diff --git a/ctaocrypt/include/ctc_asn.h b/ctaocrypt/include/ctc_asn.h index 569ebdd2b..b207140f4 100644 --- a/ctaocrypt/include/ctc_asn.h +++ b/ctaocrypt/include/ctc_asn.h @@ -28,6 +28,7 @@ #include "ctc_dh.h" #include "ctc_dsa.h" #include "ctc_sha.h" +#include "ctc_asn_public.h" /* public interface */ #ifdef HAVE_ECC #include "ctc_ecc.h" #endif @@ -183,7 +184,7 @@ enum VerifyType { }; -typedef struct DecodedCert { +struct DecodedCert { byte* publicKey; word32 pubKeySize; int pubKeyStored; @@ -222,11 +223,9 @@ typedef struct DecodedCert { char* subjectEmail; int subjectEmailLen; #endif /* CYASSL_CERT_GEN */ -} DecodedCert; +}; -typedef struct Signer Signer; - /* CA Signers */ struct Signer { byte* publicKey; @@ -238,10 +237,6 @@ struct Signer { }; -CYASSL_API void InitDecodedCert(DecodedCert*, byte*, void*); -CYASSL_API void FreeDecodedCert(DecodedCert*); -CYASSL_API int ParseCert(DecodedCert*, word32, int type, int verify, - Signer* signer); CYASSL_LOCAL int ParseCertRelative(DecodedCert*, word32, int type, int verify, Signer* signer); @@ -252,30 +247,9 @@ CYASSL_LOCAL Signer* MakeSigner(void*); CYASSL_LOCAL void FreeSigners(Signer*, void*); -CYASSL_API int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, - word32); -CYASSL_API int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, - word32); CYASSL_LOCAL int ToTraditional(byte* buffer, word32 length); CYASSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*, int); -#ifndef NO_DH -CYASSL_API int DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, - word32); -CYASSL_API int DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, - word32 gSz); -#endif - -#ifndef NO_DSA -CYASSL_API int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey*, - word32); -CYASSL_API int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey*, - word32); -#endif - -#ifdef CYASSL_KEY_GEN -CYASSL_API int RsaKeyToDer(RsaKey*, byte* output, word32 inLen); -#endif #ifdef HAVE_ECC /* ASN sig helpers */ @@ -288,11 +262,6 @@ CYASSL_API int RsaKeyToDer(RsaKey*, byte* output, word32 inLen); ecc_key*,word32); #endif -#if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) -CYASSL_API int DerToPem(const byte* der, word32 derSz, byte* output, - word32 outputSz, int type); -#endif - #ifdef CYASSL_CERT_GEN enum cert_enums { @@ -318,7 +287,7 @@ typedef struct CertName { /* for user to fill for certificate generation */ -typedef struct Cert { +struct Cert { int version; /* x509 version */ byte serial[SERIAL_SIZE]; /* serial number */ int sigType; /* signature algo type */ @@ -329,29 +298,9 @@ typedef struct Cert { /* internal use only */ int bodySz; /* pre sign total size */ int keyType; /* public key type of subject */ -} Cert; +}; -/* Initialize and Set Certficate defaults: - version = 3 (0x2) - serial = 0 (Will be randomly generated) - sigType = MD5_WITH_RSA - issuer = blank - daysValid = 500 - selfSigned = 1 (true) use subject as issuer - subject = blank - keyType = RSA_KEY (default) -*/ -CYASSL_API void InitCert(Cert*); -CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); -CYASSL_API int SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); -CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, - RNG*); -CYASSL_API int SetIssuer(Cert*, const char*); -#ifdef HAVE_NTRU -CYASSL_API int MakeNtruCert(Cert*, byte* derBuffer, word32 derSz, - const byte* ntruKey, word16 keySz, RNG*); -#endif #endif /* CYASSL_CERT_GEN */ diff --git a/ctaocrypt/include/ctc_asn_public.h b/ctaocrypt/include/ctc_asn_public.h new file mode 100644 index 000000000..d5dbc8eac --- /dev/null +++ b/ctaocrypt/include/ctc_asn_public.h @@ -0,0 +1,80 @@ +/* ctc_asn_public.h + * + * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +#ifndef CTAO_CRYPT_ASN_PUBLIC_H +#define CTAO_CRYPT_ASN_PUBLIC_H + +#include "ctc_types.h" + +#ifdef __cplusplus + extern "C" { +#endif + +/* forward declarations */ +typedef struct DecodedCert DecodedCert; +typedef struct Cert Cert; +typedef struct Signer Signer; +#ifndef CTC_RSA_KEY_DEFINED + typedef struct RsaKey RsaKey; +#endif +#ifndef CTC_RNG_DEFINED + typedef struct RNG RNG; +#endif + +CYASSL_API void InitDecodedCert(DecodedCert*, byte*, void*); +CYASSL_API void FreeDecodedCert(DecodedCert*); +CYASSL_API int ParseCert(DecodedCert*, word32, int type, int verify, + Signer* signer); + +#if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) +CYASSL_API int DerToPem(const byte* der, word32 derSz, byte* output, + word32 outputSz, int type); +#endif + +/* Initialize and Set Certficate defaults: + version = 3 (0x2) + serial = 0 (Will be randomly generated) + sigType = MD5_WITH_RSA + issuer = blank + daysValid = 500 + selfSigned = 1 (true) use subject as issuer + subject = blank + keyType = RSA_KEY (default) +*/ +CYASSL_API void InitCert(Cert*); +CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); +CYASSL_API int SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); +CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, + RNG*); +CYASSL_API int SetIssuer(Cert*, const char*); +#ifdef HAVE_NTRU +CYASSL_API int MakeNtruCert(Cert*, byte* derBuffer, word32 derSz, + const byte* ntruKey, word16 keySz, RNG*); +#endif + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* CTAO_CRYPT_ASN_PUBLIC_H */ + diff --git a/ctaocrypt/include/ctc_config.h b/ctaocrypt/include/ctc_config.h index f870439a3..c0d25be42 100644 --- a/ctaocrypt/include/ctc_config.h +++ b/ctaocrypt/include/ctc_config.h @@ -42,7 +42,7 @@ /* Define to 1 or 0, depending whether the compiler supports simple visibility declarations. */ -#define HAVE_VISIBILITY 1 +#define HAVE_VISIBILITY 0 /* Define to the sub-directory in which libtool stores uninstalled libraries. */ diff --git a/ctaocrypt/include/ctc_dh.h b/ctaocrypt/include/ctc_dh.h index a05ca95e5..780517a1b 100644 --- a/ctaocrypt/include/ctc_dh.h +++ b/ctaocrypt/include/ctc_dh.h @@ -49,6 +49,11 @@ CYASSL_API int DhAgree(DhKey* key, byte* agree, word32* agreeSz, const byte* priv, word32 privSz, const byte* otherPub, word32 pubSz); +CYASSL_API int DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, + word32); +CYASSL_API int DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, + word32 gSz); + #ifdef __cplusplus } /* extern "C" */ diff --git a/ctaocrypt/include/ctc_dsa.h b/ctaocrypt/include/ctc_dsa.h index dff28b665..2d6564379 100644 --- a/ctaocrypt/include/ctc_dsa.h +++ b/ctaocrypt/include/ctc_dsa.h @@ -52,6 +52,10 @@ CYASSL_API int DsaSign(const byte* digest, byte* out, DsaKey* key, RNG* rng); CYASSL_API int DsaVerify(const byte* digest, const byte* sig, DsaKey* key, int* answer); +CYASSL_API int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey*, + word32); +CYASSL_API int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey*, + word32); #ifdef __cplusplus } /* extern "C" */ diff --git a/ctaocrypt/include/ctc_random.h b/ctaocrypt/include/ctc_random.h index 121fd24ce..05d03ec40 100644 --- a/ctaocrypt/include/ctc_random.h +++ b/ctaocrypt/include/ctc_random.h @@ -59,6 +59,7 @@ typedef struct RNG { Arc4 cipher; } RNG; +#define CTC_RNG_DEFINED /* redeclare guard */ CYASSL_API int InitRng(RNG*); CYASSL_API void RNG_GenerateBlock(RNG*, byte*, word32 sz); diff --git a/ctaocrypt/include/ctc_rsa.h b/ctaocrypt/include/ctc_rsa.h index 032408474..afb5656a0 100644 --- a/ctaocrypt/include/ctc_rsa.h +++ b/ctaocrypt/include/ctc_rsa.h @@ -44,6 +44,8 @@ typedef struct RsaKey { void* heap; /* for user memory overrides */ } RsaKey; +#define CTC_RSA_KEY_DEFINED /* redeclare guard */ + CYASSL_API void InitRsaKey(RsaKey* key, void*); CYASSL_API void FreeRsaKey(RsaKey* key); @@ -64,8 +66,13 @@ CYASSL_API int RsaEncryptSize(RsaKey* key); #ifdef CYASSL_KEY_GEN CYASSL_API int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng); + CYASSL_API int RsaKeyToDer(RsaKey*, byte* output, word32 inLen); #endif +CYASSL_API int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, + word32); +CYASSL_API int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, + word32); #ifdef __cplusplus } /* extern "C" */ diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index 7c69b8f35..827909a98 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -1145,7 +1145,7 @@ int rsa_test() if (derSz < 0) return -302; - keyFile = fopen("./ker.der", "wb"); + keyFile = fopen("./key.der", "wb"); if (!keyFile) return -303; ret = fwrite(der, derSz, 1, keyFile); diff --git a/src/ssl.c b/src/ssl.c index 35f2cad14..e0e4faf62 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1062,7 +1062,7 @@ int CyaSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz) ret = PemToDer(fileBuf, sz, CA_TYPE, &converted, 0, &info, &ecc); if (ret == 0) { - if (converted.length < derSz) { + if (converted.length < (word32)derSz) { XMEMCPY(derBuf, converted.buffer, converted.length); ret = converted.length; }