feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge branch 'master' of github.com:cyassl/cyassl

Browse Source
This commit is contained in:
toddouska
2012-10-17 10:05:05 -07:00
parent dc708f4f5b d99c5d8e06
commit c11620f9b4
10 changed files with 43 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
README
View File

@@ -34,7 +34,20 @@ before calling SSL_new(); Though it's not recommended.
*** end Note *** *** end Note ***
CyaSSL Release 2.3.0 (8/10/2012) CyaSSL Release 2.4.0 (10/10/2012)
Release 2.4.0 CyaSSL has bug fixes and a few new features including:
- DTLS reliability
- Reduced memory usage after handshake
- Updated build process
The CyaSSL manual is available at:
http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions
and comments about the new features please check the manual.
*************** CyaSSL Release 2.3.0 (8/10/2012)
Release 2.3.0 CyaSSL has bug fixes and a few new features including: Release 2.3.0 CyaSSL has bug fixes and a few new features including:
- AES-GCM crypto and cipher suites - AES-GCM crypto and cipher suites

4
configure.ac
View File

@@ -6,7 +6,7 @@
# #
# #
AC_INIT([cyassl],[2.3.1],[http://www.yassl.com]) AC_INIT([cyassl],[2.4.0],[http://www.yassl.com])
AC_CONFIG_AUX_DIR(config) AC_CONFIG_AUX_DIR(config)
@@ -25,7 +25,7 @@ AC_CONFIG_HEADERS([config.h:config.in])dnl Keep filename to 8.3 for MS-DOS.
#shared library versioning #shared library versioning
CYASSL_LIBRARY_VERSION=3:2:0 CYASSL_LIBRARY_VERSION=3:3:0
# | | | # | | |
# +------+ | +---+ # +------+ | +---+
# | | | # | | |

10
ctaocrypt/src/aes.c
View File

@@ -743,7 +743,7 @@ static const word32 Td[5][256] = {
#endif /* _MSC_VER */ #endif /* _MSC_VER */
static int Check_CPU_support_AES() static int Check_CPU_support_AES(void)
{ {
unsigned int a,b,c,d; unsigned int a,b,c,d;
cpuid(1,a,b,c,d); cpuid(1,a,b,c,d);
@@ -865,6 +865,9 @@ static int AesSetKeyLocal(Aes* aes, const byte* userKey, word32 keylen,
word32 temp, *rk = aes->key; word32 temp, *rk = aes->key;
unsigned int i = 0; unsigned int i = 0;
#ifdef CYASSL_AESNI
aes->use_aesni = 0;
#endif /* CYASSL_AESNI */
aes->rounds = keylen/4 + 6; aes->rounds = keylen/4 + 6;
XMEMCPY(rk, userKey, keylen); XMEMCPY(rk, userKey, keylen);
@@ -1003,6 +1006,7 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
checkAESNI = 1; checkAESNI = 1;
} }
if (haveAESNI) { if (haveAESNI) {
aes->use_aesni = 1;
if (iv) if (iv)
XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE); XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE);
if (dir == AES_ENCRYPTION) if (dir == AES_ENCRYPTION)
@@ -1028,7 +1032,7 @@ static void AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock)
return; /* stop instead of segfaulting, set up your keys! */ return; /* stop instead of segfaulting, set up your keys! */
} }
#ifdef CYASSL_AESNI #ifdef CYASSL_AESNI
if (haveAESNI) { if (aes->use_aesni) {
CYASSL_MSG("AesEncrypt encountered aesni keysetup, don't use direct"); CYASSL_MSG("AesEncrypt encountered aesni keysetup, don't use direct");
return; /* just stop now */ return; /* just stop now */
} }
@@ -1173,7 +1177,7 @@ static void AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
return; /* stop instead of segfaulting, set up your keys! */ return; /* stop instead of segfaulting, set up your keys! */
} }
#ifdef CYASSL_AESNI #ifdef CYASSL_AESNI
if (haveAESNI) { if (aes->use_aesni) {
CYASSL_MSG("AesEncrypt encountered aesni keysetup, don't use direct"); CYASSL_MSG("AesEncrypt encountered aesni keysetup, don't use direct");
return; /* just stop now */ return; /* just stop now */
} }

4
ctaocrypt/test/test.c
View File

@@ -1230,9 +1230,9 @@ int aes_test(void)
0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee 0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee
}; };
AesSetKey(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
/* Ctr only uses encrypt, even on key setup */ /* Ctr only uses encrypt, even on key setup */
AesSetKey(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
AesCtrEncrypt(&enc, cipher, ctrPlain, AES_BLOCK_SIZE*4); AesCtrEncrypt(&enc, cipher, ctrPlain, AES_BLOCK_SIZE*4);
AesCtrEncrypt(&dec, plain, cipher, AES_BLOCK_SIZE*4); AesCtrEncrypt(&dec, plain, cipher, AES_BLOCK_SIZE*4);

3
cyassl/ctaocrypt/aes.h
View File

@@ -76,6 +76,9 @@ typedef struct Aes {
ALIGN16 byte M0[256][AES_BLOCK_SIZE]; ALIGN16 byte M0[256][AES_BLOCK_SIZE];
#endif /* GCM_TABLE */ #endif /* GCM_TABLE */
#endif /* HAVE_AESGCM */ #endif /* HAVE_AESGCM */
#ifdef CYASSL_AESNI
byte use_aesni;
#endif /* CYASSL_AESNI */
} Aes; } Aes;

1
cyassl/internal.h
View File

@@ -342,6 +342,7 @@ enum Misc {
TLSv1_MINOR = 1, /* TLSv1 minor version number */ TLSv1_MINOR = 1, /* TLSv1 minor version number */
TLSv1_1_MINOR = 2, /* TLSv1_1 minor version number */ TLSv1_1_MINOR = 2, /* TLSv1_1 minor version number */
TLSv1_2_MINOR = 3, /* TLSv1_2 minor version number */ TLSv1_2_MINOR = 3, /* TLSv1_2 minor version number */
INVALID_BYTE = 0xff, /* Used to initialize cipher specs values */
NO_COMPRESSION = 0, NO_COMPRESSION = 0,
ZLIB_COMPRESSION = 221, /* CyaSSL zlib compression */ ZLIB_COMPRESSION = 221, /* CyaSSL zlib compression */
HELLO_EXT_SIG_ALGO = 13, /* ID for the sig_algo hello extension */ HELLO_EXT_SIG_ALGO = 13, /* ID for the sig_algo hello extension */

4
cyassl/version.h
View File

@@ -26,8 +26,8 @@
extern "C" { extern "C" {
#endif #endif
#define LIBCYASSL_VERSION_STRING "2.3.1" #define LIBCYASSL_VERSION_STRING "2.4.0"
#define LIBCYASSL_VERSION_HEX 0x02003001 #define LIBCYASSL_VERSION_HEX 0x02004000
#ifdef __cplusplus #ifdef __cplusplus
} }

18
src/internal.c
View File

@@ -498,11 +498,11 @@ void FreeCiphers(CYASSL* ssl)
void InitCipherSpecs(CipherSpecs* cs) void InitCipherSpecs(CipherSpecs* cs)
{ {
cs->bulk_cipher_algorithm = -1; cs->bulk_cipher_algorithm = INVALID_BYTE;
cs->cipher_type = -1; cs->cipher_type = INVALID_BYTE;
cs->mac_algorithm = -1; cs->mac_algorithm = INVALID_BYTE;
cs->kea = -1; cs->kea = INVALID_BYTE;
cs->sig_algo = -1; cs->sig_algo = INVALID_BYTE;
cs->hash_size = 0; cs->hash_size = 0;
cs->static_ecdh = 0; cs->static_ecdh = 0;
@@ -7110,15 +7110,17 @@ int SetCipherList(Suites* s, const char* list)
b = input[i++]; b = input[i++];
if (b) { if (b) {
byte cookie[MAX_COOKIE_LEN]; byte cookie[MAX_COOKIE_LEN];
byte cookieSz;
if (b > MAX_COOKIE_LEN) if (b > MAX_COOKIE_LEN)
return BUFFER_ERROR; return BUFFER_ERROR;
if (i + b > totalSz) if (i + b > totalSz)
return INCOMPLETE_DATA; return INCOMPLETE_DATA;
cookieSz = EmbedGenerateCookie(cookie, COOKIE_SZ, ssl); if ((EmbedGenerateCookie(cookie, COOKIE_SZ, ssl)
if ((b != cookieSz) || XMEMCMP(cookie, input + i, b) != 0) != COOKIE_SZ)
|| (b != COOKIE_SZ)
|| (XMEMCMP(cookie, input + i, b) != 0)) {
return COOKIE_ERROR; return COOKIE_ERROR;
}
i += b; i += b;
} }
} }

2
src/io.c
View File

@@ -320,7 +320,7 @@ int EmbedReceiveFrom(CYASSL *ssl, char *buf, int sz, void *ctx)
else { else {
if (dtlsCtx != NULL if (dtlsCtx != NULL
&& dtlsCtx->peer.sz > 0 && dtlsCtx->peer.sz > 0
&& peerSz != dtlsCtx->peer.sz && peerSz != (XSOCKLENT)dtlsCtx->peer.sz
&& memcmp(&peer, dtlsCtx->peer.sa, peerSz) != 0) { && memcmp(&peer, dtlsCtx->peer.sa, peerSz) != 0) {
CYASSL_MSG(" Ignored packet from invalid peer"); CYASSL_MSG(" Ignored packet from invalid peer");
return IO_ERR_WANT_READ; return IO_ERR_WANT_READ;

2
src/tls.c
View File

@@ -374,7 +374,7 @@ void TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
c16toa((word16)sz, length); c16toa((word16)sz, length);
#ifdef CYASSL_DTLS #ifdef CYASSL_DTLS
if (ssl->options.dtls) if (ssl->options.dtls)
c16toa(GetEpoch(ssl, verify), seq); c16toa((word16)GetEpoch(ssl, verify), seq);
#endif #endif
c32toa(GetSEQIncrement(ssl, verify), &seq[sizeof(word32)]); c32toa(GetSEQIncrement(ssl, verify), &seq[sizeof(word32)]);