From a47af476d1ef7d7de301e0f88a77fe09a5d0b55a Mon Sep 17 00:00:00 2001 From: toddouska Date: Thu, 20 Aug 2015 17:11:00 -0700 Subject: [PATCH 01/55] add REAMDE note about static cipher suites disabled and compiler error detection --- README | 30 ++++++++++++++---------------- README.md | 33 +++++++++++++++------------------ src/ssl.c | 7 +++++++ 3 files changed, 36 insertions(+), 34 deletions(-) diff --git a/README b/README index 84a0acb92b..ae115e98d9 100644 --- a/README +++ b/README @@ -1,24 +1,22 @@ *** Notes, Please read *** Note 1) -wolfSSL now needs all examples and tests to be run from the wolfSSL home -directory. This is because it finds certs and keys from ./certs/. Trying to -maintain the ability to run each program from its own directory, the testsuite -directory, the main directory (for make check/test), and for the various -different project layouts (with or without config) was becoming harder and -harder. Now to run testsuite just do: +wolfSSL as of 3.6.6 no longer enables SSLv3 by default. wolfSSL also no +longer supports static key cipher suites with PSK, RSA, or ECDH. This means +if you plan to use TLS cipher suites you must enable DH (DH is on by default), +or enable ECC (ECC is on by default on 64bit systems), or you must enable static +key cipher suites with + WOLFSSL_STATI_DH + WOLFSSL_STATIC_RSA + or + WOLFSSL_STATIC_PSK -./testsuite/testsuite - -or - -make check (when using autoconf) - -On *nix or Windows the examples and testsuite will check to see if the current -directory is the source directory and if so, attempt to change to the wolfSSL -home directory. This should work in most setup cases, if not, just follow the -beginning of the note and specify the full path. +though static key cipher suites are deprecated and will be removed from future +versions of TLS. They also lower your security by removing PFS. +When compiling ssl.c wolfSSL will now issue a comipler error if no cipher suites +are available. You can remove this error by defining WOLFSSL_ALLOW_NO_SUITES +in the event that you desire that, i.e., you're not using TLS cipher suites. Note 2) wolfSSL takes a different approach to certificate verification than OpenSSL diff --git a/README.md b/README.md index e5e7bcb854..87874f2e6e 100644 --- a/README.md +++ b/README.md @@ -2,27 +2,27 @@ ## Note 1 ``` -wolfSSL now needs all examples and tests to be run from the wolfSSL home -directory. This is because it finds certs and keys from ./certs/. Trying to -maintain the ability to run each program from its own directory, the testsuite -directory, the main directory (for make check/test), and for the various -different project layouts (with or without config) was becoming harder and -harder. Now to run testsuite just do: +wolfSSL as of 3.6.6 no longer enables SSLv3 by default. wolfSSL also no +longer supports static key cipher suites with PSK, RSA, or ECDH. This means +if you plan to use TLS cipher suites you must enable DH (DH is on by default), +or enable ECC (ECC is on by default on 64bit systems), or you must enable static +key cipher suites with + WOLFSSL_STATI_DH + WOLFSSL_STATIC_RSA + or + WOLFSSL_STATIC_PSK -./testsuite/testsuite +though static key cipher suites are deprecated and will be removed from future +versions of TLS. They also lower your security by removing PFS. -or - -make check (when using autoconf) - -On *nix or Windows the examples and testsuite will check to see if the current -directory is the source directory and if so, attempt to change to the wolfSSL -home directory. This should work in most setup cases, if not, just follow the -beginning of the note and specify the full path. +When compiling ssl.c wolfSSL will now issue a comipler error if no cipher suites +are available. You can remove this error by defining WOLFSSL_ALLOW_NO_SUITES +in the event that you desire that, i.e., you're not using TLS cipher suites. ``` ## Note 2 ``` + wolfSSL takes a different approach to certificate verification than OpenSSL does. The default policy for the client is to verify the server, this means that if you don't load CAs to verify the server you'll get a connect error, @@ -35,9 +35,6 @@ wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); before calling wolfSSL_new(); Though it's not recommended. ``` -- GNU Binutils 2.24 ld has problems with some debug builds, to fix an ld error - add -fdebug-types-section to C_EXTRA_FLAGS - #wolfSSL (Formerly CyaSSL) Release 3.6.6 (08/20/2015) ##Release 3.6.6 of wolfSSL has bug fixes and new features including: diff --git a/src/ssl.c b/src/ssl.c index 30e2660113..74194b2ca1 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -33,6 +33,13 @@ #include #include +#ifndef WOLFSSL_ALLOW_NO_SUITES + #if defined(NO_DH) && !defined(HAVE_ECC) && !defined(WOLFSSL_STATIC_RSA) \ + && !defined(WOLFSSL_STATIC_DH) && !defined(WOLFSSL_STATIC_PSK) + #error "No cipher suites defined becuase DH disabled, ECC disabled, and no static suites defined. Please see top of README" + #endif +#endif + #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || \ defined(WOLFSSL_KEY_GEN) #include From a93aa8972ecb6f036255fcf0f701ecca05eaf9af Mon Sep 17 00:00:00 2001 From: John Safranek Date: Thu, 20 Aug 2015 13:33:44 -0700 Subject: [PATCH 02/55] fix sniffer crash with reassembly processing --- src/sniffer.c | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/src/sniffer.c b/src/sniffer.c index b2e1f3b485..938eea2251 100644 --- a/src/sniffer.c +++ b/src/sniffer.c @@ -2617,30 +2617,32 @@ static int HaveMoreInput(SnifferSession* session, const byte** sslFrame, word32* length = (session->flags.side == WOLFSSL_SERVER_END) ? &session->sslServer->buffers.inputBuffer.length : &session->sslClient->buffers.inputBuffer.length; - byte* myBuffer = (session->flags.side == WOLFSSL_SERVER_END) ? - session->sslServer->buffers.inputBuffer.buffer : - session->sslClient->buffers.inputBuffer.buffer; - word32 bufferSize = (session->flags.side == WOLFSSL_SERVER_END) ? - session->sslServer->buffers.inputBuffer.bufferSize : - session->sslClient->buffers.inputBuffer.bufferSize; + byte** myBuffer = (session->flags.side == WOLFSSL_SERVER_END) ? + &session->sslServer->buffers.inputBuffer.buffer : + &session->sslClient->buffers.inputBuffer.buffer; + word32* bufferSize = (session->flags.side == WOLFSSL_SERVER_END) ? + &session->sslServer->buffers.inputBuffer.bufferSize : + &session->sslClient->buffers.inputBuffer.bufferSize; SSL* ssl = (session->flags.side == WOLFSSL_SERVER_END) ? session->sslServer : session->sslClient; while (*front && ((*front)->begin == *expected) ) { - word32 room = bufferSize - *length; + word32 room = *bufferSize - *length; word32 packetLen = (*front)->end - (*front)->begin + 1; - if (packetLen > room && bufferSize < MAX_INPUT_SZ) { + if (packetLen > room && *bufferSize < MAX_INPUT_SZ) { if (GrowInputBuffer(ssl, packetLen, *length) < 0) { SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE); return 0; } + room = *bufferSize - *length; /* bufferSize is now bigger */ } if (packetLen <= room) { PacketBuffer* del = *front; + byte* buf = *myBuffer; - XMEMCPY(&myBuffer[*length], (*front)->data, packetLen); + XMEMCPY(&buf[*length], (*front)->data, packetLen); *length += packetLen; *expected += packetLen; @@ -2654,9 +2656,9 @@ static int HaveMoreInput(SnifferSession* session, const byte** sslFrame, break; } if (moreInput) { - *sslFrame = myBuffer; + *sslFrame = *myBuffer; *sslBytes = *length; - *end = myBuffer + *length; + *end = *myBuffer + *length; } return moreInput; } From 5ce39e147d681ba9deeb0172d190562eef223ffe Mon Sep 17 00:00:00 2001 From: John Safranek Date: Thu, 20 Aug 2015 14:48:53 -0700 Subject: [PATCH 03/55] clean up sniffer packet overlap issue --- src/sniffer.c | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/src/sniffer.c b/src/sniffer.c index 938eea2251..25a46ef094 100644 --- a/src/sniffer.c +++ b/src/sniffer.c @@ -2429,7 +2429,10 @@ static int AdjustSequence(TcpInfo* tcpInfo, SnifferSession* session, /* adjust to expected, remove duplicate */ *sslFrame += overlap; *sslBytes -= overlap; - + + /* The following conditional block is duplicated below. It is the + * same action but for a different setup case. If changing this + * block be sure to also update the block below. */ if (reassemblyList) { word32 newEnd = *expected + *sslBytes; @@ -2461,6 +2464,30 @@ static int AdjustSequence(TcpInfo* tcpInfo, SnifferSession* session, else if (tcpInfo->fin) return AddFinCapture(session, real); } + else { + /* The following conditional block is duplicated above. It is the + * same action but for a different setup case. If changing this + * block be sure to also update the block above. */ + if (reassemblyList) { + word32 newEnd = *expected + *sslBytes; + + if (newEnd > reassemblyList->begin) { + Trace(OVERLAP_REASSEMBLY_BEGIN_STR); + + /* remove bytes already on reassembly list */ + *sslBytes -= newEnd - reassemblyList->begin; + } + if (newEnd > reassemblyList->end) { + Trace(OVERLAP_REASSEMBLY_END_STR); + + /* may be past reassembly list end (could have more on list) + so try to add what's past the front->end */ + AddToReassembly(session->flags.side, reassemblyList->end +1, + *sslFrame + reassemblyList->end - *expected + 1, + newEnd - reassemblyList->end, session, error); + } + } + } /* got expected sequence */ *expected += *sslBytes; if (tcpInfo->fin) From bd65b06459513463513cc28a8299c4ac107b5443 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 21 Aug 2015 21:49:43 -0700 Subject: [PATCH 04/55] remove name decorator from wolfcrypt error reporting function prototypes --- wolfssl/wolfcrypt/error-crypt.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/wolfssl/wolfcrypt/error-crypt.h b/wolfssl/wolfcrypt/error-crypt.h index 340d1db752..6e783085c3 100644 --- a/wolfssl/wolfcrypt/error-crypt.h +++ b/wolfssl/wolfcrypt/error-crypt.h @@ -27,8 +27,6 @@ #ifdef HAVE_FIPS #include - #define wc_ErrorString CTaoCryptErrorString - #define wc_GetErrorString CTaoCryptGetErrorString #endif /* HAVE_FIPS */ #ifdef __cplusplus From 9ee88b54f877f1053a1c574ebcb9acd86379323a Mon Sep 17 00:00:00 2001 From: toddouska Date: Tue, 25 Aug 2015 14:58:05 -0700 Subject: [PATCH 05/55] add ia32 fastmath register note about --without-pic and fPIE --- README | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README b/README index 380575265e..0696f7f392 100644 --- a/README +++ b/README @@ -354,12 +354,14 @@ Release 2.6.0 CyaSSL has bug fixes and new features including: - ./configure builds default to fastmath option * Note, if on ia32 and building in shared mode this may produce a problem with a missing register being available because of PIC, there are at least - 5 solutions to this: + 6 solutions to this: 1) --disable-fastmath , don't use fastmath 2) --disable-shared, don't build a shared library 3) C_EXTRA_FLAGS=-DTFM_NO_ASM , turn off assembly use 4) use clang, it just seems to work - 5) play around with no PIC options to force all registers being open + 5) play around with no PIC options to force all registers being open, + e.g, --without-pic + 6) if static lib is still a problem try removing fPIE - Many new ./configure switches for option enable/disable for example * rsa * dh From cb51432dc817462247b4e11e91906d51c10ba18b Mon Sep 17 00:00:00 2001 From: toddouska Date: Tue, 25 Aug 2015 16:11:26 -0700 Subject: [PATCH 06/55] update README.md ia32 register note --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 87874f2e6e..0907664f25 100644 --- a/README.md +++ b/README.md @@ -430,12 +430,14 @@ and comments about the new features please check the manual. - ./configure builds default to fastmath option * Note, if on ia32 and building in shared mode this may produce a problem with a missing register being available because of PIC, there are at least - 5 solutions to this: + 6 solutions to this: 1) --disable-fastmath , don't use fastmath 2) --disable-shared, don't build a shared library 3) C_EXTRA_FLAGS=-DTFM_NO_ASM , turn off assembly use 4) use clang, it just seems to work - 5) play around with no PIC options to force all registers being open + 5) play around with no PIC options to force all registers being open, + e.g., --without-pic + 6) if static lib is still a problem try removing fPIE - Many new ./configure switches for option enable/disable for example * rsa * dh From 7d067dfec6ddb931399950c9c2dfb1510ee10e00 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 25 Aug 2015 15:55:09 -0400 Subject: [PATCH 07/55] defragment the handshake messages in TLS --- src/internal.c | 61 +++++++++++++++++++++++++++++++++++++++++----- wolfssl/internal.h | 4 +++ 2 files changed, 59 insertions(+), 6 deletions(-) diff --git a/src/internal.c b/src/internal.c index 73d837847e..5916e738f3 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1829,7 +1829,9 @@ void FreeArrays(WOLFSSL* ssl, int keep) XMEMCPY(ssl->session.sessionID, ssl->arrays->sessionID, ID_LEN); ssl->session.sessionIDSz = ssl->arrays->sessionIDSz; } - XFREE(ssl->arrays, ssl->heap, DYNAMIC_TYPE_ARRAYS); + if (ssl->arrays) + XFREE(ssl->arrays->pendingMsg, ssl->heap, DYNAMIC_TYPE_ARRAYS); + XFREE(ssl->arrays, ssl->heap, DYNAMIC_TYPE_CERT); ssl->arrays = NULL; } @@ -5106,16 +5108,63 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx, static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx, word32 totalSz) { - byte type; - word32 size; int ret = 0; WOLFSSL_ENTER("DoHandShakeMsg()"); - if (GetHandShakeHeader(ssl, input, inOutIdx, &type, &size, totalSz) != 0) - return PARSE_ERROR; + /* If there is a pending fragmented handshake message, pending message size + * will be non-zero. */ + if (ssl->arrays->pendingMsgSz == 0) { + byte type; + word32 size; - ret = DoHandShakeMsgType(ssl, input, inOutIdx, type, size, totalSz); + if (GetHandShakeHeader(ssl,input, inOutIdx, &type, &size, totalSz) != 0) + return PARSE_ERROR; + + /* size is the size of the certificate message payload */ + if (totalSz - HANDSHAKE_HEADER_SZ < size) { + ssl->arrays->pendingMsgType = type; + ssl->arrays->pendingMsgSz = size + HANDSHAKE_HEADER_SZ; + ssl->arrays->pendingMsg = (byte*)XMALLOC(size + HANDSHAKE_HEADER_SZ, + ssl->heap, + DYNAMIC_TYPE_ARRAYS); + XMEMCPY(ssl->arrays->pendingMsg, + input + *inOutIdx - HANDSHAKE_HEADER_SZ, totalSz); + ssl->arrays->pendingMsgOffset = totalSz; + *inOutIdx += totalSz - HANDSHAKE_HEADER_SZ; + return 0; + } + + ret = DoHandShakeMsgType(ssl, input, inOutIdx, type, size, totalSz); + } + else { + if (totalSz + ssl->arrays->pendingMsgOffset + > ssl->arrays->pendingMsgSz) { + + return BUFFER_ERROR; + } + else { + XMEMCPY(ssl->arrays->pendingMsg + ssl->arrays->pendingMsgOffset, + input + *inOutIdx, totalSz); + ssl->arrays->pendingMsgOffset += totalSz; + *inOutIdx += totalSz; + } + + if (ssl->arrays->pendingMsgOffset == ssl->arrays->pendingMsgSz) + { + word32 idx = 0; + ret = DoHandShakeMsgType(ssl, + ssl->arrays->pendingMsg + + HANDSHAKE_HEADER_SZ, + &idx, ssl->arrays->pendingMsgType, + ssl->arrays->pendingMsgSz + - HANDSHAKE_HEADER_SZ, + ssl->arrays->pendingMsgSz); + XFREE(ssl->arrays->pendingMsg, ssl->heap, DYNAMIC_TYPE_ARRAYS); + ssl->arrays->pendingMsg = NULL; + ssl->arrays->pendingMsgSz = 0; + } + } WOLFSSL_LEAVE("DoHandShakeMsg()", ret); return ret; diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 6fe87a9f1b..93e3b3aa73 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -2067,6 +2067,8 @@ typedef struct Options { typedef struct Arrays { word32 preMasterSz; /* differs for DH, actual size */ + word32 pendingMsgSz; + word32 pendingMsgOffset; #ifndef NO_PSK word32 psk_keySz; /* acutal size */ char client_identity[MAX_PSK_ID_LEN]; @@ -2083,6 +2085,8 @@ typedef struct Arrays { byte cookie[MAX_COOKIE_LEN]; byte cookieSz; #endif + byte pendingMsgType; + byte* pendingMsg; } Arrays; #ifndef ASN_NAME_MAX From 5a1a076131bbadb3f7133193c629b0151ccbe550 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Wed, 26 Aug 2015 12:27:28 -0400 Subject: [PATCH 08/55] update README(.md) typo --- README | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README b/README index cb6981bc91..7cefa1a659 100644 --- a/README +++ b/README @@ -6,7 +6,7 @@ longer supports static key cipher suites with PSK, RSA, or ECDH. This means if you plan to use TLS cipher suites you must enable DH (DH is on by default), or enable ECC (ECC is on by default on 64bit systems), or you must enable static key cipher suites with - WOLFSSL_STATI_DH + WOLFSSL_STATIC_DH WOLFSSL_STATIC_RSA or WOLFSSL_STATIC_PSK diff --git a/README.md b/README.md index 0907664f25..102effa426 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ longer supports static key cipher suites with PSK, RSA, or ECDH. This means if you plan to use TLS cipher suites you must enable DH (DH is on by default), or enable ECC (ECC is on by default on 64bit systems), or you must enable static key cipher suites with - WOLFSSL_STATI_DH + WOLFSSL_STATIC_DH WOLFSSL_STATIC_RSA or WOLFSSL_STATIC_PSK From cc216d5079d28640736383172b898ca4871c1c4b Mon Sep 17 00:00:00 2001 From: John Safranek Date: Wed, 26 Aug 2015 14:16:13 -0400 Subject: [PATCH 09/55] InitSuites to disallow stream ciphers for DTLS sessions --- src/internal.c | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/src/internal.c b/src/internal.c index 5916e738f3..b7c6e912b5 100644 --- a/src/internal.c +++ b/src/internal.c @@ -738,10 +738,12 @@ void InitSuites(Suites* suites, ProtocolVersion pv, word16 haveRSA, word16 idx = 0; int tls = pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_MINOR; int tls1_2 = pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_2_MINOR; + int dtls = 0; int haveRSAsig = 1; (void)tls; /* shut up compiler */ (void)tls1_2; + (void)dtls; (void)haveDH; (void)havePSK; (void)haveNTRU; @@ -767,6 +769,7 @@ void InitSuites(Suites* suites, ProtocolVersion pv, word16 haveRSA, #ifdef WOLFSSL_DTLS if (pv.major == DTLS_MAJOR) { + dtls = 1; tls = 1; tls1_2 = pv.minor <= DTLSv1_2_MINOR; } @@ -801,7 +804,7 @@ void InitSuites(Suites* suites, ProtocolVersion pv, word16 haveRSA, #endif #ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA - if (tls && haveNTRU && haveRSA) { + if (!dtls && tls && haveNTRU && haveRSA) { suites->suites[idx++] = 0; suites->suites[idx++] = TLS_NTRU_RSA_WITH_RC4_128_SHA; } @@ -1032,14 +1035,14 @@ void InitSuites(Suites* suites, ProtocolVersion pv, word16 haveRSA, #endif #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - if (tls && haveECDSAsig) { + if (!dtls && tls && haveECDSAsig) { suites->suites[idx++] = ECC_BYTE; suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_RC4_128_SHA; } #endif #ifdef BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA - if (tls && haveECDSAsig && haveStaticECC) { + if (!dtls && tls && haveECDSAsig && haveStaticECC) { suites->suites[idx++] = ECC_BYTE; suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_RC4_128_SHA; } @@ -1088,14 +1091,14 @@ void InitSuites(Suites* suites, ProtocolVersion pv, word16 haveRSA, #endif #ifdef BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA - if (tls && haveRSA) { + if (!dtls && tls && haveRSA) { suites->suites[idx++] = ECC_BYTE; suites->suites[idx++] = TLS_ECDHE_RSA_WITH_RC4_128_SHA; } #endif #ifdef BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA - if (tls && haveRSAsig && haveStaticECC) { + if (!dtls && tls && haveRSAsig && haveStaticECC) { suites->suites[idx++] = ECC_BYTE; suites->suites[idx++] = TLS_ECDH_RSA_WITH_RC4_128_SHA; } @@ -1333,14 +1336,14 @@ void InitSuites(Suites* suites, ProtocolVersion pv, word16 haveRSA, #endif #ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA - if (haveRSA ) { + if (!dtls && haveRSA) { suites->suites[idx++] = 0; suites->suites[idx++] = SSL_RSA_WITH_RC4_128_SHA; } #endif #ifdef BUILD_SSL_RSA_WITH_RC4_128_MD5 - if (haveRSA ) { + if (!dtls && haveRSA) { suites->suites[idx++] = 0; suites->suites[idx++] = SSL_RSA_WITH_RC4_128_MD5; } @@ -1354,21 +1357,21 @@ void InitSuites(Suites* suites, ProtocolVersion pv, word16 haveRSA, #endif #ifdef BUILD_TLS_RSA_WITH_HC_128_MD5 - if (tls && haveRSA) { + if (!dtls && tls && haveRSA) { suites->suites[idx++] = 0; suites->suites[idx++] = TLS_RSA_WITH_HC_128_MD5; } #endif #ifdef BUILD_TLS_RSA_WITH_HC_128_SHA - if (tls && haveRSA) { + if (!dtls && tls && haveRSA) { suites->suites[idx++] = 0; suites->suites[idx++] = TLS_RSA_WITH_HC_128_SHA; } #endif #ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256 - if (tls && haveRSA) { + if (!dtls && tls && haveRSA) { suites->suites[idx++] = 0; suites->suites[idx++] = TLS_RSA_WITH_HC_128_B2B256; } @@ -1389,7 +1392,7 @@ void InitSuites(Suites* suites, ProtocolVersion pv, word16 haveRSA, #endif #ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA - if (tls && haveRSA) { + if (!dtls && tls && haveRSA) { suites->suites[idx++] = 0; suites->suites[idx++] = TLS_RSA_WITH_RABBIT_SHA; } From f2db01bef20a34ccfbe6e94298290ae88f5698d2 Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 26 Aug 2015 12:10:10 -0700 Subject: [PATCH 10/55] fix defrag memory errors --- src/internal.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/internal.c b/src/internal.c index b7c6e912b5..374e2bd680 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1832,8 +1832,10 @@ void FreeArrays(WOLFSSL* ssl, int keep) XMEMCPY(ssl->session.sessionID, ssl->arrays->sessionID, ID_LEN); ssl->session.sessionIDSz = ssl->arrays->sessionIDSz; } - if (ssl->arrays) + if (ssl->arrays) { XFREE(ssl->arrays->pendingMsg, ssl->heap, DYNAMIC_TYPE_ARRAYS); + ssl->arrays->pendingMsg = NULL; + } XFREE(ssl->arrays, ssl->heap, DYNAMIC_TYPE_CERT); ssl->arrays = NULL; } @@ -5131,6 +5133,8 @@ static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx, ssl->arrays->pendingMsg = (byte*)XMALLOC(size + HANDSHAKE_HEADER_SZ, ssl->heap, DYNAMIC_TYPE_ARRAYS); + if (ssl->arrays->pendingMsg == NULL) + return MEMORY_E; XMEMCPY(ssl->arrays->pendingMsg, input + *inOutIdx - HANDSHAKE_HEADER_SZ, totalSz); ssl->arrays->pendingMsgOffset = totalSz; From e8c17ed2bbbe680a3d2fb75d76871096076264bc Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 26 Aug 2015 12:13:07 -0700 Subject: [PATCH 11/55] fix defrag member layout, add comments --- wolfssl/internal.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 93e3b3aa73..18617e20f0 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -2066,9 +2066,10 @@ typedef struct Options { } Options; typedef struct Arrays { + byte* pendingMsg; /* defrag buffer */ word32 preMasterSz; /* differs for DH, actual size */ - word32 pendingMsgSz; - word32 pendingMsgOffset; + word32 pendingMsgSz; /* defrag buffer size */ + word32 pendingMsgOffset; /* current offset into defrag buffer */ #ifndef NO_PSK word32 psk_keySz; /* acutal size */ char client_identity[MAX_PSK_ID_LEN]; @@ -2085,8 +2086,7 @@ typedef struct Arrays { byte cookie[MAX_COOKIE_LEN]; byte cookieSz; #endif - byte pendingMsgType; - byte* pendingMsg; + byte pendingMsgType; /* defrag buffer message type */ } Arrays; #ifndef ASN_NAME_MAX From 3c614b5ba7b44775a75d8f6b33176111bd31df07 Mon Sep 17 00:00:00 2001 From: toddouska Date: Thu, 27 Aug 2015 10:18:00 -0700 Subject: [PATCH 12/55] manual merge pull request #83, ALT_ECC_SIZE fix --- wolfcrypt/src/tfm.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/wolfcrypt/src/tfm.c b/wolfcrypt/src/tfm.c index 021928d6ed..c45fa6dee3 100755 --- a/wolfcrypt/src/tfm.c +++ b/wolfcrypt/src/tfm.c @@ -1057,7 +1057,8 @@ static int _fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y) } /* init M array */ - XMEMSET(M, 0, sizeof(M)); + for(x = 0; x < (int)(sizeof(M)/sizeof(fp_int)); x++) + fp_init(&M[x]); /* now setup montgomery */ if ((err = fp_montgomery_setup (P, &mp)) != FP_OKAY) { @@ -1456,6 +1457,10 @@ int fp_cmp(fp_int *a, fp_int *b) /* compare against a single digit */ int fp_cmp_d(fp_int *a, fp_digit b) { + /* special case for zero*/ + if (a->used == 0 && b == 0) + return FP_EQ; + /* compare based on sign */ if ((b && a->used == 0) || a->sign == FP_NEG) { return FP_LT; @@ -2156,9 +2161,10 @@ int mp_div_2d(fp_int* a, int b, fp_int* c, fp_int* d) #ifdef ALT_ECC_SIZE void fp_copy(fp_int *a, fp_int* b) { - if (a != b) { + if (a != b && b->size >= a->used) { b->used = a->used; b->sign = a->sign; + XMEMCPY(b->dp, a->dp, a->used * sizeof(fp_digit)); } } From 3814871f715b10bf058163ff66710dc42682d097 Mon Sep 17 00:00:00 2001 From: toddouska Date: Thu, 27 Aug 2015 10:31:22 -0700 Subject: [PATCH 13/55] merge pull request #82, suite b ecc key-gen --- wolfcrypt/src/ecc.c | 17 ++++++++++++----- wolfssl/wolfcrypt/ecc.h | 17 +++++++++-------- 2 files changed, 21 insertions(+), 13 deletions(-) diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index c8a8f87e60..ef92b00ef4 100755 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -1661,7 +1661,7 @@ static int wc_ecc_make_key_ex(WC_RNG* rng, ecc_key* key, const ecc_set_type* dp) #ifdef WOLFSSL_SMALL_STACK byte* buf; #else - byte buf[ECC_MAXSIZE]; + byte buf[ECC_MAXSIZE_GEN]; #endif int keysize; int po_init = 0; /* prime order Init flag for clear */ @@ -1670,22 +1670,23 @@ static int wc_ecc_make_key_ex(WC_RNG* rng, ecc_key* key, const ecc_set_type* dp) return ECC_BAD_ARG_E; #ifdef WOLFSSL_SMALL_STACK - buf = (byte*)XMALLOC(ECC_MAXSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + buf = (byte*)XMALLOC(ECC_MAXSIZE_GEN, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (buf == NULL) return MEMORY_E; #endif key->idx = -1; key->dp = dp; - keysize = dp->size; + + /*generate 8 extra bytes to mitigate bias from the modulo operation below*/ + /*see section A.1.2 in 'Suite B Implementor's Guide to FIPS 186-3 (ECDSA)'*/ + keysize = dp->size + 8; /* allocate ram */ base = NULL; /* make up random string */ err = wc_RNG_GenerateBlock(rng, buf, keysize); - if (err == 0) - buf[0] |= 0x0c; /* setup the key variables */ if (err == 0) { @@ -1728,6 +1729,12 @@ static int wc_ecc_make_key_ex(WC_RNG* rng, ecc_key* key, const ecc_set_type* dp) if (err == MP_OKAY) err = mp_read_unsigned_bin(&key->k, (byte*)buf, keysize); + /* quick sanity check to make sure we're not dealing with a 0 key */ + if (err == MP_OKAY) { + if (MP_YES == mp_iszero(&key->k)) + err = MP_ZERO_E; + } + /* the key should be smaller than the order of base point */ if (err == MP_OKAY) { if (mp_cmp(&key->k, &order) != MP_LT) diff --git a/wolfssl/wolfcrypt/ecc.h b/wolfssl/wolfcrypt/ecc.h index 0075f0d148..6abbf38c7d 100644 --- a/wolfssl/wolfcrypt/ecc.h +++ b/wolfssl/wolfcrypt/ecc.h @@ -34,19 +34,20 @@ #endif enum { - ECC_PUBLICKEY = 1, - ECC_PRIVATEKEY = 2, - ECC_MAXNAME = 16, /* MAX CURVE NAME LENGTH */ - SIG_HEADER_SZ = 6, /* ECC signature header size */ - ECC_BUFSIZE = 256, /* for exported keys temp buffer */ - ECC_MINSIZE = 20, /* MIN Private Key size */ - ECC_MAXSIZE = 66 /* MAX Private Key size */ + ECC_PUBLICKEY = 1, + ECC_PRIVATEKEY = 2, + ECC_MAXNAME = 16, /* MAX CURVE NAME LENGTH */ + SIG_HEADER_SZ = 6, /* ECC signature header size */ + ECC_BUFSIZE = 256, /* for exported keys temp buffer */ + ECC_MINSIZE = 20, /* MIN Private Key size */ + ECC_MAXSIZE = 66, /* MAX Private Key size */ + ECC_MAXSIZE_GEN = 74 /* MAX Buffer size required when generating ECC keys*/ }; /* ECC set type defined a NIST GF(p) curve */ typedef struct { - int size; /* The size of the curve in octets */ + int size; /* The size of the curve in octets */ int nid; /* id of this curve */ const char* name; /* name of this curve */ const char* prime; /* prime that defines the field, curve is in (hex) */ From 5e95740d9306b897d7ec09feb5b311f659017a52 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Thu, 27 Aug 2015 11:45:40 -0600 Subject: [PATCH 14/55] Freescale: Add KSDK Bare Metal build, TRNG support --- src/internal.c | 9 ++++++ wolfcrypt/src/asn.c | 26 ++++++++++++++++ wolfcrypt/src/random.c | 17 +++++++++-- wolfssl/wolfcrypt/settings.h | 58 ++++++++++++++++++++++++------------ 4 files changed, 89 insertions(+), 21 deletions(-) diff --git a/src/internal.c b/src/internal.c index 374e2bd680..edc6cd33e4 100644 --- a/src/internal.c +++ b/src/internal.c @@ -2497,6 +2497,15 @@ ProtocolVersion MakeDTLSv1_2(void) return (word32) mqxTime.SECONDS; } +#elif defined(FREESCALE_KSDK_BM) + + #include "fsl_pit_driver.h" + + word32 LowResTimer(void) + { + return PIT_DRV_GetUs(); + } + #elif defined(WOLFSSL_TIRTOS) word32 LowResTimer(void) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 1640072a42..73e4460468 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -113,6 +113,11 @@ #define XTIME(t1) mqx_time((t1)) #define XGMTIME(c, t) mqx_gmtime((c), (t)) #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t)) +#elif defined(FREESCALE_KSDK_BM) + #include + #define XTIME(t1) ksdk_time((t1)) + #define XGMTIME(c, t) gmtime((c)) + #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t)) #elif defined(USER_TIME) /* user time, and gmtime compatible functions, there is a gmtime @@ -350,6 +355,27 @@ struct tm* mqx_gmtime(const time_t* clock, struct tm* tmpTime) #endif /* FREESCALE_MQX */ +#ifdef FREESCALE_KSDK_BM + +/* setting for PIT timer */ +#define PIT_INSTANCE 0 +#define PIT_CHANNEL 0 + +#include "fsl_pit_driver.h" + +time_t ksdk_time(time_t* timer) +{ + time_t localTime; + + if (timer == NULL) + timer = &localTime; + + *timer = (PIT_DRV_ReadTimerUs(PIT_INSTANCE, PIT_CHANNEL)) / 1000000; + return *timer; +} + +#endif /* FREESCALE_KSDK_BM */ + #ifdef WOLFSSL_TIRTOS time_t XTIME(time_t * timer) diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index dbf608f2ed..ba0f3c66a4 100755 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -107,11 +107,15 @@ int wc_RNG_GenerateByte(WC_RNG* rng, byte* b) #ifndef EBSNET #include #endif + #elif defined(FREESCALE_TRNG) + #define TRNG_INSTANCE (0) + #include "fsl_device_registers.h" + #include "fsl_trng_driver.h" #else /* include headers that may be needed to get good seed */ #endif #endif /* USE_WINDOWS_API */ - + #ifdef HAVE_INTEL_RDGEN static int wc_InitRng_IntelRD(void) ; #if defined(HAVE_HASHDRBG) || defined(NO_RC4) @@ -1080,7 +1084,8 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) } #endif /* WOLFSSL_MIC32MZ_RNG */ -#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) +#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) || \ + defined(FREESCALE_KSDK_BM) #ifdef FREESCALE_K70_RNGA /* @@ -1154,6 +1159,14 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) return 0; } + #elif defined(FREESCALE_TRNG) + + int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) + { + TRNG_DRV_GetRandomData(TRNG_INSTANCE, output, sz); + return(0); + } + #else #warning "write a real random seed!!!!, just for testing now" diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 717ea63911..e6c5d690da 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -78,6 +78,9 @@ /* Uncomment next line if building for Freescale KSDK MQX/RTCS/MFS */ /* #define FREESCALE_KSDK_MQX */ +/* Uncomment next line if building for Freescale KSDK Bare Metal */ +/* #define FREESCALE_KSDK_BM */ + /* Uncomment next line if using STM32F2 */ /* #define WOLFSSL_STM32F2 */ @@ -461,15 +464,7 @@ #endif #ifdef FREESCALE_MQX - #define SIZEOF_LONG_LONG 8 - #define NO_WRITEV - #define NO_DEV_RANDOM - #define NO_RABBIT - #define NO_WOLFSSL_DIR - #define USE_FAST_MATH - #define TFM_TIMING_RESISTANT - #define FREESCALE_K70_RNGA - /* #define FREESCALE_K53_RNGB */ + #define FREESCALE_COMMON #include "mqx.h" #ifndef NO_FILESYSTEM #include "mfs.h" @@ -485,16 +480,7 @@ #endif #ifdef FREESCALE_KSDK_MQX - #define SIZEOF_LONG_LONG 8 - #define NO_WRITEV - #define NO_DEV_RANDOM - #define NO_RABBIT - #define NO_WOLFSSL_DIR - #define USE_FAST_MATH - #define TFM_TIMING_RESISTANT - #define NO_OLD_RNGNAME - #define FREESCALE_K70_RNGA - /* #define FREESCALE_K53_RNGB */ + #define FREESCALE_COMMON #include #ifndef NO_FILESYSTEM #if MQX_USE_IO_OLD @@ -513,6 +499,40 @@ #define XREALLOC(p, n, h, t) _mem_realloc((p), (n)) /* since MQX 4.1.2 */ #endif +#ifdef FREESCALE_KSDK_BM + #define FREESCALE_COMMON + #define WOLFSSL_USER_IO + #define SINGLE_THREADED + #define NO_FILESYSTEM + #define USE_WOLFSSL_MEMORY +#endif + +#ifdef FREESCALE_COMMON + #define SIZEOF_LONG_LONG 8 + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_RABBIT + #define NO_WOLFSSL_DIR + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + + #if FSL_FEATURE_SOC_ENET_COUNT == 0 + #define WOLFSSL_USER_IO + #endif + + /* random seed */ + #define NO_OLD_RNGNAME + #if FSL_FEATURE_SOC_TRNG_COUNT > 0 + #define FREESCALE_TRNG + #elif !defined(FREESCALE_KSDK_BM) + #define FREESCALE_K70_RNGA + /* #define FREESCALE_K53_RNGB */ + #endif + + /* HW crypto */ + /* #define FREESCALE_MMCAU */ +#endif + #ifdef WOLFSSL_STM32F2 #define SIZEOF_LONG_LONG 8 #define NO_DEV_RANDOM From 5e26a5c8fc1e6dd84d7da899b86a4c36b2ec717e Mon Sep 17 00:00:00 2001 From: toddouska Date: Thu, 27 Aug 2015 11:18:06 -0700 Subject: [PATCH 15/55] fix alt_ecc_size exptmod with negative numbers --- wolfcrypt/src/tfm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wolfcrypt/src/tfm.c b/wolfcrypt/src/tfm.c index c45fa6dee3..d24f6d2c91 100755 --- a/wolfcrypt/src/tfm.c +++ b/wolfcrypt/src/tfm.c @@ -1209,7 +1209,7 @@ int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y) fp_int tmp; /* yes, copy G and invmod it */ - fp_copy(G, &tmp); + fp_init_copy(&tmp, G); if ((err = fp_invmod(&tmp, P, &tmp)) != FP_OKAY) { return err; } From 900edc04e5ef67fd6999a76870cb27b43d7978f7 Mon Sep 17 00:00:00 2001 From: Nickolas Lapp Date: Wed, 12 Aug 2015 10:10:30 -0600 Subject: [PATCH 16/55] Adding sni to mimic openssl functionality --- configure.ac | 11 +- src/internal.c | 319 ++++++++++++++++++++++--------------- src/ssl.c | 352 +++++++++++++++++++++++++++++++++++++++++ src/tls.c | 38 +++-- wolfssl/internal.h | 4 + wolfssl/openssl/ocsp.h | 69 +++++++- wolfssl/openssl/ssl.h | 50 +++++- wolfssl/ssl.h | 94 ++++++++++- 8 files changed, 789 insertions(+), 148 deletions(-) diff --git a/configure.ac b/configure.ac index 57d6eb83df..27184b1d61 100644 --- a/configure.ac +++ b/configure.ac @@ -1815,6 +1815,14 @@ then AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS" fi + # Requires OCSP make sure on + if test "x$ENABLED_OCSP" = "xno" + then + ENABLED_OCSP="yes" + AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP" + AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"]) + fi + # Requires coding make sure on if test "x$ENABLED_CODING" = "xno" then @@ -1835,7 +1843,8 @@ then AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL" AM_CONDITIONAL([BUILD_CRL], [test "x$ENABLED_CRL" = "xyes"]) fi - AM_CFLAGS="$AM_CFLAGS -DHAVE_STUNNEL" + AM_CFLAGS="$AM_CFLAGS -DHAVE_STUNNEL -DWOLFSSL_ALWAYS_VERIFY_CB" + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALWAYS_KEEP_SNI" fi diff --git a/src/internal.c b/src/internal.c index edc6cd33e4..ec49495faa 100644 --- a/src/internal.c +++ b/src/internal.c @@ -107,6 +107,9 @@ static int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, #if !defined(NO_RSA) || defined(HAVE_ECC) static int DoCertificateVerify(WOLFSSL* ssl, byte*, word32*, word32); #endif + #ifdef HAVE_STUNNEL + static int SNI_Callback(WOLFSSL* ssl); + #endif #endif @@ -1557,25 +1560,179 @@ void FreeX509(WOLFSSL_X509* x509) #endif /* NO_CERTS */ +/* This function inherits a WOLFSSL_CTX's fields into an SSL object. + It is used during initialization and to switch an ssl's CTX with + wolfSSL_Set_SSL_CTX */ +int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx) +{ + if(!ssl || !ctx) + return BAD_FUNC_ARG; + + byte havePSK = 0; + byte haveAnon = 0; + byte haveRSA = 0; + byte newSSL = ssl->ctx == NULL; + (void) haveAnon; /* Squash unused var warnings */ + +#ifndef NO_RSA + haveRSA = 1; +#endif +#ifndef NO_PSK + havePSK = ctx->havePSK; +#endif /* NO_PSK */ +#ifdef HAVE_ANON + haveAnon = ctx->haveAnon; +#endif /* HAVE_ANON*/ + + /* decrement previous CTX reference count if exists. + * This should only happen if switching ctxs!*/ + if (!newSSL) { + if(LockMutex(&ssl->ctx->countMutex) != 0) { + WOLFSSL_MSG("Couldn't lock on previous CTX count mutex"); + return BAD_MUTEX_E; + } + WOLFSSL_MSG("Decrementing previous ctx reference count. Switching ctx."); + ssl->ctx->refCount--; + UnLockMutex(&ssl->ctx->countMutex); + } + + /* increment CTX reference count */ + if (LockMutex(&ctx->countMutex) != 0) { + WOLFSSL_MSG("Couldn't lock CTX count mutex"); + return BAD_MUTEX_E; + } + ctx->refCount++; + UnLockMutex(&ctx->countMutex); + ssl->ctx = ctx; /* only for passing to calls, options could change */ + ssl->version = ctx->method->version; + +#ifdef HAVE_ECC + ssl->eccTempKeySz = ctx->eccTempKeySz; + ssl->pkCurveOID = ctx->pkCurveOID; +#endif + + ssl->timeout = ctx->timeout; + ssl->verifyCallback = ctx->verifyCallback; + ssl->options.side = ctx->method->side; + ssl->options.downgrade = ctx->method->downgrade; + ssl->options.minDowngrade = ctx->minDowngrade; + + if (ssl->options.side == WOLFSSL_SERVER_END) + ssl->options.haveDH = ctx->haveDH; + + ssl->options.haveNTRU = ctx->haveNTRU; + ssl->options.haveECDSAsig = ctx->haveECDSAsig; + ssl->options.haveStaticECC = ctx->haveStaticECC; + +#ifndef NO_PSK + ssl->options.havePSK = ctx->havePSK; + ssl->options.client_psk_cb = ctx->client_psk_cb; + ssl->options.server_psk_cb = ctx->server_psk_cb; +#endif /* NO_PSK */ + +#ifdef HAVE_ANON + ssl->options.haveAnon = ctx->haveAnon; +#endif +#ifndef NO_DH + ssl->options.minDhKeySz = ctx->minDhKeySz; +#endif + + ssl->options.sessionCacheOff = ctx->sessionCacheOff; + ssl->options.sessionCacheFlushOff = ctx->sessionCacheFlushOff; + + ssl->options.verifyPeer = ctx->verifyPeer; + ssl->options.verifyNone = ctx->verifyNone; + ssl->options.failNoCert = ctx->failNoCert; + ssl->options.sendVerify = ctx->sendVerify; + + ssl->heap = ctx->heap; /* defaults to self */ + ssl->options.partialWrite = ctx->partialWrite; + ssl->options.quietShutdown = ctx->quietShutdown; + ssl->options.groupMessages = ctx->groupMessages; + +#ifndef NO_DH + if (ssl->options.side == WOLFSSL_SERVER_END) { + ssl->buffers.serverDH_P = ctx->serverDH_P; + ssl->buffers.serverDH_G = ctx->serverDH_G; + } +#endif + +#ifndef NO_CERTS + /* ctx still owns certificate, certChain, key, dh, and cm */ + ssl->buffers.certificate = ctx->certificate; + ssl->buffers.certChain = ctx->certChain; + ssl->buffers.key = ctx->privateKey; +#endif + +#ifdef HAVE_CAVIUM + ssl->devId = ctx->devId; +#endif + +#ifndef NO_PSK + if (ctx->server_hint[0]) { /* set in CTX */ + XSTRNCPY(ssl->arrays->server_hint, ctx->server_hint, MAX_PSK_ID_LEN); + ssl->arrays->server_hint[MAX_PSK_ID_LEN - 1] = '\0'; + } +#endif /* NO_PSK */ + + if (ctx->suites) + *ssl->suites = *ctx->suites; + else + XMEMSET(ssl->suites, 0, sizeof(Suites)); + + /* make sure server has DH parms, and add PSK if there, add NTRU too */ + if (ssl->options.side == WOLFSSL_SERVER_END) + InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, + ssl->options.haveDH, ssl->options.haveNTRU, + ssl->options.haveECDSAsig, ssl->options.haveStaticECC, + ssl->options.side); + else + InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, TRUE, + ssl->options.haveNTRU, ssl->options.haveECDSAsig, + ssl->options.haveStaticECC, ssl->options.side); + +#ifndef NO_CERTS + /* make sure server has cert and key unless using PSK or Anon + * This should be true even if just switching ssl ctx */ + if (ssl->options.side == WOLFSSL_SERVER_END && !havePSK && !haveAnon) + if (!ssl->buffers.certificate.buffer || !ssl->buffers.key.buffer) { + WOLFSSL_MSG("Server missing certificate and/or private key"); + return NO_PRIVATE_KEY; + } +#endif + + return SSL_SUCCESS; +} + + /* init everything to 0, NULL, default values before calling anything that may fail so that desctructor has a "good" state to cleanup */ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx) { int ret; - byte haveRSA = 0; - byte havePSK = 0; - byte haveAnon = 0; - - (void) haveAnon; XMEMSET(ssl, 0, sizeof(WOLFSSL)); - ssl->ctx = ctx; /* only for passing to calls, options could change */ - ssl->version = ctx->method->version; + /* arrays */ + ssl->arrays = (Arrays*)XMALLOC(sizeof(Arrays), ssl->heap, + DYNAMIC_TYPE_ARRAYS); + if (ssl->arrays == NULL) { + WOLFSSL_MSG("Arrays Memory error"); + return MEMORY_E; + } + XMEMSET(ssl->arrays, 0, sizeof(Arrays)); -#ifndef NO_RSA - haveRSA = 1; -#endif + /* suites */ + ssl->suites = (Suites*)XMALLOC(sizeof(Suites), ssl->heap, + DYNAMIC_TYPE_SUITES); + if (ssl->suites == NULL) { + WOLFSSL_MSG("Suites Memory error"); + return MEMORY_E; + } + + /* Initialize SSL with the appropriate fields from it's ctx */ + if((ret = SetSSL_CTX(ssl, ctx)) != SSL_SUCCESS) + return ret; ssl->buffers.inputBuffer.buffer = ssl->buffers.inputBuffer.staticBuffer; ssl->buffers.inputBuffer.bufferSize = STATIC_BUFFER_LEN; @@ -1587,12 +1744,6 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx) InitX509(&ssl->peerCert, 0); #endif -#ifdef HAVE_ECC - ssl->eccTempKeySz = ctx->eccTempKeySz; - ssl->pkCurveOID = ctx->pkCurveOID; -#endif - - ssl->timeout = ctx->timeout; ssl->rfd = -1; /* set to invalid descriptor */ ssl->wfd = -1; @@ -1607,30 +1758,6 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx) ssl->dtls_expected_rx = MAX_MTU; #endif - ssl->verifyCallback = ctx->verifyCallback; - ssl->options.side = ctx->method->side; - ssl->options.downgrade = ctx->method->downgrade; - ssl->options.minDowngrade = ctx->minDowngrade; - - if (ssl->options.side == WOLFSSL_SERVER_END) - ssl->options.haveDH = ctx->haveDH; - - ssl->options.haveNTRU = ctx->haveNTRU; - ssl->options.haveECDSAsig = ctx->haveECDSAsig; - ssl->options.haveStaticECC = ctx->haveStaticECC; - -#ifndef NO_PSK - havePSK = ctx->havePSK; - ssl->options.havePSK = ctx->havePSK; - ssl->options.client_psk_cb = ctx->client_psk_cb; - ssl->options.server_psk_cb = ctx->server_psk_cb; -#endif /* NO_PSK */ - -#ifdef HAVE_ANON - haveAnon = ctx->haveAnon; - ssl->options.haveAnon = ctx->haveAnon; -#endif - ssl->options.serverState = NULL_STATE; ssl->options.clientState = NULL_STATE; ssl->options.connectState = CONNECT_BEGIN; @@ -1638,49 +1765,19 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx) ssl->options.handShakeState = NULL_STATE; ssl->options.processReply = doProcessInit; -#ifndef NO_DH - ssl->options.minDhKeySz = ctx->minDhKeySz; -#endif - #ifdef WOLFSSL_DTLS ssl->dtls_timeout_init = DTLS_TIMEOUT_INIT; ssl->dtls_timeout_max = DTLS_TIMEOUT_MAX; ssl->dtls_timeout = ssl->dtls_timeout_init; #endif - ssl->options.sessionCacheOff = ctx->sessionCacheOff; - ssl->options.sessionCacheFlushOff = ctx->sessionCacheFlushOff; - - ssl->options.verifyPeer = ctx->verifyPeer; - ssl->options.verifyNone = ctx->verifyNone; - ssl->options.failNoCert = ctx->failNoCert; - ssl->options.sendVerify = ctx->sendVerify; - #ifndef NO_OLD_TLS ssl->hmac = SSL_hmac; /* default to SSLv3 */ #else ssl->hmac = TLS_hmac; #endif - ssl->heap = ctx->heap; /* defaults to self */ - ssl->options.dtls = ssl->version.major == DTLS_MAJOR; - ssl->options.partialWrite = ctx->partialWrite; - ssl->options.quietShutdown = ctx->quietShutdown; - ssl->options.groupMessages = ctx->groupMessages; - -#ifndef NO_DH - if (ssl->options.side == WOLFSSL_SERVER_END) { - ssl->buffers.serverDH_P = ctx->serverDH_P; - ssl->buffers.serverDH_G = ctx->serverDH_G; - } -#endif -#ifndef NO_CERTS - /* ctx still owns certificate, certChain, key, dh, and cm */ - ssl->buffers.certificate = ctx->certificate; - ssl->buffers.certChain = ctx->certChain; - ssl->buffers.key = ctx->privateKey; -#endif #ifdef WOLFSSL_DTLS ssl->buffers.dtlsCtx.fd = -1; @@ -1688,10 +1785,6 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx) ssl->cipher.ssl = ssl; -#ifdef HAVE_CAVIUM - ssl->devId = ctx->devId; -#endif - #ifdef HAVE_TLS_EXTENSIONS #ifdef HAVE_MAX_FRAGMENT ssl->max_fragment = MAX_RECORD_SIZE; @@ -1747,30 +1840,6 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx) } #endif - /* increment CTX reference count */ - if (LockMutex(&ctx->countMutex) != 0) { - WOLFSSL_MSG("Couldn't lock CTX count mutex"); - return BAD_MUTEX_E; - } - ctx->refCount++; - UnLockMutex(&ctx->countMutex); - - /* arrays */ - ssl->arrays = (Arrays*)XMALLOC(sizeof(Arrays), ssl->heap, - DYNAMIC_TYPE_ARRAYS); - if (ssl->arrays == NULL) { - WOLFSSL_MSG("Arrays Memory error"); - return MEMORY_E; - } - XMEMSET(ssl->arrays, 0, sizeof(Arrays)); - -#ifndef NO_PSK - if (ctx->server_hint[0]) { /* set in CTX */ - XSTRNCPY(ssl->arrays->server_hint, ctx->server_hint, MAX_PSK_ID_LEN); - ssl->arrays->server_hint[MAX_PSK_ID_LEN - 1] = '\0'; - } -#endif /* NO_PSK */ - /* RNG */ ssl->rng = (WC_RNG*)XMALLOC(sizeof(WC_RNG), ssl->heap, DYNAMIC_TYPE_RNG); if (ssl->rng == NULL) { @@ -1783,43 +1852,10 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx) return ret; } - /* suites */ - ssl->suites = (Suites*)XMALLOC(sizeof(Suites), ssl->heap, - DYNAMIC_TYPE_SUITES); - if (ssl->suites == NULL) { - WOLFSSL_MSG("Suites Memory error"); - return MEMORY_E; - } - if (ctx->suites) - *ssl->suites = *ctx->suites; - else - XMEMSET(ssl->suites, 0, sizeof(Suites)); - - -#ifndef NO_CERTS - /* make sure server has cert and key unless using PSK or Anon */ - if (ssl->options.side == WOLFSSL_SERVER_END && !havePSK && !haveAnon) - if (!ssl->buffers.certificate.buffer || !ssl->buffers.key.buffer) { - WOLFSSL_MSG("Server missing certificate and/or private key"); - return NO_PRIVATE_KEY; - } -#endif #ifdef HAVE_SECRET_CALLBACK ssl->sessionSecretCb = NULL; ssl->sessionSecretCtx = NULL; #endif - - /* make sure server has DH parms, and add PSK if there, add NTRU too */ - if (ssl->options.side == WOLFSSL_SERVER_END) - InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, - ssl->options.haveDH, ssl->options.haveNTRU, - ssl->options.haveECDSAsig, ssl->options.haveStaticECC, - ssl->options.side); - else - InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, TRUE, - ssl->options.haveNTRU, ssl->options.haveECDSAsig, - ssl->options.haveStaticECC, ssl->options.side); - return 0; } @@ -14336,6 +14372,10 @@ int DoSessionTicket(WOLFSSL* ssl, if ((ret = TLSX_Parse(ssl, (byte *) input + i, totalExtSz, 1, &clSuites))) return ret; +#ifdef HAVE_STUNNEL + if((ret=SNI_Callback(ssl))) + return ret; +#endif /*HAVE_STUNNEL*/ i += totalExtSz; #else @@ -15439,4 +15479,21 @@ int DoSessionTicket(WOLFSSL* ssl, return ret; } +#ifdef HAVE_STUNNEL + static int SNI_Callback(WOLFSSL* ssl) + { + /* Stunnel supports a custom sni callback to switch an SSL's ctx + * when SNI is received. Call it now if exists */ + if(ssl && ssl->ctx && ssl->ctx->sniRecvCb) { + WOLFSSL_MSG("Calling custom sni callback"); + if(ssl->ctx->sniRecvCb(ssl, NULL, ssl->ctx->sniRecvCbArg) + == alert_fatal) { + WOLFSSL_MSG("Error in custom sni callback. Fatal alert"); + SendAlert(ssl, alert_fatal, unrecognized_name); + return FATAL_ERROR; + } + } + return 0; + } +#endif /* HAVE_STUNNEL */ #endif /* NO_WOLFSSL_SERVER */ diff --git a/src/ssl.c b/src/ssl.c index 74194b2ca1..9fc826450f 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -70,6 +70,9 @@ #include #include #include + #ifdef HAVE_STUNNEL + #include + #endif /* WITH_STUNNEL */ #ifdef WOLFSSL_SHA512 #include #endif @@ -16343,6 +16346,355 @@ const byte* wolfSSL_SESSION_get_id(WOLFSSL_SESSION* sess, unsigned int* idLen) *idLen = sess->sessionIDSz; return sess->sessionID; } + +int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME *a, const WOLFSSL_X509_NAME *b) +{ + (void) a; + (void) b; + WOLFSSL_ENTER("wolfSSL_X509_NAME_cmp"); + WOLFSSL_STUB("wolfSSL_X509_NAME_cmp"); + WOLFSSL_LEAVE("wolfSSL_X509_NAME_cmp",0); + return SSL_SUCCESS; +} + +void wolfSSL_X509_email_free(void *sk) +{ + (void)sk; + WOLFSSL_ENTER("wolfSSL_X509_email_free"); + WOLFSSL_STUB("wolfSSL_X509_email_free"); + WOLFSSL_LEAVE("wolfSSL_X509_email_free",0); +} + +WOLFSSL_STRING* wolfSSL_X509_get1_ocsp(WOLFSSL_X509 *cert) +{ + WOLFSSL_ENTER("wolfSSL_X509_get1_ocsp"); + WOLFSSL_STUB("wolfSSL_X509_get1_ocsp"); + WOLFSSL_LEAVE("wolfSSL_X509_get1_ocsp",0); + (void)cert; + return NULL; +} + +void wolfSSL_OCSP_CERTID_free(WOLFSSL_OCSP_CERTID* ocsp) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_CERTID_free"); + WOLFSSL_STUB("wolfSSL_OCSP_CERTID_free"); + WOLFSSL_LEAVE("wolfSSL_OCSP_CERTID_free",0); + (void)ocsp; + return; +} + +WOLFSSL_OCSP_REQUEST* wolfSSL_OCSP_REQUEST_new(void){ + WOLFSSL_ENTER("wolfSSL_OCSP_REQUEST_new"); + WOLFSSL_STUB("wolfSSL_OCSP_REQUEST_new"); + WOLFSSL_OCSP_REQUEST *or = NULL; + return or; +} + +WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id(const WOLFSSL_EVP_MD* dgst, + WOLFSSL_X509* subject, WOLFSSL_X509* issuer) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_CERTID_free"); + WOLFSSL_STUB("wolfSSL_OCSP_CERTID_free"); + WOLFSSL_LEAVE("wolfSSL_OCSP_CERTID_free",0); + (void)dgst; + (void)subject; + (void)issuer; + return NULL; +} + + +void wolfSSL_OCSP_REQUEST_free(WOLFSSL_OCSP_REQUEST* request) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_REQUEST_free"); + WOLFSSL_STUB("wolfSSL_OCSP_REQUEST_free"); + WOLFSSL_LEAVE("wolfSSL_OCSP_REQUEST_free",0); + (void)request; + return; +} + +int wolfSSL_BIO_should_write(WOLFSSL_BIO *bio) +{ + WOLFSSL_ENTER("wolfSSL_BIO_should_write"); + WOLFSSL_STUB("wolfSSL_BIO_should_write"); + WOLFSSL_LEAVE("wolfSSL_BIO_should_write",0); + (void) bio; + return SSL_SUCCESS; +} + +int BIO_should_read(WOLFSSL_BIO *bio) +{ + WOLFSSL_ENTER("BIO_should_read"); + WOLFSSL_STUB("BIO_should_read"); + WOLFSSL_LEAVE("BIO_should_read",0); + (void) bio; + return SSL_SUCCESS; +} + +int wolfSSL_OCSP_check_nonce(WOLFSSL_OCSP_REQUEST *req, WOLFSSL_OCSP_BASICRESP *bs) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_check_nonce"); + WOLFSSL_STUB("wolfSSL_OCSP_check_nonce"); + WOLFSSL_LEAVE("wolfSSL_OCSP_check_nonce",0); + (void) req; + (void) bs; + return SSL_SUCCESS; +} + +int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP *bs, STACK_OF(WOLFSSL_X509) *certs, + WOLFSSL_X509_STORE *st, unsigned long flags) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_basic_verify"); + WOLFSSL_STUB("wolfSSL_OCSP_basic_verify"); + WOLFSSL_LEAVE("wolfSSL_OCSP_basic_verify",0); + (void) bs; + (void) certs; + (void) st; + (void) flags; + return SSL_SUCCESS; +} + +void wolfSSL_OCSP_REQ_CTX_free(WOLFSSL_OCSP_REQ_CTX *rctx) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_REQ_CTX_free"); + WOLFSSL_STUB("wolfSSL_OCSP_REQ_CTX_free"); + WOLFSSL_LEAVE("wolfSSL_OCSP_REQ_CTX_free",0); + (void) rctx; +} + +int wolfSSL_OCSP_RESPONSE_free( WOLFSSL_OCSP_RESPONSE* r) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_RESPONSE_free"); + WOLFSSL_STUB("wolfSSL_OCSP_RESPONSE_free"); + WOLFSSL_LEAVE("wolfSSL_OCSP_RESPONSE_free",0); + (void) r; + return SSL_SUCCESS; +} + +int wolfSSL_OCSP_BASICRESP_free(WOLFSSL_OCSP_BASICRESP *basic_response) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_BASICRESP_free"); + WOLFSSL_STUB("wolfSSL_OCSP_BASICRESP_free"); + WOLFSSL_LEAVE("wolfSSL_OCSP_BASICRESP_free",0); + (void) basic_response; + return SSL_SUCCESS; +} + + +WOLFSSL_OCSP_BASICRESP *wolfSSL_OCSP_response_get1_basic(WOLFSSL_OCSP_RESPONSE *resp) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_response_get1_basic"); + WOLFSSL_STUB("wolfSSL_OCSP_response_get1_basic"); + WOLFSSL_LEAVE("wolfSSL_OCSP_response_get1_basic",0); + (void) resp; + return NULL; +} + +int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs, + WOLFSSL_OCSP_CERTID *id, int *status, + int *reason, WOLFSSL_ASN1_TIME**revtime, + WOLFSSL_ASN1_TIME**thisupd, WOLFSSL_ASN1_TIME**nextupd) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_resp_find_status"); + WOLFSSL_STUB("wolfSSL_OCSP_resp_find_status"); + WOLFSSL_LEAVE("wolfSSL_OCSP_resp_find_status",0); + (void) bs; + (void) id; + (void) status; + (void) reason; + (void) revtime; + (void) thisupd; + (void) nextupd; + return SSL_SUCCESS; +} + +int wolfSSL_OCSP_request_add1_nonce(WOLFSSL_OCSP_REQUEST *req, unsigned char *val, int len) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_request_add1_nonce"); + WOLFSSL_STUB("wolfSSL_OCSP_request_add1_nonce"); + WOLFSSL_LEAVE("wolfSSL_OCSP_request_add1_nonce",0); + (void) req; + (void) val; + (void) len; + return SSL_SUCCESS; +} + +WOLFSSL_OCSP_ONEREQ *wolfSSL_OCSP_request_add0_id(WOLFSSL_OCSP_REQUEST *req, WOLFSSL_OCSP_CERTID *cid) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_request_add0_id"); + WOLFSSL_STUB("wolfSSL_OCSP_request_add0_id"); + WOLFSSL_LEAVE("wolfSSL_OCSP_request_add0_id",0); + (void) req; + (void) cid; + return NULL; +} + +const char *wolfSSL_OCSP_crl_reason_str(long s) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_crl_reason_str"); + WOLFSSL_STUB("wolfSSL_OCSP_crl_reason_str"); + WOLFSSL_LEAVE("wolfSSL_OCSP_crl_reason_str",0); + (void) s; + return NULL; +} + +int wolfSSL_OCSP_check_validity(WOLFSSL_ASN1_TIME*thisupd, + WOLFSSL_ASN1_TIME*nextupd, long sec, long maxsec) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_check_validity"); + WOLFSSL_STUB("wolfSSL_OCSP_check_validity"); + WOLFSSL_LEAVE("wolfSSL_OCSP_check_validity",0); + (void) thisupd; + (void) nextupd; + (void) sec; + (void) maxsec; + return SSL_SUCCESS; +} + +STACK_OF(WOLFSSL_X509)* wolfSSL_X509_STORE_CTX_get_chain(WOLFSSL_X509_STORE_CTX *ctx) +{ + WOLFSSL_ENTER("wolfSSL_X509_STORE_CTX_get_chain"); + WOLFSSL_STUB("wolfSSL_X509_STORE_CTX_get_chain"); + WOLFSSL_LEAVE("wolfSSL_X509_STORE_CTX_get_chain",0); + (void) ctx; + return NULL; +} + +WOLFSSL_OCSP_REQ_CTX *wolfSSL_OCSP_sendreq_new(WOLFSSL_BIO *io, const char *path, WOLFSSL_OCSP_REQUEST *req, int maxline) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_sendreq_new"); + WOLFSSL_STUB("wolfSSL_OCSP_sendreq_new"); + WOLFSSL_LEAVE("wolfSSL_OCSP_sendreq_new",0); + (void) io; + (void) path; + (void) req; + (void) maxline; + return NULL; +} + +int wolfSSL_OCSP_sendreq_nbio(WOLFSSL_OCSP_RESPONSE **presp, WOLFSSL_OCSP_REQ_CTX *rctx) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_sendreq_nbio"); + WOLFSSL_STUB("wolfSSL_OCSP_sendreq_nbio"); + WOLFSSL_LEAVE("wolfSSL_OCSP_sendreq_nbio",0); + (void) presp; + (void) rctx; + return SSL_SUCCESS; +} + + +const char *wolfSSL_OCSP_cert_status_str(long s) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_cert_status_str"); + WOLFSSL_STUB("wolfSSL_OCSP_cert_status_str"); + WOLFSSL_LEAVE("wolfSSL_OCSP_cert_status_str",0); + (void) s; + return NULL; +} + +int wolfSSL_OCSP_response_status(WOLFSSL_OCSP_RESPONSE *resp) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_response_status"); + WOLFSSL_STUB("wolfSSL_OCSP_response_status"); + WOLFSSL_LEAVE("wolfSSL_OCSP_response_status",0); + (void) resp; + return SSL_SUCCESS; +} + + +const char *wolfSSL_OCSP_response_status_str(long s) +{ + WOLFSSL_ENTER("wolfSSL_OCSP_response_status_str"); + WOLFSSL_STUB("wolfSSL_OCSP_response_status_str"); + WOLFSSL_LEAVE("wolfSSL_OCSP_response_status_str",0); + (void) s; + return NULL; +} + + +int wolfSSL_sk_WOLFSSL_STRING_num(const STACK_OF(WOLFSSL_STRING)* string) +{ + WOLFSSL_ENTER("wolfSSL_sk_WOLFSSL_STRING_num"); + WOLFSSL_STUB("wolfSSL_sk_WOLFSSL_STRING_num"); + WOLFSSL_LEAVE("wolfSSL_sk_WOLFSSL_STRING_num",0); + (void) string; + return 0; +} + + +WOLFSSL_STRING wolfSSL_sk_WOLFSSL_STRING_value( + const STACK_OF(WOLFSSL_STRING)* string, int idx) +{ + WOLFSSL_ENTER("wolfSSL_sk_WOLFSSL_STRING_value"); + WOLFSSL_STUB("wolfSSL_sk_WOLFSSL_STRING_value"); + WOLFSSL_LEAVE("wolfSSL_sk_WOLFSSL_STRING_value",0); + (void) string; + (void) idx; + return 0; +} + + +int wolfSSL_set_tlsext_host_name(WOLFSSL* ssl, const char* host_name) +{ + int ret; + WOLFSSL_ENTER("wolfSSL_set_tlsext_host_name"); + ret = wolfSSL_UseSNI(ssl, WOLFSSL_SNI_HOST_NAME, + host_name, XSTRLEN(host_name)); + WOLFSSL_LEAVE("wolfSSL_set_tlsext_host_name", ret); + return ret; +} + + +const char * wolfSSL_get_servername(WOLFSSL* ssl, byte type) +{ + void * serverName = NULL; + if (ssl == NULL) + return NULL; + TLSX_SNI_GetRequest(ssl->extensions, type, &serverName); + return (const char *)serverName; +} + + +WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx) +{ + if (ssl && ctx && SetSSL_CTX(ssl, ctx) == SSL_SUCCESS) + return ssl->ctx; + return NULL; +} + + +VerifyCallback wolfSSL_CTX_get_verify_callback(WOLFSSL_CTX* ctx) +{ + WOLFSSL_ENTER("wolfSSL_CTX_get_verify_callback"); + if(ctx) + return ctx->verifyCallback; + return NULL; +} + + +int wolfSSL_CTX_get_verify_mode(WOLFSSL_CTX* ctx) +{ + (void)ctx; + WOLFSSL_ENTER("wolfSSL_CTX_get_verify_mode"); + WOLFSSL_STUB("wolfSSL_CTX_get_verify_mode"); + WOLFSSL_LEAVE("wolfSSL_CTX_get_verify_mode",0); + return 0; +} + + +void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX* ctx, CallbackSniRecv cb) +{ + WOLFSSL_ENTER("wolfSSL_CTX_set_servername_callback"); + if (ctx) + ctx->sniRecvCb = cb; +} + + +void wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX* ctx, void* arg) +{ + WOLFSSL_ENTER("wolfSSL_CTX_set_servername_arg"); + if (ctx) + ctx->sniRecvCbArg = arg; +} #endif /* OPENSSL_EXTRA and HAVE_STUNNEL */ #if defined(OPENSSL_EXTRA) && defined(HAVE_CURVE25519) diff --git a/src/tls.c b/src/tls.c index 59bafa0ed3..8c8e141817 100644 --- a/src/tls.c +++ b/src/tls.c @@ -1003,6 +1003,7 @@ static int TLSX_SNI_Parse(WOLFSSL* ssl, byte* input, word16 length, #ifndef NO_WOLFSSL_SERVER word16 size = 0; word16 offset = 0; + byte forceKeep = 0; #endif TLSX *extension = TLSX_Find(ssl->extensions, SERVER_NAME_INDICATION); @@ -1010,9 +1011,17 @@ static int TLSX_SNI_Parse(WOLFSSL* ssl, byte* input, word16 length, if (!extension) extension = TLSX_Find(ssl->ctx->extensions, SERVER_NAME_INDICATION); - if (!extension || !extension->data) + + + if (!extension || !extension->data) { +#if defined(WOLFSSL_ALWAYS_KEEP_SNI) && !defined(NO_WOLFSSL_SERVER) + forceKeep = 1; + WOLFSSL_MSG("Forcing SSL object to store SNI parameter"); +#else return isRequest ? 0 /* not using SNI. */ : BUFFER_ERROR; /* unexpected SNI response. */ +#endif + } if (!isRequest) return length ? BUFFER_ERROR /* SNI response MUST be empty. */ @@ -1043,14 +1052,16 @@ static int TLSX_SNI_Parse(WOLFSSL* ssl, byte* input, word16 length, if (offset + size > length) return BUFFER_ERROR; - if (!(sni = TLSX_SNI_Find((SNI*)extension->data, type))) + if (!forceKeep && !(sni = TLSX_SNI_Find((SNI*)extension->data, type))) continue; /* not using this type of SNI. */ switch(type) { case WOLFSSL_SNI_HOST_NAME: { - byte matched = (XSTRLEN(sni->data.host_name) == size) + int matchStat; + byte matched = forceKeep || + ((XSTRLEN(sni->data.host_name) == size) && (XSTRNCMP(sni->data.host_name, - (const char*)input + offset, size) == 0); + (const char*)input + offset, size) == 0)); if (matched || sni->options & WOLFSSL_SNI_ANSWER_ON_MISMATCH) { int r = TLSX_UseSNI(&ssl->extensions, @@ -1059,12 +1070,21 @@ static int TLSX_SNI_Parse(WOLFSSL* ssl, byte* input, word16 length, if (r != SSL_SUCCESS) return r; /* throws error. */ - TLSX_SNI_SetStatus(ssl->extensions, type, - matched ? WOLFSSL_SNI_REAL_MATCH - : WOLFSSL_SNI_FAKE_MATCH); + if(forceKeep) { + WOLFSSL_MSG("Forcing storage of SNI, Fake match"); + matchStat = WOLFSSL_SNI_FORCE_KEEP; + } else if(matched) { + WOLFSSL_MSG("SNI did match!"); + matchStat = WOLFSSL_SNI_REAL_MATCH; + } else { + WOLFSSL_MSG("fake SNI match from ANSWER_ON_MISMATCH"); + matchStat = WOLFSSL_SNI_FAKE_MATCH; + } - TLSX_SetResponse(ssl, SERVER_NAME_INDICATION); - WOLFSSL_MSG("SNI did match!"); + TLSX_SNI_SetStatus(ssl->extensions, type, matchStat); + + if(!forceKeep) + TLSX_SetResponse(ssl, SERVER_NAME_INDICATION); } else if (!(sni->options & WOLFSSL_SNI_CONTINUE_ON_MISMATCH)) { SendAlert(ssl, alert_fatal, unrecognized_name); diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 18617e20f0..5b690d1cd9 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -1668,6 +1668,8 @@ struct WOLFSSL_CTX { #endif /* OPENSSL_EXTRA */ #ifdef HAVE_STUNNEL void* ex_data[MAX_EX_DATA]; + CallbackSniRecv sniRecvCb; + void* sniRecvCbArg; #endif #ifdef HAVE_OCSP WOLFSSL_OCSP ocsp; @@ -2418,6 +2420,8 @@ struct WOLFSSL { }; +WOLFSSL_LOCAL +int SetSSL_CTX(WOLFSSL*, WOLFSSL_CTX*); WOLFSSL_LOCAL int InitSSL(WOLFSSL*, WOLFSSL_CTX*); WOLFSSL_LOCAL diff --git a/wolfssl/openssl/ocsp.h b/wolfssl/openssl/ocsp.h index 7463eec968..7686746013 100644 --- a/wolfssl/openssl/ocsp.h +++ b/wolfssl/openssl/ocsp.h @@ -1 +1,68 @@ -/* ocsp.h for libcurl */ +/* ocsp.h + * + * Copyright (C) 2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +#ifndef WOLFSSL_OCSP_H_ +#define WOLFSSL_OCSP_H_ + +#include +#include + +#ifdef __cplusplus + extern "C" { +#endif + +#ifdef HAVE_STUNNEL + #define X509_get1_ocsp wolfSSL_X509_get1_ocsp + #define OCSP_CERTID_free wolfSSL_OCSP_CERTID_free + #define OCSP_cert_to_id wolfSSL_OCSP_cert_to_id + #define OCSP_REQUEST_free wolfSSL_OCSP_REQUEST_free + + #define OPENSSL_STRING WOLFSSL_STRING + #define sk_OPENSSL_STRING_value wolfSSL_sk_WOLFSSL_STRING_value + #define sk_OPENSSL_STRING_num wolfSSL_sk_WOLFSSL_STRING_num + + typedef WOLFSSL_OCSP_CERTID OCSP_CERTID; + typedef char* WOLFSSL_STRING; + typedef WOLFSSL_OCSP_RESPONSE OCSP_RESPONSE; + + + WOLFSSL_API WOLFSSL_STRING *wolfSSL_X509_get1_ocsp(WOLFSSL_X509*); + WOLFSSL_API void wolfSSL_OCSP_CERTID_free(WOLFSSL_OCSP_CERTID* cert); + WOLFSSL_API + WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id(const WOLFSSL_EVP_MD*, + WOLFSSL_X509*, WOLFSSL_X509*); + + WOLFSSL_API + int wolfSSL_sk_WOLFSSL_STRING_num(const STACK_OF(WOLFSSL_STRING)*); + WOLFSSL_API WOLFSSL_STRING wolfSSL_sk_WOLFSSL_STRING_value( + const STACK_OF(WOLFSSL_STRING)*, int); + + + WOLFSSL_API void wolfSSL_OCSP_REQUEST_free(WOLFSSL_OCSP_REQUEST*); +#endif /* HAVE_STUNNEL */ + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* WOLFSSL_EVP_H_ */ diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index cae159e55e..1d6058b205 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -96,7 +96,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX; #define SSL_get_verify_result(ctx) X509_V_OK #define SSL_get_verify_mode wolfSSL_SSL_get_mode #define SSL_get_verify_depth wolfSSL_get_verify_depth -#define SSL_CTX_get_verify_mode wolfSSL_CTX_get_mode +#define SSL_CTX_get_verify_mode wolfSSL_CTX_get_verify_mode #define SSL_CTX_get_verify_depth wolfSSL_CTX_get_verify_depth #define SSL_get_certificate(ctx) 0 /* used to pass to get_privatekey */ @@ -477,8 +477,56 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY; #define SSL_SESSION_get_id wolfSSL_SESSION_get_id #define CRYPTO_dynlock_value WOLFSSL_dynlock_value typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING; +typedef WOLFSSL_OCSP_REQUEST OCSP_REQUEST; +typedef WOLFSSL_OCSP_BASICRESP OCSP_BASICRESP; +typedef WOLFSSL_OCSP_REQ_CTX OCSP_REQ_CTX; +typedef WOLFSSL_OCSP_ONEREQ OCSP_ONEREQ; +#define V_OCSP_CERTSTATUS_UNKNOWN 2 +#define X509_V_ERR_APPLICATION_VERIFICATION 50 +#define V_OCSP_CERTSTATUS_GOOD 0 +#define V_OCSP_CERTSTATUS_REVOKED 1 +#define OCSP_RESPONSE_STATUS_SUCCESSFUL 0 +#define SSL_TLSEXT_ERR_OK 0 +#define SSL_TLSEXT_ERR_ALERT_FATAL alert_fatal +#define SSL_TLSEXT_ERR_NOACK alert_warning +#define TLSEXT_NAMETYPE_host_name WOLFSSL_SNI_HOST_NAME + +#define ASN1_GENERALIZEDTIME WOLFSSL_ASN1_TIME +#define X509_NAME_cmp wolfSSL_X509_NAME_cmp +#define X509_email_free wolfSSL_X509_email_free +#define OCSP_REQUEST_new wolfSSL_OCSP_REQUEST_new +#define BIO_should_write wolfSSL_BIO_should_write +#define BIO_should_read wolfSSL_BIO_should_read + +#define OCSP_check_nonce wolfSSL_OCSP_check_nonce +#define OCSP_cert_status_str wolfSSL_OCSP_cert_status_str +#define OCSP_basic_verify wolfSSL_OCSP_basic_verify +#define OCSP_REQ_CTX_free wolfSSL_OCSP_REQ_CTX_free +#define OCSP_RESPONSE_free wolfSSL_OCSP_RESPONSE_free +#define OCSP_BASICRESP_free wolfSSL_OCSP_BASICRESP_free + +#define OCSP_response_get1_basic wolfSSL_OCSP_response_get1_basic +#define OCSP_resp_find_status wolfSSL_OCSP_resp_find_status +#define OCSP_request_add1_nonce wolfSSL_OCSP_request_add1_nonce +#define OCSP_request_add0_id wolfSSL_OCSP_request_add0_id +#define OCSP_crl_reason_str wolfSSL_OCSP_crl_reason_str +#define OCSP_check_validity wolfSSL_OCSP_check_validity + +#define X509_STORE_CTX_get_chain wolfSSL_X509_STORE_CTX_get_chain +#define OCSP_sendreq_new wolfSSL_OCSP_sendreq_new +#define OCSP_sendreq_nbio wolfSSL_OCSP_sendreq_nbio +#define OCSP_cert_status_str wolfSSL_OCSP_cert_status_str +#define OCSP_response_status wolfSSL_OCSP_response_status + +#define OCSP_response_status_str wolfSSL_OCSP_response_status_str +#define SSL_set_tlsext_host_name wolfSSL_set_tlsext_host_name +#define SSL_get_servername wolfSSL_get_servername +#define SSL_set_SSL_CTX wolfSSL_set_SSL_CTX +#define SSL_CTX_get_verify_callback wolfSSL_CTX_get_verify_callback +#define SSL_CTX_set_tlsext_servername_callback wolfSSL_CTX_set_servername_callback +#define SSL_CTX_set_tlsext_servername_arg wolfSSL_CTX_set_servername_arg #endif /* HAVE_STUNNEL */ #ifdef __cplusplus diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index f1c492afa8..edec775553 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -573,12 +573,12 @@ enum { OCSP_TRUSTOTHER = 512, OCSP_RESPID_KEY = 1024, OCSP_NOTIME = 2048, - +#ifndef HAVE_STUNNEL OCSP_CERTID = 2, OCSP_REQUEST = 4, OCSP_RESPONSE = 8, OCSP_BASICRESP = 16, - +#endif WOLFSSL_OCSP_URL_OVERRIDE = 1, WOLFSSL_OCSP_NO_NONCE = 2, WOLFSSL_OCSP_CHECKALL = 4, @@ -1315,7 +1315,8 @@ WOLFSSL_API void wolfSSL_CTX_SNI_SetOptions(WOLFSSL_CTX* ctx, enum { WOLFSSL_SNI_NO_MATCH = 0, WOLFSSL_SNI_FAKE_MATCH = 1, /**< @see WOLFSSL_SNI_ANSWER_ON_MISMATCH */ - WOLFSSL_SNI_REAL_MATCH = 2 + WOLFSSL_SNI_REAL_MATCH = 2, + WOLFSSL_SNI_FORCE_KEEP = 3 /** Used with -DWOLFSSL_ALWAYS_KEEP_SNI */ }; WOLFSSL_API unsigned char wolfSSL_SNI_Status(WOLFSSL* ssl, unsigned char type); @@ -1559,6 +1560,16 @@ WOLFSSL_API int PEM_write_bio_WOLFSSL_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 *x); #include +/* SNI received callback type */ +typedef int (*CallbackSniRecv)(WOLFSSL *ssl, int *ret, void* exArg); + +typedef struct WOLFSSL_OCSP_CERTID WOLFSSL_OCSP_CERTID; +typedef struct WOLFSSL_OCSP_RESPONSE WOLFSSL_OCSP_RESPONSE; +typedef struct WOLFSSL_OCSP_REQUEST WOLFSSL_OCSP_REQUEST; +typedef struct WOLFSSL_OCSP_BASICRESP WOLFSSL_OCSP_BASICRESP; +typedef struct WOLFSSL_OCSP_REQ_CTX WOLFSSL_OCSP_REQ_CTX; +typedef struct WOLFSSL_OCSP_ONEREQ WOLFSSL_OCSP_ONEREQ; + WOLFSSL_API int wolfSSL_CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int), void *(*r) (void *, size_t, const char *, int), void (*f) (void *)); @@ -1581,7 +1592,8 @@ WOLFSSL_API int wolfSSL_sk_X509_NAME_num(const STACK_OF(WOLFSSL_X509_NAME) *s); WOLFSSL_API int wolfSSL_sk_X509_num(const STACK_OF(WOLFSSL_X509) *s); -WOLFSSL_API int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO*,WOLFSSL_X509_NAME*,int,unsigned long); +WOLFSSL_API int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO*,WOLFSSL_X509_NAME*,int, + unsigned long); WOLFSSL_API WOLFSSL_ASN1_BIT_STRING* wolfSSL_X509_get0_pubkey_bitstr( const WOLFSSL_X509*); @@ -1612,7 +1624,79 @@ WOLFSSL_API int wolfSSL_SESSION_get_ex_new_index(long,void*,void*,void*, WOLFSSL_API int wolfSSL_X509_NAME_get_sz(WOLFSSL_X509_NAME*); -WOLFSSL_API const unsigned char* wolfSSL_SESSION_get_id(WOLFSSL_SESSION*, unsigned int*); +WOLFSSL_API const unsigned char* wolfSSL_SESSION_get_id(WOLFSSL_SESSION*, + unsigned int*); + +WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME *, + const WOLFSSL_X509_NAME *); + +WOLFSSL_API void wolfSSL_X509_email_free(void *); + +WOLFSSL_API WOLFSSL_OCSP_REQUEST* wolfSSL_OCSP_REQUEST_new(void); + +WOLFSSL_API int wolfSSL_BIO_should_write(WOLFSSL_BIO *); + +WOLFSSL_API int wolfSSL_BIO_should_read(WOLFSSL_BIO *); + +WOLFSSL_API int wolfSSL_OCSP_check_nonce(WOLFSSL_OCSP_REQUEST*, + WOLFSSL_OCSP_BASICRESP*); + +WOLFSSL_API int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP*, + STACK_OF(WOLFSSL_X509)*, WOLFSSL_X509_STORE*,unsigned long); + +WOLFSSL_API void wolfSSL_OCSP_REQ_CTX_free(WOLFSSL_OCSP_REQ_CTX *); + +WOLFSSL_API int wolfSSL_OCSP_RESPONSE_free( WOLFSSL_OCSP_RESPONSE*); + +WOLFSSL_API int wolfSSL_OCSP_BASICRESP_free(WOLFSSL_OCSP_BASICRESP*); + +WOLFSSL_API +WOLFSSL_OCSP_BASICRESP *wolfSSL_OCSP_response_get1_basic(WOLFSSL_OCSP_RESPONSE*); + +WOLFSSL_API int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP*, + WOLFSSL_OCSP_CERTID *, int *, int *, + WOLFSSL_ASN1_TIME**, WOLFSSL_ASN1_TIME**, WOLFSSL_ASN1_TIME**); + +WOLFSSL_API int wolfSSL_OCSP_request_add1_nonce(WOLFSSL_OCSP_REQUEST *, + unsigned char *, int ); + +WOLFSSL_API +WOLFSSL_OCSP_ONEREQ *wolfSSL_OCSP_request_add0_id(WOLFSSL_OCSP_REQUEST *, + WOLFSSL_OCSP_CERTID *); + +WOLFSSL_API const char *wolfSSL_OCSP_crl_reason_str(long ); + +WOLFSSL_API int wolfSSL_OCSP_check_validity(WOLFSSL_ASN1_TIME *, + WOLFSSL_ASN1_TIME*, long, long); +WOLFSSL_API +STACK_OF(WOLFSSL_X509)* wolfSSL_X509_STORE_CTX_get_chain(WOLFSSL_X509_STORE_CTX *); + +WOLFSSL_API WOLFSSL_OCSP_REQ_CTX *wolfSSL_OCSP_sendreq_new(WOLFSSL_BIO *io, + const char *path, WOLFSSL_OCSP_REQUEST *req, int maxline); + +WOLFSSL_API int wolfSSL_OCSP_sendreq_nbio(WOLFSSL_OCSP_RESPONSE**, + WOLFSSL_OCSP_REQ_CTX *); + +WOLFSSL_API const char *wolfSSL_OCSP_cert_status_str(long); + +WOLFSSL_API int wolfSSL_OCSP_response_status(WOLFSSL_OCSP_RESPONSE *); + +WOLFSSL_API const char *wolfSSL_OCSP_response_status_str(long); + +WOLFSSL_API int wolfSSL_set_tlsext_host_name(WOLFSSL *, const char *); + +WOLFSSL_API const char* wolfSSL_get_servername(WOLFSSL *, unsigned char); + +WOLFSSL_API WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL*,WOLFSSL_CTX*); + +WOLFSSL_API VerifyCallback wolfSSL_CTX_get_verify_callback(WOLFSSL_CTX*); + +WOLFSSL_API int wolfSSL_CTX_get_verify_mode(WOLFSSL_CTX* ctx); + +WOLFSSL_API void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX *, + CallbackSniRecv); + +WOLFSSL_API void wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX *, void*); #endif /* HAVE_STUNNEL */ #ifdef __cplusplus From 90ad5336fc9a20a95cfe04be5547264ab9d1af4e Mon Sep 17 00:00:00 2001 From: Nickolas Lapp Date: Wed, 12 Aug 2015 14:22:23 -0600 Subject: [PATCH 17/55] Fix uninitialized warning --- src/tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/tls.c b/src/tls.c index 8c8e141817..83d9625297 100644 --- a/src/tls.c +++ b/src/tls.c @@ -1040,7 +1040,7 @@ static int TLSX_SNI_Parse(WOLFSSL* ssl, byte* input, word16 length, return BUFFER_ERROR; for (size = 0; offset < length; offset += size) { - SNI *sni; + SNI *sni = NULL; byte type = input[offset++]; if (offset + OPAQUE16_LEN > length) From 1787e04b23a2558b30316a94a51b6b81525745ac Mon Sep 17 00:00:00 2001 From: Nickolas Lapp Date: Wed, 12 Aug 2015 15:48:30 -0600 Subject: [PATCH 18/55] Enum should be int, not byte --- src/tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/tls.c b/src/tls.c index 83d9625297..9c3e339036 100644 --- a/src/tls.c +++ b/src/tls.c @@ -1003,7 +1003,7 @@ static int TLSX_SNI_Parse(WOLFSSL* ssl, byte* input, word16 length, #ifndef NO_WOLFSSL_SERVER word16 size = 0; word16 offset = 0; - byte forceKeep = 0; + int forceKeep = 0; #endif TLSX *extension = TLSX_Find(ssl->extensions, SERVER_NAME_INDICATION); From 122b94ea6e572d30c3d99c15ca625d1f024c48ab Mon Sep 17 00:00:00 2001 From: Nickolas Lapp Date: Wed, 12 Aug 2015 20:38:51 -0600 Subject: [PATCH 19/55] Stunnel needs sni and tlsext --- configure.ac | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/configure.ac b/configure.ac index 27184b1d61..d373d1d165 100644 --- a/configure.ac +++ b/configure.ac @@ -1843,6 +1843,14 @@ then AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL" AM_CONDITIONAL([BUILD_CRL], [test "x$ENABLED_CRL" = "xyes"]) fi + + # Requires tlsx, make sure on + if test "x$ENABLED_TLSX" = "xno" + then + ENABLED_TLSX="yes" + AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC -DHAVE_SUPPORTED_CURVES" + fi + AM_CFLAGS="$AM_CFLAGS -DHAVE_STUNNEL -DWOLFSSL_ALWAYS_VERIFY_CB" AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALWAYS_KEEP_SNI" fi From 0b72b28b13ece2e1d58d723044580e94f15b402e Mon Sep 17 00:00:00 2001 From: Nickolas Lapp Date: Thu, 13 Aug 2015 15:32:22 -0600 Subject: [PATCH 20/55] reorganize InitSSL. Rename forcekeep->cacheOnly. Free instead of decrement --- src/internal.c | 54 +++++++++++++++++++++++--------------------------- src/tls.c | 15 ++++++++------ 2 files changed, 34 insertions(+), 35 deletions(-) diff --git a/src/internal.c b/src/internal.c index ec49495faa..dedd2c4d82 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1587,13 +1587,8 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx) /* decrement previous CTX reference count if exists. * This should only happen if switching ctxs!*/ if (!newSSL) { - if(LockMutex(&ssl->ctx->countMutex) != 0) { - WOLFSSL_MSG("Couldn't lock on previous CTX count mutex"); - return BAD_MUTEX_E; - } - WOLFSSL_MSG("Decrementing previous ctx reference count. Switching ctx."); - ssl->ctx->refCount--; - UnLockMutex(&ssl->ctx->countMutex); + WOLFSSL_MSG("freeing old ctx to decrement reference count. Switching ctx."); + wolfSSL_CTX_free(ssl->ctx); } /* increment CTX reference count */ @@ -1713,27 +1708,6 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx) XMEMSET(ssl, 0, sizeof(WOLFSSL)); - /* arrays */ - ssl->arrays = (Arrays*)XMALLOC(sizeof(Arrays), ssl->heap, - DYNAMIC_TYPE_ARRAYS); - if (ssl->arrays == NULL) { - WOLFSSL_MSG("Arrays Memory error"); - return MEMORY_E; - } - XMEMSET(ssl->arrays, 0, sizeof(Arrays)); - - /* suites */ - ssl->suites = (Suites*)XMALLOC(sizeof(Suites), ssl->heap, - DYNAMIC_TYPE_SUITES); - if (ssl->suites == NULL) { - WOLFSSL_MSG("Suites Memory error"); - return MEMORY_E; - } - - /* Initialize SSL with the appropriate fields from it's ctx */ - if((ret = SetSSL_CTX(ssl, ctx)) != SSL_SUCCESS) - return ret; - ssl->buffers.inputBuffer.buffer = ssl->buffers.inputBuffer.staticBuffer; ssl->buffers.inputBuffer.bufferSize = STATIC_BUFFER_LEN; @@ -1777,7 +1751,6 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx) ssl->hmac = TLS_hmac; #endif - ssl->options.dtls = ssl->version.major == DTLS_MAJOR; #ifdef WOLFSSL_DTLS ssl->buffers.dtlsCtx.fd = -1; @@ -1802,6 +1775,29 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx) /* all done with init, now can return errors, call other stuff */ + /* arrays */ + ssl->arrays = (Arrays*)XMALLOC(sizeof(Arrays), ssl->heap, + DYNAMIC_TYPE_ARRAYS); + if (ssl->arrays == NULL) { + WOLFSSL_MSG("Arrays Memory error"); + return MEMORY_E; + } + XMEMSET(ssl->arrays, 0, sizeof(Arrays)); + + /* suites */ + ssl->suites = (Suites*)XMALLOC(sizeof(Suites), ssl->heap, + DYNAMIC_TYPE_SUITES); + if (ssl->suites == NULL) { + WOLFSSL_MSG("Suites Memory error"); + return MEMORY_E; + } + + /* Initialize SSL with the appropriate fields from it's ctx */ + if((ret = SetSSL_CTX(ssl, ctx)) != SSL_SUCCESS) + return ret; + + ssl->options.dtls = ssl->version.major == DTLS_MAJOR; + /* hsHashes */ ssl->hsHashes = (HS_Hashes*)XMALLOC(sizeof(HS_Hashes), ssl->heap, DYNAMIC_TYPE_HASHES); diff --git a/src/tls.c b/src/tls.c index 9c3e339036..c0bdcd3056 100644 --- a/src/tls.c +++ b/src/tls.c @@ -1003,7 +1003,7 @@ static int TLSX_SNI_Parse(WOLFSSL* ssl, byte* input, word16 length, #ifndef NO_WOLFSSL_SERVER word16 size = 0; word16 offset = 0; - int forceKeep = 0; + int cacheOnly = 0; #endif TLSX *extension = TLSX_Find(ssl->extensions, SERVER_NAME_INDICATION); @@ -1015,7 +1015,10 @@ static int TLSX_SNI_Parse(WOLFSSL* ssl, byte* input, word16 length, if (!extension || !extension->data) { #if defined(WOLFSSL_ALWAYS_KEEP_SNI) && !defined(NO_WOLFSSL_SERVER) - forceKeep = 1; + /* This will keep SNI even though TLSX_UseSNI has not been called. + * Enable it so that the received sni is available to functions + * that use a custom callback when SNI is received */ + cacheOnly = 1; WOLFSSL_MSG("Forcing SSL object to store SNI parameter"); #else return isRequest ? 0 /* not using SNI. */ @@ -1052,13 +1055,13 @@ static int TLSX_SNI_Parse(WOLFSSL* ssl, byte* input, word16 length, if (offset + size > length) return BUFFER_ERROR; - if (!forceKeep && !(sni = TLSX_SNI_Find((SNI*)extension->data, type))) + if (!cacheOnly && !(sni = TLSX_SNI_Find((SNI*)extension->data, type))) continue; /* not using this type of SNI. */ switch(type) { case WOLFSSL_SNI_HOST_NAME: { int matchStat; - byte matched = forceKeep || + byte matched = cacheOnly || ((XSTRLEN(sni->data.host_name) == size) && (XSTRNCMP(sni->data.host_name, (const char*)input + offset, size) == 0)); @@ -1070,7 +1073,7 @@ static int TLSX_SNI_Parse(WOLFSSL* ssl, byte* input, word16 length, if (r != SSL_SUCCESS) return r; /* throws error. */ - if(forceKeep) { + if(cacheOnly) { WOLFSSL_MSG("Forcing storage of SNI, Fake match"); matchStat = WOLFSSL_SNI_FORCE_KEEP; } else if(matched) { @@ -1083,7 +1086,7 @@ static int TLSX_SNI_Parse(WOLFSSL* ssl, byte* input, word16 length, TLSX_SNI_SetStatus(ssl->extensions, type, matchStat); - if(!forceKeep) + if(!cacheOnly) TLSX_SetResponse(ssl, SERVER_NAME_INDICATION); } else if (!(sni->options & WOLFSSL_SNI_CONTINUE_ON_MISMATCH)) { From 565f2ce1d773cdb84b14c5af3dac114e6b09b8fa Mon Sep 17 00:00:00 2001 From: Ada Lovelace Date: Fri, 14 Aug 2015 10:19:09 -0600 Subject: [PATCH 21/55] Stunnel with psk compiles against --- wolfssl/openssl/ssl.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index 1d6058b205..0bcd77a636 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -527,6 +527,12 @@ typedef WOLFSSL_OCSP_ONEREQ OCSP_ONEREQ; #define SSL_CTX_get_verify_callback wolfSSL_CTX_get_verify_callback #define SSL_CTX_set_tlsext_servername_callback wolfSSL_CTX_set_servername_callback #define SSL_CTX_set_tlsext_servername_arg wolfSSL_CTX_set_servername_arg + +/*changes for PSK*/ +#define PSK_MAX_PSK_LEN 256 +#define PSK_MAX_IDENTITY_LEN 128 + + #endif /* HAVE_STUNNEL */ #ifdef __cplusplus From d336268caa94c1aa55f636803675c4664daaa5c5 Mon Sep 17 00:00:00 2001 From: Nickolas Lapp Date: Thu, 27 Aug 2015 11:05:29 -0600 Subject: [PATCH 22/55] Turns on PSK when compiling for stunnel --- configure.ac | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/configure.ac b/configure.ac index d373d1d165..a4453f573b 100644 --- a/configure.ac +++ b/configure.ac @@ -836,16 +836,6 @@ AC_ARG_ENABLE([psk], [ ENABLED_PSK=no ] ) -if test "$ENABLED_PSK" = "no" && test "$ENABLED_LEANPSK" = "no" -then - AM_CFLAGS="$AM_CFLAGS -DNO_PSK" -fi - -if test "$ENABLED_PSK" = "no" && test "$ENABLED_LEANPSK" = "yes" -then - ENABLED_PSK=yes -fi - # ERROR STRINGS AC_ARG_ENABLE([errorstrings], @@ -1855,6 +1845,20 @@ then AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALWAYS_KEEP_SNI" fi +if test "$ENABLED_PSK" = "no" && test "$ENABLED_LEANPSK" = "no" \ + && test "x$ENABLED_STUNNEL" = "xno" +then + echo "Defining NO PSK" + echo "ENABLED_STUNNEL = $ENABLED_STUNNEL" + echo "ENABLED_LEANPSK = $ENABLED_LEANPSK" + AM_CFLAGS="$AM_CFLAGS -DNO_PSK" +fi + +if test "$ENABLED_PSK" = "no" && \ + (test "$ENABLED_LEANPSK" = "yes" || test "x$ENABLED_STUNNEL" = "xyes") +then + ENABLED_PSK=yes +fi # MD4 AC_ARG_ENABLE([md4], From 42428f10ad3d95bf65136fadca682299453fe69c Mon Sep 17 00:00:00 2001 From: Nickolas Lapp Date: Thu, 27 Aug 2015 13:27:33 -0600 Subject: [PATCH 23/55] Remove uneccessary defines from compat. layer --- src/ssl.c | 304 ++--------------------------------------- wolfssl/openssl/ocsp.h | 69 +--------- wolfssl/openssl/ssl.h | 39 ------ wolfssl/ssl.h | 67 +-------- 4 files changed, 18 insertions(+), 461 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 9fc826450f..8980aff210 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -16347,291 +16347,6 @@ const byte* wolfSSL_SESSION_get_id(WOLFSSL_SESSION* sess, unsigned int* idLen) return sess->sessionID; } -int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME *a, const WOLFSSL_X509_NAME *b) -{ - (void) a; - (void) b; - WOLFSSL_ENTER("wolfSSL_X509_NAME_cmp"); - WOLFSSL_STUB("wolfSSL_X509_NAME_cmp"); - WOLFSSL_LEAVE("wolfSSL_X509_NAME_cmp",0); - return SSL_SUCCESS; -} - -void wolfSSL_X509_email_free(void *sk) -{ - (void)sk; - WOLFSSL_ENTER("wolfSSL_X509_email_free"); - WOLFSSL_STUB("wolfSSL_X509_email_free"); - WOLFSSL_LEAVE("wolfSSL_X509_email_free",0); -} - -WOLFSSL_STRING* wolfSSL_X509_get1_ocsp(WOLFSSL_X509 *cert) -{ - WOLFSSL_ENTER("wolfSSL_X509_get1_ocsp"); - WOLFSSL_STUB("wolfSSL_X509_get1_ocsp"); - WOLFSSL_LEAVE("wolfSSL_X509_get1_ocsp",0); - (void)cert; - return NULL; -} - -void wolfSSL_OCSP_CERTID_free(WOLFSSL_OCSP_CERTID* ocsp) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_CERTID_free"); - WOLFSSL_STUB("wolfSSL_OCSP_CERTID_free"); - WOLFSSL_LEAVE("wolfSSL_OCSP_CERTID_free",0); - (void)ocsp; - return; -} - -WOLFSSL_OCSP_REQUEST* wolfSSL_OCSP_REQUEST_new(void){ - WOLFSSL_ENTER("wolfSSL_OCSP_REQUEST_new"); - WOLFSSL_STUB("wolfSSL_OCSP_REQUEST_new"); - WOLFSSL_OCSP_REQUEST *or = NULL; - return or; -} - -WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id(const WOLFSSL_EVP_MD* dgst, - WOLFSSL_X509* subject, WOLFSSL_X509* issuer) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_CERTID_free"); - WOLFSSL_STUB("wolfSSL_OCSP_CERTID_free"); - WOLFSSL_LEAVE("wolfSSL_OCSP_CERTID_free",0); - (void)dgst; - (void)subject; - (void)issuer; - return NULL; -} - - -void wolfSSL_OCSP_REQUEST_free(WOLFSSL_OCSP_REQUEST* request) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_REQUEST_free"); - WOLFSSL_STUB("wolfSSL_OCSP_REQUEST_free"); - WOLFSSL_LEAVE("wolfSSL_OCSP_REQUEST_free",0); - (void)request; - return; -} - -int wolfSSL_BIO_should_write(WOLFSSL_BIO *bio) -{ - WOLFSSL_ENTER("wolfSSL_BIO_should_write"); - WOLFSSL_STUB("wolfSSL_BIO_should_write"); - WOLFSSL_LEAVE("wolfSSL_BIO_should_write",0); - (void) bio; - return SSL_SUCCESS; -} - -int BIO_should_read(WOLFSSL_BIO *bio) -{ - WOLFSSL_ENTER("BIO_should_read"); - WOLFSSL_STUB("BIO_should_read"); - WOLFSSL_LEAVE("BIO_should_read",0); - (void) bio; - return SSL_SUCCESS; -} - -int wolfSSL_OCSP_check_nonce(WOLFSSL_OCSP_REQUEST *req, WOLFSSL_OCSP_BASICRESP *bs) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_check_nonce"); - WOLFSSL_STUB("wolfSSL_OCSP_check_nonce"); - WOLFSSL_LEAVE("wolfSSL_OCSP_check_nonce",0); - (void) req; - (void) bs; - return SSL_SUCCESS; -} - -int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP *bs, STACK_OF(WOLFSSL_X509) *certs, - WOLFSSL_X509_STORE *st, unsigned long flags) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_basic_verify"); - WOLFSSL_STUB("wolfSSL_OCSP_basic_verify"); - WOLFSSL_LEAVE("wolfSSL_OCSP_basic_verify",0); - (void) bs; - (void) certs; - (void) st; - (void) flags; - return SSL_SUCCESS; -} - -void wolfSSL_OCSP_REQ_CTX_free(WOLFSSL_OCSP_REQ_CTX *rctx) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_REQ_CTX_free"); - WOLFSSL_STUB("wolfSSL_OCSP_REQ_CTX_free"); - WOLFSSL_LEAVE("wolfSSL_OCSP_REQ_CTX_free",0); - (void) rctx; -} - -int wolfSSL_OCSP_RESPONSE_free( WOLFSSL_OCSP_RESPONSE* r) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_RESPONSE_free"); - WOLFSSL_STUB("wolfSSL_OCSP_RESPONSE_free"); - WOLFSSL_LEAVE("wolfSSL_OCSP_RESPONSE_free",0); - (void) r; - return SSL_SUCCESS; -} - -int wolfSSL_OCSP_BASICRESP_free(WOLFSSL_OCSP_BASICRESP *basic_response) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_BASICRESP_free"); - WOLFSSL_STUB("wolfSSL_OCSP_BASICRESP_free"); - WOLFSSL_LEAVE("wolfSSL_OCSP_BASICRESP_free",0); - (void) basic_response; - return SSL_SUCCESS; -} - - -WOLFSSL_OCSP_BASICRESP *wolfSSL_OCSP_response_get1_basic(WOLFSSL_OCSP_RESPONSE *resp) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_response_get1_basic"); - WOLFSSL_STUB("wolfSSL_OCSP_response_get1_basic"); - WOLFSSL_LEAVE("wolfSSL_OCSP_response_get1_basic",0); - (void) resp; - return NULL; -} - -int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs, - WOLFSSL_OCSP_CERTID *id, int *status, - int *reason, WOLFSSL_ASN1_TIME**revtime, - WOLFSSL_ASN1_TIME**thisupd, WOLFSSL_ASN1_TIME**nextupd) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_resp_find_status"); - WOLFSSL_STUB("wolfSSL_OCSP_resp_find_status"); - WOLFSSL_LEAVE("wolfSSL_OCSP_resp_find_status",0); - (void) bs; - (void) id; - (void) status; - (void) reason; - (void) revtime; - (void) thisupd; - (void) nextupd; - return SSL_SUCCESS; -} - -int wolfSSL_OCSP_request_add1_nonce(WOLFSSL_OCSP_REQUEST *req, unsigned char *val, int len) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_request_add1_nonce"); - WOLFSSL_STUB("wolfSSL_OCSP_request_add1_nonce"); - WOLFSSL_LEAVE("wolfSSL_OCSP_request_add1_nonce",0); - (void) req; - (void) val; - (void) len; - return SSL_SUCCESS; -} - -WOLFSSL_OCSP_ONEREQ *wolfSSL_OCSP_request_add0_id(WOLFSSL_OCSP_REQUEST *req, WOLFSSL_OCSP_CERTID *cid) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_request_add0_id"); - WOLFSSL_STUB("wolfSSL_OCSP_request_add0_id"); - WOLFSSL_LEAVE("wolfSSL_OCSP_request_add0_id",0); - (void) req; - (void) cid; - return NULL; -} - -const char *wolfSSL_OCSP_crl_reason_str(long s) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_crl_reason_str"); - WOLFSSL_STUB("wolfSSL_OCSP_crl_reason_str"); - WOLFSSL_LEAVE("wolfSSL_OCSP_crl_reason_str",0); - (void) s; - return NULL; -} - -int wolfSSL_OCSP_check_validity(WOLFSSL_ASN1_TIME*thisupd, - WOLFSSL_ASN1_TIME*nextupd, long sec, long maxsec) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_check_validity"); - WOLFSSL_STUB("wolfSSL_OCSP_check_validity"); - WOLFSSL_LEAVE("wolfSSL_OCSP_check_validity",0); - (void) thisupd; - (void) nextupd; - (void) sec; - (void) maxsec; - return SSL_SUCCESS; -} - -STACK_OF(WOLFSSL_X509)* wolfSSL_X509_STORE_CTX_get_chain(WOLFSSL_X509_STORE_CTX *ctx) -{ - WOLFSSL_ENTER("wolfSSL_X509_STORE_CTX_get_chain"); - WOLFSSL_STUB("wolfSSL_X509_STORE_CTX_get_chain"); - WOLFSSL_LEAVE("wolfSSL_X509_STORE_CTX_get_chain",0); - (void) ctx; - return NULL; -} - -WOLFSSL_OCSP_REQ_CTX *wolfSSL_OCSP_sendreq_new(WOLFSSL_BIO *io, const char *path, WOLFSSL_OCSP_REQUEST *req, int maxline) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_sendreq_new"); - WOLFSSL_STUB("wolfSSL_OCSP_sendreq_new"); - WOLFSSL_LEAVE("wolfSSL_OCSP_sendreq_new",0); - (void) io; - (void) path; - (void) req; - (void) maxline; - return NULL; -} - -int wolfSSL_OCSP_sendreq_nbio(WOLFSSL_OCSP_RESPONSE **presp, WOLFSSL_OCSP_REQ_CTX *rctx) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_sendreq_nbio"); - WOLFSSL_STUB("wolfSSL_OCSP_sendreq_nbio"); - WOLFSSL_LEAVE("wolfSSL_OCSP_sendreq_nbio",0); - (void) presp; - (void) rctx; - return SSL_SUCCESS; -} - - -const char *wolfSSL_OCSP_cert_status_str(long s) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_cert_status_str"); - WOLFSSL_STUB("wolfSSL_OCSP_cert_status_str"); - WOLFSSL_LEAVE("wolfSSL_OCSP_cert_status_str",0); - (void) s; - return NULL; -} - -int wolfSSL_OCSP_response_status(WOLFSSL_OCSP_RESPONSE *resp) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_response_status"); - WOLFSSL_STUB("wolfSSL_OCSP_response_status"); - WOLFSSL_LEAVE("wolfSSL_OCSP_response_status",0); - (void) resp; - return SSL_SUCCESS; -} - - -const char *wolfSSL_OCSP_response_status_str(long s) -{ - WOLFSSL_ENTER("wolfSSL_OCSP_response_status_str"); - WOLFSSL_STUB("wolfSSL_OCSP_response_status_str"); - WOLFSSL_LEAVE("wolfSSL_OCSP_response_status_str",0); - (void) s; - return NULL; -} - - -int wolfSSL_sk_WOLFSSL_STRING_num(const STACK_OF(WOLFSSL_STRING)* string) -{ - WOLFSSL_ENTER("wolfSSL_sk_WOLFSSL_STRING_num"); - WOLFSSL_STUB("wolfSSL_sk_WOLFSSL_STRING_num"); - WOLFSSL_LEAVE("wolfSSL_sk_WOLFSSL_STRING_num",0); - (void) string; - return 0; -} - - -WOLFSSL_STRING wolfSSL_sk_WOLFSSL_STRING_value( - const STACK_OF(WOLFSSL_STRING)* string, int idx) -{ - WOLFSSL_ENTER("wolfSSL_sk_WOLFSSL_STRING_value"); - WOLFSSL_STUB("wolfSSL_sk_WOLFSSL_STRING_value"); - WOLFSSL_LEAVE("wolfSSL_sk_WOLFSSL_STRING_value",0); - (void) string; - (void) idx; - return 0; -} - int wolfSSL_set_tlsext_host_name(WOLFSSL* ssl, const char* host_name) { @@ -16673,11 +16388,22 @@ VerifyCallback wolfSSL_CTX_get_verify_callback(WOLFSSL_CTX* ctx) int wolfSSL_CTX_get_verify_mode(WOLFSSL_CTX* ctx) { - (void)ctx; WOLFSSL_ENTER("wolfSSL_CTX_get_verify_mode"); - WOLFSSL_STUB("wolfSSL_CTX_get_verify_mode"); - WOLFSSL_LEAVE("wolfSSL_CTX_get_verify_mode",0); - return 0; + int mode = 0; + + if(!ctx) + return SSL_FATAL_ERROR; + + if (ctx->verifyPeer) + mode |= SSL_VERIFY_PEER; + else if (ctx->verifyNone) + mode |= SSL_VERIFY_NONE; + + if (ctx->failNoCert) + mode |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT; + + WOLFSSL_LEAVE("wolfSSL_CTX_get_verify_mode", mode); + return mode; } diff --git a/wolfssl/openssl/ocsp.h b/wolfssl/openssl/ocsp.h index 7686746013..7463eec968 100644 --- a/wolfssl/openssl/ocsp.h +++ b/wolfssl/openssl/ocsp.h @@ -1,68 +1 @@ -/* ocsp.h - * - * Copyright (C) 2015 wolfSSL Inc. - * - * This file is part of wolfSSL. (formerly known as CyaSSL) - * - * wolfSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * wolfSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA - */ - - -#ifndef WOLFSSL_OCSP_H_ -#define WOLFSSL_OCSP_H_ - -#include -#include - -#ifdef __cplusplus - extern "C" { -#endif - -#ifdef HAVE_STUNNEL - #define X509_get1_ocsp wolfSSL_X509_get1_ocsp - #define OCSP_CERTID_free wolfSSL_OCSP_CERTID_free - #define OCSP_cert_to_id wolfSSL_OCSP_cert_to_id - #define OCSP_REQUEST_free wolfSSL_OCSP_REQUEST_free - - #define OPENSSL_STRING WOLFSSL_STRING - #define sk_OPENSSL_STRING_value wolfSSL_sk_WOLFSSL_STRING_value - #define sk_OPENSSL_STRING_num wolfSSL_sk_WOLFSSL_STRING_num - - typedef WOLFSSL_OCSP_CERTID OCSP_CERTID; - typedef char* WOLFSSL_STRING; - typedef WOLFSSL_OCSP_RESPONSE OCSP_RESPONSE; - - - WOLFSSL_API WOLFSSL_STRING *wolfSSL_X509_get1_ocsp(WOLFSSL_X509*); - WOLFSSL_API void wolfSSL_OCSP_CERTID_free(WOLFSSL_OCSP_CERTID* cert); - WOLFSSL_API - WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id(const WOLFSSL_EVP_MD*, - WOLFSSL_X509*, WOLFSSL_X509*); - - WOLFSSL_API - int wolfSSL_sk_WOLFSSL_STRING_num(const STACK_OF(WOLFSSL_STRING)*); - WOLFSSL_API WOLFSSL_STRING wolfSSL_sk_WOLFSSL_STRING_value( - const STACK_OF(WOLFSSL_STRING)*, int); - - - WOLFSSL_API void wolfSSL_OCSP_REQUEST_free(WOLFSSL_OCSP_REQUEST*); -#endif /* HAVE_STUNNEL */ - -#ifdef __cplusplus - } /* extern "C" */ -#endif - - -#endif /* WOLFSSL_EVP_H_ */ +/* ocsp.h for libcurl */ diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index 0bcd77a636..05b77a7eae 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -477,50 +477,12 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY; #define SSL_SESSION_get_id wolfSSL_SESSION_get_id #define CRYPTO_dynlock_value WOLFSSL_dynlock_value typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING; -typedef WOLFSSL_OCSP_REQUEST OCSP_REQUEST; -typedef WOLFSSL_OCSP_BASICRESP OCSP_BASICRESP; -typedef WOLFSSL_OCSP_REQ_CTX OCSP_REQ_CTX; -typedef WOLFSSL_OCSP_ONEREQ OCSP_ONEREQ; - -#define V_OCSP_CERTSTATUS_UNKNOWN 2 -#define X509_V_ERR_APPLICATION_VERIFICATION 50 -#define V_OCSP_CERTSTATUS_GOOD 0 -#define V_OCSP_CERTSTATUS_REVOKED 1 -#define OCSP_RESPONSE_STATUS_SUCCESSFUL 0 #define SSL_TLSEXT_ERR_OK 0 #define SSL_TLSEXT_ERR_ALERT_FATAL alert_fatal #define SSL_TLSEXT_ERR_NOACK alert_warning #define TLSEXT_NAMETYPE_host_name WOLFSSL_SNI_HOST_NAME -#define ASN1_GENERALIZEDTIME WOLFSSL_ASN1_TIME -#define X509_NAME_cmp wolfSSL_X509_NAME_cmp -#define X509_email_free wolfSSL_X509_email_free -#define OCSP_REQUEST_new wolfSSL_OCSP_REQUEST_new -#define BIO_should_write wolfSSL_BIO_should_write -#define BIO_should_read wolfSSL_BIO_should_read - -#define OCSP_check_nonce wolfSSL_OCSP_check_nonce -#define OCSP_cert_status_str wolfSSL_OCSP_cert_status_str -#define OCSP_basic_verify wolfSSL_OCSP_basic_verify -#define OCSP_REQ_CTX_free wolfSSL_OCSP_REQ_CTX_free -#define OCSP_RESPONSE_free wolfSSL_OCSP_RESPONSE_free -#define OCSP_BASICRESP_free wolfSSL_OCSP_BASICRESP_free - -#define OCSP_response_get1_basic wolfSSL_OCSP_response_get1_basic -#define OCSP_resp_find_status wolfSSL_OCSP_resp_find_status -#define OCSP_request_add1_nonce wolfSSL_OCSP_request_add1_nonce -#define OCSP_request_add0_id wolfSSL_OCSP_request_add0_id -#define OCSP_crl_reason_str wolfSSL_OCSP_crl_reason_str -#define OCSP_check_validity wolfSSL_OCSP_check_validity - -#define X509_STORE_CTX_get_chain wolfSSL_X509_STORE_CTX_get_chain -#define OCSP_sendreq_new wolfSSL_OCSP_sendreq_new -#define OCSP_sendreq_nbio wolfSSL_OCSP_sendreq_nbio -#define OCSP_cert_status_str wolfSSL_OCSP_cert_status_str -#define OCSP_response_status wolfSSL_OCSP_response_status - -#define OCSP_response_status_str wolfSSL_OCSP_response_status_str #define SSL_set_tlsext_host_name wolfSSL_set_tlsext_host_name #define SSL_get_servername wolfSSL_get_servername #define SSL_set_SSL_CTX wolfSSL_set_SSL_CTX @@ -528,7 +490,6 @@ typedef WOLFSSL_OCSP_ONEREQ OCSP_ONEREQ; #define SSL_CTX_set_tlsext_servername_callback wolfSSL_CTX_set_servername_callback #define SSL_CTX_set_tlsext_servername_arg wolfSSL_CTX_set_servername_arg -/*changes for PSK*/ #define PSK_MAX_PSK_LEN 256 #define PSK_MAX_IDENTITY_LEN 128 diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index edec775553..a9d350d502 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -573,12 +573,12 @@ enum { OCSP_TRUSTOTHER = 512, OCSP_RESPID_KEY = 1024, OCSP_NOTIME = 2048, -#ifndef HAVE_STUNNEL + OCSP_CERTID = 2, OCSP_REQUEST = 4, OCSP_RESPONSE = 8, OCSP_BASICRESP = 16, -#endif + WOLFSSL_OCSP_URL_OVERRIDE = 1, WOLFSSL_OCSP_NO_NONCE = 2, WOLFSSL_OCSP_CHECKALL = 4, @@ -1563,13 +1563,6 @@ WOLFSSL_API int PEM_write_bio_WOLFSSL_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 *x); /* SNI received callback type */ typedef int (*CallbackSniRecv)(WOLFSSL *ssl, int *ret, void* exArg); -typedef struct WOLFSSL_OCSP_CERTID WOLFSSL_OCSP_CERTID; -typedef struct WOLFSSL_OCSP_RESPONSE WOLFSSL_OCSP_RESPONSE; -typedef struct WOLFSSL_OCSP_REQUEST WOLFSSL_OCSP_REQUEST; -typedef struct WOLFSSL_OCSP_BASICRESP WOLFSSL_OCSP_BASICRESP; -typedef struct WOLFSSL_OCSP_REQ_CTX WOLFSSL_OCSP_REQ_CTX; -typedef struct WOLFSSL_OCSP_ONEREQ WOLFSSL_OCSP_ONEREQ; - WOLFSSL_API int wolfSSL_CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int), void *(*r) (void *, size_t, const char *, int), void (*f) (void *)); @@ -1627,62 +1620,6 @@ WOLFSSL_API int wolfSSL_X509_NAME_get_sz(WOLFSSL_X509_NAME*); WOLFSSL_API const unsigned char* wolfSSL_SESSION_get_id(WOLFSSL_SESSION*, unsigned int*); -WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME *, - const WOLFSSL_X509_NAME *); - -WOLFSSL_API void wolfSSL_X509_email_free(void *); - -WOLFSSL_API WOLFSSL_OCSP_REQUEST* wolfSSL_OCSP_REQUEST_new(void); - -WOLFSSL_API int wolfSSL_BIO_should_write(WOLFSSL_BIO *); - -WOLFSSL_API int wolfSSL_BIO_should_read(WOLFSSL_BIO *); - -WOLFSSL_API int wolfSSL_OCSP_check_nonce(WOLFSSL_OCSP_REQUEST*, - WOLFSSL_OCSP_BASICRESP*); - -WOLFSSL_API int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP*, - STACK_OF(WOLFSSL_X509)*, WOLFSSL_X509_STORE*,unsigned long); - -WOLFSSL_API void wolfSSL_OCSP_REQ_CTX_free(WOLFSSL_OCSP_REQ_CTX *); - -WOLFSSL_API int wolfSSL_OCSP_RESPONSE_free( WOLFSSL_OCSP_RESPONSE*); - -WOLFSSL_API int wolfSSL_OCSP_BASICRESP_free(WOLFSSL_OCSP_BASICRESP*); - -WOLFSSL_API -WOLFSSL_OCSP_BASICRESP *wolfSSL_OCSP_response_get1_basic(WOLFSSL_OCSP_RESPONSE*); - -WOLFSSL_API int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP*, - WOLFSSL_OCSP_CERTID *, int *, int *, - WOLFSSL_ASN1_TIME**, WOLFSSL_ASN1_TIME**, WOLFSSL_ASN1_TIME**); - -WOLFSSL_API int wolfSSL_OCSP_request_add1_nonce(WOLFSSL_OCSP_REQUEST *, - unsigned char *, int ); - -WOLFSSL_API -WOLFSSL_OCSP_ONEREQ *wolfSSL_OCSP_request_add0_id(WOLFSSL_OCSP_REQUEST *, - WOLFSSL_OCSP_CERTID *); - -WOLFSSL_API const char *wolfSSL_OCSP_crl_reason_str(long ); - -WOLFSSL_API int wolfSSL_OCSP_check_validity(WOLFSSL_ASN1_TIME *, - WOLFSSL_ASN1_TIME*, long, long); -WOLFSSL_API -STACK_OF(WOLFSSL_X509)* wolfSSL_X509_STORE_CTX_get_chain(WOLFSSL_X509_STORE_CTX *); - -WOLFSSL_API WOLFSSL_OCSP_REQ_CTX *wolfSSL_OCSP_sendreq_new(WOLFSSL_BIO *io, - const char *path, WOLFSSL_OCSP_REQUEST *req, int maxline); - -WOLFSSL_API int wolfSSL_OCSP_sendreq_nbio(WOLFSSL_OCSP_RESPONSE**, - WOLFSSL_OCSP_REQ_CTX *); - -WOLFSSL_API const char *wolfSSL_OCSP_cert_status_str(long); - -WOLFSSL_API int wolfSSL_OCSP_response_status(WOLFSSL_OCSP_RESPONSE *); - -WOLFSSL_API const char *wolfSSL_OCSP_response_status_str(long); - WOLFSSL_API int wolfSSL_set_tlsext_host_name(WOLFSSL *, const char *); WOLFSSL_API const char* wolfSSL_get_servername(WOLFSSL *, unsigned char); From 10b2cf4f2fff422c580e67d8d8de1f75d4add59a Mon Sep 17 00:00:00 2001 From: Nickolas Lapp Date: Thu, 27 Aug 2015 17:44:55 -0600 Subject: [PATCH 24/55] turn on ecc with Stunnel --- configure.ac | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index a4453f573b..1aa47db105 100644 --- a/configure.ac +++ b/configure.ac @@ -1841,6 +1841,14 @@ then AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC -DHAVE_SUPPORTED_CURVES" fi + # Requires ecc make sure on + if test "x$ENABLED_ECC" = "xno" + then + ENABLED_OPENSSLEXTRA="yes" + AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC -DTFM_ECC256 -DECC_SHAMIR" + AM_CONDITIONAL([BUILD_ECC], [test "x$ENABLED_ECC" = "xyes"]) + fi + AM_CFLAGS="$AM_CFLAGS -DHAVE_STUNNEL -DWOLFSSL_ALWAYS_VERIFY_CB" AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALWAYS_KEEP_SNI" fi @@ -1848,9 +1856,6 @@ fi if test "$ENABLED_PSK" = "no" && test "$ENABLED_LEANPSK" = "no" \ && test "x$ENABLED_STUNNEL" = "xno" then - echo "Defining NO PSK" - echo "ENABLED_STUNNEL = $ENABLED_STUNNEL" - echo "ENABLED_LEANPSK = $ENABLED_LEANPSK" AM_CFLAGS="$AM_CFLAGS -DNO_PSK" fi From e459bb2e2364d23cc11d64c6598ca3681dbb5e52 Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Sat, 29 Aug 2015 11:08:07 +0900 Subject: [PATCH 25/55] Fixed file access mode --- wolfcrypt/src/aes_asm.asm | 0 wolfcrypt/src/aes_asm.s | 0 wolfcrypt/src/asm.c | 0 wolfcrypt/src/ecc.c | 0 wolfcrypt/src/hash.c | 0 wolfcrypt/src/random.c | 0 wolfcrypt/src/sha512.c | 0 wolfcrypt/src/tfm.c | 0 8 files changed, 0 insertions(+), 0 deletions(-) mode change 100755 => 100644 wolfcrypt/src/aes_asm.asm mode change 100755 => 100644 wolfcrypt/src/aes_asm.s mode change 100755 => 100644 wolfcrypt/src/asm.c mode change 100755 => 100644 wolfcrypt/src/ecc.c mode change 100755 => 100644 wolfcrypt/src/hash.c mode change 100755 => 100644 wolfcrypt/src/random.c mode change 100755 => 100644 wolfcrypt/src/sha512.c mode change 100755 => 100644 wolfcrypt/src/tfm.c diff --git a/wolfcrypt/src/aes_asm.asm b/wolfcrypt/src/aes_asm.asm old mode 100755 new mode 100644 diff --git a/wolfcrypt/src/aes_asm.s b/wolfcrypt/src/aes_asm.s old mode 100755 new mode 100644 diff --git a/wolfcrypt/src/asm.c b/wolfcrypt/src/asm.c old mode 100755 new mode 100644 diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c old mode 100755 new mode 100644 diff --git a/wolfcrypt/src/hash.c b/wolfcrypt/src/hash.c old mode 100755 new mode 100644 diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c old mode 100755 new mode 100644 diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c old mode 100755 new mode 100644 diff --git a/wolfcrypt/src/tfm.c b/wolfcrypt/src/tfm.c old mode 100755 new mode 100644 From df2216d092f3e347de80e0cad30692c0e646ee72 Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Sat, 29 Aug 2015 11:32:30 +0900 Subject: [PATCH 26/55] Fixed file access mode --- wolfcrypt/src/aes_asm.asm | 0 wolfcrypt/src/aes_asm.s | 0 wolfcrypt/src/asm.c | 0 wolfcrypt/src/ecc.c | 0 wolfcrypt/src/hash.c | 0 wolfcrypt/src/random.c | 0 wolfcrypt/src/sha512.c | 0 wolfcrypt/src/tfm.c | 0 8 files changed, 0 insertions(+), 0 deletions(-) mode change 100755 => 100644 wolfcrypt/src/aes_asm.asm mode change 100755 => 100644 wolfcrypt/src/aes_asm.s mode change 100755 => 100644 wolfcrypt/src/asm.c mode change 100755 => 100644 wolfcrypt/src/ecc.c mode change 100755 => 100644 wolfcrypt/src/hash.c mode change 100755 => 100644 wolfcrypt/src/random.c mode change 100755 => 100644 wolfcrypt/src/sha512.c mode change 100755 => 100644 wolfcrypt/src/tfm.c diff --git a/wolfcrypt/src/aes_asm.asm b/wolfcrypt/src/aes_asm.asm old mode 100755 new mode 100644 diff --git a/wolfcrypt/src/aes_asm.s b/wolfcrypt/src/aes_asm.s old mode 100755 new mode 100644 diff --git a/wolfcrypt/src/asm.c b/wolfcrypt/src/asm.c old mode 100755 new mode 100644 diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c old mode 100755 new mode 100644 diff --git a/wolfcrypt/src/hash.c b/wolfcrypt/src/hash.c old mode 100755 new mode 100644 diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c old mode 100755 new mode 100644 diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c old mode 100755 new mode 100644 diff --git a/wolfcrypt/src/tfm.c b/wolfcrypt/src/tfm.c old mode 100755 new mode 100644 From 2a141f6a82ee125ad500b2e3955d239bef300e89 Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Sat, 29 Aug 2015 12:08:52 +0900 Subject: [PATCH 27/55] ed25519: fixed initial data to auto values for embedded compilers --- wolfcrypt/src/ge_low_mem.c | 444 ++++++++++++++--------------- wolfcrypt/src/ge_operations.c | 115 ++++---- wolfcrypt/test/test.c | 516 +++++++++++++++++----------------- 3 files changed, 539 insertions(+), 536 deletions(-) diff --git a/wolfcrypt/src/ge_low_mem.c b/wolfcrypt/src/ge_low_mem.c index f8dba9266c..a6f99fe6de 100644 --- a/wolfcrypt/src/ge_low_mem.c +++ b/wolfcrypt/src/ge_low_mem.c @@ -44,10 +44,10 @@ void ed25519_double(ge_p3 *r, const ge_p3 *a); static const byte ed25519_order[F25519_SIZE] = { - 0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, - 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10 + 0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, + 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10 }; /*Arithmetic modulo the group order m = 2^252 + @@ -70,16 +70,16 @@ static const word32 mu[33] = { int ge_compress_key(byte* out, const byte* xIn, const byte* yIn, word32 keySz) { - byte tmp[F25519_SIZE]; - byte parity; + byte tmp[F25519_SIZE]; + byte parity; byte pt[32]; int i; - fe_copy(tmp, xIn); - parity = (tmp[0] & 1) << 7; + fe_copy(tmp, xIn); + parity = (tmp[0] & 1) << 7; - fe_copy(pt, yIn); - pt[31] |= parity; + fe_copy(pt, yIn); + pt[31] |= parity; for(i = 0; i < 32; i++) { out[32-i-1] = pt[i]; @@ -188,20 +188,20 @@ void sc_reduce(unsigned char x[64]) void sc_muladd(byte* out, const byte* a, const byte* b, const byte* c) { - byte s[32]; + byte s[32]; byte e[64]; XMEMSET(e, 0, sizeof(e)); XMEMCPY(e, b, 32); - /* Obtain e */ - sc_reduce(e); + /* Obtain e */ + sc_reduce(e); - /* Compute s = ze + k */ - fprime_mul(s, a, e, ed25519_order); - fprime_add(s, c, ed25519_order); + /* Compute s = ze + k */ + fprime_mul(s, a, e, ed25519_order); + fprime_add(s, c, ed25519_order); - XMEMCPY(out, s, 32); + XMEMCPY(out, s, 32); } @@ -217,267 +217,269 @@ void sc_muladd(byte* out, const byte* a, const byte* b, const byte* c) * t is x*y. */ const ge_p3 ed25519_base = { - .X = { - 0x1a, 0xd5, 0x25, 0x8f, 0x60, 0x2d, 0x56, 0xc9, - 0xb2, 0xa7, 0x25, 0x95, 0x60, 0xc7, 0x2c, 0x69, - 0x5c, 0xdc, 0xd6, 0xfd, 0x31, 0xe2, 0xa4, 0xc0, - 0xfe, 0x53, 0x6e, 0xcd, 0xd3, 0x36, 0x69, 0x21 - }, - .Y = { - 0x58, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, - 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, - 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, - 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66 - }, - .T = { - 0xa3, 0xdd, 0xb7, 0xa5, 0xb3, 0x8a, 0xde, 0x6d, - 0xf5, 0x52, 0x51, 0x77, 0x80, 0x9f, 0xf0, 0x20, - 0x7d, 0xe3, 0xab, 0x64, 0x8e, 0x4e, 0xea, 0x66, - 0x65, 0x76, 0x8b, 0xd7, 0x0f, 0x5f, 0x87, 0x67 - }, - .Z = {1, 0} + { + 0x1a, 0xd5, 0x25, 0x8f, 0x60, 0x2d, 0x56, 0xc9, + 0xb2, 0xa7, 0x25, 0x95, 0x60, 0xc7, 0x2c, 0x69, + 0x5c, 0xdc, 0xd6, 0xfd, 0x31, 0xe2, 0xa4, 0xc0, + 0xfe, 0x53, 0x6e, 0xcd, 0xd3, 0x36, 0x69, 0x21 + }, + { + 0x58, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, + 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, + 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, + 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66 + }, + {1, 0} + { + 0xa3, 0xdd, 0xb7, 0xa5, 0xb3, 0x8a, 0xde, 0x6d, + 0xf5, 0x52, 0x51, 0x77, 0x80, 0x9f, 0xf0, 0x20, + 0x7d, 0xe3, 0xab, 0x64, 0x8e, 0x4e, 0xea, 0x66, + 0x65, 0x76, 0x8b, 0xd7, 0x0f, 0x5f, 0x87, 0x67 + }, + }; const ge_p3 ed25519_neutral = { - .X = {0}, - .Y = {1, 0}, - .T = {0}, - .Z = {1, 0} + {0}, + {1, 0}, + {1, 0} + {0}, + }; static const byte ed25519_d[F25519_SIZE] = { - 0xa3, 0x78, 0x59, 0x13, 0xca, 0x4d, 0xeb, 0x75, - 0xab, 0xd8, 0x41, 0x41, 0x4d, 0x0a, 0x70, 0x00, - 0x98, 0xe8, 0x79, 0x77, 0x79, 0x40, 0xc7, 0x8c, - 0x73, 0xfe, 0x6f, 0x2b, 0xee, 0x6c, 0x03, 0x52 + 0xa3, 0x78, 0x59, 0x13, 0xca, 0x4d, 0xeb, 0x75, + 0xab, 0xd8, 0x41, 0x41, 0x4d, 0x0a, 0x70, 0x00, + 0x98, 0xe8, 0x79, 0x77, 0x79, 0x40, 0xc7, 0x8c, + 0x73, 0xfe, 0x6f, 0x2b, 0xee, 0x6c, 0x03, 0x52 }; /* k = 2d */ static const byte ed25519_k[F25519_SIZE] = { - 0x59, 0xf1, 0xb2, 0x26, 0x94, 0x9b, 0xd6, 0xeb, - 0x56, 0xb1, 0x83, 0x82, 0x9a, 0x14, 0xe0, 0x00, - 0x30, 0xd1, 0xf3, 0xee, 0xf2, 0x80, 0x8e, 0x19, - 0xe7, 0xfc, 0xdf, 0x56, 0xdc, 0xd9, 0x06, 0x24 + 0x59, 0xf1, 0xb2, 0x26, 0x94, 0x9b, 0xd6, 0xeb, + 0x56, 0xb1, 0x83, 0x82, 0x9a, 0x14, 0xe0, 0x00, + 0x30, 0xd1, 0xf3, 0xee, 0xf2, 0x80, 0x8e, 0x19, + 0xe7, 0xfc, 0xdf, 0x56, 0xdc, 0xd9, 0x06, 0x24 }; void ed25519_add(ge_p3 *r, - const ge_p3 *p1, const ge_p3 *p2) + const ge_p3 *p1, const ge_p3 *p2) { - /* Explicit formulas database: add-2008-hwcd-3 - * - * source 2008 Hisil--Wong--Carter--Dawson, - * http://eprint.iacr.org/2008/522, Section 3.1 - * appliesto extended-1 - * parameter k - * assume k = 2 d - * compute A = (Y1-X1)(Y2-X2) - * compute B = (Y1+X1)(Y2+X2) - * compute C = T1 k T2 - * compute D = Z1 2 Z2 - * compute E = B - A - * compute F = D - C - * compute G = D + C - * compute H = B + A - * compute X3 = E F - * compute Y3 = G H - * compute T3 = E H - * compute Z3 = F G - */ - byte a[F25519_SIZE]; - byte b[F25519_SIZE]; - byte c[F25519_SIZE]; - byte d[F25519_SIZE]; - byte e[F25519_SIZE]; - byte f[F25519_SIZE]; - byte g[F25519_SIZE]; - byte h[F25519_SIZE]; + /* Explicit formulas database: add-2008-hwcd-3 + * + * source 2008 Hisil--Wong--Carter--Dawson, + * http://eprint.iacr.org/2008/522, Section 3.1 + * appliesto extended-1 + * parameter k + * assume k = 2 d + * compute A = (Y1-X1)(Y2-X2) + * compute B = (Y1+X1)(Y2+X2) + * compute C = T1 k T2 + * compute D = Z1 2 Z2 + * compute E = B - A + * compute F = D - C + * compute G = D + C + * compute H = B + A + * compute X3 = E F + * compute Y3 = G H + * compute T3 = E H + * compute Z3 = F G + */ + byte a[F25519_SIZE]; + byte b[F25519_SIZE]; + byte c[F25519_SIZE]; + byte d[F25519_SIZE]; + byte e[F25519_SIZE]; + byte f[F25519_SIZE]; + byte g[F25519_SIZE]; + byte h[F25519_SIZE]; - /* A = (Y1-X1)(Y2-X2) */ - fe_sub(c, p1->Y, p1->X); - fe_sub(d, p2->Y, p2->X); - fe_mul__distinct(a, c, d); + /* A = (Y1-X1)(Y2-X2) */ + fe_sub(c, p1->Y, p1->X); + fe_sub(d, p2->Y, p2->X); + fe_mul__distinct(a, c, d); - /* B = (Y1+X1)(Y2+X2) */ - fe_add(c, p1->Y, p1->X); - fe_add(d, p2->Y, p2->X); - fe_mul__distinct(b, c, d); + /* B = (Y1+X1)(Y2+X2) */ + fe_add(c, p1->Y, p1->X); + fe_add(d, p2->Y, p2->X); + fe_mul__distinct(b, c, d); - /* C = T1 k T2 */ - fe_mul__distinct(d, p1->T, p2->T); - fe_mul__distinct(c, d, ed25519_k); + /* C = T1 k T2 */ + fe_mul__distinct(d, p1->T, p2->T); + fe_mul__distinct(c, d, ed25519_k); - /* D = Z1 2 Z2 */ - fe_mul__distinct(d, p1->Z, p2->Z); - fe_add(d, d, d); + /* D = Z1 2 Z2 */ + fe_mul__distinct(d, p1->Z, p2->Z); + fe_add(d, d, d); - /* E = B - A */ - fe_sub(e, b, a); + /* E = B - A */ + fe_sub(e, b, a); - /* F = D - C */ - fe_sub(f, d, c); + /* F = D - C */ + fe_sub(f, d, c); - /* G = D + C */ - fe_add(g, d, c); + /* G = D + C */ + fe_add(g, d, c); - /* H = B + A */ - fe_add(h, b, a); + /* H = B + A */ + fe_add(h, b, a); - /* X3 = E F */ - fe_mul__distinct(r->X, e, f); + /* X3 = E F */ + fe_mul__distinct(r->X, e, f); - /* Y3 = G H */ - fe_mul__distinct(r->Y, g, h); + /* Y3 = G H */ + fe_mul__distinct(r->Y, g, h); - /* T3 = E H */ - fe_mul__distinct(r->T, e, h); + /* T3 = E H */ + fe_mul__distinct(r->T, e, h); - /* Z3 = F G */ - fe_mul__distinct(r->Z, f, g); + /* Z3 = F G */ + fe_mul__distinct(r->Z, f, g); } void ed25519_double(ge_p3 *r, const ge_p3 *p) { - /* Explicit formulas database: dbl-2008-hwcd - * - * source 2008 Hisil--Wong--Carter--Dawson, - * http://eprint.iacr.org/2008/522, Section 3.3 - * compute A = X1^2 - * compute B = Y1^2 - * compute C = 2 Z1^2 - * compute D = a A - * compute E = (X1+Y1)^2-A-B - * compute G = D + B - * compute F = G - C - * compute H = D - B - * compute X3 = E F - * compute Y3 = G H - * compute T3 = E H - * compute Z3 = F G - */ - byte a[F25519_SIZE]; - byte b[F25519_SIZE]; - byte c[F25519_SIZE]; - byte e[F25519_SIZE]; - byte f[F25519_SIZE]; - byte g[F25519_SIZE]; - byte h[F25519_SIZE]; + /* Explicit formulas database: dbl-2008-hwcd + * + * source 2008 Hisil--Wong--Carter--Dawson, + * http://eprint.iacr.org/2008/522, Section 3.3 + * compute A = X1^2 + * compute B = Y1^2 + * compute C = 2 Z1^2 + * compute D = a A + * compute E = (X1+Y1)^2-A-B + * compute G = D + B + * compute F = G - C + * compute H = D - B + * compute X3 = E F + * compute Y3 = G H + * compute T3 = E H + * compute Z3 = F G + */ + byte a[F25519_SIZE]; + byte b[F25519_SIZE]; + byte c[F25519_SIZE]; + byte e[F25519_SIZE]; + byte f[F25519_SIZE]; + byte g[F25519_SIZE]; + byte h[F25519_SIZE]; - /* A = X1^2 */ - fe_mul__distinct(a, p->X, p->X); + /* A = X1^2 */ + fe_mul__distinct(a, p->X, p->X); - /* B = Y1^2 */ - fe_mul__distinct(b, p->Y, p->Y); + /* B = Y1^2 */ + fe_mul__distinct(b, p->Y, p->Y); - /* C = 2 Z1^2 */ - fe_mul__distinct(c, p->Z, p->Z); - fe_add(c, c, c); + /* C = 2 Z1^2 */ + fe_mul__distinct(c, p->Z, p->Z); + fe_add(c, c, c); - /* D = a A (alter sign) */ - /* E = (X1+Y1)^2-A-B */ - fe_add(f, p->X, p->Y); - fe_mul__distinct(e, f, f); - fe_sub(e, e, a); - fe_sub(e, e, b); + /* D = a A (alter sign) */ + /* E = (X1+Y1)^2-A-B */ + fe_add(f, p->X, p->Y); + fe_mul__distinct(e, f, f); + fe_sub(e, e, a); + fe_sub(e, e, b); - /* G = D + B */ - fe_sub(g, b, a); + /* G = D + B */ + fe_sub(g, b, a); - /* F = G - C */ - fe_sub(f, g, c); + /* F = G - C */ + fe_sub(f, g, c); - /* H = D - B */ - fe_neg(h, b); - fe_sub(h, h, a); + /* H = D - B */ + fe_neg(h, b); + fe_sub(h, h, a); - /* X3 = E F */ - fe_mul__distinct(r->X, e, f); + /* X3 = E F */ + fe_mul__distinct(r->X, e, f); - /* Y3 = G H */ - fe_mul__distinct(r->Y, g, h); + /* Y3 = G H */ + fe_mul__distinct(r->Y, g, h); - /* T3 = E H */ - fe_mul__distinct(r->T, e, h); + /* T3 = E H */ + fe_mul__distinct(r->T, e, h); - /* Z3 = F G */ - fe_mul__distinct(r->Z, f, g); + /* Z3 = F G */ + fe_mul__distinct(r->Z, f, g); } void ed25519_smult(ge_p3 *r_out, const ge_p3 *p, const byte *e) { - ge_p3 r; - int i; + ge_p3 r; + int i; XMEMCPY(&r, &ed25519_neutral, sizeof(r)); - for (i = 255; i >= 0; i--) { - const byte bit = (e[i >> 3] >> (i & 7)) & 1; - ge_p3 s; + for (i = 255; i >= 0; i--) { + const byte bit = (e[i >> 3] >> (i & 7)) & 1; + ge_p3 s; - ed25519_double(&r, &r); - ed25519_add(&s, &r, p); + ed25519_double(&r, &r); + ed25519_add(&s, &r, p); - fe_select(r.X, r.X, s.X, bit); - fe_select(r.Y, r.Y, s.Y, bit); - fe_select(r.Z, r.Z, s.Z, bit); - fe_select(r.T, r.T, s.T, bit); - } + fe_select(r.X, r.X, s.X, bit); + fe_select(r.Y, r.Y, s.Y, bit); + fe_select(r.Z, r.Z, s.Z, bit); + fe_select(r.T, r.T, s.T, bit); + } XMEMCPY(r_out, &r, sizeof(r)); } void ge_scalarmult_base(ge_p3 *R,const unsigned char *nonce) { - ed25519_smult(R, &ed25519_base, nonce); + ed25519_smult(R, &ed25519_base, nonce); } /* pack the point h into array s */ void ge_p3_tobytes(unsigned char *s,const ge_p3 *h) { - byte x[F25519_SIZE]; - byte y[F25519_SIZE]; - byte z1[F25519_SIZE]; - byte parity; + byte x[F25519_SIZE]; + byte y[F25519_SIZE]; + byte z1[F25519_SIZE]; + byte parity; - fe_inv__distinct(z1, h->Z); - fe_mul__distinct(x, h->X, z1); - fe_mul__distinct(y, h->Y, z1); + fe_inv__distinct(z1, h->Z); + fe_mul__distinct(x, h->X, z1); + fe_mul__distinct(y, h->Y, z1); - fe_normalize(x); - fe_normalize(y); + fe_normalize(x); + fe_normalize(y); - parity = (x[0] & 1) << 7; - fe_copy(s, y); - fe_normalize(s); - s[31] |= parity; + parity = (x[0] & 1) << 7; + fe_copy(s, y); + fe_normalize(s); + s[31] |= parity; } /* pack the point h into array s */ void ge_tobytes(unsigned char *s,const ge_p2 *h) { - byte x[F25519_SIZE]; - byte y[F25519_SIZE]; - byte z1[F25519_SIZE]; - byte parity; + byte x[F25519_SIZE]; + byte y[F25519_SIZE]; + byte z1[F25519_SIZE]; + byte parity; - fe_inv__distinct(z1, h->Z); - fe_mul__distinct(x, h->X, z1); - fe_mul__distinct(y, h->Y, z1); + fe_inv__distinct(z1, h->Z); + fe_mul__distinct(x, h->X, z1); + fe_mul__distinct(y, h->Y, z1); - fe_normalize(x); - fe_normalize(y); + fe_normalize(x); + fe_normalize(y); - parity = (x[0] & 1) << 7; - fe_copy(s, y); - fe_normalize(s); - s[31] |= parity; + parity = (x[0] & 1) << 7; + fe_copy(s, y); + fe_normalize(s); + s[31] |= parity; } @@ -488,40 +490,40 @@ void ge_tobytes(unsigned char *s,const ge_p2 *h) int ge_frombytes_negate_vartime(ge_p3 *p,const unsigned char *s) { - byte parity; + byte parity; byte x[F25519_SIZE]; - byte y[F25519_SIZE]; - byte a[F25519_SIZE]; - byte b[F25519_SIZE]; - byte c[F25519_SIZE]; + byte y[F25519_SIZE]; + byte a[F25519_SIZE]; + byte b[F25519_SIZE]; + byte c[F25519_SIZE]; int ret = 0; /* unpack the key s */ parity = s[31] >> 7; fe_copy(y, s); - y[31] &= 127; + y[31] &= 127; - fe_mul__distinct(c, y, y); + fe_mul__distinct(c, y, y); fe_mul__distinct(b, c, ed25519_d); - fe_add(a, b, f25519_one); - fe_inv__distinct(b, a); - fe_sub(a, c, f25519_one); - fe_mul__distinct(c, a, b); - fe_sqrt(a, c); - fe_neg(b, a); - fe_select(x, a, b, (a[0] ^ parity) & 1); + fe_add(a, b, f25519_one); + fe_inv__distinct(b, a); + fe_sub(a, c, f25519_one); + fe_mul__distinct(c, a, b); + fe_sqrt(a, c); + fe_neg(b, a); + fe_select(x, a, b, (a[0] ^ parity) & 1); /* test that x^2 is equal to c */ fe_mul__distinct(a, x, x); - fe_normalize(a); - fe_normalize(c); - ret |= ConstantCompare(a, c, F25519_SIZE); + fe_normalize(a); + fe_normalize(c); + ret |= ConstantCompare(a, c, F25519_SIZE); /* project the key s onto p */ - fe_copy(p->X, x); - fe_copy(p->Y, y); - fe_load(p->Z, 1); - fe_mul__distinct(p->T, x, y); + fe_copy(p->X, x); + fe_copy(p->Y, y); + fe_load(p->Z, 1); + fe_mul__distinct(p->T, x, y); /* negate, the point becomes (-X,Y,Z,-T) */ fe_neg(p->X,p->X); @@ -543,10 +545,10 @@ int ge_double_scalarmult_vartime(ge_p2* R, const unsigned char *h, ed25519_smult(&p, &ed25519_base, sig); /* find H(R,A,M) * -A */ - ed25519_smult(&A, &A, h); + ed25519_smult(&A, &A, h); /* SB + -H(R,A,M)A */ - ed25519_add(&A, &p, &A); + ed25519_add(&A, &p, &A); fe_copy(R->X, A.X); fe_copy(R->Y, A.Y); diff --git a/wolfcrypt/src/ge_operations.c b/wolfcrypt/src/ge_operations.c index 259b5b144f..c17cb72597 100644 --- a/wolfcrypt/src/ge_operations.c +++ b/wolfcrypt/src/ge_operations.c @@ -32,6 +32,7 @@ #ifdef HAVE_ED25519 #include +#include #include #ifdef NO_INLINE #include @@ -690,7 +691,7 @@ int ge_compress_key(byte* out, const byte* xIn, const byte* yIn, word32 keySz) { fe x,y,z; ge_p3 g; - byte bArray[keySz]; + byte bArray[ED25519_KEY_SIZE]; word32 i; fe_0(x); @@ -718,18 +719,18 @@ r = p + q */ void ge_add(ge_p1p1 *r,const ge_p3 *p,const ge_cached *q) { - fe t0; - fe_add(r->X,p->Y,p->X); - fe_sub(r->Y,p->Y,p->X); - fe_mul(r->Z,r->X,q->YplusX); - fe_mul(r->Y,r->Y,q->YminusX); - fe_mul(r->T,q->T2d,p->T); - fe_mul(r->X,p->Z,q->Z); - fe_add(t0,r->X,r->X); - fe_sub(r->X,r->Z,r->Y); - fe_add(r->Y,r->Z,r->Y); - fe_add(r->Z,t0,r->T); - fe_sub(r->T,t0,r->T); + fe t0; + fe_add(r->X,p->Y,p->X); + fe_sub(r->Y,p->Y,p->X); + fe_mul(r->Z,r->X,q->YplusX); + fe_mul(r->Y,r->Y,q->YminusX); + fe_mul(r->T,q->T2d,p->T); + fe_mul(r->X,p->Z,q->Z); + fe_add(t0,r->X,r->X); + fe_sub(r->X,r->Z,r->Y); + fe_add(r->Y,r->Z,r->Y); + fe_add(r->Z,t0,r->T); + fe_sub(r->T,t0,r->T); } @@ -2387,17 +2388,17 @@ r = p + q void ge_madd(ge_p1p1 *r,const ge_p3 *p,const ge_precomp *q) { - fe t0; - fe_add(r->X,p->Y,p->X); - fe_sub(r->Y,p->Y,p->X); - fe_mul(r->Z,r->X,q->yplusx); - fe_mul(r->Y,r->Y,q->yminusx); - fe_mul(r->T,q->xy2d,p->T); - fe_add(t0,p->Z,p->Z); - fe_sub(r->X,r->Z,r->Y); - fe_add(r->Y,r->Z,r->Y); - fe_add(r->Z,t0,r->T); - fe_sub(r->T,t0,r->T); + fe t0; + fe_add(r->X,p->Y,p->X); + fe_sub(r->Y,p->Y,p->X); + fe_mul(r->Z,r->X,q->yplusx); + fe_mul(r->Y,r->Y,q->yminusx); + fe_mul(r->T,q->xy2d,p->T); + fe_add(t0,p->Z,p->Z); + fe_sub(r->X,r->Z,r->Y); + fe_add(r->Y,r->Z,r->Y); + fe_add(r->Z,t0,r->T); + fe_sub(r->T,t0,r->T); } @@ -2409,17 +2410,17 @@ r = p - q void ge_msub(ge_p1p1 *r,const ge_p3 *p,const ge_precomp *q) { - fe t0; - fe_add(r->X,p->Y,p->X); - fe_sub(r->Y,p->Y,p->X); - fe_mul(r->Z,r->X,q->yminusx); - fe_mul(r->Y,r->Y,q->yplusx); - fe_mul(r->T,q->xy2d,p->T); - fe_add(t0,p->Z,p->Z); - fe_sub(r->X,r->Z,r->Y); - fe_add(r->Y,r->Z,r->Y); - fe_sub(r->Z,t0,r->T); - fe_add(r->T,t0,r->T); + fe t0; + fe_add(r->X,p->Y,p->X); + fe_sub(r->Y,p->Y,p->X); + fe_mul(r->Z,r->X,q->yminusx); + fe_mul(r->Y,r->Y,q->yplusx); + fe_mul(r->T,q->xy2d,p->T); + fe_add(t0,p->Z,p->Z); + fe_sub(r->X,r->Z,r->Y); + fe_add(r->Y,r->Z,r->Y); + fe_sub(r->Z,t0,r->T); + fe_add(r->T,t0,r->T); } @@ -2469,16 +2470,16 @@ r = 2 * p void ge_p2_dbl(ge_p1p1 *r,const ge_p2 *p) { - fe t0; - fe_sq(r->X,p->X); - fe_sq(r->Z,p->Y); - fe_sq2(r->T,p->Z); - fe_add(r->Y,p->X,p->Y); - fe_sq(t0,r->Y); - fe_add(r->Y,r->Z,r->X); - fe_sub(r->Z,r->Z,r->X); - fe_sub(r->X,t0,r->Y); - fe_sub(r->T,r->T,r->Z); + fe t0; + fe_sq(r->X,p->X); + fe_sq(r->Z,p->Y); + fe_sq2(r->T,p->Z); + fe_add(r->Y,p->X,p->Y); + fe_sq(t0,r->Y); + fe_add(r->Y,r->Z,r->X); + fe_sub(r->Z,r->Z,r->X); + fe_sub(r->X,t0,r->Y); + fe_sub(r->T,r->T,r->Z); } @@ -2572,18 +2573,18 @@ r = p - q void ge_sub(ge_p1p1 *r,const ge_p3 *p,const ge_cached *q) { - fe t0; - fe_add(r->X,p->Y,p->X); - fe_sub(r->Y,p->Y,p->X); - fe_mul(r->Z,r->X,q->YminusX); - fe_mul(r->Y,r->Y,q->YplusX); - fe_mul(r->T,q->T2d,p->T); - fe_mul(r->X,p->Z,q->Z); - fe_add(t0,r->X,r->X); - fe_sub(r->X,r->Z,r->Y); - fe_add(r->Y,r->Z,r->Y); - fe_sub(r->Z,t0,r->T); - fe_add(r->T,t0,r->T); + fe t0; + fe_add(r->X,p->Y,p->X); + fe_sub(r->Y,p->Y,p->X); + fe_mul(r->Z,r->X,q->YminusX); + fe_mul(r->Y,r->Y,q->YplusX); + fe_mul(r->T,q->T2d,p->T); + fe_mul(r->X,p->Z,q->Z); + fe_add(t0,r->X,r->X); + fe_sub(r->X,r->Z,r->Y); + fe_add(r->Y,r->Z,r->Y); + fe_sub(r->Z,t0,r->T); + fe_add(r->T,t0,r->T); } diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index ec4ef607e2..190d3d88bc 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -3459,7 +3459,7 @@ int rsa_test(void) #endif #ifdef sizeof - #undef sizeof + #undef sizeof #endif #ifdef WOLFSSL_TEST_CERT @@ -5760,314 +5760,314 @@ int ed25519_test(void) https://tools.ietf.org/html/draft-josefsson-eddsa-ed25519-02 */ - const byte sKey1[] = { - 0x9d,0x61,0xb1,0x9d,0xef,0xfd,0x5a,0x60, - 0xba,0x84,0x4a,0xf4,0x92,0xec,0x2c,0xc4, - 0x44,0x49,0xc5,0x69,0x7b,0x32,0x69,0x19, - 0x70,0x3b,0xac,0x03,0x1c,0xae,0x7f,0x60 + static const byte sKey1[] = { + 0x9d,0x61,0xb1,0x9d,0xef,0xfd,0x5a,0x60, + 0xba,0x84,0x4a,0xf4,0x92,0xec,0x2c,0xc4, + 0x44,0x49,0xc5,0x69,0x7b,0x32,0x69,0x19, + 0x70,0x3b,0xac,0x03,0x1c,0xae,0x7f,0x60 }; - const byte sKey2[] = { - 0x4c,0xcd,0x08,0x9b,0x28,0xff,0x96,0xda, - 0x9d,0xb6,0xc3,0x46,0xec,0x11,0x4e,0x0f, - 0x5b,0x8a,0x31,0x9f,0x35,0xab,0xa6,0x24, - 0xda,0x8c,0xf6,0xed,0x4f,0xb8,0xa6,0xfb + static const byte sKey2[] = { + 0x4c,0xcd,0x08,0x9b,0x28,0xff,0x96,0xda, + 0x9d,0xb6,0xc3,0x46,0xec,0x11,0x4e,0x0f, + 0x5b,0x8a,0x31,0x9f,0x35,0xab,0xa6,0x24, + 0xda,0x8c,0xf6,0xed,0x4f,0xb8,0xa6,0xfb }; - const byte sKey3[] = { - 0xc5,0xaa,0x8d,0xf4,0x3f,0x9f,0x83,0x7b, - 0xed,0xb7,0x44,0x2f,0x31,0xdc,0xb7,0xb1, - 0x66,0xd3,0x85,0x35,0x07,0x6f,0x09,0x4b, - 0x85,0xce,0x3a,0x2e,0x0b,0x44,0x58,0xf7 + static const byte sKey3[] = { + 0xc5,0xaa,0x8d,0xf4,0x3f,0x9f,0x83,0x7b, + 0xed,0xb7,0x44,0x2f,0x31,0xdc,0xb7,0xb1, + 0x66,0xd3,0x85,0x35,0x07,0x6f,0x09,0x4b, + 0x85,0xce,0x3a,0x2e,0x0b,0x44,0x58,0xf7 }; /* uncompressed test */ - const byte sKey4[] = { - 0x9d,0x61,0xb1,0x9d,0xef,0xfd,0x5a,0x60, - 0xba,0x84,0x4a,0xf4,0x92,0xec,0x2c,0xc4, - 0x44,0x49,0xc5,0x69,0x7b,0x32,0x69,0x19, - 0x70,0x3b,0xac,0x03,0x1c,0xae,0x7f,0x60 + static const byte sKey4[] = { + 0x9d,0x61,0xb1,0x9d,0xef,0xfd,0x5a,0x60, + 0xba,0x84,0x4a,0xf4,0x92,0xec,0x2c,0xc4, + 0x44,0x49,0xc5,0x69,0x7b,0x32,0x69,0x19, + 0x70,0x3b,0xac,0x03,0x1c,0xae,0x7f,0x60 }; /* compressed prefix test */ - const byte sKey5[] = { - 0x9d,0x61,0xb1,0x9d,0xef,0xfd,0x5a,0x60, - 0xba,0x84,0x4a,0xf4,0x92,0xec,0x2c,0xc4, - 0x44,0x49,0xc5,0x69,0x7b,0x32,0x69,0x19, - 0x70,0x3b,0xac,0x03,0x1c,0xae,0x7f,0x60 + static const byte sKey5[] = { + 0x9d,0x61,0xb1,0x9d,0xef,0xfd,0x5a,0x60, + 0xba,0x84,0x4a,0xf4,0x92,0xec,0x2c,0xc4, + 0x44,0x49,0xc5,0x69,0x7b,0x32,0x69,0x19, + 0x70,0x3b,0xac,0x03,0x1c,0xae,0x7f,0x60 }; - const byte sKey6[] = { - 0xf5,0xe5,0x76,0x7c,0xf1,0x53,0x31,0x95, - 0x17,0x63,0x0f,0x22,0x68,0x76,0xb8,0x6c, - 0x81,0x60,0xcc,0x58,0x3b,0xc0,0x13,0x74, - 0x4c,0x6b,0xf2,0x55,0xf5,0xcc,0x0e,0xe5 + static const byte sKey6[] = { + 0xf5,0xe5,0x76,0x7c,0xf1,0x53,0x31,0x95, + 0x17,0x63,0x0f,0x22,0x68,0x76,0xb8,0x6c, + 0x81,0x60,0xcc,0x58,0x3b,0xc0,0x13,0x74, + 0x4c,0x6b,0xf2,0x55,0xf5,0xcc,0x0e,0xe5 }; - const byte* sKeys[] = {sKey1, sKey2, sKey3, sKey4, sKey5, sKey6}; + static const byte* sKeys[] = {sKey1, sKey2, sKey3, sKey4, sKey5, sKey6}; - const byte pKey1[] = { - 0xd7,0x5a,0x98,0x01,0x82,0xb1,0x0a,0xb7, - 0xd5,0x4b,0xfe,0xd3,0xc9,0x64,0x07,0x3a, - 0x0e,0xe1,0x72,0xf3,0xda,0xa6,0x23,0x25, - 0xaf,0x02,0x1a,0x68,0xf7,0x07,0x51,0x1a + static const byte pKey1[] = { + 0xd7,0x5a,0x98,0x01,0x82,0xb1,0x0a,0xb7, + 0xd5,0x4b,0xfe,0xd3,0xc9,0x64,0x07,0x3a, + 0x0e,0xe1,0x72,0xf3,0xda,0xa6,0x23,0x25, + 0xaf,0x02,0x1a,0x68,0xf7,0x07,0x51,0x1a }; - const byte pKey2[] = { - 0x3d,0x40,0x17,0xc3,0xe8,0x43,0x89,0x5a, - 0x92,0xb7,0x0a,0xa7,0x4d,0x1b,0x7e,0xbc, + static const byte pKey2[] = { + 0x3d,0x40,0x17,0xc3,0xe8,0x43,0x89,0x5a, + 0x92,0xb7,0x0a,0xa7,0x4d,0x1b,0x7e,0xbc, 0x9c,0x98,0x2c,0xcf,0x2e,0xc4,0x96,0x8c, - 0xc0,0xcd,0x55,0xf1,0x2a,0xf4,0x66,0x0c + 0xc0,0xcd,0x55,0xf1,0x2a,0xf4,0x66,0x0c }; - const byte pKey3[] = { - 0xfc,0x51,0xcd,0x8e,0x62,0x18,0xa1,0xa3, - 0x8d,0xa4,0x7e,0xd0,0x02,0x30,0xf0,0x58, - 0x08,0x16,0xed,0x13,0xba,0x33,0x03,0xac, - 0x5d,0xeb,0x91,0x15,0x48,0x90,0x80,0x25 + static const byte pKey3[] = { + 0xfc,0x51,0xcd,0x8e,0x62,0x18,0xa1,0xa3, + 0x8d,0xa4,0x7e,0xd0,0x02,0x30,0xf0,0x58, + 0x08,0x16,0xed,0x13,0xba,0x33,0x03,0xac, + 0x5d,0xeb,0x91,0x15,0x48,0x90,0x80,0x25 }; /* uncompressed test */ - const byte pKey4[] = { - 0x04,0x55,0xd0,0xe0,0x9a,0x2b,0x9d,0x34, - 0x29,0x22,0x97,0xe0,0x8d,0x60,0xd0,0xf6, - 0x20,0xc5,0x13,0xd4,0x72,0x53,0x18,0x7c, - 0x24,0xb1,0x27,0x86,0xbd,0x77,0x76,0x45, - 0xce,0x1a,0x51,0x07,0xf7,0x68,0x1a,0x02, - 0xaf,0x25,0x23,0xa6,0xda,0xf3,0x72,0xe1, - 0x0e,0x3a,0x07,0x64,0xc9,0xd3,0xfe,0x4b, - 0xd5,0xb7,0x0a,0xb1,0x82,0x01,0x98,0x5a, - 0xd7 + static const byte pKey4[] = { + 0x04,0x55,0xd0,0xe0,0x9a,0x2b,0x9d,0x34, + 0x29,0x22,0x97,0xe0,0x8d,0x60,0xd0,0xf6, + 0x20,0xc5,0x13,0xd4,0x72,0x53,0x18,0x7c, + 0x24,0xb1,0x27,0x86,0xbd,0x77,0x76,0x45, + 0xce,0x1a,0x51,0x07,0xf7,0x68,0x1a,0x02, + 0xaf,0x25,0x23,0xa6,0xda,0xf3,0x72,0xe1, + 0x0e,0x3a,0x07,0x64,0xc9,0xd3,0xfe,0x4b, + 0xd5,0xb7,0x0a,0xb1,0x82,0x01,0x98,0x5a, + 0xd7 }; /* compressed prefix */ - const byte pKey5[] = { - 0x40,0xd7,0x5a,0x98,0x01,0x82,0xb1,0x0a,0xb7, - 0xd5,0x4b,0xfe,0xd3,0xc9,0x64,0x07,0x3a, - 0x0e,0xe1,0x72,0xf3,0xda,0xa6,0x23,0x25, - 0xaf,0x02,0x1a,0x68,0xf7,0x07,0x51,0x1a + static const byte pKey5[] = { + 0x40,0xd7,0x5a,0x98,0x01,0x82,0xb1,0x0a,0xb7, + 0xd5,0x4b,0xfe,0xd3,0xc9,0x64,0x07,0x3a, + 0x0e,0xe1,0x72,0xf3,0xda,0xa6,0x23,0x25, + 0xaf,0x02,0x1a,0x68,0xf7,0x07,0x51,0x1a }; - const byte pKey6[] = { - 0x27,0x81,0x17,0xfc,0x14,0x4c,0x72,0x34, - 0x0f,0x67,0xd0,0xf2,0x31,0x6e,0x83,0x86, - 0xce,0xff,0xbf,0x2b,0x24,0x28,0xc9,0xc5, - 0x1f,0xef,0x7c,0x59,0x7f,0x1d,0x42,0x6e + static const byte pKey6[] = { + 0x27,0x81,0x17,0xfc,0x14,0x4c,0x72,0x34, + 0x0f,0x67,0xd0,0xf2,0x31,0x6e,0x83,0x86, + 0xce,0xff,0xbf,0x2b,0x24,0x28,0xc9,0xc5, + 0x1f,0xef,0x7c,0x59,0x7f,0x1d,0x42,0x6e }; - const byte* pKeys[] = {pKey1, pKey2, pKey3, pKey4, pKey5, pKey6}; - const byte pKeySz[] = {sizeof(pKey1), sizeof(pKey2), sizeof(pKey3), + static const byte* pKeys[] = {pKey1, pKey2, pKey3, pKey4, pKey5, pKey6}; + static const byte pKeySz[] = {sizeof(pKey1), sizeof(pKey2), sizeof(pKey3), sizeof(pKey4), sizeof(pKey5), sizeof(pKey6)}; - const byte sig1[] = { - 0xe5,0x56,0x43,0x00,0xc3,0x60,0xac,0x72, - 0x90,0x86,0xe2,0xcc,0x80,0x6e,0x82,0x8a, - 0x84,0x87,0x7f,0x1e,0xb8,0xe5,0xd9,0x74, - 0xd8,0x73,0xe0,0x65,0x22,0x49,0x01,0x55, - 0x5f,0xb8,0x82,0x15,0x90,0xa3,0x3b,0xac, - 0xc6,0x1e,0x39,0x70,0x1c,0xf9,0xb4,0x6b, - 0xd2,0x5b,0xf5,0xf0,0x59,0x5b,0xbe,0x24, - 0x65,0x51,0x41,0x43,0x8e,0x7a,0x10,0x0b + static const byte sig1[] = { + 0xe5,0x56,0x43,0x00,0xc3,0x60,0xac,0x72, + 0x90,0x86,0xe2,0xcc,0x80,0x6e,0x82,0x8a, + 0x84,0x87,0x7f,0x1e,0xb8,0xe5,0xd9,0x74, + 0xd8,0x73,0xe0,0x65,0x22,0x49,0x01,0x55, + 0x5f,0xb8,0x82,0x15,0x90,0xa3,0x3b,0xac, + 0xc6,0x1e,0x39,0x70,0x1c,0xf9,0xb4,0x6b, + 0xd2,0x5b,0xf5,0xf0,0x59,0x5b,0xbe,0x24, + 0x65,0x51,0x41,0x43,0x8e,0x7a,0x10,0x0b }; - const byte sig2[] = { - 0x92,0xa0,0x09,0xa9,0xf0,0xd4,0xca,0xb8, - 0x72,0x0e,0x82,0x0b,0x5f,0x64,0x25,0x40, - 0xa2,0xb2,0x7b,0x54,0x16,0x50,0x3f,0x8f, - 0xb3,0x76,0x22,0x23,0xeb,0xdb,0x69,0xda, - 0x08,0x5a,0xc1,0xe4,0x3e,0x15,0x99,0x6e, - 0x45,0x8f,0x36,0x13,0xd0,0xf1,0x1d,0x8c, - 0x38,0x7b,0x2e,0xae,0xb4,0x30,0x2a,0xee, - 0xb0,0x0d,0x29,0x16,0x12,0xbb,0x0c,0x00 + static const byte sig2[] = { + 0x92,0xa0,0x09,0xa9,0xf0,0xd4,0xca,0xb8, + 0x72,0x0e,0x82,0x0b,0x5f,0x64,0x25,0x40, + 0xa2,0xb2,0x7b,0x54,0x16,0x50,0x3f,0x8f, + 0xb3,0x76,0x22,0x23,0xeb,0xdb,0x69,0xda, + 0x08,0x5a,0xc1,0xe4,0x3e,0x15,0x99,0x6e, + 0x45,0x8f,0x36,0x13,0xd0,0xf1,0x1d,0x8c, + 0x38,0x7b,0x2e,0xae,0xb4,0x30,0x2a,0xee, + 0xb0,0x0d,0x29,0x16,0x12,0xbb,0x0c,0x00 }; - const byte sig3[] = { - 0x62,0x91,0xd6,0x57,0xde,0xec,0x24,0x02, - 0x48,0x27,0xe6,0x9c,0x3a,0xbe,0x01,0xa3, - 0x0c,0xe5,0x48,0xa2,0x84,0x74,0x3a,0x44, - 0x5e,0x36,0x80,0xd7,0xdb,0x5a,0xc3,0xac, - 0x18,0xff,0x9b,0x53,0x8d,0x16,0xf2,0x90, - 0xae,0x67,0xf7,0x60,0x98,0x4d,0xc6,0x59, - 0x4a,0x7c,0x15,0xe9,0x71,0x6e,0xd2,0x8d, - 0xc0,0x27,0xbe,0xce,0xea,0x1e,0xc4,0x0a + static const byte sig3[] = { + 0x62,0x91,0xd6,0x57,0xde,0xec,0x24,0x02, + 0x48,0x27,0xe6,0x9c,0x3a,0xbe,0x01,0xa3, + 0x0c,0xe5,0x48,0xa2,0x84,0x74,0x3a,0x44, + 0x5e,0x36,0x80,0xd7,0xdb,0x5a,0xc3,0xac, + 0x18,0xff,0x9b,0x53,0x8d,0x16,0xf2,0x90, + 0xae,0x67,0xf7,0x60,0x98,0x4d,0xc6,0x59, + 0x4a,0x7c,0x15,0xe9,0x71,0x6e,0xd2,0x8d, + 0xc0,0x27,0xbe,0xce,0xea,0x1e,0xc4,0x0a }; /* uncompressed test */ - const byte sig4[] = { - 0xe5,0x56,0x43,0x00,0xc3,0x60,0xac,0x72, - 0x90,0x86,0xe2,0xcc,0x80,0x6e,0x82,0x8a, - 0x84,0x87,0x7f,0x1e,0xb8,0xe5,0xd9,0x74, - 0xd8,0x73,0xe0,0x65,0x22,0x49,0x01,0x55, - 0x5f,0xb8,0x82,0x15,0x90,0xa3,0x3b,0xac, - 0xc6,0x1e,0x39,0x70,0x1c,0xf9,0xb4,0x6b, - 0xd2,0x5b,0xf5,0xf0,0x59,0x5b,0xbe,0x24, - 0x65,0x51,0x41,0x43,0x8e,0x7a,0x10,0x0b + static const byte sig4[] = { + 0xe5,0x56,0x43,0x00,0xc3,0x60,0xac,0x72, + 0x90,0x86,0xe2,0xcc,0x80,0x6e,0x82,0x8a, + 0x84,0x87,0x7f,0x1e,0xb8,0xe5,0xd9,0x74, + 0xd8,0x73,0xe0,0x65,0x22,0x49,0x01,0x55, + 0x5f,0xb8,0x82,0x15,0x90,0xa3,0x3b,0xac, + 0xc6,0x1e,0x39,0x70,0x1c,0xf9,0xb4,0x6b, + 0xd2,0x5b,0xf5,0xf0,0x59,0x5b,0xbe,0x24, + 0x65,0x51,0x41,0x43,0x8e,0x7a,0x10,0x0b }; /* compressed prefix */ - const byte sig5[] = { - 0xe5,0x56,0x43,0x00,0xc3,0x60,0xac,0x72, - 0x90,0x86,0xe2,0xcc,0x80,0x6e,0x82,0x8a, - 0x84,0x87,0x7f,0x1e,0xb8,0xe5,0xd9,0x74, - 0xd8,0x73,0xe0,0x65,0x22,0x49,0x01,0x55, - 0x5f,0xb8,0x82,0x15,0x90,0xa3,0x3b,0xac, - 0xc6,0x1e,0x39,0x70,0x1c,0xf9,0xb4,0x6b, - 0xd2,0x5b,0xf5,0xf0,0x59,0x5b,0xbe,0x24, - 0x65,0x51,0x41,0x43,0x8e,0x7a,0x10,0x0b + static const byte sig5[] = { + 0xe5,0x56,0x43,0x00,0xc3,0x60,0xac,0x72, + 0x90,0x86,0xe2,0xcc,0x80,0x6e,0x82,0x8a, + 0x84,0x87,0x7f,0x1e,0xb8,0xe5,0xd9,0x74, + 0xd8,0x73,0xe0,0x65,0x22,0x49,0x01,0x55, + 0x5f,0xb8,0x82,0x15,0x90,0xa3,0x3b,0xac, + 0xc6,0x1e,0x39,0x70,0x1c,0xf9,0xb4,0x6b, + 0xd2,0x5b,0xf5,0xf0,0x59,0x5b,0xbe,0x24, + 0x65,0x51,0x41,0x43,0x8e,0x7a,0x10,0x0b }; - const byte sig6[] = { - 0x0a,0xab,0x4c,0x90,0x05,0x01,0xb3,0xe2, - 0x4d,0x7c,0xdf,0x46,0x63,0x32,0x6a,0x3a, - 0x87,0xdf,0x5e,0x48,0x43,0xb2,0xcb,0xdb, - 0x67,0xcb,0xf6,0xe4,0x60,0xfe,0xc3,0x50, - 0xaa,0x53,0x71,0xb1,0x50,0x8f,0x9f,0x45, - 0x28,0xec,0xea,0x23,0xc4,0x36,0xd9,0x4b, - 0x5e,0x8f,0xcd,0x4f,0x68,0x1e,0x30,0xa6, - 0xac,0x00,0xa9,0x70,0x4a,0x18,0x8a,0x03 + static const byte sig6[] = { + 0x0a,0xab,0x4c,0x90,0x05,0x01,0xb3,0xe2, + 0x4d,0x7c,0xdf,0x46,0x63,0x32,0x6a,0x3a, + 0x87,0xdf,0x5e,0x48,0x43,0xb2,0xcb,0xdb, + 0x67,0xcb,0xf6,0xe4,0x60,0xfe,0xc3,0x50, + 0xaa,0x53,0x71,0xb1,0x50,0x8f,0x9f,0x45, + 0x28,0xec,0xea,0x23,0xc4,0x36,0xd9,0x4b, + 0x5e,0x8f,0xcd,0x4f,0x68,0x1e,0x30,0xa6, + 0xac,0x00,0xa9,0x70,0x4a,0x18,0x8a,0x03 }; - const byte* sigs[] = {sig1, sig2, sig3, sig4, sig5, sig6}; + static const byte* sigs[] = {sig1, sig2, sig3, sig4, sig5, sig6}; - const byte msg1[] = {}; - const byte msg2[] = {0x72}; - const byte msg3[] = {0xAF,0x82}; + static const byte msg1[] = {0x0 }; + static const byte msg2[] = {0x72}; + static const byte msg3[] = {0xAF,0x82}; /* test of a 1024 byte long message */ - const byte msg4[] = { - 0x08,0xb8,0xb2,0xb7,0x33,0x42,0x42,0x43, - 0x76,0x0f,0xe4,0x26,0xa4,0xb5,0x49,0x08, - 0x63,0x21,0x10,0xa6,0x6c,0x2f,0x65,0x91, - 0xea,0xbd,0x33,0x45,0xe3,0xe4,0xeb,0x98, - 0xfa,0x6e,0x26,0x4b,0xf0,0x9e,0xfe,0x12, - 0xee,0x50,0xf8,0xf5,0x4e,0x9f,0x77,0xb1, - 0xe3,0x55,0xf6,0xc5,0x05,0x44,0xe2,0x3f, - 0xb1,0x43,0x3d,0xdf,0x73,0xbe,0x84,0xd8, - 0x79,0xde,0x7c,0x00,0x46,0xdc,0x49,0x96, - 0xd9,0xe7,0x73,0xf4,0xbc,0x9e,0xfe,0x57, - 0x38,0x82,0x9a,0xdb,0x26,0xc8,0x1b,0x37, - 0xc9,0x3a,0x1b,0x27,0x0b,0x20,0x32,0x9d, - 0x65,0x86,0x75,0xfc,0x6e,0xa5,0x34,0xe0, - 0x81,0x0a,0x44,0x32,0x82,0x6b,0xf5,0x8c, - 0x94,0x1e,0xfb,0x65,0xd5,0x7a,0x33,0x8b, - 0xbd,0x2e,0x26,0x64,0x0f,0x89,0xff,0xbc, - 0x1a,0x85,0x8e,0xfc,0xb8,0x55,0x0e,0xe3, - 0xa5,0xe1,0x99,0x8b,0xd1,0x77,0xe9,0x3a, - 0x73,0x63,0xc3,0x44,0xfe,0x6b,0x19,0x9e, - 0xe5,0xd0,0x2e,0x82,0xd5,0x22,0xc4,0xfe, - 0xba,0x15,0x45,0x2f,0x80,0x28,0x8a,0x82, - 0x1a,0x57,0x91,0x16,0xec,0x6d,0xad,0x2b, - 0x3b,0x31,0x0d,0xa9,0x03,0x40,0x1a,0xa6, - 0x21,0x00,0xab,0x5d,0x1a,0x36,0x55,0x3e, - 0x06,0x20,0x3b,0x33,0x89,0x0c,0xc9,0xb8, - 0x32,0xf7,0x9e,0xf8,0x05,0x60,0xcc,0xb9, - 0xa3,0x9c,0xe7,0x67,0x96,0x7e,0xd6,0x28, - 0xc6,0xad,0x57,0x3c,0xb1,0x16,0xdb,0xef, - 0xef,0xd7,0x54,0x99,0xda,0x96,0xbd,0x68, - 0xa8,0xa9,0x7b,0x92,0x8a,0x8b,0xbc,0x10, - 0x3b,0x66,0x21,0xfc,0xde,0x2b,0xec,0xa1, - 0x23,0x1d,0x20,0x6b,0xe6,0xcd,0x9e,0xc7, - 0xaf,0xf6,0xf6,0xc9,0x4f,0xcd,0x72,0x04, - 0xed,0x34,0x55,0xc6,0x8c,0x83,0xf4,0xa4, - 0x1d,0xa4,0xaf,0x2b,0x74,0xef,0x5c,0x53, - 0xf1,0xd8,0xac,0x70,0xbd,0xcb,0x7e,0xd1, - 0x85,0xce,0x81,0xbd,0x84,0x35,0x9d,0x44, - 0x25,0x4d,0x95,0x62,0x9e,0x98,0x55,0xa9, - 0x4a,0x7c,0x19,0x58,0xd1,0xf8,0xad,0xa5, - 0xd0,0x53,0x2e,0xd8,0xa5,0xaa,0x3f,0xb2, - 0xd1,0x7b,0xa7,0x0e,0xb6,0x24,0x8e,0x59, - 0x4e,0x1a,0x22,0x97,0xac,0xbb,0xb3,0x9d, - 0x50,0x2f,0x1a,0x8c,0x6e,0xb6,0xf1,0xce, - 0x22,0xb3,0xde,0x1a,0x1f,0x40,0xcc,0x24, - 0x55,0x41,0x19,0xa8,0x31,0xa9,0xaa,0xd6, - 0x07,0x9c,0xad,0x88,0x42,0x5d,0xe6,0xbd, - 0xe1,0xa9,0x18,0x7e,0xbb,0x60,0x92,0xcf, - 0x67,0xbf,0x2b,0x13,0xfd,0x65,0xf2,0x70, - 0x88,0xd7,0x8b,0x7e,0x88,0x3c,0x87,0x59, - 0xd2,0xc4,0xf5,0xc6,0x5a,0xdb,0x75,0x53, - 0x87,0x8a,0xd5,0x75,0xf9,0xfa,0xd8,0x78, - 0xe8,0x0a,0x0c,0x9b,0xa6,0x3b,0xcb,0xcc, - 0x27,0x32,0xe6,0x94,0x85,0xbb,0xc9,0xc9, - 0x0b,0xfb,0xd6,0x24,0x81,0xd9,0x08,0x9b, - 0xec,0xcf,0x80,0xcf,0xe2,0xdf,0x16,0xa2, - 0xcf,0x65,0xbd,0x92,0xdd,0x59,0x7b,0x07, - 0x07,0xe0,0x91,0x7a,0xf4,0x8b,0xbb,0x75, - 0xfe,0xd4,0x13,0xd2,0x38,0xf5,0x55,0x5a, - 0x7a,0x56,0x9d,0x80,0xc3,0x41,0x4a,0x8d, - 0x08,0x59,0xdc,0x65,0xa4,0x61,0x28,0xba, - 0xb2,0x7a,0xf8,0x7a,0x71,0x31,0x4f,0x31, - 0x8c,0x78,0x2b,0x23,0xeb,0xfe,0x80,0x8b, - 0x82,0xb0,0xce,0x26,0x40,0x1d,0x2e,0x22, - 0xf0,0x4d,0x83,0xd1,0x25,0x5d,0xc5,0x1a, - 0xdd,0xd3,0xb7,0x5a,0x2b,0x1a,0xe0,0x78, - 0x45,0x04,0xdf,0x54,0x3a,0xf8,0x96,0x9b, - 0xe3,0xea,0x70,0x82,0xff,0x7f,0xc9,0x88, - 0x8c,0x14,0x4d,0xa2,0xaf,0x58,0x42,0x9e, - 0xc9,0x60,0x31,0xdb,0xca,0xd3,0xda,0xd9, - 0xaf,0x0d,0xcb,0xaa,0xaf,0x26,0x8c,0xb8, - 0xfc,0xff,0xea,0xd9,0x4f,0x3c,0x7c,0xa4, - 0x95,0xe0,0x56,0xa9,0xb4,0x7a,0xcd,0xb7, - 0x51,0xfb,0x73,0xe6,0x66,0xc6,0xc6,0x55, - 0xad,0xe8,0x29,0x72,0x97,0xd0,0x7a,0xd1, - 0xba,0x5e,0x43,0xf1,0xbc,0xa3,0x23,0x01, - 0x65,0x13,0x39,0xe2,0x29,0x04,0xcc,0x8c, - 0x42,0xf5,0x8c,0x30,0xc0,0x4a,0xaf,0xdb, - 0x03,0x8d,0xda,0x08,0x47,0xdd,0x98,0x8d, - 0xcd,0xa6,0xf3,0xbf,0xd1,0x5c,0x4b,0x4c, - 0x45,0x25,0x00,0x4a,0xa0,0x6e,0xef,0xf8, - 0xca,0x61,0x78,0x3a,0xac,0xec,0x57,0xfb, - 0x3d,0x1f,0x92,0xb0,0xfe,0x2f,0xd1,0xa8, - 0x5f,0x67,0x24,0x51,0x7b,0x65,0xe6,0x14, - 0xad,0x68,0x08,0xd6,0xf6,0xee,0x34,0xdf, - 0xf7,0x31,0x0f,0xdc,0x82,0xae,0xbf,0xd9, - 0x04,0xb0,0x1e,0x1d,0xc5,0x4b,0x29,0x27, - 0x09,0x4b,0x2d,0xb6,0x8d,0x6f,0x90,0x3b, - 0x68,0x40,0x1a,0xde,0xbf,0x5a,0x7e,0x08, - 0xd7,0x8f,0xf4,0xef,0x5d,0x63,0x65,0x3a, - 0x65,0x04,0x0c,0xf9,0xbf,0xd4,0xac,0xa7, - 0x98,0x4a,0x74,0xd3,0x71,0x45,0x98,0x67, - 0x80,0xfc,0x0b,0x16,0xac,0x45,0x16,0x49, - 0xde,0x61,0x88,0xa7,0xdb,0xdf,0x19,0x1f, - 0x64,0xb5,0xfc,0x5e,0x2a,0xb4,0x7b,0x57, - 0xf7,0xf7,0x27,0x6c,0xd4,0x19,0xc1,0x7a, - 0x3c,0xa8,0xe1,0xb9,0x39,0xae,0x49,0xe4, - 0x88,0xac,0xba,0x6b,0x96,0x56,0x10,0xb5, - 0x48,0x01,0x09,0xc8,0xb1,0x7b,0x80,0xe1, - 0xb7,0xb7,0x50,0xdf,0xc7,0x59,0x8d,0x5d, - 0x50,0x11,0xfd,0x2d,0xcc,0x56,0x00,0xa3, - 0x2e,0xf5,0xb5,0x2a,0x1e,0xcc,0x82,0x0e, - 0x30,0x8a,0xa3,0x42,0x72,0x1a,0xac,0x09, - 0x43,0xbf,0x66,0x86,0xb6,0x4b,0x25,0x79, - 0x37,0x65,0x04,0xcc,0xc4,0x93,0xd9,0x7e, - 0x6a,0xed,0x3f,0xb0,0xf9,0xcd,0x71,0xa4, - 0x3d,0xd4,0x97,0xf0,0x1f,0x17,0xc0,0xe2, - 0xcb,0x37,0x97,0xaa,0x2a,0x2f,0x25,0x66, - 0x56,0x16,0x8e,0x6c,0x49,0x6a,0xfc,0x5f, - 0xb9,0x32,0x46,0xf6,0xb1,0x11,0x63,0x98, - 0xa3,0x46,0xf1,0xa6,0x41,0xf3,0xb0,0x41, - 0xe9,0x89,0xf7,0x91,0x4f,0x90,0xcc,0x2c, - 0x7f,0xff,0x35,0x78,0x76,0xe5,0x06,0xb5, - 0x0d,0x33,0x4b,0xa7,0x7c,0x22,0x5b,0xc3, - 0x07,0xba,0x53,0x71,0x52,0xf3,0xf1,0x61, - 0x0e,0x4e,0xaf,0xe5,0x95,0xf6,0xd9,0xd9, - 0x0d,0x11,0xfa,0xa9,0x33,0xa1,0x5e,0xf1, - 0x36,0x95,0x46,0x86,0x8a,0x7f,0x3a,0x45, - 0xa9,0x67,0x68,0xd4,0x0f,0xd9,0xd0,0x34, - 0x12,0xc0,0x91,0xc6,0x31,0x5c,0xf4,0xfd, - 0xe7,0xcb,0x68,0x60,0x69,0x37,0x38,0x0d, - 0xb2,0xea,0xaa,0x70,0x7b,0x4c,0x41,0x85, - 0xc3,0x2e,0xdd,0xcd,0xd3,0x06,0x70,0x5e, - 0x4d,0xc1,0xff,0xc8,0x72,0xee,0xee,0x47, - 0x5a,0x64,0xdf,0xac,0x86,0xab,0xa4,0x1c, - 0x06,0x18,0x98,0x3f,0x87,0x41,0xc5,0xef, - 0x68,0xd3,0xa1,0x01,0xe8,0xa3,0xb8,0xca, - 0xc6,0x0c,0x90,0x5c,0x15,0xfc,0x91,0x08, - 0x40,0xb9,0x4c,0x00,0xa0,0xb9,0xd0 + static const byte msg4[] = { + 0x08,0xb8,0xb2,0xb7,0x33,0x42,0x42,0x43, + 0x76,0x0f,0xe4,0x26,0xa4,0xb5,0x49,0x08, + 0x63,0x21,0x10,0xa6,0x6c,0x2f,0x65,0x91, + 0xea,0xbd,0x33,0x45,0xe3,0xe4,0xeb,0x98, + 0xfa,0x6e,0x26,0x4b,0xf0,0x9e,0xfe,0x12, + 0xee,0x50,0xf8,0xf5,0x4e,0x9f,0x77,0xb1, + 0xe3,0x55,0xf6,0xc5,0x05,0x44,0xe2,0x3f, + 0xb1,0x43,0x3d,0xdf,0x73,0xbe,0x84,0xd8, + 0x79,0xde,0x7c,0x00,0x46,0xdc,0x49,0x96, + 0xd9,0xe7,0x73,0xf4,0xbc,0x9e,0xfe,0x57, + 0x38,0x82,0x9a,0xdb,0x26,0xc8,0x1b,0x37, + 0xc9,0x3a,0x1b,0x27,0x0b,0x20,0x32,0x9d, + 0x65,0x86,0x75,0xfc,0x6e,0xa5,0x34,0xe0, + 0x81,0x0a,0x44,0x32,0x82,0x6b,0xf5,0x8c, + 0x94,0x1e,0xfb,0x65,0xd5,0x7a,0x33,0x8b, + 0xbd,0x2e,0x26,0x64,0x0f,0x89,0xff,0xbc, + 0x1a,0x85,0x8e,0xfc,0xb8,0x55,0x0e,0xe3, + 0xa5,0xe1,0x99,0x8b,0xd1,0x77,0xe9,0x3a, + 0x73,0x63,0xc3,0x44,0xfe,0x6b,0x19,0x9e, + 0xe5,0xd0,0x2e,0x82,0xd5,0x22,0xc4,0xfe, + 0xba,0x15,0x45,0x2f,0x80,0x28,0x8a,0x82, + 0x1a,0x57,0x91,0x16,0xec,0x6d,0xad,0x2b, + 0x3b,0x31,0x0d,0xa9,0x03,0x40,0x1a,0xa6, + 0x21,0x00,0xab,0x5d,0x1a,0x36,0x55,0x3e, + 0x06,0x20,0x3b,0x33,0x89,0x0c,0xc9,0xb8, + 0x32,0xf7,0x9e,0xf8,0x05,0x60,0xcc,0xb9, + 0xa3,0x9c,0xe7,0x67,0x96,0x7e,0xd6,0x28, + 0xc6,0xad,0x57,0x3c,0xb1,0x16,0xdb,0xef, + 0xef,0xd7,0x54,0x99,0xda,0x96,0xbd,0x68, + 0xa8,0xa9,0x7b,0x92,0x8a,0x8b,0xbc,0x10, + 0x3b,0x66,0x21,0xfc,0xde,0x2b,0xec,0xa1, + 0x23,0x1d,0x20,0x6b,0xe6,0xcd,0x9e,0xc7, + 0xaf,0xf6,0xf6,0xc9,0x4f,0xcd,0x72,0x04, + 0xed,0x34,0x55,0xc6,0x8c,0x83,0xf4,0xa4, + 0x1d,0xa4,0xaf,0x2b,0x74,0xef,0x5c,0x53, + 0xf1,0xd8,0xac,0x70,0xbd,0xcb,0x7e,0xd1, + 0x85,0xce,0x81,0xbd,0x84,0x35,0x9d,0x44, + 0x25,0x4d,0x95,0x62,0x9e,0x98,0x55,0xa9, + 0x4a,0x7c,0x19,0x58,0xd1,0xf8,0xad,0xa5, + 0xd0,0x53,0x2e,0xd8,0xa5,0xaa,0x3f,0xb2, + 0xd1,0x7b,0xa7,0x0e,0xb6,0x24,0x8e,0x59, + 0x4e,0x1a,0x22,0x97,0xac,0xbb,0xb3,0x9d, + 0x50,0x2f,0x1a,0x8c,0x6e,0xb6,0xf1,0xce, + 0x22,0xb3,0xde,0x1a,0x1f,0x40,0xcc,0x24, + 0x55,0x41,0x19,0xa8,0x31,0xa9,0xaa,0xd6, + 0x07,0x9c,0xad,0x88,0x42,0x5d,0xe6,0xbd, + 0xe1,0xa9,0x18,0x7e,0xbb,0x60,0x92,0xcf, + 0x67,0xbf,0x2b,0x13,0xfd,0x65,0xf2,0x70, + 0x88,0xd7,0x8b,0x7e,0x88,0x3c,0x87,0x59, + 0xd2,0xc4,0xf5,0xc6,0x5a,0xdb,0x75,0x53, + 0x87,0x8a,0xd5,0x75,0xf9,0xfa,0xd8,0x78, + 0xe8,0x0a,0x0c,0x9b,0xa6,0x3b,0xcb,0xcc, + 0x27,0x32,0xe6,0x94,0x85,0xbb,0xc9,0xc9, + 0x0b,0xfb,0xd6,0x24,0x81,0xd9,0x08,0x9b, + 0xec,0xcf,0x80,0xcf,0xe2,0xdf,0x16,0xa2, + 0xcf,0x65,0xbd,0x92,0xdd,0x59,0x7b,0x07, + 0x07,0xe0,0x91,0x7a,0xf4,0x8b,0xbb,0x75, + 0xfe,0xd4,0x13,0xd2,0x38,0xf5,0x55,0x5a, + 0x7a,0x56,0x9d,0x80,0xc3,0x41,0x4a,0x8d, + 0x08,0x59,0xdc,0x65,0xa4,0x61,0x28,0xba, + 0xb2,0x7a,0xf8,0x7a,0x71,0x31,0x4f,0x31, + 0x8c,0x78,0x2b,0x23,0xeb,0xfe,0x80,0x8b, + 0x82,0xb0,0xce,0x26,0x40,0x1d,0x2e,0x22, + 0xf0,0x4d,0x83,0xd1,0x25,0x5d,0xc5,0x1a, + 0xdd,0xd3,0xb7,0x5a,0x2b,0x1a,0xe0,0x78, + 0x45,0x04,0xdf,0x54,0x3a,0xf8,0x96,0x9b, + 0xe3,0xea,0x70,0x82,0xff,0x7f,0xc9,0x88, + 0x8c,0x14,0x4d,0xa2,0xaf,0x58,0x42,0x9e, + 0xc9,0x60,0x31,0xdb,0xca,0xd3,0xda,0xd9, + 0xaf,0x0d,0xcb,0xaa,0xaf,0x26,0x8c,0xb8, + 0xfc,0xff,0xea,0xd9,0x4f,0x3c,0x7c,0xa4, + 0x95,0xe0,0x56,0xa9,0xb4,0x7a,0xcd,0xb7, + 0x51,0xfb,0x73,0xe6,0x66,0xc6,0xc6,0x55, + 0xad,0xe8,0x29,0x72,0x97,0xd0,0x7a,0xd1, + 0xba,0x5e,0x43,0xf1,0xbc,0xa3,0x23,0x01, + 0x65,0x13,0x39,0xe2,0x29,0x04,0xcc,0x8c, + 0x42,0xf5,0x8c,0x30,0xc0,0x4a,0xaf,0xdb, + 0x03,0x8d,0xda,0x08,0x47,0xdd,0x98,0x8d, + 0xcd,0xa6,0xf3,0xbf,0xd1,0x5c,0x4b,0x4c, + 0x45,0x25,0x00,0x4a,0xa0,0x6e,0xef,0xf8, + 0xca,0x61,0x78,0x3a,0xac,0xec,0x57,0xfb, + 0x3d,0x1f,0x92,0xb0,0xfe,0x2f,0xd1,0xa8, + 0x5f,0x67,0x24,0x51,0x7b,0x65,0xe6,0x14, + 0xad,0x68,0x08,0xd6,0xf6,0xee,0x34,0xdf, + 0xf7,0x31,0x0f,0xdc,0x82,0xae,0xbf,0xd9, + 0x04,0xb0,0x1e,0x1d,0xc5,0x4b,0x29,0x27, + 0x09,0x4b,0x2d,0xb6,0x8d,0x6f,0x90,0x3b, + 0x68,0x40,0x1a,0xde,0xbf,0x5a,0x7e,0x08, + 0xd7,0x8f,0xf4,0xef,0x5d,0x63,0x65,0x3a, + 0x65,0x04,0x0c,0xf9,0xbf,0xd4,0xac,0xa7, + 0x98,0x4a,0x74,0xd3,0x71,0x45,0x98,0x67, + 0x80,0xfc,0x0b,0x16,0xac,0x45,0x16,0x49, + 0xde,0x61,0x88,0xa7,0xdb,0xdf,0x19,0x1f, + 0x64,0xb5,0xfc,0x5e,0x2a,0xb4,0x7b,0x57, + 0xf7,0xf7,0x27,0x6c,0xd4,0x19,0xc1,0x7a, + 0x3c,0xa8,0xe1,0xb9,0x39,0xae,0x49,0xe4, + 0x88,0xac,0xba,0x6b,0x96,0x56,0x10,0xb5, + 0x48,0x01,0x09,0xc8,0xb1,0x7b,0x80,0xe1, + 0xb7,0xb7,0x50,0xdf,0xc7,0x59,0x8d,0x5d, + 0x50,0x11,0xfd,0x2d,0xcc,0x56,0x00,0xa3, + 0x2e,0xf5,0xb5,0x2a,0x1e,0xcc,0x82,0x0e, + 0x30,0x8a,0xa3,0x42,0x72,0x1a,0xac,0x09, + 0x43,0xbf,0x66,0x86,0xb6,0x4b,0x25,0x79, + 0x37,0x65,0x04,0xcc,0xc4,0x93,0xd9,0x7e, + 0x6a,0xed,0x3f,0xb0,0xf9,0xcd,0x71,0xa4, + 0x3d,0xd4,0x97,0xf0,0x1f,0x17,0xc0,0xe2, + 0xcb,0x37,0x97,0xaa,0x2a,0x2f,0x25,0x66, + 0x56,0x16,0x8e,0x6c,0x49,0x6a,0xfc,0x5f, + 0xb9,0x32,0x46,0xf6,0xb1,0x11,0x63,0x98, + 0xa3,0x46,0xf1,0xa6,0x41,0xf3,0xb0,0x41, + 0xe9,0x89,0xf7,0x91,0x4f,0x90,0xcc,0x2c, + 0x7f,0xff,0x35,0x78,0x76,0xe5,0x06,0xb5, + 0x0d,0x33,0x4b,0xa7,0x7c,0x22,0x5b,0xc3, + 0x07,0xba,0x53,0x71,0x52,0xf3,0xf1,0x61, + 0x0e,0x4e,0xaf,0xe5,0x95,0xf6,0xd9,0xd9, + 0x0d,0x11,0xfa,0xa9,0x33,0xa1,0x5e,0xf1, + 0x36,0x95,0x46,0x86,0x8a,0x7f,0x3a,0x45, + 0xa9,0x67,0x68,0xd4,0x0f,0xd9,0xd0,0x34, + 0x12,0xc0,0x91,0xc6,0x31,0x5c,0xf4,0xfd, + 0xe7,0xcb,0x68,0x60,0x69,0x37,0x38,0x0d, + 0xb2,0xea,0xaa,0x70,0x7b,0x4c,0x41,0x85, + 0xc3,0x2e,0xdd,0xcd,0xd3,0x06,0x70,0x5e, + 0x4d,0xc1,0xff,0xc8,0x72,0xee,0xee,0x47, + 0x5a,0x64,0xdf,0xac,0x86,0xab,0xa4,0x1c, + 0x06,0x18,0x98,0x3f,0x87,0x41,0xc5,0xef, + 0x68,0xd3,0xa1,0x01,0xe8,0xa3,0xb8,0xca, + 0xc6,0x0c,0x90,0x5c,0x15,0xfc,0x91,0x08, + 0x40,0xb9,0x4c,0x00,0xa0,0xb9,0xd0 }; - const byte* msgs[] = {msg1, msg2, msg3, msg1, msg1, msg4}; - const word16 msgSz[] = {sizeof(msg1), sizeof(msg2), sizeof(msg3), - sizeof(msg1), sizeof(msg1), sizeof(msg4)}; + static const byte* msgs[] = { msg1, msg2, msg3, msg1, msg1, msg4}; + static const word16 msgSz[] = {0 /*sizeof(msg1)*/, sizeof(msg2), sizeof(msg3), + 0 /*sizeof(msg1)*/, 0 /*sizeof(msg1)*/, sizeof(msg4)}; /* create ed25519 keys */ wc_InitRng(&rng); From 539bc816820f7c7fcf159c12e92eb6bf9f2c3ade Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Sat, 29 Aug 2015 12:30:40 +0900 Subject: [PATCH 28/55] blake2b: declaration after execution statements, for embedded compiler --- wolfcrypt/src/blake2b.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/wolfcrypt/src/blake2b.c b/wolfcrypt/src/blake2b.c index 6ae5afd230..0df4a7e1f6 100644 --- a/wolfcrypt/src/blake2b.c +++ b/wolfcrypt/src/blake2b.c @@ -106,9 +106,10 @@ static INLINE int blake2b_init0( blake2b_state *S ) int blake2b_init_param( blake2b_state *S, const blake2b_param *P ) { word32 i; + byte *p ; blake2b_init0( S ); - byte *p = ( byte * )( P ); - + p = ( byte * )( P ); + /* IV XOR ParamBlock */ for( i = 0; i < 8; ++i ) S->h[i] ^= load64( p + sizeof( S->h[i] ) * i ); From 6ff9f96809717a202170898592ed713373817f57 Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Sat, 29 Aug 2015 14:07:55 +0900 Subject: [PATCH 29/55] inline to INLINE --- wolfcrypt/src/random.c | 11 +- wolfcrypt/src/sha512.c | 198 ++++++++++++++++---------------- wolfcrypt/src/tfm.c | 4 +- wolfssl/wolfcrypt/blake2-impl.h | 22 ++-- wolfssl/wolfcrypt/blake2-int.h | 2 +- 5 files changed, 119 insertions(+), 118 deletions(-) diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index ba0f3c66a4..4b21388b3e 100755 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -876,7 +876,7 @@ static int wc_InitRng_IntelRD() #if defined(HAVE_HASHDRBG) || defined(NO_RC4) /* return 0 on success */ -static inline int IntelRDseed32(unsigned int *seed) +static INLINE int IntelRDseed32(unsigned int *seed) { int rdseed; unsigned char ok ; @@ -889,7 +889,7 @@ static inline int IntelRDseed32(unsigned int *seed) } /* return 0 on success */ -static inline int IntelRDseed32_r(unsigned int *rnd) +static INLINE int IntelRDseed32_r(unsigned int *rnd) { int i ; for(i=0; i -static inline word32 load32( const void *src ) +static INLINE word32 load32( const void *src ) { #if defined(LITTLE_ENDIAN_ORDER) return *( word32 * )( src ); @@ -51,7 +51,7 @@ static inline word32 load32( const void *src ) #endif } -static inline word64 load64( const void *src ) +static INLINE word64 load64( const void *src ) { #if defined(LITTLE_ENDIAN_ORDER) return *( word64 * )( src ); @@ -69,7 +69,7 @@ static inline word64 load64( const void *src ) #endif } -static inline void store32( void *dst, word32 w ) +static INLINE void store32( void *dst, word32 w ) { #if defined(LITTLE_ENDIAN_ORDER) *( word32 * )( dst ) = w; @@ -82,7 +82,7 @@ static inline void store32( void *dst, word32 w ) #endif } -static inline void store64( void *dst, word64 w ) +static INLINE void store64( void *dst, word64 w ) { #if defined(LITTLE_ENDIAN_ORDER) *( word64 * )( dst ) = w; @@ -99,7 +99,7 @@ static inline void store64( void *dst, word64 w ) #endif } -static inline word64 load48( const void *src ) +static INLINE word64 load48( const void *src ) { const byte *p = ( const byte * )src; word64 w = *p++; @@ -111,7 +111,7 @@ static inline word64 load48( const void *src ) return w; } -static inline void store48( void *dst, word64 w ) +static INLINE void store48( void *dst, word64 w ) { byte *p = ( byte * )dst; *p++ = ( byte )w; w >>= 8; @@ -122,28 +122,28 @@ static inline void store48( void *dst, word64 w ) *p++ = ( byte )w; } -static inline word32 rotl32( const word32 w, const unsigned c ) +static INLINE word32 rotl32( const word32 w, const unsigned c ) { return ( w << c ) | ( w >> ( 32 - c ) ); } -static inline word64 rotl64( const word64 w, const unsigned c ) +static INLINE word64 rotl64( const word64 w, const unsigned c ) { return ( w << c ) | ( w >> ( 64 - c ) ); } -static inline word32 rotr32( const word32 w, const unsigned c ) +static INLINE word32 rotr32( const word32 w, const unsigned c ) { return ( w >> c ) | ( w << ( 32 - c ) ); } -static inline word64 rotr64( const word64 w, const unsigned c ) +static INLINE word64 rotr64( const word64 w, const unsigned c ) { return ( w >> c ) | ( w << ( 64 - c ) ); } /* prevents compiler optimizing out memset() */ -static inline void secure_zero_memory( void *v, word64 n ) +static INLINE void secure_zero_memory( void *v, word64 n ) { volatile byte *p = ( volatile byte * )v; diff --git a/wolfssl/wolfcrypt/blake2-int.h b/wolfssl/wolfcrypt/blake2-int.h index 05fd0274ad..26a2c87b4e 100644 --- a/wolfssl/wolfcrypt/blake2-int.h +++ b/wolfssl/wolfcrypt/blake2-int.h @@ -168,7 +168,7 @@ int blake2sp( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen ); int blake2bp( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen ); - static inline int blake2( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen ) + static INLINE int blake2( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen ) { return blake2b( out, in, key, outlen, inlen, keylen ); } From 572a8cfc11b1700669d59c30858e0e3d98188435 Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Sat, 29 Aug 2015 18:04:57 +0900 Subject: [PATCH 30/55] hmac.c: fixed warning, statement is unreachable --- wolfcrypt/src/hmac.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/wolfcrypt/src/hmac.c b/wolfcrypt/src/hmac.c index 50716f5d9b..aacbef88af 100644 --- a/wolfcrypt/src/hmac.c +++ b/wolfcrypt/src/hmac.c @@ -743,42 +743,35 @@ static INLINE int GetHashSizeByType(int type) #ifndef NO_MD5 case MD5: return MD5_DIGEST_SIZE; - break; #endif #ifndef NO_SHA case SHA: return SHA_DIGEST_SIZE; - break; #endif #ifndef NO_SHA256 case SHA256: return SHA256_DIGEST_SIZE; - break; #endif #ifdef WOLFSSL_SHA384 case SHA384: return SHA384_DIGEST_SIZE; - break; #endif #ifdef WOLFSSL_SHA512 case SHA512: return SHA512_DIGEST_SIZE; - break; #endif #ifdef HAVE_BLAKE2 case BLAKE2B_ID: return BLAKE2B_OUTBYTES; - break; #endif default: return BAD_FUNC_ARG; - break; } } From cf80a6f6393054be44579eb4b6e3311630cec492 Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Sat, 29 Aug 2015 21:22:30 +0900 Subject: [PATCH 31/55] pkcs7: avoid initial value of pointer to auto value for embedded compilers --- wolfcrypt/src/ge_low_mem.c | 4 ++-- wolfcrypt/src/pkcs7.c | 43 ++++++++++++++++++++------------------ wolfcrypt/test/test.c | 12 +++++------ 3 files changed, 31 insertions(+), 28 deletions(-) diff --git a/wolfcrypt/src/ge_low_mem.c b/wolfcrypt/src/ge_low_mem.c index a6f99fe6de..e64c72e3a7 100644 --- a/wolfcrypt/src/ge_low_mem.c +++ b/wolfcrypt/src/ge_low_mem.c @@ -229,7 +229,7 @@ const ge_p3 ed25519_base = { 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66 }, - {1, 0} + {1, 0}, { 0xa3, 0xdd, 0xb7, 0xa5, 0xb3, 0x8a, 0xde, 0x6d, 0xf5, 0x52, 0x51, 0x77, 0x80, 0x9f, 0xf0, 0x20, @@ -243,7 +243,7 @@ const ge_p3 ed25519_base = { const ge_p3 ed25519_neutral = { {0}, {1, 0}, - {1, 0} + {1, 0}, {0}, }; diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index c581cf5fbc..aad9eb5098 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -52,19 +52,19 @@ WOLFSSL_LOCAL int wc_SetContentType(int pkcs7TypeOID, byte* output) { /* PKCS#7 content types, RFC 2315, section 14 */ - static const byte pkcs7[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + const byte pkcs7[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07 }; - static const byte data[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + const byte data[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01 }; - static const byte signedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + const byte signedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02}; - static const byte envelopedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + const byte envelopedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x03 }; - static const byte signedAndEnveloped[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + const byte signedAndEnveloped[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x04 }; - static const byte digestedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + const byte digestedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x05 }; - static const byte encryptedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + const byte encryptedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x06 }; int idSz; @@ -430,14 +430,17 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x04 }; - PKCS7Attrib cannedAttribs[2] = - { - { contentTypeOid, sizeof(contentTypeOid), - contentType, sizeof(contentType) }, - { messageDigestOid, sizeof(messageDigestOid), - esd->contentDigest, sizeof(esd->contentDigest) } - }; + PKCS7Attrib cannedAttribs[2] ; + word32 cannedAttribsCount = sizeof(cannedAttribs)/sizeof(PKCS7Attrib); + cannedAttribs[0].oid = contentTypeOid ; + cannedAttribs[0].oidSz = sizeof(contentTypeOid) ; + cannedAttribs[0].value = contentType ; + cannedAttribs[0].valueSz = sizeof(contentType) ; + cannedAttribs[1].oid = messageDigestOid ; + cannedAttribs[1].oidSz = sizeof(messageDigestOid) ; + cannedAttribs[1].value = esd->contentDigest ; + cannedAttribs[1].valueSz = sizeof(esd->contentDigest) ; esd->signedAttribsCount += cannedAttribsCount; esd->signedAttribsSz += EncodeAttributes(&esd->signedAttribs[0], 2, @@ -881,14 +884,14 @@ int wc_PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) { word32 scratch = 0; int plainSz = 0; - int digestSz = MAX_SEQ_SZ + MAX_ALGO_SZ + - MAX_OCTET_STR_SZ + SHA_DIGEST_SIZE; + #define DIGEST_SZ (MAX_SEQ_SZ + MAX_ALGO_SZ +\ + MAX_OCTET_STR_SZ + SHA_DIGEST_SIZE) #ifdef WOLFSSL_SMALL_STACK byte* digest; RsaKey* key; - digest = (byte*)XMALLOC(digestSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + digest = (byte*)XMALLOC(DIGEST_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (digest == NULL) return MEMORY_E; @@ -900,12 +903,12 @@ int wc_PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) return MEMORY_E; } #else - byte digest[digestSz]; + byte digest[DIGEST_SZ]; RsaKey stack_key; RsaKey* key = &stack_key; #endif - XMEMSET(digest, 0, digestSz); + XMEMSET(digest, 0, DIGEST_SZ); ret = wc_InitRsaKey(key, NULL); if (ret != 0) { @@ -925,7 +928,7 @@ int wc_PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) return PUBLIC_KEY_E; } - plainSz = wc_RsaSSL_Verify(sig, sigSz, digest, digestSz, key); + plainSz = wc_RsaSSL_Verify(sig, sigSz, digest, DIGEST_SZ, key); wc_FreeRsaKey(key); #ifdef WOLFSSL_SMALL_STACK diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 190d3d88bc..525aca9d39 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -6397,18 +6397,18 @@ int pkcs7signed_test(void) PKCS7 msg; WC_RNG rng; - byte transIdOid[] = + static byte transIdOid[] = { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x07 }; - byte messageTypeOid[] = + static byte messageTypeOid[] = { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x02 }; - byte senderNonceOid[] = + static byte senderNonceOid[] = { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x05 }; - byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1]; - byte messageType[] = { 0x13, 2, '1', '9' }; - byte senderNonce[PKCS7_NONCE_SZ + 2]; + static byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1]; + static byte messageType[] = { 0x13, 2, '1', '9' }; + static byte senderNonce[PKCS7_NONCE_SZ + 2]; PKCS7Attrib attribs[] = { From 122b2e975391ae507c5f1f3af06a018f4112a421 Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Sat, 29 Aug 2015 22:02:23 +0900 Subject: [PATCH 32/55] pkcs7: rolling back to static values --- wolfcrypt/src/pkcs7.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index aad9eb5098..c5f113fa6f 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -52,19 +52,19 @@ WOLFSSL_LOCAL int wc_SetContentType(int pkcs7TypeOID, byte* output) { /* PKCS#7 content types, RFC 2315, section 14 */ - const byte pkcs7[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + static const byte pkcs7[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07 }; - const byte data[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + static const byte data[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01 }; - const byte signedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + static const byte signedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02}; - const byte envelopedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + static const byte envelopedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x03 }; - const byte signedAndEnveloped[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + static const byte signedAndEnveloped[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x04 }; - const byte digestedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + static const byte digestedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x05 }; - const byte encryptedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + static const byte encryptedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x06 }; int idSz; From dc68832dba763063541613635be03ac68c7800e7 Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Sun, 30 Aug 2015 08:36:33 +0900 Subject: [PATCH 33/55] TIRTOS Semaphore_create error check --- wolfcrypt/src/wc_port.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c index 4190337519..abf7ac250f 100644 --- a/wolfcrypt/src/wc_port.c +++ b/wolfcrypt/src/wc_port.c @@ -353,17 +353,20 @@ int UnLockMutex(wolfSSL_Mutex *m) } #elif defined (WOLFSSL_TIRTOS) - + #include int InitMutex(wolfSSL_Mutex* m) { Semaphore_Params params; - + Error_Block eb; + Error_init(&eb); Semaphore_Params_init(¶ms); params.mode = Semaphore_Mode_BINARY; - *m = Semaphore_create(1, ¶ms, NULL); - - return 0; + *m = Semaphore_create(1, ¶ms, &eb); + if( Error_check( &eb ) ) + { + Error_raise( &eb, Error_E_generic, "Failed to Create the semaphore.",NULL); + } else return 0; } int FreeMutex(wolfSSL_Mutex* m) From 18383d286ae3f3afbfb3faa163e2cbb307e61e86 Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Sun, 30 Aug 2015 10:25:09 +0900 Subject: [PATCH 34/55] fixed uITRON, uTKernel option --- wolfcrypt/src/wc_port.c | 3 ++- wolfssl/internal.h | 6 +++++ wolfssl/wolfcrypt/settings.h | 48 ++++++++++++++++++++++++++++++++++++ wolfssl/wolfcrypt/types.h | 5 ++-- wolfssl/wolfcrypt/wc_port.h | 14 +++++++++++ 5 files changed, 73 insertions(+), 3 deletions(-) diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c index abf7ac250f..775195c55e 100644 --- a/wolfcrypt/src/wc_port.c +++ b/wolfcrypt/src/wc_port.c @@ -391,6 +391,7 @@ int UnLockMutex(wolfSSL_Mutex *m) } #elif defined(WOLFSSL_uITRON4) + #include "stddef.h" #include "kernel.h" int InitMutex(wolfSSL_Mutex* m) { @@ -401,7 +402,7 @@ int UnLockMutex(wolfSSL_Mutex *m) m->sem.name = NULL ; m->id = acre_sem(&m->sem); - if( m->id != NULL ) + if( m->id != E_OK ) iReturn = 0; else iReturn = BAD_MUTEX_E; diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 5b690d1cd9..8a4fffbe14 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -117,12 +117,18 @@ /* do nothing */ #elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) /* do nothing */ +#elif defined(WOLFSSL_uITRON4) + /* do nothing */ +#elif defined(WOLFSSL_uTKERNEL2) + /* do nothing */ #elif defined(WOLFSSL_MDK_ARM) #if defined(WOLFSSL_MDK5) #include "cmsis_os.h" #else #include #endif +#elif defined(WOLFSSL_CMSIS_RTOS) + #include "cmsis_os.h" #elif defined(MBED) #elif defined(WOLFSSL_TIRTOS) /* do nothing */ diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index e6c5d690da..cf1465bb58 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -307,6 +307,54 @@ #define USE_WINDOWS_API #endif +#if defined(WOLFSSL_uITRON4) + +#define XMALLOC_USER +#include +#define ITRON_POOL_SIZE 1024*20 +extern int uITRON4_minit(size_t poolsz) ; +extern void *uITRON4_malloc(size_t sz) ; +extern void *uITRON4_realloc(void *p, size_t sz) ; +extern void uITRON4_free(void *p) ; + +#define XMALLOC(sz, heap, type) uITRON4_malloc(sz) +#define XREALLOC(p, sz, heap, type) uITRON4_realloc(p, sz) +#define XFREE(p, heap, type) uITRON4_free(p) +#endif + +#if defined(WOLFSSL_uTKERNEL2) +#define WOLFSSL_CLOSESOCKET +#define XMALLOC_USER +int uTKernel_init_mpool(unsigned int sz) ; /* initializing malloc pool */ +void *uTKernel_malloc(unsigned int sz) ; +void *uTKernel_realloc(void *p, unsigned int sz) ; +void uTKernel_free(void *p) ; +#define XMALLOC(s, h, type) uTKernel_malloc((s)) +#define XREALLOC(p, n, h, t) uTKernel_realloc((p), (n)) +#define XFREE(p, h, type) uTKernel_free((p)) + +#include +#include "tm/tmonitor.h" +static char *fgets(char *buff, int sz, FILE *fp) +/*static char * gets(char *buff)*/ +{ + char * p = buff ; + *p = '\0' ; + while(1) { + *p = tm_getchar(-1) ; + tm_putchar(*p) ; + if(*p == '\r') { + tm_putchar('\n') ; + *p = '\0' ; + break ; + } + p ++ ; + } + return buff ; +} + +#endif + #if defined(WOLFSSL_LEANPSK) && !defined(XMALLOC_USER) #include diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index 4a1dc31f86..2865f01aa5 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -161,7 +161,7 @@ #endif - /* idea to add global alloc override by Moisés Guimarães */ + /* idea to add global alloc override by Moises Guimaraes */ /* default to libc stuff */ /* XREALLOC is used once in normal math lib, not in fast math lib */ /* XFREE on some embeded systems doesn't like free(0) so test */ @@ -180,7 +180,8 @@ #elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \ && !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \ && !defined(FREESCALE_KSDK_MQX) && !defined(WOLFSSL_LEANPSK) \ - && !defined(FREERTOS) + && !defined(FREERTOS) && !defined(WOLFSSL_uITRON4) \ + && !defined(WOLFSSL_uTKERNEL2) /* default C runtime, can install different routines at runtime via cbs */ #include #define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s))) diff --git a/wolfssl/wolfcrypt/wc_port.h b/wolfssl/wolfcrypt/wc_port.h index da747f0176..04155360b3 100644 --- a/wolfssl/wolfcrypt/wc_port.h +++ b/wolfssl/wolfcrypt/wc_port.h @@ -55,6 +55,10 @@ /* do nothing */ #elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) /* do nothing */ +#elif defined(WOLFSSL_uITRON4) + #include "kernel.h" +#elif defined(WOLFSSL_uTKERNEL2) + #include "tk/tkernel.h" #elif defined(WOLFSSL_MDK_ARM) #if defined(WOLFSSL_MDK5) #include "cmsis_os.h" @@ -100,6 +104,16 @@ typedef RTP_MUTEX wolfSSL_Mutex; #elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) typedef MUTEX_STRUCT wolfSSL_Mutex; + #elif defined(WOLFSSL_uITRON4) + typedef struct wolfSSL_Mutex { + T_CSEM sem ; + ID id ; + } wolfSSL_Mutex; + #elif defined(WOLFSSL_uTKERNEL2) + typedef struct wolfSSL_Mutex { + T_CSEM sem ; + ID id ; + } wolfSSL_Mutex; #elif defined(WOLFSSL_MDK_ARM) #if defined(WOLFSSL_CMSIS_RTOS) typedef osMutexId wolfSSL_Mutex; From 2f3b7d356748c3e21d5839e46f5b23d25b02d9dc Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Sun, 30 Aug 2015 13:38:52 +0900 Subject: [PATCH 35/55] mdk portability, fixed declaration after executing statements --- src/internal.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/internal.c b/src/internal.c index dedd2c4d82..37e0c224f6 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1565,15 +1565,15 @@ void FreeX509(WOLFSSL_X509* x509) wolfSSL_Set_SSL_CTX */ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx) { - if(!ssl || !ctx) - return BAD_FUNC_ARG; - byte havePSK = 0; byte haveAnon = 0; byte haveRSA = 0; byte newSSL = ssl->ctx == NULL; - (void) haveAnon; /* Squash unused var warnings */ + (void) haveAnon; /* Squash unused var warnings */ + + if(!ssl || !ctx) + return BAD_FUNC_ARG; #ifndef NO_RSA haveRSA = 1; #endif From cf38d1c022968f672796ec70122ec43043b9f24b Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 31 Aug 2015 11:57:30 -0700 Subject: [PATCH 36/55] detect SetSSL_CTX requirements and error out early --- src/internal.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/src/internal.c b/src/internal.c index dedd2c4d82..0ad5fe72fa 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1562,12 +1562,19 @@ void FreeX509(WOLFSSL_X509* x509) /* This function inherits a WOLFSSL_CTX's fields into an SSL object. It is used during initialization and to switch an ssl's CTX with - wolfSSL_Set_SSL_CTX */ + wolfSSL_Set_SSL_CTX. Requires ssl->suites alloc and ssl-arrays with PSK + SSL_SUCCESS return value on success */ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx) { - if(!ssl || !ctx) + if(!ssl || !ctx || ssl->suites == NULL) return BAD_FUNC_ARG; +#ifndef NO_PSK + if (ctx->server_hint[0] && ssl->arrays == NULL) { + return BAD_FUNC_ARG; /* needed for copy below */ + } +#endif + byte havePSK = 0; byte haveAnon = 0; byte haveRSA = 0; @@ -1701,7 +1708,8 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx) /* init everything to 0, NULL, default values before calling anything that may - fail so that desctructor has a "good" state to cleanup */ + fail so that desctructor has a "good" state to cleanup + 0 on success */ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx) { int ret; @@ -1793,6 +1801,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx) } /* Initialize SSL with the appropriate fields from it's ctx */ + /* requires valid arrays and suites */ if((ret = SetSSL_CTX(ssl, ctx)) != SSL_SUCCESS) return ret; From 756cff4cb411abd3d934b01fdf2e31ffb9063213 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 31 Aug 2015 13:29:22 -0700 Subject: [PATCH 37/55] add Rsa Public Key To Der, non FIPS mode --- wolfcrypt/src/asn.c | 310 ++++++++++++++++++++++------------------ wolfssl/wolfcrypt/rsa.h | 1 + 2 files changed, 171 insertions(+), 140 deletions(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 73e4460468..0946c6da84 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -4853,6 +4853,164 @@ int wc_DerToPemEx(const byte* der, word32 derSz, byte* output, word32 outSz, #endif /* WOLFSSL_KEY_GEN || WOLFSSL_CERT_GEN */ +#if !defined(NO_RSA) && (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) +/* Write a public RSA key to output */ +static int SetRsaPublicKey(byte* output, RsaKey* key, int outLen) +{ +#ifdef WOLFSSL_SMALL_STACK + byte* n = NULL; + byte* e = NULL; + byte* algo = NULL; +#else + byte n[MAX_RSA_INT_SZ]; + byte e[MAX_RSA_E_SZ]; + byte algo[MAX_ALGO_SZ]; +#endif + byte seq[MAX_SEQ_SZ]; + byte len[MAX_LENGTH_SZ + 1]; /* trailing 0 */ + int nSz; + int eSz; + int algoSz; + int seqSz; + int lenSz; + int idx; + int rawLen; + int leadingBit; + int err; + + if (output == NULL || key == NULL || outLen < MAX_SEQ_SZ) + return BAD_FUNC_ARG; + + /* n */ +#ifdef WOLFSSL_SMALL_STACK + n = (byte*)XMALLOC(MAX_RSA_INT_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (n == NULL) + return MEMORY_E; +#endif + + leadingBit = mp_leading_bit(&key->n); + rawLen = mp_unsigned_bin_size(&key->n) + leadingBit; + n[0] = ASN_INTEGER; + nSz = SetLength(rawLen, n + 1) + 1; /* int tag */ + + if ( (nSz + rawLen) < MAX_RSA_INT_SZ) { + if (leadingBit) + n[nSz] = 0; + err = mp_to_unsigned_bin(&key->n, n + nSz + leadingBit); + if (err == MP_OKAY) + nSz += rawLen; + else { +#ifdef WOLFSSL_SMALL_STACK + XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return MP_TO_E; + } + } + else { +#ifdef WOLFSSL_SMALL_STACK + XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return BUFFER_E; + } + + /* e */ +#ifdef WOLFSSL_SMALL_STACK + e = (byte*)XMALLOC(MAX_RSA_E_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (e == NULL) { +#ifdef WOLFSSL_SMALL_STACK + XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return MEMORY_E; + } +#endif + + leadingBit = mp_leading_bit(&key->e); + rawLen = mp_unsigned_bin_size(&key->e) + leadingBit; + e[0] = ASN_INTEGER; + eSz = SetLength(rawLen, e + 1) + 1; /* int tag */ + + if ( (eSz + rawLen) < MAX_RSA_E_SZ) { + if (leadingBit) + e[eSz] = 0; + err = mp_to_unsigned_bin(&key->e, e + eSz + leadingBit); + if (err == MP_OKAY) + eSz += rawLen; + else { +#ifdef WOLFSSL_SMALL_STACK + XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return MP_TO_E; + } + } + else { +#ifdef WOLFSSL_SMALL_STACK + XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return BUFFER_E; + } + +#ifdef WOLFSSL_SMALL_STACK + algo = (byte*)XMALLOC(MAX_ALGO_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (algo == NULL) { + XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#endif + + /* headers */ + algoSz = SetAlgoID(RSAk, algo, keyType, 0); + seqSz = SetSequence(nSz + eSz, seq); + lenSz = SetLength(seqSz + nSz + eSz + 1, len); + len[lenSz++] = 0; /* trailing 0 */ + + + /* write */ + idx = SetSequence(nSz + eSz + seqSz + lenSz + 1 + algoSz, output); + /* 1 is for ASN_BIT_STRING */ + + /* check output size */ + if ( (idx + algoSz + 1 + lenSz + seqSz + nSz + eSz) > outLen) { + #ifdef WOLFSSL_SMALL_STACK + XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(algo, NULL, DYNAMIC_TYPE_TMP_BUFFER); + #endif + + return BUFFER_E; + } + + /* algo */ + XMEMCPY(output + idx, algo, algoSz); + idx += algoSz; + /* bit string */ + output[idx++] = ASN_BIT_STRING; + /* length */ + XMEMCPY(output + idx, len, lenSz); + idx += lenSz; + /* seq */ + XMEMCPY(output + idx, seq, seqSz); + idx += seqSz; + /* n */ + XMEMCPY(output + idx, n, nSz); + idx += nSz; + /* e */ + XMEMCPY(output + idx, e, eSz); + idx += eSz; + +#ifdef WOLFSSL_SMALL_STACK + XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(algo, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return idx; +} +#endif /* !defined(NO_RSA) && (defined(WOLFSSL_CERT_GEN) || + defined(WOLFSSL_KEY_GEN)) */ + #if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) @@ -4986,6 +5144,14 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) return outLen; } + +/* Convert Rsa Public key to DER format, write to output (inLen), return bytes + written */ +int wc_RsaKeyToPublicDer(RsaKey* key, byte* output, word32 inLen) +{ + return SetRsaPublicKey(output, key, inLen); +} + #endif /* WOLFSSL_KEY_GEN && !NO_RSA */ @@ -5221,144 +5387,6 @@ static int SetEccPublicKey(byte* output, ecc_key* key) #endif /* HAVE_ECC */ -/* Write a public RSA key to output */ -static int SetRsaPublicKey(byte* output, RsaKey* key) -{ -#ifdef WOLFSSL_SMALL_STACK - byte* n = NULL; - byte* e = NULL; - byte* algo = NULL; -#else - byte n[MAX_RSA_INT_SZ]; - byte e[MAX_RSA_E_SZ]; - byte algo[MAX_ALGO_SZ]; -#endif - byte seq[MAX_SEQ_SZ]; - byte len[MAX_LENGTH_SZ + 1]; /* trailing 0 */ - int nSz; - int eSz; - int algoSz; - int seqSz; - int lenSz; - int idx; - int rawLen; - int leadingBit; - int err; - - /* n */ -#ifdef WOLFSSL_SMALL_STACK - n = (byte*)XMALLOC(MAX_RSA_INT_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (n == NULL) - return MEMORY_E; -#endif - - leadingBit = mp_leading_bit(&key->n); - rawLen = mp_unsigned_bin_size(&key->n) + leadingBit; - n[0] = ASN_INTEGER; - nSz = SetLength(rawLen, n + 1) + 1; /* int tag */ - - if ( (nSz + rawLen) < MAX_RSA_INT_SZ) { - if (leadingBit) - n[nSz] = 0; - err = mp_to_unsigned_bin(&key->n, n + nSz + leadingBit); - if (err == MP_OKAY) - nSz += rawLen; - else { -#ifdef WOLFSSL_SMALL_STACK - XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif - return MP_TO_E; - } - } - else { -#ifdef WOLFSSL_SMALL_STACK - XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif - return BUFFER_E; - } - - /* e */ -#ifdef WOLFSSL_SMALL_STACK - e = (byte*)XMALLOC(MAX_RSA_E_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (e == NULL) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif - return MEMORY_E; - } -#endif - - leadingBit = mp_leading_bit(&key->e); - rawLen = mp_unsigned_bin_size(&key->e) + leadingBit; - e[0] = ASN_INTEGER; - eSz = SetLength(rawLen, e + 1) + 1; /* int tag */ - - if ( (eSz + rawLen) < MAX_RSA_E_SZ) { - if (leadingBit) - e[eSz] = 0; - err = mp_to_unsigned_bin(&key->e, e + eSz + leadingBit); - if (err == MP_OKAY) - eSz += rawLen; - else { -#ifdef WOLFSSL_SMALL_STACK - XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif - return MP_TO_E; - } - } - else { -#ifdef WOLFSSL_SMALL_STACK - XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif - return BUFFER_E; - } - -#ifdef WOLFSSL_SMALL_STACK - algo = (byte*)XMALLOC(MAX_ALGO_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (algo == NULL) { - XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER); - return MEMORY_E; - } -#endif - - /* headers */ - algoSz = SetAlgoID(RSAk, algo, keyType, 0); - seqSz = SetSequence(nSz + eSz, seq); - lenSz = SetLength(seqSz + nSz + eSz + 1, len); - len[lenSz++] = 0; /* trailing 0 */ - - /* write */ - idx = SetSequence(nSz + eSz + seqSz + lenSz + 1 + algoSz, output); - /* 1 is for ASN_BIT_STRING */ - /* algo */ - XMEMCPY(output + idx, algo, algoSz); - idx += algoSz; - /* bit string */ - output[idx++] = ASN_BIT_STRING; - /* length */ - XMEMCPY(output + idx, len, lenSz); - idx += lenSz; - /* seq */ - XMEMCPY(output + idx, seq, seqSz); - idx += seqSz; - /* n */ - XMEMCPY(output + idx, n, nSz); - idx += nSz; - /* e */ - XMEMCPY(output + idx, e, eSz); - idx += eSz; - -#ifdef WOLFSSL_SMALL_STACK - XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(algo, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif - - return idx; -} static INLINE byte itob(int number) @@ -5811,7 +5839,8 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey, if (cert->keyType == RSA_KEY) { if (rsaKey == NULL) return PUBLIC_KEY_E; - der->publicKeySz = SetRsaPublicKey(der->publicKey, rsaKey); + der->publicKeySz = SetRsaPublicKey(der->publicKey, rsaKey, + sizeof(der->publicKey)); if (der->publicKeySz <= 0) return PUBLIC_KEY_E; } @@ -6225,7 +6254,8 @@ static int EncodeCertReq(Cert* cert, DerCert* der, if (cert->keyType == RSA_KEY) { if (rsaKey == NULL) return PUBLIC_KEY_E; - der->publicKeySz = SetRsaPublicKey(der->publicKey, rsaKey); + der->publicKeySz = SetRsaPublicKey(der->publicKey, rsaKey, + sizeof(der->publicKey)); if (der->publicKeySz <= 0) return PUBLIC_KEY_E; } diff --git a/wolfssl/wolfcrypt/rsa.h b/wolfssl/wolfcrypt/rsa.h index ec6ef7b913..9da3becf2b 100644 --- a/wolfssl/wolfcrypt/rsa.h +++ b/wolfssl/wolfcrypt/rsa.h @@ -99,6 +99,7 @@ WOLFSSL_API int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e, word32 eSz, RsaKey* key); #ifdef WOLFSSL_KEY_GEN WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen); + WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen); #endif #endif /* HAVE_FIPS*/ WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*, From 1368ae1fb1f2932de1943208a62e01e714bd78d2 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 31 Aug 2015 13:51:52 -0700 Subject: [PATCH 38/55] add SHA512 signature creation --- wolfcrypt/src/asn.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 0946c6da84..ef8b6730cf 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -5985,7 +5985,7 @@ static int MakeSignature(const byte* buffer, int sz, byte* sig, int sigSz, int sigAlgoType) { int encSigSz, digestSz, typeH = 0, ret = 0; - byte digest[SHA256_DIGEST_SIZE]; /* max size */ + byte digest[MAX_DIGEST_SIZE]; /* max size */ #ifdef WOLFSSL_SMALL_STACK byte* encSig; #else @@ -6032,6 +6032,15 @@ static int MakeSignature(const byte* buffer, int sz, byte* sig, int sigSz, digestSz = SHA256_DIGEST_SIZE; } break; + #endif + #ifdef WOLFSSL_SHA512 + case CTC_SHA512wRSA: + case CTC_SHA512wECDSA: + if ((ret = wc_Sha512Hash(buffer, sz, digest)) == 0) { + typeH = SHA256h; + digestSz = SHA256_DIGEST_SIZE; + } + break; #endif default: WOLFSSL_MSG("MakeSignautre called with unsupported type"); From f8445193a4d3303a92e93d60257af9086792ea05 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 31 Aug 2015 13:55:56 -0700 Subject: [PATCH 39/55] add idirect generate seed --- wolfcrypt/src/random.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index ba0f3c66a4..90a586e0a6 100644 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -1289,6 +1289,20 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) */ +#elif defined(IDIRECT_DEV_RANDOM) + +extern int getRandom( int sz, unsigned char *output ); + +int GenerateSeed(OS_Seed* os, byte* output, word32 sz) +{ + int num_bytes_returned = 0; + + num_bytes_returned = getRandom( (int) sz, (unsigned char *) output ); + + return 0; +} + + #else /* !USE_WINDOWS_API && !HAVE_RPT_SYS && !MICRIUM && !NO_DEV_RANDOM */ /* may block */ From 553fc283c98e7020548df302ae016a038abc55b5 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 31 Aug 2015 14:23:50 -0700 Subject: [PATCH 40/55] add Buffer Load CRL --- src/ssl.c | 20 ++++++++++++++++++++ wolfssl/ssl.h | 6 ++++-- 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 8980aff210..770fa40553 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -3084,6 +3084,26 @@ int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER* cm, return ret; } +#ifdef HAVE_CRL + +int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER* cm, + const unsigned char* buff, long sz, int type) +{ + WOLFSSL_ENTER("wolfSSL_CertManagerLoadCRLBuffer"); + if (cm == NULL) + return BAD_FUNC_ARG; + + if (cm->crl == NULL) { + if (wolfSSL_CertManagerEnableCRL(cm, 0) != SSL_SUCCESS) { + WOLFSSL_MSG("Enable CRL failed"); + return SSL_FATAL_ERROR; + } + } + + return BufferLoadCRL(cm->crl, buff, sz, type); +} + +#endif /* HAVE_CRL */ /* Verify the ceritficate, SSL_SUCCESS for ok, < 0 for error */ int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm, const byte* buff, diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index a9d350d502..da140a42a0 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -1231,8 +1231,10 @@ WOLFSSL_API void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER*, int options); WOLFSSL_API int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER*); - WOLFSSL_API int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER*, const char*, - int, int); + WOLFSSL_API int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER*, + const char*, int, int); + WOLFSSL_API int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER*, + const unsigned char*, long sz, int); WOLFSSL_API int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER*, CbMissingCRL); WOLFSSL_API int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER*, From 6969453d06b0fbaec981d2c9acd4636be4047704 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 31 Aug 2015 14:57:23 -0700 Subject: [PATCH 41/55] allow CRL with NO_FILESYSTEM --- src/crl.c | 14 ++++++- src/ssl.c | 92 +++++++++++++++++++++++----------------------- wolfssl/internal.h | 4 ++ 3 files changed, 62 insertions(+), 48 deletions(-) diff --git a/src/crl.c b/src/crl.c index 0f47ee1a4f..d3f7af8ac6 100644 --- a/src/crl.c +++ b/src/crl.c @@ -32,8 +32,11 @@ #include #include -#include -#include +#ifndef NO_FILESYSTEM + #include + #include +#endif + #include #ifdef HAVE_CRL_MONITOR @@ -679,6 +682,8 @@ static int StartMonitorCRL(WOLFSSL_CRL* crl) #else /* HAVE_CRL_MONITOR */ +#ifndef NO_FILESYSTEM + static int StartMonitorCRL(WOLFSSL_CRL* crl) { (void)crl; @@ -689,8 +694,11 @@ static int StartMonitorCRL(WOLFSSL_CRL* crl) return NOT_COMPILED_IN; } +#endif /* NO_FILESYSTEM */ + #endif /* HAVE_CRL_MONITOR */ +#ifndef NO_FILESYSTEM /* Load CRL path files of type, SSL_SUCCESS on ok */ int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int monitor) @@ -787,4 +795,6 @@ int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int monitor) return ret; } +#endif /* NO_FILESYSTEM */ + #endif /* HAVE_CRL */ diff --git a/src/ssl.c b/src/ssl.c index 770fa40553..aba00ac0c0 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -3105,6 +3105,52 @@ int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER* cm, #endif /* HAVE_CRL */ +/* turn on CRL if off and compiled in, set options */ +int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER* cm, int options) +{ + int ret = SSL_SUCCESS; + + (void)options; + + WOLFSSL_ENTER("wolfSSL_CertManagerEnableCRL"); + if (cm == NULL) + return BAD_FUNC_ARG; + + #ifdef HAVE_CRL + if (cm->crl == NULL) { + cm->crl = (WOLFSSL_CRL*)XMALLOC(sizeof(WOLFSSL_CRL), cm->heap, + DYNAMIC_TYPE_CRL); + if (cm->crl == NULL) + return MEMORY_E; + + if (InitCRL(cm->crl, cm) != 0) { + WOLFSSL_MSG("Init CRL failed"); + FreeCRL(cm->crl, 1); + cm->crl = NULL; + return SSL_FAILURE; + } + } + cm->crlEnabled = 1; + if (options & WOLFSSL_CRL_CHECKALL) + cm->crlCheckAll = 1; + #else + ret = NOT_COMPILED_IN; + #endif + + return ret; +} + + +int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER* cm) +{ + WOLFSSL_ENTER("wolfSSL_CertManagerDisableCRL"); + if (cm == NULL) + return BAD_FUNC_ARG; + + cm->crlEnabled = 0; + + return SSL_SUCCESS; +} /* Verify the ceritficate, SSL_SUCCESS for ok, < 0 for error */ int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm, const byte* buff, long sz, int format) @@ -3678,52 +3724,6 @@ int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER* cm, const char* file, } -/* turn on CRL if off and compiled in, set options */ -int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER* cm, int options) -{ - int ret = SSL_SUCCESS; - - (void)options; - - WOLFSSL_ENTER("wolfSSL_CertManagerEnableCRL"); - if (cm == NULL) - return BAD_FUNC_ARG; - - #ifdef HAVE_CRL - if (cm->crl == NULL) { - cm->crl = (WOLFSSL_CRL*)XMALLOC(sizeof(WOLFSSL_CRL), cm->heap, - DYNAMIC_TYPE_CRL); - if (cm->crl == NULL) - return MEMORY_E; - - if (InitCRL(cm->crl, cm) != 0) { - WOLFSSL_MSG("Init CRL failed"); - FreeCRL(cm->crl, 1); - cm->crl = NULL; - return SSL_FAILURE; - } - } - cm->crlEnabled = 1; - if (options & WOLFSSL_CRL_CHECKALL) - cm->crlCheckAll = 1; - #else - ret = NOT_COMPILED_IN; - #endif - - return ret; -} - - -int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER* cm) -{ - WOLFSSL_ENTER("wolfSSL_CertManagerDisableCRL"); - if (cm == NULL) - return BAD_FUNC_ARG; - - cm->crlEnabled = 0; - - return SSL_SUCCESS; -} int wolfSSL_CTX_check_private_key(WOLFSSL_CTX* ctx) diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 5b690d1cd9..427bb2fb73 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -1298,6 +1298,10 @@ struct CRL_Monitor { typedef struct WOLFSSL_CRL WOLFSSL_CRL; #endif +#if defined(HAVE_CRL) && defined(NO_FILESYSTEM) + #undef HAVE_CRL_MONITOR +#endif + /* wolfSSL CRL controller */ struct WOLFSSL_CRL { WOLFSSL_CERT_MANAGER* cm; /* pointer back to cert manager */ From a56a8a22e5b123485e6eb119d225a4f904aebedb Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 31 Aug 2015 15:02:41 -0700 Subject: [PATCH 42/55] add idrect dev time --- wolfcrypt/src/asn.c | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index ef8b6730cf..d813181c20 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -182,6 +182,15 @@ #ifndef HAVE_VALIDATE_DATE #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t)) #endif + +#elif defined(IDIRECT_DEV_TIME) + /*Gets the timestamp from cloak software owned by VT iDirect + in place of time() from */ + #include + #define XTIME(t1) idirect_time((t1)) + #define XGMTIME(c) gmtime((c)) + #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t)) + #else /* default */ /* uses complete facility */ @@ -468,6 +477,22 @@ CPU_INT32S NetSecure_ValidateDateHandler(CPU_INT08U *date, CPU_INT08U format, #endif /* MICRIUM */ +#if defined(IDIRECT_DEV_TIME) + +extern time_t getTimestamp(); + +time_t idirect_time(time_t * timer) +{ + time_t sec = getTimestamp(); + + if (timer != NULL) + *timer = sec; + + return sec; +} + +#endif + WOLFSSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len, word32 maxIdx) From 928d2b7caaa990911345102d99841b695ccb7441 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 31 Aug 2015 17:02:15 -0700 Subject: [PATCH 43/55] add build optional skip crl next date if missing --- src/crl.c | 10 +++++++++- wolfcrypt/src/asn.c | 22 +++++++++++++++++----- 2 files changed, 26 insertions(+), 6 deletions(-) diff --git a/src/crl.c b/src/crl.c index d3f7af8ac6..6cd26cdd2f 100644 --- a/src/crl.c +++ b/src/crl.c @@ -156,10 +156,18 @@ int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert) while (crle) { if (XMEMCMP(crle->issuerHash, cert->issuerHash, CRL_DIGEST_SIZE) == 0) { + int doNextDate = 1; + WOLFSSL_MSG("Found CRL Entry on list"); WOLFSSL_MSG("Checking next date validity"); - if (!ValidateDate(crle->nextDate, crle->nextDateFormat, AFTER)) { + #ifdef WOLFSSL_NO_CRL_NEXT_DATE + if (crle->nextDateFormat == ASN_OTHER_TYPE) + doNextDate = 0; /* skip */ + #endif + + if (doNextDate && !ValidateDate(crle->nextDate, + crle->nextDateFormat, AFTER)) { WOLFSSL_MSG("CRL next date is no longer valid"); ret = ASN_AFTER_DATE_E; } diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index d813181c20..9ddd027fe3 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -7979,8 +7979,8 @@ static int GetCRL_Signature(const byte* source, word32* idx, DecodedCRL* dcrl, /* prase crl buffer into decoded state, 0 on success */ int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm) { - int version, len; - word32 oid, idx = 0; + int version, len, doNextDate = 1; + word32 oid, idx = 0, dateIdx; Signer* ca = NULL; WOLFSSL_MSG("ParseCRL"); @@ -8016,10 +8016,22 @@ int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm) if (GetBasicDate(buff, &idx, dcrl->lastDate, &dcrl->lastDateFormat, sz) < 0) return ASN_PARSE_E; - if (GetBasicDate(buff, &idx, dcrl->nextDate, &dcrl->nextDateFormat, sz) < 0) - return ASN_PARSE_E; + dateIdx = idx; - if (!XVALIDATE_DATE(dcrl->nextDate, dcrl->nextDateFormat, AFTER)) { + if (GetBasicDate(buff, &idx, dcrl->nextDate, &dcrl->nextDateFormat, sz) < 0) + { +#ifndef WOLFSSL_NO_CRL_NEXT_DATE + (void)dateIdx; + return ASN_PARSE_E; +#else + dcrl->nextDateFormat = ASN_OTHER_TYPE; /* skip flag */ + doNextDate = 0; + idx = dateIdx; +#endif + } + + if (doNextDate && !XVALIDATE_DATE(dcrl->nextDate, dcrl->nextDateFormat, + AFTER)) { WOLFSSL_MSG("CRL after date is no longer valid"); return ASN_AFTER_DATE_E; } From efb06e2559dafd7578fb3c82ce185370c74a3fd0 Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Tue, 1 Sep 2015 09:29:44 +0900 Subject: [PATCH 44/55] rolling back internal.c for master conflict --- src/internal.c | 23 ++++++++++++++++------- 1 file changed, 16 insertions(+), 7 deletions(-) diff --git a/src/internal.c b/src/internal.c index 37e0c224f6..0eeb2c0219 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1562,18 +1562,25 @@ void FreeX509(WOLFSSL_X509* x509) /* This function inherits a WOLFSSL_CTX's fields into an SSL object. It is used during initialization and to switch an ssl's CTX with - wolfSSL_Set_SSL_CTX */ + wolfSSL_Set_SSL_CTX. Requires ssl->suites alloc and ssl-arrays with PSK + SSL_SUCCESS return value on success */ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx) { + if(!ssl || !ctx || ssl->suites == NULL) + return BAD_FUNC_ARG; + +#ifndef NO_PSK + if (ctx->server_hint[0] && ssl->arrays == NULL) { + return BAD_FUNC_ARG; /* needed for copy below */ + } +#endif + byte havePSK = 0; byte haveAnon = 0; byte haveRSA = 0; byte newSSL = ssl->ctx == NULL; + (void) haveAnon; /* Squash unused var warnings */ - (void) haveAnon; /* Squash unused var warnings */ - - if(!ssl || !ctx) - return BAD_FUNC_ARG; #ifndef NO_RSA haveRSA = 1; #endif @@ -1701,7 +1708,8 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx) /* init everything to 0, NULL, default values before calling anything that may - fail so that desctructor has a "good" state to cleanup */ + fail so that desctructor has a "good" state to cleanup + 0 on success */ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx) { int ret; @@ -1793,6 +1801,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx) } /* Initialize SSL with the appropriate fields from it's ctx */ + /* requires valid arrays and suites */ if((ret = SetSSL_CTX(ssl, ctx)) != SSL_SUCCESS) return ret; @@ -15492,4 +15501,4 @@ int DoSessionTicket(WOLFSSL* ssl, return 0; } #endif /* HAVE_STUNNEL */ -#endif /* NO_WOLFSSL_SERVER */ +#endif /* NO_WOLFSSL_SERVER */ \ No newline at end of file From 3b468bc1efe7e143b8a7fc6b6ad6f20c00e372cd Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Tue, 1 Sep 2015 09:40:08 +0900 Subject: [PATCH 45/55] internal.c: declaration after exection statements From 05bef43c1e56ef1e8f43c4348408f6609da9e588 Mon Sep 17 00:00:00 2001 From: toddouska Date: Tue, 1 Sep 2015 11:31:46 -0700 Subject: [PATCH 46/55] bump dev version --- configure.ac | 2 +- support/wolfssl.pc | 2 +- wolfssl/version.h | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/configure.ac b/configure.ac index 1aa47db105..3e296562e7 100644 --- a/configure.ac +++ b/configure.ac @@ -6,7 +6,7 @@ # # -AC_INIT([wolfssl],[3.6.6],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[http://www.wolfssl.com]) +AC_INIT([wolfssl],[3.6.7],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[http://www.wolfssl.com]) AC_CONFIG_AUX_DIR([build-aux]) diff --git a/support/wolfssl.pc b/support/wolfssl.pc index a461151f96..616ecf839e 100644 --- a/support/wolfssl.pc +++ b/support/wolfssl.pc @@ -5,6 +5,6 @@ includedir=${prefix}/include Name: wolfssl Description: wolfssl C library. -Version: 3.6.6 +Version: 3.6.7 Libs: -L${libdir} -lwolfssl Cflags: -I${includedir} diff --git a/wolfssl/version.h b/wolfssl/version.h index 8f69cdc530..b6f8d58dd0 100644 --- a/wolfssl/version.h +++ b/wolfssl/version.h @@ -26,8 +26,8 @@ extern "C" { #endif -#define LIBWOLFSSL_VERSION_STRING "3.6.6" -#define LIBWOLFSSL_VERSION_HEX 0x03006006 +#define LIBWOLFSSL_VERSION_STRING "3.6.7" +#define LIBWOLFSSL_VERSION_HEX 0x03006007 #ifdef __cplusplus } From ebea6145f6713c14783429799d24e1afbe8a173c Mon Sep 17 00:00:00 2001 From: toddouska Date: Tue, 1 Sep 2015 13:33:26 -0700 Subject: [PATCH 47/55] change generice define to more specific for pkcs7 digest size --- wolfcrypt/src/pkcs7.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index c5f113fa6f..e0f37c65b0 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -884,14 +884,15 @@ int wc_PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) { word32 scratch = 0; int plainSz = 0; - #define DIGEST_SZ (MAX_SEQ_SZ + MAX_ALGO_SZ +\ + #define MAX_PKCS7_DIGEST_SZ (MAX_SEQ_SZ + MAX_ALGO_SZ +\ MAX_OCTET_STR_SZ + SHA_DIGEST_SIZE) #ifdef WOLFSSL_SMALL_STACK byte* digest; RsaKey* key; - digest = (byte*)XMALLOC(DIGEST_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); + digest = (byte*)XMALLOC(MAX_PKCS7_DIGEST_SZ, NULL, + DYNAMIC_TYPE_TMP_BUFFER); if (digest == NULL) return MEMORY_E; @@ -903,12 +904,12 @@ int wc_PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) return MEMORY_E; } #else - byte digest[DIGEST_SZ]; + byte digest[MAX_PKCS7_DIGEST_SZ]; RsaKey stack_key; RsaKey* key = &stack_key; #endif - XMEMSET(digest, 0, DIGEST_SZ); + XMEMSET(digest, 0, MAX_PKCS7_DIGEST_SZ); ret = wc_InitRsaKey(key, NULL); if (ret != 0) { @@ -928,7 +929,8 @@ int wc_PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) return PUBLIC_KEY_E; } - plainSz = wc_RsaSSL_Verify(sig, sigSz, digest, DIGEST_SZ, key); + plainSz = wc_RsaSSL_Verify(sig, sigSz, digest, MAX_PKCS7_DIGEST_SZ, + key); wc_FreeRsaKey(key); #ifdef WOLFSSL_SMALL_STACK From be5ac590b78ea6a849fdd90ce32daae16ff94e0a Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Tue, 1 Sep 2015 15:37:11 -0600 Subject: [PATCH 48/55] Freescale: Add KSDK FreeRTOS build, using fastmath --- wolfcrypt/src/random.c | 2 +- wolfssl/wolfcrypt/settings.h | 21 ++++++++++++++++++++- wolfssl/wolfcrypt/types.h | 6 +++--- wolfssl/wolfcrypt/wc_port.h | 4 ++++ 4 files changed, 28 insertions(+), 5 deletions(-) diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index e31912694d..53aa093c71 100644 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -1085,7 +1085,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) #endif /* WOLFSSL_MIC32MZ_RNG */ #elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) || \ - defined(FREESCALE_KSDK_BM) + defined(FREESCALE_KSDK_BM) || defined(FREESCALE_FREE_RTOS) #ifdef FREESCALE_K70_RNGA /* diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index cf1465bb58..5a8ce7b016 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -81,6 +81,9 @@ /* Uncomment next line if building for Freescale KSDK Bare Metal */ /* #define FREESCALE_KSDK_BM */ +/* Uncomment next line if building for Freescale FreeRTOS */ +/* #define FREESCALE_FREE_RTOS */ + /* Uncomment next line if using STM32F2 */ /* #define WOLFSSL_STM32F2 */ @@ -555,6 +558,22 @@ static char *fgets(char *buff, int sz, FILE *fp) #define USE_WOLFSSL_MEMORY #endif +#ifdef FREESCALE_FREE_RTOS + #define FREESCALE_COMMON + #define NO_FILESYSTEM + #define NO_MAIN_DRIVER + #define XMALLOC(s, h, t) OSA_MemAlloc(s); + #define XFREE(p, h, t) {void* xp = (p); if((xp)) OSA_MemFree((xp));} + #define XREALLOC(p, n, h, t) ksdk_realloc((p), (n), (h), (t)); + #ifdef FREESCALE_KSDK_BM + #error Baremetal and FreeRTOS cannot be both enabled at the same time! + #endif + #ifndef SINGLE_THREADED + #include "FreeRTOS.h" + #include "semphr.h" + #endif +#endif + #ifdef FREESCALE_COMMON #define SIZEOF_LONG_LONG 8 #define NO_WRITEV @@ -572,7 +591,7 @@ static char *fgets(char *buff, int sz, FILE *fp) #define NO_OLD_RNGNAME #if FSL_FEATURE_SOC_TRNG_COUNT > 0 #define FREESCALE_TRNG - #elif !defined(FREESCALE_KSDK_BM) + #elif !defined(FREESCALE_KSDK_BM) && !defined(FREESCALE_FREE_RTOS) #define FREESCALE_K70_RNGA /* #define FREESCALE_K53_RNGB */ #endif diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index 2865f01aa5..324c8d1b11 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -179,9 +179,9 @@ #define XREALLOC(p, n, h, t) realloc((p), (n)) #elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \ && !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \ - && !defined(FREESCALE_KSDK_MQX) && !defined(WOLFSSL_LEANPSK) \ - && !defined(FREERTOS) && !defined(WOLFSSL_uITRON4) \ - && !defined(WOLFSSL_uTKERNEL2) + && !defined(FREESCALE_KSDK_MQX) && !defined(FREESCALE_FREE_RTOS) \ + && !defined(WOLFSSL_LEANPSK) && !defined(FREERTOS) \ + && !defined(WOLFSSL_uITRON4) && !defined(WOLFSSL_uTKERNEL2) /* default C runtime, can install different routines at runtime via cbs */ #include #define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s))) diff --git a/wolfssl/wolfcrypt/wc_port.h b/wolfssl/wolfcrypt/wc_port.h index 04155360b3..2056b7cdeb 100644 --- a/wolfssl/wolfcrypt/wc_port.h +++ b/wolfssl/wolfcrypt/wc_port.h @@ -55,6 +55,8 @@ /* do nothing */ #elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) /* do nothing */ +#elif defined(FREESCALE_FREE_RTOS) + #include "fsl_os_abstraction.h" #elif defined(WOLFSSL_uITRON4) #include "kernel.h" #elif defined(WOLFSSL_uTKERNEL2) @@ -104,6 +106,8 @@ typedef RTP_MUTEX wolfSSL_Mutex; #elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) typedef MUTEX_STRUCT wolfSSL_Mutex; + #elif defined(FREESCALE_FREE_RTOS) + typedef mutex_t wolfSSL_Mutex; #elif defined(WOLFSSL_uITRON4) typedef struct wolfSSL_Mutex { T_CSEM sem ; From aaaebf6213532b9d78071df4a4b89a847f1805ec Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Wed, 2 Sep 2015 08:59:04 +0900 Subject: [PATCH 49/55] pkcs7 rolling back static values to auto --- wolfcrypt/src/pkcs7.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index e0f37c65b0..ed933a7dfd 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -52,19 +52,19 @@ WOLFSSL_LOCAL int wc_SetContentType(int pkcs7TypeOID, byte* output) { /* PKCS#7 content types, RFC 2315, section 14 */ - static const byte pkcs7[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + const byte pkcs7[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07 }; - static const byte data[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + const byte data[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01 }; - static const byte signedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + const byte signedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02}; - static const byte envelopedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + const byte envelopedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x03 }; - static const byte signedAndEnveloped[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + const byte signedAndEnveloped[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x04 }; - static const byte digestedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + const byte digestedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x05 }; - static const byte encryptedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + const byte encryptedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x06 }; int idSz; From c34082b7ba5691343b93e67bead0724856a648d1 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 1 Sep 2015 17:57:37 -0700 Subject: [PATCH 50/55] updated fips-check script with proper win versions --- fips-check.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/fips-check.sh b/fips-check.sh index a60050fe74..f3ba0e2409 100755 --- a/fips-check.sh +++ b/fips-check.sh @@ -34,10 +34,9 @@ ANDROID_FIPS_REPO=git@github.com:wolfSSL/fips.git ANDROID_CTAO_VERSION=v3.5.0 ANDROID_CTAO_REPO=git@github.com:cyassl/cyassl.git -#WINDOWS_FIPS_VERSION=v3.6.0 -WINDOWS_FIPS_VERSION=master +WINDOWS_FIPS_VERSION=v3.6.6 WINDOWS_FIPS_REPO=git@github.com:wolfSSL/fips.git -WINDOWS_CTAO_VERSION=v3.6.0 +WINDOWS_CTAO_VERSION=v3.6.6 WINDOWS_CTAO_REPO=git@github.com:cyassl/cyassl.git FIPS_SRCS=( fips.c fips_test.c ) From 12bf9b44300640ebfc85844f5df74a413e8eda1b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moise=CC=81s=20Guimara=CC=83es?= Date: Thu, 3 Sep 2015 12:06:56 -0300 Subject: [PATCH 51/55] fixes conflict with reserver names used as variable names; adds NOT_COMPILED_IN error when trying to use SRP with a hash not compiled in. --- wolfcrypt/src/srp.c | 51 ++++++++++++++++++++++++++++++++--------- wolfssl/wolfcrypt/srp.h | 16 ++++--------- 2 files changed, 44 insertions(+), 23 deletions(-) diff --git a/wolfcrypt/src/srp.c b/wolfcrypt/src/srp.c index 5d893c929a..98c981cb7f 100644 --- a/wolfcrypt/src/srp.c +++ b/wolfcrypt/src/srp.c @@ -166,9 +166,38 @@ int wc_SrpInit(Srp* srp, SrpType type, SrpSide side) if (side != SRP_CLIENT_SIDE && side != SRP_SERVER_SIDE) return BAD_FUNC_ARG; - if (type != SRP_TYPE_SHA && type != SRP_TYPE_SHA256 && - type != SRP_TYPE_SHA384 && type != SRP_TYPE_SHA512) - return BAD_FUNC_ARG; + switch (type) { + case SRP_TYPE_SHA: + #ifdef NO_SHA + return NOT_COMPILED_IN; + #else + break; /* OK */ + #endif + + case SRP_TYPE_SHA256: + #ifdef NO_SHA256 + return NOT_COMPILED_IN; + #else + break; /* OK */ + #endif + + case SRP_TYPE_SHA384: + #ifndef WOLFSSL_SHA384 + return NOT_COMPILED_IN; + #else + break; /* OK */ + #endif + + case SRP_TYPE_SHA512: + #ifndef WOLFSSL_SHA512 + return NOT_COMPILED_IN; + #else + break; /* OK */ + #endif + + default: + return BAD_FUNC_ARG; + } /* initializing variables */ @@ -402,25 +431,25 @@ int wc_SrpSetPrivate(Srp* srp, const byte* private, word32 size) } /** Generates random data using wolfcrypt RNG. */ -static int wc_SrpGenPrivate(Srp* srp, byte* private, word32 size) +static int wc_SrpGenPrivate(Srp* srp, byte* priv, word32 size) { WC_RNG rng; int r = wc_InitRng(&rng); - if (!r) r = wc_RNG_GenerateBlock(&rng, private, size); - if (!r) r = wc_SrpSetPrivate(srp, private, size); + if (!r) r = wc_RNG_GenerateBlock(&rng, priv, size); + if (!r) r = wc_SrpSetPrivate(srp, priv, size); if (!r) wc_FreeRng(&rng); return r; } -int wc_SrpGetPublic(Srp* srp, byte* public, word32* size) +int wc_SrpGetPublic(Srp* srp, byte* pub, word32* size) { mp_int pubkey; word32 modulusSz; int r; - if (!srp || !public || !size) + if (!srp || !pub || !size) return BAD_FUNC_ARG; if (mp_iszero(&srp->auth)) @@ -436,7 +465,7 @@ int wc_SrpGetPublic(Srp* srp, byte* public, word32* size) /* priv = random() */ if (mp_iszero(&srp->priv)) - r = wc_SrpGenPrivate(srp, public, modulusSz); + r = wc_SrpGenPrivate(srp, pub, modulusSz); /* client side: A = g ^ a % N */ if (srp->side == SRP_CLIENT_SIDE) { @@ -459,8 +488,8 @@ int wc_SrpGetPublic(Srp* srp, byte* public, word32* size) } /* extract public key to buffer */ - XMEMSET(public, 0, modulusSz); - if (!r) r = mp_to_unsigned_bin(&pubkey, public); + XMEMSET(pub, 0, modulusSz); + if (!r) r = mp_to_unsigned_bin(&pubkey, pub); if (!r) *size = mp_unsigned_bin_size(&pubkey); mp_clear(&pubkey); diff --git a/wolfssl/wolfcrypt/srp.h b/wolfssl/wolfcrypt/srp.h index 3992a07ea8..af5ba52072 100644 --- a/wolfssl/wolfcrypt/srp.h +++ b/wolfssl/wolfcrypt/srp.h @@ -62,18 +62,10 @@ typedef enum { * SRP hash type, SHA[1|256|384|512]. */ typedef enum { - #ifndef NO_SHA SRP_TYPE_SHA = 1, - #endif - #ifndef NO_SHA256 SRP_TYPE_SHA256 = 2, - #endif - #ifdef WOLFSSL_SHA384 SRP_TYPE_SHA384 = 3, - #endif - #ifdef WOLFSSL_SHA512 SRP_TYPE_SHA512 = 4, - #endif } SrpType; /** @@ -230,12 +222,12 @@ WOLFSSL_API int wc_SrpGetVerifier(Srp* srp, byte* verifier, word32* size); * This function MAY be called before wc_SrpGetPublic. * * @param[in,out] srp the Srp structure. - * @param[in] private the ephemeral value. + * @param[in] priv the ephemeral value. * @param[in] size the private size in bytes. * * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h */ -WOLFSSL_API int wc_SrpSetPrivate(Srp* srp, const byte* private, word32 size); +WOLFSSL_API int wc_SrpSetPrivate(Srp* srp, const byte* priv, word32 size); /** * Gets the public ephemeral value. @@ -246,13 +238,13 @@ WOLFSSL_API int wc_SrpSetPrivate(Srp* srp, const byte* private, word32 size); * This function MUST be called after wc_SrpSetPassword or wc_SrpSetVerifier. * * @param[in,out] srp the Srp structure. - * @param[out] public the buffer to write the public ephemeral value. + * @param[out] pub the buffer to write the public ephemeral value. * @param[in,out] size the the buffer size in bytes. Will be updated with * the ephemeral value size. * * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h */ -WOLFSSL_API int wc_SrpGetPublic(Srp* srp, byte* public, word32* size); +WOLFSSL_API int wc_SrpGetPublic(Srp* srp, byte* pub, word32* size); /** From 316302cec39f5b44b5cffc36f8a5d0fb90fd4fbb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moise=CC=81s=20Guimara=CC=83es?= Date: Thu, 3 Sep 2015 12:21:22 -0300 Subject: [PATCH 52/55] fixes SRP documentation. --- wolfssl/wolfcrypt/srp.h | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/wolfssl/wolfcrypt/srp.h b/wolfssl/wolfcrypt/srp.h index af5ba52072..b028348d2b 100644 --- a/wolfssl/wolfcrypt/srp.h +++ b/wolfssl/wolfcrypt/srp.h @@ -184,7 +184,7 @@ WOLFSSL_API int wc_SrpSetParams(Srp* srp, const byte* N, word32 nSz, WOLFSSL_API int wc_SrpSetPassword(Srp* srp, const byte* password, word32 size); /** - * Sets the password. + * Sets the verifier. * * This function MUST be called after wc_SrpSetParams and is SERVER SIDE ONLY. * @@ -200,7 +200,7 @@ WOLFSSL_API int wc_SrpSetVerifier(Srp* srp, const byte* verifier, word32 size); * Gets the verifier. * * The client calculates the verifier with v = g ^ x % N. - * This function MAY be called after wc_SrpSetPassword and is SERVER SIDE ONLY. + * This function MAY be called after wc_SrpSetPassword and is CLIENT SIDE ONLY. * * @param[in,out] srp the Srp structure. * @param[out] verifier the buffer to write the verifier. @@ -250,14 +250,13 @@ WOLFSSL_API int wc_SrpGetPublic(Srp* srp, byte* pub, word32* size); /** * Computes the session key. * - * This function is handy for unit test cases or if the developer wants to use - * an external random source to set the ephemeral value. - * This function MUST be called after wc_SrpSetPassword or wc_SrpSetVerifier. + * The key can be accessed at srp->key after success. * - * @param[in,out] srp the Srp structure. - * @param[out] public the buffer to write the public ephemeral value. - * @param[in,out] size the the buffer size in bytes. Will be updated with - the ephemeral value size. + * @param[in,out] srp the Srp structure. + * @param[in] clientPubKey the client's public ephemeral value. + * @param[in] clientPubKeySz the client's public ephemeral value size. + * @param[in] serverPubKey the server's public ephemeral value. + * @param[in] serverPubKeySz the server's public ephemeral value size. * * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h */ From 6dd85815bfef17030f292adc1363e9a5be64b879 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Thu, 3 Sep 2015 14:05:09 -0700 Subject: [PATCH 53/55] added freertos build to fips-check script --- fips-check.sh | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/fips-check.sh b/fips-check.sh index f3ba0e2409..53126886d5 100755 --- a/fips-check.sh +++ b/fips-check.sh @@ -11,12 +11,12 @@ # # $ ./fips-check [version] # -# - version: linux (default), ios, android, windows +# - version: linux (default), ios, android, windows, freertos # function Usage() { echo "Usage: $0 [platform]" - echo "Where \"platform\" is one of linux (default), ios, android, windows" + echo "Where \"platform\" is one of linux (default), ios, android, windows, linux" } LINUX_FIPS_VERSION=v3.2.6 @@ -39,6 +39,11 @@ WINDOWS_FIPS_REPO=git@github.com:wolfSSL/fips.git WINDOWS_CTAO_VERSION=v3.6.6 WINDOWS_CTAO_REPO=git@github.com:cyassl/cyassl.git +FREERTOS_FIPS_VERSION=v3.6.1-FreeRTOS +FREERTOS_FIPS_REPO=git@github.com:wolfSSL/fips.git +FREERTOS_CTAO_VERSION=v3.6.1 +FREERTOS_CTAO_REPO=git@github.com:cyassl/cyassl.git + FIPS_SRCS=( fips.c fips_test.c ) WC_MODS=( aes des3 sha sha256 sha512 rsa hmac random ) TEST_DIR=XXX-fips-test @@ -66,6 +71,12 @@ windows) CTAO_VERSION=$WINDOWS_CTAO_VERSION CTAO_REPO=$WINDOWS_CTAO_REPO ;; +freertos) + FIPS_VERSION=$FREERTOS_FIPS_VERSION + FIPS_REPO=$FREERTOS_FIPS_REPO + CTAO_VERSION=$FREERTOS_CTAO_VERSION + CTAO_REPO=$FREERTOS_CTAO_REPO + ;; linux) FIPS_VERSION=$LINUX_FIPS_VERSION FIPS_REPO=$LINUX_FIPS_REPO From 58a36566cb06400db69a12855c0c213e7d751969 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Sat, 22 Aug 2015 11:39:33 -0700 Subject: [PATCH 54/55] allow for DTLS1.0 version record headers for client hello and hello verify --- src/internal.c | 34 ++++++++++++++++++++++++++++++---- 1 file changed, 30 insertions(+), 4 deletions(-) diff --git a/src/internal.c b/src/internal.c index 0eeb2c0219..42ac8579e2 100644 --- a/src/internal.c +++ b/src/internal.c @@ -3137,12 +3137,18 @@ static int GetRecordHeader(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* catch version mismatch */ if (rh->pvMajor != ssl->version.major || rh->pvMinor != ssl->version.minor){ if (ssl->options.side == WOLFSSL_SERVER_END && - ssl->options.acceptState == ACCEPT_BEGIN) + ssl->options.acceptState < ACCEPT_FIRST_REPLY_DONE) + WOLFSSL_MSG("Client attempting to connect with different version"); else if (ssl->options.side == WOLFSSL_CLIENT_END && ssl->options.downgrade && ssl->options.connectState < FIRST_REPLY_DONE) WOLFSSL_MSG("Server attempting to accept with different version"); + else if (ssl->options.dtls + && (ssl->options.acceptState == ACCEPT_BEGIN + || ssl->options.acceptState == CLIENT_HELLO_SENT)) + /* Do not check version until Server Hello or Hello Again (2) */ + WOLFSSL_MSG("Use version for formatting only in DTLS till "); else { WOLFSSL_MSG("SSL version error"); return VERSION_ERROR; /* only use requested version */ @@ -9591,6 +9597,13 @@ static void PickHashSigAlgo(WOLFSSL* ssl, ssl->buffers.outputBuffer.length; AddHeaders(output, length, client_hello, ssl); +#ifdef WOLFSSL_DTLS + if (ssl->options.dtls) { + DtlsRecordLayerHeader* rh = (DtlsRecordLayerHeader*)output; + rh->pvMajor = DTLS_MAJOR; + rh->pvMinor = DTLS_MINOR; + } +#endif /* WOLFSSL_DTLS */ /* client hello, first version */ output[idx++] = ssl->version.major; @@ -9737,6 +9750,10 @@ static void PickHashSigAlgo(WOLFSSL* ssl, XMEMCPY(&pv, input + *inOutIdx, OPAQUE16_LEN); *inOutIdx += OPAQUE16_LEN; + if (pv.major != DTLS_MAJOR || + (pv.minor != DTLS_MINOR && pv.minor != DTLSv1_2_MINOR)) + return VERSION_ERROR; + cookieSz = input[(*inOutIdx)++]; if (cookieSz) { @@ -14190,7 +14207,11 @@ int DoSessionTicket(WOLFSSL* ssl, ssl->chVersion = pv; /* store */ i += OPAQUE16_LEN; - if (ssl->version.minor > pv.minor) { + if ((!ssl->options.dtls && ssl->version.minor > pv.minor) || + (ssl->options.dtls && ssl->version.minor != DTLS_MINOR + && ssl->version.minor != DTLSv1_2_MINOR && pv.minor != DTLS_MINOR + && pv.minor != DTLSv1_2_MINOR)) { + byte haveRSA = 0; byte havePSK = 0; @@ -14929,9 +14950,14 @@ int DoSessionTicket(WOLFSSL* ssl, ssl->buffers.outputBuffer.length; AddHeaders(output, length, hello_verify_request, ssl); + { + DtlsRecordLayerHeader* rh = (DtlsRecordLayerHeader*)output; + rh->pvMajor = DTLS_MAJOR; + rh->pvMinor = DTLS_MINOR; + } - output[idx++] = ssl->chVersion.major; - output[idx++] = ssl->chVersion.minor; + output[idx++] = DTLS_MAJOR; + output[idx++] = DTLS_MINOR; output[idx++] = cookieSz; if (ssl->ctx->CBIOCookie == NULL) { From 6041b117d67a43076fbeddfafc6f684fd9596157 Mon Sep 17 00:00:00 2001 From: toddouska Date: Fri, 4 Sep 2015 11:05:53 -0700 Subject: [PATCH 55/55] fix fips-check freertos help string --- fips-check.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fips-check.sh b/fips-check.sh index 53126886d5..31e8a51d37 100755 --- a/fips-check.sh +++ b/fips-check.sh @@ -16,7 +16,7 @@ function Usage() { echo "Usage: $0 [platform]" - echo "Where \"platform\" is one of linux (default), ios, android, windows, linux" + echo "Where \"platform\" is one of linux (default), ios, android, windows, freertos" } LINUX_FIPS_VERSION=v3.2.6