh2048.der";
- #endif
-#endif
-
-int dh_test(void)
-{
- int ret;
- word32 bytes;
- word32 idx = 0, privSz, pubSz, privSz2, pubSz2, agreeSz, agreeSz2;
- byte tmp[1024];
- byte priv[256];
- byte pub[256];
- byte priv2[256];
- byte pub2[256];
- byte agree[256];
- byte agree2[256];
- DhKey key;
- DhKey key2;
- WC_RNG rng;
-
-
-#ifdef USE_CERT_BUFFERS_1024
- XMEMCPY(tmp, dh_key_der_1024, sizeof_dh_key_der_1024);
- bytes = sizeof_dh_key_der_1024;
-#elif defined(USE_CERT_BUFFERS_2048)
- XMEMCPY(tmp, dh_key_der_2048, sizeof_dh_key_der_2048);
- bytes = sizeof_dh_key_der_2048;
-#else
- FILE* file = fopen(dhKey, "rb");
-
- if (!file)
- return -50;
-
- bytes = (word32) fread(tmp, 1, sizeof(tmp), file);
- fclose(file);
-#endif /* USE_CERT_BUFFERS */
-
- InitDhKey(&key);
- InitDhKey(&key2);
- ret = DhKeyDecode(tmp, &idx, &key, bytes);
- if (ret != 0)
- return -51;
-
- idx = 0;
- ret = DhKeyDecode(tmp, &idx, &key2, bytes);
- if (ret != 0)
- return -52;
-
- ret = InitRng(&rng);
- if (ret != 0)
- return -53;
-
- ret = DhGenerateKeyPair(&key, &rng, priv, &privSz, pub, &pubSz);
- ret += DhGenerateKeyPair(&key2, &rng, priv2, &privSz2, pub2, &pubSz2);
- if (ret != 0)
- return -54;
-
- ret = DhAgree(&key, agree, &agreeSz, priv, privSz, pub2, pubSz2);
- ret += DhAgree(&key2, agree2, &agreeSz2, priv2, privSz2, pub, pubSz);
- if (ret != 0)
- return -55;
-
- if (memcmp(agree, agree2, agreeSz))
- return -56;
-
- FreeDhKey(&key);
- FreeDhKey(&key2);
-
- return 0;
-}
-
-#endif /* NO_DH */
-
-
-#ifndef NO_DSA
-
-#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
- #ifdef FREESCALE_MQX
- static const char* dsaKey = "a:\\certs\\dsa2048.der";
- #else
- static const char* dsaKey = "./certs/dsa2048.der";
- #endif
-#endif
-
-int dsa_test(void)
-{
- int ret, answer;
- word32 bytes;
- word32 idx = 0;
- byte tmp[1024];
- DsaKey key;
- WC_RNG rng;
- Sha sha;
- byte hash[SHA_DIGEST_SIZE];
- byte signature[40];
-
-
-#ifdef USE_CERT_BUFFERS_1024
- XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
- bytes = sizeof_dsa_key_der_1024;
-#elif defined(USE_CERT_BUFFERS_2048)
- XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
- bytes = sizeof_dsa_key_der_2048;
-#else
- FILE* file = fopen(dsaKey, "rb");
-
- if (!file)
- return -60;
-
- bytes = (word32) fread(tmp, 1, sizeof(tmp), file);
- fclose(file);
-#endif /* USE_CERT_BUFFERS */
-
- ret = InitSha(&sha);
- if (ret != 0)
- return -4002;
- ShaUpdate(&sha, tmp, bytes);
- ShaFinal(&sha, hash);
-
- InitDsaKey(&key);
- ret = DsaPrivateKeyDecode(tmp, &idx, &key, bytes);
- if (ret != 0) return -61;
-
- ret = InitRng(&rng);
- if (ret != 0) return -62;
-
- ret = DsaSign(hash, signature, &key, &rng);
- if (ret != 0) return -63;
-
- ret = DsaVerify(hash, signature, &key, &answer);
- if (ret != 0) return -64;
- if (answer != 1) return -65;
-
- FreeDsaKey(&key);
-
- return 0;
-}
-
-#endif /* NO_DSA */
-
-
-#ifdef OPENSSL_EXTRA
-
-int openssl_test(void)
-{
- EVP_MD_CTX md_ctx;
- testVector a, b, c, d, e, f;
- byte hash[SHA_DIGEST_SIZE*4]; /* max size */
-
- (void)e;
- (void)f;
-
- a.input = "1234567890123456789012345678901234567890123456789012345678"
- "9012345678901234567890";
- a.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6"
- "\x7a";
- a.inLen = strlen(a.input);
- a.outLen = MD5_DIGEST_SIZE;
-
- EVP_MD_CTX_init(&md_ctx);
- EVP_DigestInit(&md_ctx, EVP_md5());
-
- EVP_DigestUpdate(&md_ctx, a.input, a.inLen);
- EVP_DigestFinal(&md_ctx, hash, 0);
-
- if (memcmp(hash, a.output, MD5_DIGEST_SIZE) != 0)
- return -71;
-
- b.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
- "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
- "aaaaaaaaaa";
- b.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7"
- "\x53\x99\x5E\x26\xA0";
- b.inLen = strlen(b.input);
- b.outLen = SHA_DIGEST_SIZE;
-
- EVP_MD_CTX_init(&md_ctx);
- EVP_DigestInit(&md_ctx, EVP_sha1());
-
- EVP_DigestUpdate(&md_ctx, b.input, b.inLen);
- EVP_DigestFinal(&md_ctx, hash, 0);
-
- if (memcmp(hash, b.output, SHA_DIGEST_SIZE) != 0)
- return -72;
-
-
- d.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
- d.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
- "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
- "\x06\xC1";
- d.inLen = strlen(d.input);
- d.outLen = SHA256_DIGEST_SIZE;
-
- EVP_MD_CTX_init(&md_ctx);
- EVP_DigestInit(&md_ctx, EVP_sha256());
-
- EVP_DigestUpdate(&md_ctx, d.input, d.inLen);
- EVP_DigestFinal(&md_ctx, hash, 0);
-
- if (memcmp(hash, d.output, SHA256_DIGEST_SIZE) != 0)
- return -78;
-
-#ifdef CYASSL_SHA384
-
- e.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
- "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
- e.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b"
- "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0"
- "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91"
- "\x74\x60\x39";
- e.inLen = strlen(e.input);
- e.outLen = SHA384_DIGEST_SIZE;
-
- EVP_MD_CTX_init(&md_ctx);
- EVP_DigestInit(&md_ctx, EVP_sha384());
-
- EVP_DigestUpdate(&md_ctx, e.input, e.inLen);
- EVP_DigestFinal(&md_ctx, hash, 0);
-
- if (memcmp(hash, e.output, SHA384_DIGEST_SIZE) != 0)
- return -79;
-
-#endif /* CYASSL_SHA384 */
-
-
-#ifdef CYASSL_SHA512
-
- f.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
- "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
- f.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14"
- "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88"
- "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4"
- "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b"
- "\x87\x4b\xe9\x09";
- f.inLen = strlen(f.input);
- f.outLen = SHA512_DIGEST_SIZE;
-
- EVP_MD_CTX_init(&md_ctx);
- EVP_DigestInit(&md_ctx, EVP_sha512());
-
- EVP_DigestUpdate(&md_ctx, f.input, f.inLen);
- EVP_DigestFinal(&md_ctx, hash, 0);
-
- if (memcmp(hash, f.output, SHA512_DIGEST_SIZE) != 0)
- return -80;
-
-#endif /* CYASSL_SHA512 */
-
-
- if (RAND_bytes(hash, sizeof(hash)) != 1)
- return -73;
-
- c.input = "what do ya want for nothing?";
- c.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7"
- "\x38";
- c.inLen = strlen(c.input);
- c.outLen = MD5_DIGEST_SIZE;
-
- HMAC(EVP_md5(), "Jefe", 4, (byte*)c.input, (int)c.inLen, hash, 0);
-
- if (memcmp(hash, c.output, MD5_DIGEST_SIZE) != 0)
- return -74;
-
- { /* des test */
- const byte vector[] = { /* "now is the time for all " w/o trailing 0 */
- 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
- 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
- 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
- };
-
- byte plain[24];
- byte cipher[24];
-
- const_DES_cblock key =
- {
- 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
- };
-
- DES_cblock iv =
- {
- 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
- };
-
- DES_key_schedule sched;
-
- const byte verify[] =
- {
- 0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8,
- 0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73,
- 0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b
- };
-
- DES_key_sched(&key, &sched);
-
- DES_cbc_encrypt(vector, cipher, sizeof(vector), &sched, &iv, DES_ENCRYPT);
- DES_cbc_encrypt(cipher, plain, sizeof(vector), &sched, &iv, DES_DECRYPT);
-
- if (memcmp(plain, vector, sizeof(vector)) != 0)
- return -75;
-
- if (memcmp(cipher, verify, sizeof(verify)) != 0)
- return -76;
-
- /* test changing iv */
- DES_ncbc_encrypt(vector, cipher, 8, &sched, &iv, DES_ENCRYPT);
- DES_ncbc_encrypt(vector + 8, cipher + 8, 16, &sched, &iv, DES_ENCRYPT);
-
- if (memcmp(cipher, verify, sizeof(verify)) != 0)
- return -77;
-
- } /* end des test */
-
- { /* evp_cipher test */
- EVP_CIPHER_CTX ctx;
-
-
- const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */
- 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
- 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
- 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
- };
-
- const byte verify[] =
- {
- 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53,
- 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb
- };
-
- byte key[] = "0123456789abcdef "; /* align */
- byte iv[] = "1234567890abcdef "; /* align */
-
- byte cipher[AES_BLOCK_SIZE * 4];
- byte plain [AES_BLOCK_SIZE * 4];
-
- EVP_CIPHER_CTX_init(&ctx);
- if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 1) == 0)
- return -81;
-
- if (EVP_Cipher(&ctx, cipher, (byte*)msg, 16) == 0)
- return -82;
-
- if (memcmp(cipher, verify, AES_BLOCK_SIZE))
- return -83;
-
- EVP_CIPHER_CTX_init(&ctx);
- if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 0) == 0)
- return -84;
-
- if (EVP_Cipher(&ctx, plain, cipher, 16) == 0)
- return -85;
-
- if (memcmp(plain, msg, AES_BLOCK_SIZE))
- return -86;
-
-
- } /* end evp_cipher test */
-
- return 0;
-}
-
-#endif /* OPENSSL_EXTRA */
-
-
-#ifndef NO_PWDBASED
-
-int pkcs12_test(void)
-{
- const byte passwd[] = { 0x00, 0x73, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x67,
- 0x00, 0x00 };
- const byte salt[] = { 0x0a, 0x58, 0xCF, 0x64, 0x53, 0x0d, 0x82, 0x3f };
-
- const byte passwd2[] = { 0x00, 0x71, 0x00, 0x75, 0x00, 0x65, 0x00, 0x65,
- 0x00, 0x67, 0x00, 0x00 };
- const byte salt2[] = { 0x16, 0x82, 0xC0, 0xfC, 0x5b, 0x3f, 0x7e, 0xc5 };
- byte derived[64];
-
- const byte verify[] = {
- 0x8A, 0xAA, 0xE6, 0x29, 0x7B, 0x6C, 0xB0, 0x46,
- 0x42, 0xAB, 0x5B, 0x07, 0x78, 0x51, 0x28, 0x4E,
- 0xB7, 0x12, 0x8F, 0x1A, 0x2A, 0x7F, 0xBC, 0xA3
- };
-
- const byte verify2[] = {
- 0x48, 0x3D, 0xD6, 0xE9, 0x19, 0xD7, 0xDE, 0x2E,
- 0x8E, 0x64, 0x8B, 0xA8, 0xF8, 0x62, 0xF3, 0xFB,
- 0xFB, 0xDC, 0x2B, 0xCB, 0x2C, 0x02, 0x95, 0x7F
- };
-
- int id = 1;
- int kLen = 24;
- int iterations = 1;
- int ret = PKCS12_PBKDF(derived, passwd, sizeof(passwd), salt, 8, iterations,
- kLen, SHA, id);
-
- if (ret < 0)
- return -103;
-
- if ( (ret = memcmp(derived, verify, kLen)) != 0)
- return -104;
-
- iterations = 1000;
- ret = PKCS12_PBKDF(derived, passwd2, sizeof(passwd2), salt2, 8, iterations,
- kLen, SHA, id);
- if (ret < 0)
- return -105;
-
- if ( (ret = memcmp(derived, verify2, 24)) != 0)
- return -106;
-
- return 0;
-}
-
-
-int pbkdf2_test(void)
-{
- char passwd[] = "password";
- const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 };
- int iterations = 2048;
- int kLen = 24;
- byte derived[64];
-
- const byte verify[] = {
- 0xBF, 0xDE, 0x6B, 0xE9, 0x4D, 0xF7, 0xE1, 0x1D, 0xD4, 0x09, 0xBC, 0xE2,
- 0x0A, 0x02, 0x55, 0xEC, 0x32, 0x7C, 0xB9, 0x36, 0xFF, 0xE9, 0x36, 0x43
-
- };
-
- int ret = PBKDF2(derived, (byte*)passwd, (int)strlen(passwd), salt, 8,
- iterations, kLen, SHA);
- if (ret != 0)
- return ret;
-
- if (memcmp(derived, verify, sizeof(verify)) != 0)
- return -102;
-
- return 0;
-}
-
-
-int pbkdf1_test(void)
-{
- char passwd[] = "password";
- const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 };
- int iterations = 1000;
- int kLen = 16;
- byte derived[16];
-
- const byte verify[] = {
- 0xDC, 0x19, 0x84, 0x7E, 0x05, 0xC6, 0x4D, 0x2F, 0xAF, 0x10, 0xEB, 0xFB,
- 0x4A, 0x3D, 0x2A, 0x20
- };
-
- PBKDF1(derived, (byte*)passwd, (int)strlen(passwd), salt, 8, iterations,
- kLen, SHA);
-
- if (memcmp(derived, verify, sizeof(verify)) != 0)
- return -101;
-
- return 0;
-}
-
-
-int pwdbased_test(void)
-{
- int ret = pbkdf1_test();
- ret += pbkdf2_test();
-
- return ret + pkcs12_test();
-}
-
-#endif /* NO_PWDBASED */
-
-#if defined(HAVE_HKDF) && (!defined(NO_SHA) || !defined(NO_SHA256))
-
-int hkdf_test(void)
-{
- int ret;
- int L = 42;
- byte okm1[42];
- byte ikm1[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b };
- byte salt1[13] ={ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c };
- byte info1[10] ={ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
- 0xf8, 0xf9 };
- byte res1[42] = { 0x0a, 0xc1, 0xaf, 0x70, 0x02, 0xb3, 0xd7, 0x61,
- 0xd1, 0xe5, 0x52, 0x98, 0xda, 0x9d, 0x05, 0x06,
- 0xb9, 0xae, 0x52, 0x05, 0x72, 0x20, 0xa3, 0x06,
- 0xe0, 0x7b, 0x6b, 0x87, 0xe8, 0xdf, 0x21, 0xd0,
- 0xea, 0x00, 0x03, 0x3d, 0xe0, 0x39, 0x84, 0xd3,
- 0x49, 0x18 };
- byte res2[42] = { 0x08, 0x5a, 0x01, 0xea, 0x1b, 0x10, 0xf3, 0x69,
- 0x33, 0x06, 0x8b, 0x56, 0xef, 0xa5, 0xad, 0x81,
- 0xa4, 0xf1, 0x4b, 0x82, 0x2f, 0x5b, 0x09, 0x15,
- 0x68, 0xa9, 0xcd, 0xd4, 0xf1, 0x55, 0xfd, 0xa2,
- 0xc2, 0x2e, 0x42, 0x24, 0x78, 0xd3, 0x05, 0xf3,
- 0xf8, 0x96 };
- byte res3[42] = { 0x8d, 0xa4, 0xe7, 0x75, 0xa5, 0x63, 0xc1, 0x8f,
- 0x71, 0x5f, 0x80, 0x2a, 0x06, 0x3c, 0x5a, 0x31,
- 0xb8, 0xa1, 0x1f, 0x5c, 0x5e, 0xe1, 0x87, 0x9e,
- 0xc3, 0x45, 0x4e, 0x5f, 0x3c, 0x73, 0x8d, 0x2d,
- 0x9d, 0x20, 0x13, 0x95, 0xfa, 0xa4, 0xb6, 0x1a,
- 0x96, 0xc8 };
- byte res4[42] = { 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a,
- 0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a,
- 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c,
- 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf,
- 0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18,
- 0x58, 0x65 };
-
- (void)res1;
- (void)res2;
- (void)res3;
- (void)res4;
-
-#ifndef NO_SHA
- ret = HKDF(SHA, ikm1, 22, NULL, 0, NULL, 0, okm1, L);
- if (ret != 0)
- return -2001;
-
- if (memcmp(okm1, res1, L) != 0)
- return -2002;
-
- ret = HKDF(SHA, ikm1, 11, salt1, 13, info1, 10, okm1, L);
- if (ret != 0)
- return -2003;
-
- if (memcmp(okm1, res2, L) != 0)
- return -2004;
-#endif /* NO_SHA */
-
-#ifndef NO_SHA256
- ret = HKDF(SHA256, ikm1, 22, NULL, 0, NULL, 0, okm1, L);
- if (ret != 0)
- return -2005;
-
- if (memcmp(okm1, res3, L) != 0)
- return -2006;
-
- ret = HKDF(SHA256, ikm1, 22, salt1, 13, info1, 10, okm1, L);
- if (ret != 0)
- return -2007;
-
- if (memcmp(okm1, res4, L) != 0)
- return -2007;
-#endif /* NO_SHA256 */
-
- return 0;
-}
-
-#endif /* HAVE_HKDF */
-
-
-#ifdef HAVE_ECC
-
-int ecc_test(void)
-{
- WC_RNG rng;
- byte sharedA[1024];
- byte sharedB[1024];
- byte sig[1024];
- byte digest[20];
- byte exportBuf[1024];
- word32 x, y;
- int i, verify, ret;
- ecc_key userA, userB, pubKey;
-
- ret = InitRng(&rng);
- if (ret != 0)
- return -1001;
-
- ecc_init(&userA);
- ecc_init(&userB);
- ecc_init(&pubKey);
-
- ret = ecc_make_key(&rng, 32, &userA);
-
- if (ret != 0)
- return -1014;
-
- ret = ecc_make_key(&rng, 32, &userB);
-
- if (ret != 0)
- return -1002;
-
- x = sizeof(sharedA);
- ret = ecc_shared_secret(&userA, &userB, sharedA, &x);
-
- if (ret != 0)
- return -1015;
-
- y = sizeof(sharedB);
- ret = ecc_shared_secret(&userB, &userA, sharedB, &y);
-
- if (ret != 0)
- return -1003;
-
- if (y != x)
- return -1004;
-
- if (memcmp(sharedA, sharedB, x))
- return -1005;
-
- x = sizeof(exportBuf);
- ret = ecc_export_x963(&userA, exportBuf, &x);
- if (ret != 0)
- return -1006;
-
- ret = ecc_import_x963(exportBuf, x, &pubKey);
-
- if (ret != 0)
- return -1007;
-
- y = sizeof(sharedB);
- ret = ecc_shared_secret(&userB, &pubKey, sharedB, &y);
-
- if (ret != 0)
- return -1008;
-
- if (memcmp(sharedA, sharedB, y))
- return -1010;
-
- /* test DSA sign hash */
- for (i = 0; i < (int)sizeof(digest); i++)
- digest[i] = (byte)i;
-
- x = sizeof(sig);
- ret = ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &userA);
-
- if (ret != 0)
- return -1016;
-
- verify = 0;
- ret = ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &userA);
-
- if (ret != 0)
- return -1011;
-
- if (verify != 1)
- return -1012;
-
- x = sizeof(exportBuf);
- ret = ecc_export_private_only(&userA, exportBuf, &x);
- if (ret != 0)
- return -1013;
-
- ecc_free(&pubKey);
- ecc_free(&userB);
- ecc_free(&userA);
-
- return 0;
-}
-
-#ifdef HAVE_ECC_ENCRYPT
-
-int ecc_encrypt_test(void)
-{
- WC_RNG rng;
- int ret;
- ecc_key userA, userB;
- byte msg[48];
- byte plain[48];
- byte out[80];
- word32 outSz = sizeof(out);
- word32 plainSz = sizeof(plain);
- int i;
-
- ret = InitRng(&rng);
- if (ret != 0)
- return -3001;
-
- ecc_init(&userA);
- ecc_init(&userB);
-
- ret = ecc_make_key(&rng, 32, &userA);
- ret += ecc_make_key(&rng, 32, &userB);
-
- if (ret != 0)
- return -3002;
-
- for (i = 0; i < 48; i++)
- msg[i] = i;
-
- /* encrypt msg to B */
- ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz, NULL);
- if (ret != 0)
- return -3003;
-
- /* decrypt msg from A */
- ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, NULL);
- if (ret != 0)
- return -3004;
-
- if (memcmp(plain, msg, sizeof(msg)) != 0)
- return -3005;
-
-
- { /* let's verify message exchange works, A is client, B is server */
- ecEncCtx* cliCtx = ecc_ctx_new(REQ_RESP_CLIENT, &rng);
- ecEncCtx* srvCtx = ecc_ctx_new(REQ_RESP_SERVER, &rng);
-
- byte cliSalt[EXCHANGE_SALT_SZ];
- byte srvSalt[EXCHANGE_SALT_SZ];
- const byte* tmpSalt;
-
- if (cliCtx == NULL || srvCtx == NULL)
- return -3006;
-
- /* get salt to send to peer */
- tmpSalt = ecc_ctx_get_own_salt(cliCtx);
- if (tmpSalt == NULL)
- return -3007;
- memcpy(cliSalt, tmpSalt, EXCHANGE_SALT_SZ);
-
- tmpSalt = ecc_ctx_get_own_salt(srvCtx);
- if (tmpSalt == NULL)
- return -3007;
- memcpy(srvSalt, tmpSalt, EXCHANGE_SALT_SZ);
-
- /* in actual use, we'd get the peer's salt over the transport */
- ret = ecc_ctx_set_peer_salt(cliCtx, srvSalt);
- ret += ecc_ctx_set_peer_salt(srvCtx, cliSalt);
-
- if (ret != 0)
- return -3008;
-
- /* get encrypted msg (request) to send to B */
- outSz = sizeof(out);
- ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz,cliCtx);
- if (ret != 0)
- return -3009;
-
- /* B decrypts msg (request) from A */
- plainSz = sizeof(plain);
- ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, srvCtx);
- if (ret != 0)
- return -3010;
-
- if (memcmp(plain, msg, sizeof(msg)) != 0)
- return -3011;
-
- {
- /* msg2 (response) from B to A */
- byte msg2[48];
- byte plain2[48];
- byte out2[80];
- word32 outSz2 = sizeof(out2);
- word32 plainSz2 = sizeof(plain2);
-
- for (i = 0; i < 48; i++)
- msg2[i] = i+48;
-
- /* get encrypted msg (response) to send to B */
- ret = ecc_encrypt(&userB, &userA, msg2, sizeof(msg2), out2,
- &outSz2, srvCtx);
- if (ret != 0)
- return -3012;
-
- /* A decrypts msg (response) from B */
- ret = ecc_decrypt(&userA, &userB, out2, outSz2, plain2, &plainSz2,
- cliCtx);
- if (ret != 0)
- return -3013;
-
- if (memcmp(plain2, msg2, sizeof(msg2)) != 0)
- return -3014;
- }
-
- /* cleanup */
- ecc_ctx_free(srvCtx);
- ecc_ctx_free(cliCtx);
- }
-
- /* cleanup */
- ecc_free(&userB);
- ecc_free(&userA);
-
- return 0;
-}
-
-#endif /* HAVE_ECC_ENCRYPT */
-#endif /* HAVE_ECC */
-
-#ifdef HAVE_LIBZ
-
-const byte sample_text[] =
- "Biodiesel cupidatat marfa, cliche aute put a bird on it incididunt elit\n"
- "polaroid. Sunt tattooed bespoke reprehenderit. Sint twee organic id\n"
- "marfa. Commodo veniam ad esse gastropub. 3 wolf moon sartorial vero,\n"
- "plaid delectus biodiesel squid +1 vice. Post-ironic keffiyeh leggings\n"
- "selfies cray fap hoodie, forage anim. Carles cupidatat shoreditch, VHS\n"
- "small batch meggings kogi dolore food truck bespoke gastropub.\n"
- "\n"
- "Terry richardson adipisicing actually typewriter tumblr, twee whatever\n"
- "four loko you probably haven't heard of them high life. Messenger bag\n"
- "whatever tattooed deep v mlkshk. Brooklyn pinterest assumenda chillwave\n"
- "et, banksy ullamco messenger bag umami pariatur direct trade forage.\n"
- "Typewriter culpa try-hard, pariatur sint brooklyn meggings. Gentrify\n"
- "food truck next level, tousled irony non semiotics PBR ethical anim cred\n"
- "readymade. Mumblecore brunch lomo odd future, portland organic terry\n"
- "richardson elit leggings adipisicing ennui raw denim banjo hella. Godard\n"
- "mixtape polaroid, pork belly readymade organic cray typewriter helvetica\n"
- "four loko whatever street art yr farm-to-table.\n"
- "\n"
- "Vinyl keytar vice tofu. Locavore you probably haven't heard of them pug\n"
- "pickled, hella tonx labore truffaut DIY mlkshk elit cosby sweater sint\n"
- "et mumblecore. Elit swag semiotics, reprehenderit DIY sartorial nisi ugh\n"
- "nesciunt pug pork belly wayfarers selfies delectus. Ethical hoodie\n"
- "seitan fingerstache kale chips. Terry richardson artisan williamsburg,\n"
- "eiusmod fanny pack irony tonx ennui lo-fi incididunt tofu YOLO\n"
- "readymade. 8-bit sed ethnic beard officia. Pour-over iphone DIY butcher,\n"
- "ethnic art party qui letterpress nisi proident jean shorts mlkshk\n"
- "locavore.\n"
- "\n"
- "Narwhal flexitarian letterpress, do gluten-free voluptate next level\n"
- "banh mi tonx incididunt carles DIY. Odd future nulla 8-bit beard ut\n"
- "cillum pickled velit, YOLO officia you probably haven't heard of them\n"
- "trust fund gastropub. Nisi adipisicing tattooed, Austin mlkshk 90's\n"
- "small batch american apparel. Put a bird on it cosby sweater before they\n"
- "sold out pork belly kogi hella. Street art mollit sustainable polaroid,\n"
- "DIY ethnic ea pug beard dreamcatcher cosby sweater magna scenester nisi.\n"
- "Sed pork belly skateboard mollit, labore proident eiusmod. Sriracha\n"
- "excepteur cosby sweater, anim deserunt laborum eu aliquip ethical et\n"
- "neutra PBR selvage.\n"
- "\n"
- "Raw denim pork belly truffaut, irony plaid sustainable put a bird on it\n"
- "next level jean shorts exercitation. Hashtag keytar whatever, nihil\n"
- "authentic aliquip disrupt laborum. Tattooed selfies deserunt trust fund\n"
- "wayfarers. 3 wolf moon synth church-key sartorial, gastropub leggings\n"
- "tattooed. Labore high life commodo, meggings raw denim fingerstache pug\n"
- "trust fund leggings seitan forage. Nostrud ullamco duis, reprehenderit\n"
- "incididunt flannel sustainable helvetica pork belly pug banksy you\n"
- "probably haven't heard of them nesciunt farm-to-table. Disrupt nostrud\n"
- "mollit magna, sriracha sartorial helvetica.\n"
- "\n"
- "Nulla kogi reprehenderit, skateboard sustainable duis adipisicing viral\n"
- "ad fanny pack salvia. Fanny pack trust fund you probably haven't heard\n"
- "of them YOLO vice nihil. Keffiyeh cray lo-fi pinterest cardigan aliqua,\n"
- "reprehenderit aute. Culpa tousled williamsburg, marfa lomo actually anim\n"
- "skateboard. Iphone aliqua ugh, semiotics pariatur vero readymade\n"
- "organic. Marfa squid nulla, in laborum disrupt laboris irure gastropub.\n"
- "Veniam sunt food truck leggings, sint vinyl fap.\n"
- "\n"
- "Hella dolore pork belly, truffaut carles you probably haven't heard of\n"
- "them PBR helvetica in sapiente. Fashion axe ugh bushwick american\n"
- "apparel. Fingerstache sed iphone, jean shorts blue bottle nisi bushwick\n"
- "flexitarian officia veniam plaid bespoke fap YOLO lo-fi. Blog\n"
- "letterpress mumblecore, food truck id cray brooklyn cillum ad sed.\n"
- "Assumenda chambray wayfarers vinyl mixtape sustainable. VHS vinyl\n"
- "delectus, culpa williamsburg polaroid cliche swag church-key synth kogi\n"
- "magna pop-up literally. Swag thundercats ennui shoreditch vegan\n"
- "pitchfork neutra truffaut etsy, sed single-origin coffee craft beer.\n"
- "\n"
- "Odio letterpress brooklyn elit. Nulla single-origin coffee in occaecat\n"
- "meggings. Irony meggings 8-bit, chillwave lo-fi adipisicing cred\n"
- "dreamcatcher veniam. Put a bird on it irony umami, trust fund bushwick\n"
- "locavore kale chips. Sriracha swag thundercats, chillwave disrupt\n"
- "tousled beard mollit mustache leggings portland next level. Nihil esse\n"
- "est, skateboard art party etsy thundercats sed dreamcatcher ut iphone\n"
- "swag consectetur et. Irure skateboard banjo, nulla deserunt messenger\n"
- "bag dolor terry richardson sapiente.\n";
-
-
-int compress_test(void)
-{
- int ret = 0;
- word32 dSz = sizeof(sample_text);
- word32 cSz = (dSz + (word32)(dSz * 0.001) + 12);
- byte *c = NULL;
- byte *d = NULL;
-
- c = calloc(cSz, sizeof(byte));
- d = calloc(dSz, sizeof(byte));
-
- if (c == NULL || d == NULL)
- ret = -300;
-
- if (ret == 0 && (ret = Compress(c, cSz, sample_text, dSz, 0)) < 0)
- ret = -301;
-
- if (ret > 0) {
- cSz = (word32)ret;
- ret = 0;
- }
-
- if (ret == 0 && DeCompress(d, dSz, c, cSz) != (int)dSz)
- ret = -302;
-
- if (ret == 0 && memcmp(d, sample_text, dSz))
- ret = -303;
-
- if (c) free(c);
- if (d) free(d);
-
- return ret;
-}
-
-#endif /* HAVE_LIBZ */
-
-#ifdef HAVE_PKCS7
-
-int pkcs7enveloped_test(void)
-{
- int ret = 0;
-
- int cipher = DES3b;
- int envelopedSz, decodedSz;
- PKCS7 pkcs7;
- byte* cert;
- byte* privKey;
- byte enveloped[2048];
- byte decoded[2048];
-
- size_t certSz;
- size_t privKeySz;
- FILE* certFile;
- FILE* keyFile;
- FILE* pkcs7File;
- const char* pkcs7OutFile = "pkcs7envelopedData.der";
-
- const byte data[] = { /* Hello World */
- 0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
- 0x72,0x6c,0x64
- };
-
- /* read client cert and key in DER format */
- cert = (byte*)malloc(FOURK_BUF);
- if (cert == NULL)
- return -201;
-
- privKey = (byte*)malloc(FOURK_BUF);
- if (privKey == NULL) {
- free(cert);
- return -202;
- }
-
- certFile = fopen(clientCert, "rb");
- if (!certFile) {
- free(cert);
- free(privKey);
- err_sys("can't open ./certs/client-cert.der, "
- "Please run from CyaSSL home dir", -42);
- }
-
- certSz = fread(cert, 1, FOURK_BUF, certFile);
- fclose(certFile);
-
- keyFile = fopen(clientKey, "rb");
- if (!keyFile) {
- free(cert);
- free(privKey);
- err_sys("can't open ./certs/client-key.der, "
- "Please run from CyaSSL home dir", -43);
- }
-
- privKeySz = fread(privKey, 1, FOURK_BUF, keyFile);
- fclose(keyFile);
-
- PKCS7_InitWithCert(&pkcs7, cert, (word32)certSz);
- pkcs7.content = (byte*)data;
- pkcs7.contentSz = (word32)sizeof(data);
- pkcs7.contentOID = DATA;
- pkcs7.encryptOID = cipher;
- pkcs7.privateKey = privKey;
- pkcs7.privateKeySz = (word32)privKeySz;
-
- /* encode envelopedData */
- envelopedSz = PKCS7_EncodeEnvelopedData(&pkcs7, enveloped,
- sizeof(enveloped));
- if (envelopedSz <= 0) {
- free(cert);
- free(privKey);
- return -203;
- }
-
- /* decode envelopedData */
- decodedSz = PKCS7_DecodeEnvelopedData(&pkcs7, enveloped, envelopedSz,
- decoded, sizeof(decoded));
- if (decodedSz <= 0) {
- free(cert);
- free(privKey);
- return -204;
- }
-
- /* test decode result */
- if (memcmp(decoded, data, sizeof(data)) != 0) {
- free(cert);
- free(privKey);
- return -205;
- }
-
- /* output pkcs7 envelopedData for external testing */
- pkcs7File = fopen(pkcs7OutFile, "wb");
- if (!pkcs7File) {
- free(cert);
- free(privKey);
- return -206;
- }
-
- ret = (int)fwrite(enveloped, envelopedSz, 1, pkcs7File);
- fclose(pkcs7File);
-
- free(cert);
- free(privKey);
- PKCS7_Free(&pkcs7);
-
- if (ret > 0)
- return 0;
-
- return ret;
-}
-
-int pkcs7signed_test(void)
-{
- int ret = 0;
-
- FILE* file;
- byte* certDer;
- byte* keyDer;
- byte* out;
- char data[] = "Hello World";
- word32 dataSz, outSz, certDerSz, keyDerSz;
- PKCS7 msg;
- WC_RNG rng;
-
- byte transIdOid[] =
- { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
- 0x09, 0x07 };
- byte messageTypeOid[] =
- { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
- 0x09, 0x02 };
- byte senderNonceOid[] =
- { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
- 0x09, 0x05 };
- byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1];
- byte messageType[] = { 0x13, 2, '1', '9' };
- byte senderNonce[PKCS7_NONCE_SZ + 2];
-
- PKCS7Attrib attribs[] =
- {
- { transIdOid, sizeof(transIdOid),
- transId, sizeof(transId) - 1 }, /* take off the null */
- { messageTypeOid, sizeof(messageTypeOid),
- messageType, sizeof(messageType) },
- { senderNonceOid, sizeof(senderNonceOid),
- senderNonce, sizeof(senderNonce) }
- };
-
- dataSz = (word32) strlen(data);
- outSz = FOURK_BUF;
-
- certDer = (byte*)malloc(FOURK_BUF);
- if (certDer == NULL)
- return -207;
- keyDer = (byte*)malloc(FOURK_BUF);
- if (keyDer == NULL) {
- free(certDer);
- return -208;
- }
- out = (byte*)malloc(FOURK_BUF);
- if (out == NULL) {
- free(certDer);
- free(keyDer);
- return -209;
- }
-
- /* read in DER cert of recipient, into cert of size certSz */
- file = fopen(clientCert, "rb");
- if (!file) {
- free(certDer);
- free(keyDer);
- free(out);
- err_sys("can't open ./certs/client-cert.der, "
- "Please run from CyaSSL home dir", -44);
- }
- certDerSz = (word32)fread(certDer, 1, FOURK_BUF, file);
- fclose(file);
-
- file = fopen(clientKey, "rb");
- if (!file) {
- free(certDer);
- free(keyDer);
- free(out);
- err_sys("can't open ./certs/client-key.der, "
- "Please run from CyaSSL home dir", -45);
- }
- keyDerSz = (word32)fread(keyDer, 1, FOURK_BUF, file);
- fclose(file);
-
- ret = InitRng(&rng);
- if (ret != 0) {
- free(certDer);
- free(keyDer);
- free(out);
- return -210;
- }
-
- senderNonce[0] = 0x04;
- senderNonce[1] = PKCS7_NONCE_SZ;
-
- ret = RNG_GenerateBlock(&rng, &senderNonce[2], PKCS7_NONCE_SZ);
- if (ret != 0) {
- free(certDer);
- free(keyDer);
- free(out);
- return -211;
- }
-
- PKCS7_InitWithCert(&msg, certDer, certDerSz);
- msg.privateKey = keyDer;
- msg.privateKeySz = keyDerSz;
- msg.content = (byte*)data;
- msg.contentSz = dataSz;
- msg.hashOID = SHAh;
- msg.encryptOID = RSAk;
- msg.signedAttribs = attribs;
- msg.signedAttribsSz = sizeof(attribs)/sizeof(PKCS7Attrib);
- msg.rng = &rng;
- {
- Sha sha;
- byte digest[SHA_DIGEST_SIZE];
- int i,j;
-
- transId[0] = 0x13;
- transId[1] = SHA_DIGEST_SIZE * 2;
-
- ret = InitSha(&sha);
- if (ret != 0) {
- free(certDer);
- free(keyDer);
- free(out);
- return -4003;
- }
- ShaUpdate(&sha, msg.publicKey, msg.publicKeySz);
- ShaFinal(&sha, digest);
-
- for (i = 0, j = 2; i < SHA_DIGEST_SIZE; i++, j += 2) {
- snprintf((char*)&transId[j], 3, "%02x", digest[i]);
- }
- }
- ret = PKCS7_EncodeSignedData(&msg, out, outSz);
- if (ret < 0) {
- free(certDer);
- free(keyDer);
- free(out);
- PKCS7_Free(&msg);
- return -212;
- }
- else
- outSz = ret;
-
- /* write PKCS#7 to output file for more testing */
- file = fopen("./pkcs7signedData.der", "wb");
- if (!file) {
- free(certDer);
- free(keyDer);
- free(out);
- PKCS7_Free(&msg);
- return -213;
- }
- ret = (int)fwrite(out, 1, outSz, file);
- fclose(file);
- if (ret != (int)outSz) {
- free(certDer);
- free(keyDer);
- free(out);
- PKCS7_Free(&msg);
- return -218;
- }
-
- PKCS7_Free(&msg);
- PKCS7_InitWithCert(&msg, NULL, 0);
-
- ret = PKCS7_VerifySignedData(&msg, out, outSz);
- if (ret < 0) {
- free(certDer);
- free(keyDer);
- free(out);
- PKCS7_Free(&msg);
- return -214;
- }
-
- if (msg.singleCert == NULL || msg.singleCertSz == 0) {
- free(certDer);
- free(keyDer);
- free(out);
- PKCS7_Free(&msg);
- return -215;
- }
-
- file = fopen("./pkcs7cert.der", "wb");
- if (!file) {
- free(certDer);
- free(keyDer);
- free(out);
- PKCS7_Free(&msg);
- return -216;
- }
- ret = (int)fwrite(msg.singleCert, 1, msg.singleCertSz, file);
- fclose(file);
-
- free(certDer);
- free(keyDer);
- free(out);
- PKCS7_Free(&msg);
-
- if (ret > 0)
- return 0;
-
- return ret;
-}
-
-#endif /* HAVE_PKCS7 */
-
-#endif /* NO_CRYPT_TEST */
diff --git a/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-CortexM3-4.c b/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-CortexM3-4.c
deleted file mode 100644
index ca5046138..000000000
--- a/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-CortexM3-4.c
+++ /dev/null
@@ -1,41 +0,0 @@
-/* time-STM32F2.c
- *
- * Copyright (C) 2006-2015 wolfSSL Inc.
- *
- * This file is part of wolfSSL. (formerly known as CyaSSL)
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
- */
-
-#ifdef HAVE_CONFIG_H
- #include
-#endif
-
-
-#include
-#define DWT ((DWT_Type *) (0xE0001000UL) )
-typedef struct
-{
- uint32_t CTRL; /*!< Offset: 0x000 (R/W) Control Register */
- uint32_t CYCCNT; /*!< Offset: 0x004 (R/W) Cycle Count Register */
-} DWT_Type;
-
-extern uint32_t SystemCoreClock ;
-
-double current_time(int reset)
-{
- if(reset) DWT->CYCCNT = 0 ;
- return ((double)DWT->CYCCNT/SystemCoreClock) ;
-}
diff --git a/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-dummy.c b/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-dummy.c
deleted file mode 100644
index 8f98da46a..000000000
--- a/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-dummy.c
+++ /dev/null
@@ -1,34 +0,0 @@
-/* time-dummy.c.c
- *
- * Copyright (C) 2006-2015 wolfSSL Inc.
- *
- * This file is part of wolfSSL. (formerly known as CyaSSL)
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
- */
-
-#ifdef HAVE_CONFIG_H
- #include
-#endif
-
-#include "time.h"
-
-struct tm *Cyassl_MDK_gmtime(const time_t *c)
-{
- static struct tm date ;
- return(&date) ;
-}
-
-time_t time(time_t * t) { return 0 ; }