diff --git a/src/bio.c b/src/bio.c new file mode 100644 index 000000000..a0ae5ac9c --- /dev/null +++ b/src/bio.c @@ -0,0 +1,40 @@ +/* bio.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +WOLFSSL_API long wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b) +{ + (void) b; + return 0; +} + +WOLFSSL_API long wolfSSL_BIO_int_ctrl(WOLFSSL_BIO *bp, int cmd, long larg, int iarg) +{ + (void) bp; + (void) cmd; + (void) larg; + (void) iarg; + return 0; +} + +WOLFSSL_API const WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_socket(void) +{ + return (void *)0; +} diff --git a/src/ssl.c b/src/ssl.c index e7571d937..a24c45465 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -10102,6 +10102,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl) WOLFSSL_MSG("no type set"); return 0; /* failure */ } + ctx->bufUsed = 0; + ctx->finUsed = 0; #ifndef NO_AES printf("cipherType=%d\n", ctx->cipherType); @@ -18775,6 +18777,10 @@ void* wolfSSL_get_ex_data(const WOLFSSL* ssl, int idx) #endif return 0; } + + +#include "src/bio.c" + #endif /* OPENSSL_EXTRA */ diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 9b3d0cc8f..e499e6e85 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -41,6 +41,7 @@ WOLFSSL_API int wolfSSL_EVP_DecryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx, const WOLFSSL_EVP_CIPHER* type, unsigned char* key, unsigned char* iv) { + WOLFSSL_ENTER("wolfSSL_EVP_CipherInit"); return wolfSSL_EVP_CipherInit(ctx, type, key, iv, 0); } @@ -50,6 +51,7 @@ WOLFSSL_API int wolfSSL_EVP_DecryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx, unsigned char* key, unsigned char* iv) { (void) impl; + WOLFSSL_ENTER("wolfSSL_EVP_DecryptInit"); return wolfSSL_EVP_CipherInit(ctx, type, key, iv, 0); } @@ -58,13 +60,198 @@ WOLFSSL_API int wolfSSL_EVP_DigestInit_ex(WOLFSSL_EVP_MD_CTX* ctx, WOLFSSL_ENGINE *impl) { (void) impl; + WOLFSSL_ENTER("wolfSSL_EVP_DigestInit_ex"); return wolfSSL_EVP_DigestInit(ctx, type); } +#define PRINT_BUF(b, sz) { int i; for(i=0; i<(sz); i++){printf("%02x(%c),", (b)[i], (b)[i]); if((i+1)%8==0)printf("\n");}} + +static int fillBuff(WOLFSSL_EVP_CIPHER_CTX *ctx, const unsigned char *in, int sz) +{ + int fill; + WOLFSSL_ENTER("fillBuff"); + printf("ctx->bufUsed=%d, sz=%d\n",ctx->bufUsed, sz); + if(sz > 0){ + if((sz+ctx->bufUsed) > ctx->block_size){ + fill = ctx->block_size - ctx->bufUsed; + } else { + fill = sz; + } + XMEMCPY(&(ctx->buf[ctx->bufUsed]), in, fill); + ctx->bufUsed += fill; + printf("Result: ctx->bufUsed=%d\n",ctx->bufUsed); + return fill; + } else return 0; +} + +static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, int inl) +{ + WOLFSSL_ENTER("evpCipherBlock"); + switch(ctx->cipherType){ + #if !defined(NO_AES) && defined(HAVE_AES_CBC) + case AES_128_CBC_TYPE: + case AES_192_CBC_TYPE: + case AES_256_CBC_TYPE: + if(ctx->enc) + wc_AesCbcEncrypt(&ctx->cipher.aes, out, in, inl); + else + wc_AesCbcDecrypt(&ctx->cipher.aes, out, in, inl); + break; + #endif + #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER) + case AES_128_CTR_TYPE: + case AES_192_CTR_TYPE: + case AES_256_CTR_TYPE: + if(ctx->enc) + wc_AesCtrEncrypt(&ctx->cipher.aes, out, in, inl); + else + wc_AesCtrEncrypt(&ctx->cipher.aes, out, in, inl); + break; + #endif + #if !defined(NO_AES) && defined(HAVE_AES_ECB) + case AES_128_ECB_TYPE: + case AES_192_ECB_TYPE: + case AES_256_ECB_TYPE: + if(ctx->enc) + wc_AesEcbEncrypt(&ctx->cipher.aes, out, in, inl); + else + wc_AesEcbDecrypt(&ctx->cipher.aes, out, in, inl); + break; + #endif + #ifndef NO_DES3 + case DES_CBC_TYPE: + if(ctx->enc) + wc_Des_CbcEncrypt(&ctx->cipher.des, out, in, inl); + else + wc_Des_CbcDecrypt(&ctx->cipher.des, out, in, inl); + break; + case DES_EDE3_CBC_TYPE: + if(ctx->enc) + wc_Des3_CbcEncrypt(&ctx->cipher.des3, out, in, inl); + else + wc_Des3_CbcDecrypt(&ctx->cipher.des3, out, in, inl); + break; + #if defined(WOLFSSL_DES_ECB) + case DES_ECB_TYPE: + wc_Des_EcbEncrypt(&ctx->cipher.des, out, in, inl); + break; + case DES_EDE3_ECB_TYPE: + if(ctx->enc) + wc_Des3_EcbEncrypt(&ctx->cipher.des3, out, in, inl); + else + wc_Des3_EcbEncrypt(&ctx->cipher.des3, out, in, inl); + break; + #endif + #endif + default: + return 0; + } + ctx->finUsed = 1; + XMEMCPY(ctx->fin, (const byte *)&out[inl-ctx->block_size], ctx->block_size); + return 1; +} + +WOLFSSL_API int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx, + unsigned char *out, int *outl, + const unsigned char *in, int inl) +{ + int blocks; + int fill; + + if(ctx == NULL)return BAD_FUNC_ARG; + WOLFSSL_ENTER("wolfSSL_EVP_CipherUpdate"); + *outl = 0; + if(ctx->bufUsed > 0) /* concatinate them if there is anything */ + { + fill = fillBuff(ctx, in, inl); + inl -= fill; + in += fill; + } + if(ctx->bufUsed == ctx->block_size){ + /* the buff is full, flash out */ + if(evpCipherBlock(ctx, out, ctx->buf, ctx->block_size) == 0) + return 0; + *outl+= ctx->block_size; + out += ctx->block_size; + ctx->bufUsed = 0; + } + + blocks = inl / ctx->block_size; + if(blocks>0){ + /* process blocks */ + if(evpCipherBlock(ctx, out, ctx->buf, blocks) == 0) + return 0; + inl -= ctx->block_size * blocks; + *outl+= ctx->block_size * blocks; + in += ctx->block_size * blocks; + out += ctx->block_size * blocks; + } + if(inl>0){ + /* put fraction into buff */ + fillBuff(ctx, in, inl); + /* no increase of outl */ + } + return 1; +} + +static void padBlock(WOLFSSL_EVP_CIPHER_CTX *ctx) +{ + int i; + WOLFSSL_ENTER("paddBlock"); + for (i = ctx->bufUsed; i < ctx->block_size; i++) + ctx->buf[i] = ctx->block_size - ctx->bufUsed; +} + +static int checkPad(WOLFSSL_EVP_CIPHER_CTX *ctx) +{ + int i; + int n; + WOLFSSL_ENTER("checkPad"); + n = ctx->buf[ctx->block_size-1]; + if(n > ctx->block_size)return FALSE; + for (i = n; i < ctx->block_size; i++) + if(ctx->buf[i] != n) + return -1; + return n; +} + +WOLFSSL_API int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, + unsigned char *out, int *outl) +{ + int fl ; + if(ctx == NULL)return BAD_FUNC_ARG; + WOLFSSL_ENTER("wolfSSL_EVP_CipherFinal"); + if(ctx->flags & WOLFSSL_EVP_CIPH_NO_PADDING){ + *outl = 0; + return 1; + } + if(ctx->bufUsed > 0){ + if(ctx->enc){ + padBlock(ctx); + printf("Enc: block_size=%d\n", ctx->block_size); + PRINT_BUF(ctx->buf, ctx->block_size); + if(evpCipherBlock(ctx, out, ctx->buf, ctx->block_size) == 0) + return 0; + *outl = ctx->block_size; + } else { + if(evpCipherBlock(ctx, out, ctx->buf, ctx->block_size) == 0) + return 0; + printf("Dec: block_size=%d\n", ctx->block_size); + PRINT_BUF(ctx->buf, ctx->block_size); + if((fl = checkPad(ctx)) >= 0){ + XMEMCPY(out, ctx->buf, fl); + *outl = fl; + } else return 0; + } + } + return 1; +} WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_block_size(const WOLFSSL_EVP_CIPHER_CTX *ctx) { - if(ctx == NULL)return BAD_FUNC_ARG; + if(ctx == NULL)return BAD_FUNC_ARG; switch(ctx->cipherType){ #if !defined(NO_AES) && defined(HAVE_AES_CBC) @@ -167,7 +354,7 @@ WOLFSSL_API int wolfSSL_EVP_CIPHER_block_size(const WOLFSSL_EVP_CIPHER *cipher) } } -static unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher) +unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher) { switch(cipherType(cipher)){ #if !defined(NO_AES) && defined(HAVE_AES_CBC) diff --git a/wolfcrypt/test/openssl_test_ex.c b/wolfcrypt/test/openssl_test_ex.c deleted file mode 100644 index b0039cd66..000000000 --- a/wolfcrypt/test/openssl_test_ex.c +++ /dev/null @@ -1,64 +0,0 @@ - -#ifdef OPENSSL_EXTRA - -#define OPENSSL_TEST_ERROR -10000 - -static int openssl_test_ex(void) -{ - - /* Test: AES_encrypt/decrypt/set Key */ - - AES_KEY enc; -#ifdef HAVE_AES_DECRYPT - AES_KEY dec; -#endif - - byte cipher[AES_BLOCK_SIZE * 4]; - byte plain [AES_BLOCK_SIZE * 4]; - - int ret = 0; - -#ifdef HAVE_AES_CBC - const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */ - 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, - 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, - 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 - }; - - const byte verify[] = - { - 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, - 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb - }; - - byte encKey[] = "0123456789abcdef "; /* align */ - byte decKey[] = "0123456789abcdef "; /* align */ - byte iv[] = "1234567890abcdef "; /* align */ - - - printf("openSSL extra test\n") ; - - ret = AES_set_encrypt_key(encKey, sizeof(encKey)*8, &enc); - if (ret != 0) - return OPENSSL_TEST_ERROR-1001; - -#ifdef HAVE_AES_DECRYPT - printf("test AES_decrypt\n"); - ret = AES_set_decrypt_Key(decKey, sizeof(decKey)*8, &dec); - if (ret != 0) - return OPENSSL_TEST_ERROR-1002; -#endif - - AES_encrypt(&enc, cipher, msg); - -#ifdef HAVE_AES_DECRYPT - AES_decrypt(&dec, plain, cipher); - if (XMEMCMP(plain, msg, AES_BLOCK_SIZE)) - return OPENSSL_TEST_ERROR--60; -#endif /* HAVE_AES_DECRYPT */ - - if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE)) - return OPENSSL_TEST_ERROR--61; - - return 0; -} diff --git a/wolfssl/openssl/evp.h b/wolfssl/openssl/evp.h index cfa6475d6..cd3b1a16a 100644 --- a/wolfssl/openssl/evp.h +++ b/wolfssl/openssl/evp.h @@ -21,7 +21,7 @@ -/* evp.h defines mini evp openssl compatibility layer +/* evp.h defines mini evp openssl compatibility layer * */ @@ -164,6 +164,10 @@ typedef struct WOLFSSL_EVP_CIPHER_CTX { unsigned char iv[DES_BLOCK_SIZE]; /* working iv pointer into cipher */ #endif WOLFSSL_Cipher cipher; + byte buf[AES_BLOCK_SIZE]; + int bufUsed; + byte fin[AES_BLOCK_SIZE]; + int finUsed; } WOLFSSL_EVP_CIPHER_CTX; typedef int WOLFSSL_ENGINE ; @@ -219,8 +223,11 @@ WOLFSSL_API int wolfSSL_EVP_DecryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx, const WOLFSSL_EVP_CIPHER* type, WOLFSSL_ENGINE *impl, unsigned char* key, unsigned char* iv); +WOLFSSL_API int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx, + unsigned char *out, int *outl, + const unsigned char *in, int inl); WOLFSSL_API int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, - unsigned char *out, int *outl, int enc); + unsigned char *out, int *outl); WOLFSSL_API int wolfSSL_EVP_CipherFinal_ex(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, int enc); WOLFSSL_API int wolfSSL_EVP_EncryptFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, @@ -260,6 +267,7 @@ WOLFSSL_API int wolfSSL_SetInternalIV(WOLFSSL_EVP_CIPHER_CTX* ctx); WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_block_size(const WOLFSSL_EVP_CIPHER_CTX *ctx); WOLFSSL_API int wolfSSL_EVP_CIPHER_block_size(const WOLFSSL_EVP_CIPHER *cipher); WOLFSSL_API unsigned long WOLFSSL_EVP_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher); +WOLFSSL_API unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher); WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_flags(const WOLFSSL_EVP_CIPHER *cipher); WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_set_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags); WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *c, int pad); @@ -326,13 +334,22 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX; #define EVP_CIPHER_CTX_key_length wolfSSL_EVP_CIPHER_CTX_key_length #define EVP_CIPHER_CTX_set_key_length wolfSSL_EVP_CIPHER_CTX_set_key_length #define EVP_CipherInit wolfSSL_EVP_CipherInit -#define EVP_CipherInit_ex wolfSSL_EVP_CipherInit_ex +#define EVP_CipherInit_ex wolfSSL_EVP_CipherInit #define EVP_EncryptInit wolfSSL_EVP_EncryptInit #define EVP_EncryptInit_ex wolfSSL_EVP_EncryptInit_ex #define EVP_DecryptInit wolfSSL_EVP_DecryptInit #define EVP_DecryptInit_ex wolfSSL_EVP_DecryptInit_ex #define EVP_Cipher wolfSSL_EVP_Cipher +#define EVP_CipherUpdate wolfSSL_EVP_CipherUpdate +#define EVP_EncryptUpdate wolfSSL_EVP_CipherUpdate +#define EVP_DecryptUpdate wolfSSL_EVP_CipherUpdate +#define EVP_CipherFinal wolfSSL_EVP_CipherFinal +#define EVP_CipherFinal_ex wolfSSL_EVP_CipherFinal +#define EVP_EncryptFinal wolfSSL_EVP_CipherFinal +#define EVP_EncryptFinal_ex wolfSSL_EVP_CipherFinal +#define EVP_DecryptFinal wolfSSL_EVP_CipherFinal +#define EVP_DecryptFinal_ex wolfSSL_EVP_CipherFinal #define EVP_get_digestbynid wolfSSL_EVP_get_digestbynid diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index 22592f7d7..d6fd034f9 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -463,16 +463,23 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY; #define PEM_read_bio_DHparams wolfSSL_PEM_read_bio_DHparams #define PEM_write_bio_X509 PEM_write_bio_WOLFSSL_X509 #define SSL_CTX_set_tmp_dh wolfSSL_CTX_set_tmp_dh -#define BIO_new_file wolfSSL_BIO_new_file - #endif /* HAVE_STUNNEL || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE */ +#define BIO_new_file wolfSSL_BIO_new_file +#define BIO_ctrl wolfSSL_BIO_ctrl +#define BIO_ctrl_pending wolfSSL_BIO_ctrl_pending +#define BIO_get_mem_ptr(b,pp) wolfSSL_BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp) +#define BIO_int_ctrl wolfSSL_BIO_int_ctrl +#define BIO_reset(b) (int)wolfSSL_BIO_ctrl(b,BIO_CTRL_RESET,0,NULL) +#define BIO_s_socket wolfSSL_BIO_s_socket +#define BIO_set_fd(b,fd,c) wolfSSL_BIO_int_ctrl(b,BIO_C_SET_FD,c,fd) + #ifdef HAVE_STUNNEL #include /* defined as: (SSL_ST_ACCEPT|SSL_CB_LOOP), which becomes 0x2001*/ -#define SSL_CB_ACCEPT_LOOP 0x2001 +#define SSL_CB_ACCEPT_LOOP 0x2001 #define SSL2_VERSION 0x0002 #define SSL3_VERSION 0x0300 #define TLS1_VERSION 0x0301 diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 24fee4e10..678fefb45 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -504,7 +504,11 @@ WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_mem_buf(void* buf, int len); WOLFSSL_API long wolfSSL_BIO_set_ssl(WOLFSSL_BIO*, WOLFSSL*, int flag); WOLFSSL_API void wolfSSL_set_bio(WOLFSSL*, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr); -WOLFSSL_API int wolfSSL_add_all_algorithms(void); +WOLFSSL_API long wolfSSL_BIO_ctrl(WOLFSSL_BIO *bp, int cmd, long larg, void *parg); +WOLFSSL_API long wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b); +WOLFSSL_API int wolfSSL_add_all_algorithms(void); +WOLFSSL_API long wolfSSL_BIO_int_ctrl(WOLFSSL_BIO *bp, int cmd, long larg, int iarg); +const WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_socket(void); WOLFSSL_API void wolfSSL_RAND_screen(void); WOLFSSL_API const char* wolfSSL_RAND_file_name(char*, unsigned long);