feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge branch 'master' of github.com:cyassl/cyassl

Browse Source
This commit is contained in:
toddouska
2013-03-20 10:21:05 -07:00
parent 8564014983 692dc09d10
commit e19c65da8b
12 changed files with 392 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
commit-tests.sh
View File

@ -23,7 +23,7 @@ RESULT=$?
# make sure full config is ok
echo -e "\n\nTesting full config as well...\n\n"
./configure --enable-opensslextra --enable-fastmath --enable-dtls --enable-aesgcm --enable-aesccm --enable-hc128 --enable-sniffer --enable-psk --enable-rabbit --enable-camellia;
./configure --enable-opensslextra --enable-ecc --enable-dtls --enable-aesgcm --enable-aesccm --enable-hc128 --enable-sniffer --enable-psk --enable-rabbit --enable-camellia;
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nFull config ./configure failed" && exit 1

4
configure.ac
View File

@ -1145,9 +1145,10 @@ AC_ARG_WITH([libz],
else
AC_MSG_RESULT([yes])
fi
ENABLED_LIBZ="yes"
]
)
AM_CONDITIONAL([BUILD_LIBZ], [test "x$ENABLED_LIBZ" = "xyes"])
# cavium
@ -1295,6 +1296,7 @@ echo " * CRL: $ENABLED_CRL"
echo " * CRL-MONITOR: $ENABLED_CRL_MONITOR"
echo " * NTRU: $ENABLED_NTRU"
echo " * valgrind unit tests: $ENABLED_VALGRIND"
echo " * LIBZ: $ENABLED_LIBZ"
echo " * Examples: $ENABLED_EXAMPLES"
echo ""
echo "---"

147
ctaocrypt/src/compress.c Normal file
View File

@ -0,0 +1,147 @@
/* compress.c
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#ifdef HAVE_LIBZ
#include <cyassl/ctaocrypt/compress.h>
#include <cyassl/ctaocrypt/error.h>
#include <cyassl/ctaocrypt/logging.h>
#ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h>
#else
#include <ctaocrypt/src/misc.c>
#endif
#include <zlib.h>
#define DEFLATE_DEFAULT_WINDOWBITS 15
#define DEFLATE_DEFAULT_MEMLEVEL 8
int Compress(byte* out, word32 outSz, const byte* in, word32 inSz, word32 flags)
/*
* out - pointer to destination buffer
* outSz - size of destination buffer
* in - pointer to source buffer to compress
* inSz - size of source to compress
* flags - flags to control how compress operates
*
* return:
* negative - error code
* positive - bytes stored in out buffer
*
* Note, the output buffer still needs to be larger than the input buffer.
* The right chunk of data won't compress at all, and the lookup table will
* add to the size of the output. The libz code says the compressed
* buffer should be srcSz + 0.1% + 12.
*/
{
z_stream stream;
int result = 0;
stream.next_in = (Bytef*)in;
stream.avail_in = (uInt)inSz;
#ifdef MAXSEG_64K
/* Check for source > 64K on 16-bit machine: */
if ((uLong)stream.avail_in != inSz) return COMPRESS_INIT_E;
#endif
stream.next_out = out;
stream.avail_out = (uInt)outSz;
if ((uLong)stream.avail_out != outSz) return COMPRESS_INIT_E;
stream.zalloc = (alloc_func)0;
stream.zfree = (free_func)0;
stream.opaque = (voidpf)0;
if (deflateInit2(&stream, Z_DEFAULT_COMPRESSION, Z_DEFLATED,
DEFLATE_DEFAULT_WINDOWBITS, DEFLATE_DEFAULT_MEMLEVEL,
flags ? Z_FIXED : Z_DEFAULT_STRATEGY) != Z_OK)
return COMPRESS_INIT_E;
if (deflate(&stream, Z_FINISH) != Z_STREAM_END) {
deflateEnd(&stream);
return COMPRESS_E;
}
result = (int)stream.total_out;
if (deflateEnd(&stream) != Z_OK)
result = COMPRESS_E;
return result;
}
int DeCompress(byte* out, word32 outSz, const byte* in, word32 inSz)
/*
* out - pointer to destination buffer
* outSz - size of destination buffer
* in - pointer to source buffer to compress
* inSz - size of source to compress
* flags - flags to control how compress operates
*
* return:
* negative - error code
* positive - bytes stored in out buffer
*/
{
z_stream stream;
int result = 0;
stream.next_in = (Bytef*)in;
stream.avail_in = (uInt)inSz;
/* Check for source > 64K on 16-bit machine: */
if ((uLong)stream.avail_in != inSz) return DECOMPRESS_INIT_E;
stream.next_out = out;
stream.avail_out = (uInt)outSz;
if ((uLong)stream.avail_out != outSz) return DECOMPRESS_INIT_E;
stream.zalloc = (alloc_func)0;
stream.zfree = (free_func)0;
if (inflateInit(&stream) != Z_OK)
return DECOMPRESS_INIT_E;
if (inflate(&stream, Z_FINISH) != Z_STREAM_END) {
inflateEnd(&stream);
return DECOMPRESS_E;
}
result = (int)stream.total_out;
if (inflateEnd(&stream) != Z_OK)
result = DECOMPRESS_E;
return result;
}
#endif /* HAVE_LIBZ */

16
ctaocrypt/src/error.c
View File

@ -281,6 +281,22 @@ void CTaoCryptErrorString(int error, char* buffer)
XSTRNCPY(buffer, "Cavium Init type error", max);
break;
case COMPRESS_INIT_E:
XSTRNCPY(buffer, "Compress Init error", max);
break;
case COMPRESS_E:
XSTRNCPY(buffer, "Compress error", max);
break;
case DECOMPRESS_INIT_E:
XSTRNCPY(buffer, "DeCompress Init error", max);
break;
case DECOMPRESS_E:
XSTRNCPY(buffer, "DeCompress error", max);
break;
default:
XSTRNCPY(buffer, "unknown error number", max);

130
ctaocrypt/test/test.c
View File

@ -51,6 +51,9 @@
#ifdef HAVE_ECC
#include <cyassl/ctaocrypt/ecc.h>
#endif
#ifdef HAVE_LIBZ
#include <cyassl/ctaocrypt/compress.h>
#endif
#ifdef _MSC_VER
/* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
@ -138,6 +141,9 @@ int pbkdf2_test(void);
#ifdef HAVE_ECC
int ecc_test(void);
#endif
#ifdef HAVE_LIBZ
int compress_test(void);
#endif
@ -374,6 +380,12 @@ void ctaocrypt_test(void* args)
printf( "ECC test passed!\n");
#endif
#ifdef HAVE_LIBZ
if ( (ret = compress_test()) )
err_sys("COMPRESS test failed!\n", ret);
else
printf( "COMPRESS test passed!\n");
#endif
((func_args*)args)->return_code = ret;
}
@ -3063,3 +3075,121 @@ int ecc_test(void)
}
#endif /* HAVE_ECC */
#ifdef HAVE_LIBZ
const byte sample_text[] =
"Biodiesel cupidatat marfa, cliche aute put a bird on it incididunt elit\n"
"polaroid. Sunt tattooed bespoke reprehenderit. Sint twee organic id\n"
"marfa. Commodo veniam ad esse gastropub. 3 wolf moon sartorial vero,\n"
"plaid delectus biodiesel squid +1 vice. Post-ironic keffiyeh leggings\n"
"selfies cray fap hoodie, forage anim. Carles cupidatat shoreditch, VHS\n"
"small batch meggings kogi dolore food truck bespoke gastropub.\n"
"\n"
"Terry richardson adipisicing actually typewriter tumblr, twee whatever\n"
"four loko you probably haven't heard of them high life. Messenger bag\n"
"whatever tattooed deep v mlkshk. Brooklyn pinterest assumenda chillwave\n"
"et, banksy ullamco messenger bag umami pariatur direct trade forage.\n"
"Typewriter culpa try-hard, pariatur sint brooklyn meggings. Gentrify\n"
"food truck next level, tousled irony non semiotics PBR ethical anim cred\n"
"readymade. Mumblecore brunch lomo odd future, portland organic terry\n"
"richardson elit leggings adipisicing ennui raw denim banjo hella. Godard\n"
"mixtape polaroid, pork belly readymade organic cray typewriter helvetica\n"
"four loko whatever street art yr farm-to-table.\n"
"\n"
"Vinyl keytar vice tofu. Locavore you probably haven't heard of them pug\n"
"pickled, hella tonx labore truffaut DIY mlkshk elit cosby sweater sint\n"
"et mumblecore. Elit swag semiotics, reprehenderit DIY sartorial nisi ugh\n"
"nesciunt pug pork belly wayfarers selfies delectus. Ethical hoodie\n"
"seitan fingerstache kale chips. Terry richardson artisan williamsburg,\n"
"eiusmod fanny pack irony tonx ennui lo-fi incididunt tofu YOLO\n"
"readymade. 8-bit sed ethnic beard officia. Pour-over iphone DIY butcher,\n"
"ethnic art party qui letterpress nisi proident jean shorts mlkshk\n"
"locavore.\n"
"\n"
"Narwhal flexitarian letterpress, do gluten-free voluptate next level\n"
"banh mi tonx incididunt carles DIY. Odd future nulla 8-bit beard ut\n"
"cillum pickled velit, YOLO officia you probably haven't heard of them\n"
"trust fund gastropub. Nisi adipisicing tattooed, Austin mlkshk 90's\n"
"small batch american apparel. Put a bird on it cosby sweater before they\n"
"sold out pork belly kogi hella. Street art mollit sustainable polaroid,\n"
"DIY ethnic ea pug beard dreamcatcher cosby sweater magna scenester nisi.\n"
"Sed pork belly skateboard mollit, labore proident eiusmod. Sriracha\n"
"excepteur cosby sweater, anim deserunt laborum eu aliquip ethical et\n"
"neutra PBR selvage.\n"
"\n"
"Raw denim pork belly truffaut, irony plaid sustainable put a bird on it\n"
"next level jean shorts exercitation. Hashtag keytar whatever, nihil\n"
"authentic aliquip disrupt laborum. Tattooed selfies deserunt trust fund\n"
"wayfarers. 3 wolf moon synth church-key sartorial, gastropub leggings\n"
"tattooed. Labore high life commodo, meggings raw denim fingerstache pug\n"
"trust fund leggings seitan forage. Nostrud ullamco duis, reprehenderit\n"
"incididunt flannel sustainable helvetica pork belly pug banksy you\n"
"probably haven't heard of them nesciunt farm-to-table. Disrupt nostrud\n"
"mollit magna, sriracha sartorial helvetica.\n"
"\n"
"Nulla kogi reprehenderit, skateboard sustainable duis adipisicing viral\n"
"ad fanny pack salvia. Fanny pack trust fund you probably haven't heard\n"
"of them YOLO vice nihil. Keffiyeh cray lo-fi pinterest cardigan aliqua,\n"
"reprehenderit aute. Culpa tousled williamsburg, marfa lomo actually anim\n"
"skateboard. Iphone aliqua ugh, semiotics pariatur vero readymade\n"
"organic. Marfa squid nulla, in laborum disrupt laboris irure gastropub.\n"
"Veniam sunt food truck leggings, sint vinyl fap.\n"
"\n"
"Hella dolore pork belly, truffaut carles you probably haven't heard of\n"
"them PBR helvetica in sapiente. Fashion axe ugh bushwick american\n"
"apparel. Fingerstache sed iphone, jean shorts blue bottle nisi bushwick\n"
"flexitarian officia veniam plaid bespoke fap YOLO lo-fi. Blog\n"
"letterpress mumblecore, food truck id cray brooklyn cillum ad sed.\n"
"Assumenda chambray wayfarers vinyl mixtape sustainable. VHS vinyl\n"
"delectus, culpa williamsburg polaroid cliche swag church-key synth kogi\n"
"magna pop-up literally. Swag thundercats ennui shoreditch vegan\n"
"pitchfork neutra truffaut etsy, sed single-origin coffee craft beer.\n"
"\n"
"Odio letterpress brooklyn elit. Nulla single-origin coffee in occaecat\n"
"meggings. Irony meggings 8-bit, chillwave lo-fi adipisicing cred\n"
"dreamcatcher veniam. Put a bird on it irony umami, trust fund bushwick\n"
"locavore kale chips. Sriracha swag thundercats, chillwave disrupt\n"
"tousled beard mollit mustache leggings portland next level. Nihil esse\n"
"est, skateboard art party etsy thundercats sed dreamcatcher ut iphone\n"
"swag consectetur et. Irure skateboard banjo, nulla deserunt messenger\n"
"bag dolor terry richardson sapiente.\n";
int compress_test(void)
{
int ret = 0;
word32 dSz = sizeof(sample_text);
word32 cSz = (dSz + (word32)(dSz * 0.001) + 12);
byte *c = NULL;
byte *d = NULL;
c = calloc(cSz, sizeof(byte));
d = calloc(dSz, sizeof(byte));
if (c == NULL || d == NULL)
ret = -300;
if (ret == 0 &&
(ret = Compress(c, cSz, sample_text, dSz, 0)) < 0)
ret = -301;
if (ret > 0) {
cSz = (word32)ret;
ret = 0;
}
if (ret == 0 && DeCompress(d, dSz, c, cSz) != (int)dSz)
ret = -302;
if (ret == 0 && memcmp(d, sample_text, dSz))
ret = -303;
if (c) free(c);
if (d) free(d);
return ret;
}
#endif /* HAVE_LIBZ */

52
cyassl/ctaocrypt/compress.h Normal file
View File

@ -0,0 +1,52 @@
/* compress.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifdef HAVE_LIBZ
#ifndef CTAO_CRYPT_COMPRESS_H
#define CTAO_CRYPT_COMPRESS_H
#include <cyassl/ctaocrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
#define COMPRESS_FIXED 4
CYASSL_API int Compress(byte*, word32, const byte*, word32, word32);
CYASSL_API int DeCompress(byte*, word32, const byte*, word32);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* CTAO_CRYPT_COMPRESS_H */
#endif /* HAVE_LIBZ */

5
cyassl/ctaocrypt/error.h
View File

@ -103,6 +103,11 @@ enum {
CAVIUM_INIT_E = -182, /* Cavium Init type error */
COMPRESS_INIT_E = -183, /* Compress init error */
COMPRESS_E = -184, /* Compress error */
DECOMPRESS_INIT_E = -185, /* DeCompress init error */
DECOMPRESS_E = -186, /* DeCompress error */
MIN_CODE_E = -200 /* errors -101 - -199 */
};

1
cyassl/ctaocrypt/include.am
View File

@ -8,6 +8,7 @@ nobase_include_HEADERS+= \
cyassl/ctaocrypt/asn_public.h \
cyassl/ctaocrypt/camellia.h \
cyassl/ctaocrypt/coding.h \
cyassl/ctaocrypt/compress.h \
cyassl/ctaocrypt/des3.h \
cyassl/ctaocrypt/dh.h \
cyassl/ctaocrypt/dsa.h \

4
src/include.am
View File

@ -132,3 +132,7 @@ src_libcyassl_la_CFLAGS += $(PTHREAD_CFLAGS)
src_libcyassl_la_LIBADD += $(PTHREAD_LIBS)
endif
if BUILD_LIBZ
src_libcyassl_la_SOURCES += ctaocrypt/src/compress.c
endif

35
src/internal.c
View File

@ -282,7 +282,7 @@ static INLINE void ato32(const byte* c, word32* u32)
/* compress in to out, return out size or error */
static int Compress(CYASSL* ssl, byte* in, int inSz, byte* out, int outSz)
static int myCompress(CYASSL* ssl, byte* in, int inSz, byte* out, int outSz)
{
int err;
int currTotal = (int)ssl->c_stream.total_out;
@ -300,7 +300,7 @@ static INLINE void ato32(const byte* c, word32* u32)
/* decompress in to out, returnn out size or error */
static int DeCompress(CYASSL* ssl, byte* in, int inSz, byte* out, int outSz)
static int myDeCompress(CYASSL* ssl, byte* in,int inSz, byte* out,int outSz)
{
int err;
int currTotal = (int)ssl->d_stream.total_out;
@ -1010,14 +1010,14 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
#endif
#ifdef BUILD_TLS_PSK_WITH_NULL_SHA256
if (tls & havePSK) {
if (tls && havePSK) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_PSK_WITH_NULL_SHA256;
}
#endif
#ifdef BUILD_TLS_PSK_WITH_NULL_SHA
if (tls & havePSK) {
if (tls && havePSK) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_PSK_WITH_NULL_SHA;
}
@ -1135,8 +1135,10 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
suites->hashSigAlgo[idx++] = sha256_mac;
suites->hashSigAlgo[idx++] = ecc_dsa_sa_algo;
#endif
suites->hashSigAlgo[idx++] = sha_mac;
suites->hashSigAlgo[idx++] = ecc_dsa_sa_algo;
#ifndef NO_SHA
suites->hashSigAlgo[idx++] = sha_mac;
suites->hashSigAlgo[idx++] = ecc_dsa_sa_algo;
#endif
}
if (haveRSAsig) {
@ -1148,8 +1150,10 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
suites->hashSigAlgo[idx++] = sha256_mac;
suites->hashSigAlgo[idx++] = rsa_sa_algo;
#endif
suites->hashSigAlgo[idx++] = sha_mac;
suites->hashSigAlgo[idx++] = rsa_sa_algo;
#ifndef NO_SHA
suites->hashSigAlgo[idx++] = sha_mac;
suites->hashSigAlgo[idx++] = rsa_sa_algo;
#endif
}
suites->hashSigAlgoSz = idx;
@ -4083,7 +4087,7 @@ int DoApplicationData(CYASSL* ssl, byte* input, word32* inOutIdx)
#ifdef HAVE_LIBZ
if (ssl->options.usingCompression) {
dataSz = DeCompress(ssl, rawData, dataSz, decomp, sizeof(decomp));
dataSz = myDeCompress(ssl, rawData, dataSz, decomp, sizeof(decomp));
if (dataSz < 0) return dataSz;
}
#endif
@ -5097,7 +5101,7 @@ int SendData(CYASSL* ssl, const void* data, int sz)
#ifdef HAVE_LIBZ
if (ssl->options.usingCompression) {
buffSz = Compress(ssl, sendBuffer, buffSz, comp, sizeof(comp));
buffSz = myCompress(ssl, sendBuffer, buffSz, comp, sizeof(comp));
if (buffSz < 0) {
return buffSz;
}
@ -7157,6 +7161,8 @@ int SetCipherList(Suites* s, const char* list)
pms += 2;
XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz);
ssl->arrays->preMasterSz = ssl->arrays->psk_keySz * 2 + 4;
XMEMSET(ssl->arrays->psk_key, 0, ssl->arrays->psk_keySz);
ssl->arrays->psk_keySz = 0; /* No further need */
}
break;
#endif /* NO_PSK */
@ -7313,6 +7319,9 @@ int SetCipherList(Suites* s, const char* list)
ret = tmpRet; /* save WANT_WRITE unless more serious */
ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE;
}
/* No further need for PMS */
XMEMSET(ssl->arrays->preMasterSecret, 0, ssl->arrays->preMasterSz);
ssl->arrays->preMasterSz = 0;
return ret;
}
@ -9513,6 +9522,9 @@ int SetCipherList(Suites* s, const char* list)
ssl->arrays->preMasterSz = ssl->arrays->psk_keySz * 2 + 4;
ret = MakeMasterSecret(ssl);
/* No further need for PSK */
XMEMSET(ssl->arrays->psk_key, 0, ssl->arrays->psk_keySz);
ssl->arrays->psk_keySz = 0;
}
break;
#endif /* NO_PSK */
@ -9620,6 +9632,9 @@ int SetCipherList(Suites* s, const char* list)
}
break;
}
/* No further need for PMS */
XMEMSET(ssl->arrays->preMasterSecret, 0, ssl->arrays->preMasterSz);
ssl->arrays->preMasterSz = 0;
if (ret == 0) {
ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE;

6
src/ssl.c
View File

@ -1178,6 +1178,7 @@ int CyaSSL_Init(void)
int ret;
int dynamicType = 0;
int eccKey = 0;
int rsaKey = 0;
void* heap = ctx ? ctx->heap : NULL;
info.set = 0;
@ -1416,12 +1417,14 @@ int CyaSSL_Init(void)
FreeRsaKey(&key);
return SSL_BAD_FILE;
}
} else {
rsaKey = 1;
}
FreeRsaKey(&key);
}
#endif
#ifdef HAVE_ECC
if (eccKey ) {
if (!rsaKey) {
/* make sure ECC key can be used */
word32 idx = 0;
ecc_key key;
@ -1432,6 +1435,7 @@ int CyaSSL_Init(void)
return SSL_BAD_FILE;
}
ecc_free(&key);
eccKey = 1;
ctx->haveStaticECC = 1;
if (ssl)
ssl->options.haveStaticECC = 1;

3
src/tls.c
View File

@ -123,6 +123,9 @@ static void p_hash(byte* result, word32 resLen, const byte* secret,
HmacFinal(&hmac, previous);
}
}
XMEMSET(previous, 0, sizeof previous);
XMEMSET(current, 0, sizeof current);
XMEMSET(&hmac, 0, sizeof hmac);
}