From fc928e7725ae9fc987b030be22a49831a7430dbd Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 19 Mar 2013 16:25:58 -0700 Subject: [PATCH 1/6] added stubs and a test for ctaocrypt compress --- configure.ac | 4 +- ctaocrypt/src/compress.c | 77 ++++++++++++++++++++++ ctaocrypt/test/test.c | 124 ++++++++++++++++++++++++++++++++++++ cyassl/ctaocrypt/compress.h | 52 +++++++++++++++ cyassl/ctaocrypt/include.am | 1 + src/include.am | 4 ++ 6 files changed, 261 insertions(+), 1 deletion(-) create mode 100644 ctaocrypt/src/compress.c create mode 100644 cyassl/ctaocrypt/compress.h diff --git a/configure.ac b/configure.ac index 63a1cc0b4..f73e88d70 100644 --- a/configure.ac +++ b/configure.ac @@ -1125,9 +1125,10 @@ AC_ARG_WITH([libz], else AC_MSG_RESULT([yes]) fi - + ENABLED_LIBZ="yes" ] ) +AM_CONDITIONAL([BUILD_LIBZ], [test "x$ENABLED_LIBZ" = "xyes"]) # cavium @@ -1275,6 +1276,7 @@ echo " * CRL: $ENABLED_CRL" echo " * CRL-MONITOR: $ENABLED_CRL_MONITOR" echo " * NTRU: $ENABLED_NTRU" echo " * valgrind unit tests: $ENABLED_VALGRIND" +echo " * LIBZ: $ENABLED_LIBZ" echo " * Examples: $ENABLED_EXAMPLES" echo "" echo "---" diff --git a/ctaocrypt/src/compress.c b/ctaocrypt/src/compress.c new file mode 100644 index 000000000..35291092b --- /dev/null +++ b/ctaocrypt/src/compress.c @@ -0,0 +1,77 @@ +/* compress.c + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +#ifdef HAVE_CONFIG_H + #include +#endif + + +#ifdef HAVE_LIBZ + + +#include +#include +#include +#ifdef NO_INLINE + #include +#else + #include +#endif + + +int Compress(byte* out, word32 outSz, const byte* in, word32 inSz, word32 flags) +/* + * out - pointer to destination buffer + * outSz - size of destination buffer + * in - pointer to source buffer to compress + * inSz - size of source to compress + * flags - flags to control how compress operates + * + * return: + * negative - error code + * positive - bytes stored in out buffer + * + * Note, the output buffer still needs to be larger than the input buffer. + * The right chunk of data won't compress at all, and the lookup table will + * add to the size of the output. The libz code says the compressed + * buffer should be srcSz + 0.1% + 12. + */ +{ + word32 copySz = outSz <= inSz ? outSz : inSz; + (void)flags; + XMEMMOVE(out, in, copySz); + + return (int)copySz; +} + + +int DeCompress(byte* out, word32 outSz, const byte* in, word32 inSz) +{ + word32 copySz = outSz <= inSz ? outSz : inSz; + XMEMMOVE(out, in, copySz); + + return (int)copySz; +} + + +#endif /* HAVE_LIBZ */ + diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index fd1e9509e..411b5435c 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -51,6 +51,9 @@ #ifdef HAVE_ECC #include #endif +#ifdef HAVE_LIBZ + #include +#endif #ifdef _MSC_VER /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ @@ -138,6 +141,9 @@ int pbkdf2_test(void); #ifdef HAVE_ECC int ecc_test(void); #endif +#ifdef HAVE_LIBZ + int compress_test(void); +#endif @@ -374,6 +380,12 @@ void ctaocrypt_test(void* args) printf( "ECC test passed!\n"); #endif +#ifdef HAVE_LIBZ + if ( (ret = compress_test()) ) + err_sys("COMPRESS test failed!\n", ret); + else + printf( "COMPRESS test passed!\n"); +#endif ((func_args*)args)->return_code = ret; } @@ -3063,3 +3075,115 @@ int ecc_test(void) } #endif /* HAVE_ECC */ + +#ifdef HAVE_LIBZ + +const byte sample_text[] = + "Biodiesel cupidatat marfa, cliche aute put a bird on it incididunt elit\n" + "polaroid. Sunt tattooed bespoke reprehenderit. Sint twee organic id\n" + "marfa. Commodo veniam ad esse gastropub. 3 wolf moon sartorial vero,\n" + "plaid delectus biodiesel squid +1 vice. Post-ironic keffiyeh leggings\n" + "selfies cray fap hoodie, forage anim. Carles cupidatat shoreditch, VHS\n" + "small batch meggings kogi dolore food truck bespoke gastropub.\n" + "\n" + "Terry richardson adipisicing actually typewriter tumblr, twee whatever\n" + "four loko you probably haven't heard of them high life. Messenger bag\n" + "whatever tattooed deep v mlkshk. Brooklyn pinterest assumenda chillwave\n" + "et, banksy ullamco messenger bag umami pariatur direct trade forage.\n" + "Typewriter culpa try-hard, pariatur sint brooklyn meggings. Gentrify\n" + "food truck next level, tousled irony non semiotics PBR ethical anim cred\n" + "readymade. Mumblecore brunch lomo odd future, portland organic terry\n" + "richardson elit leggings adipisicing ennui raw denim banjo hella. Godard\n" + "mixtape polaroid, pork belly readymade organic cray typewriter helvetica\n" + "four loko whatever street art yr farm-to-table.\n" + "\n" + "Vinyl keytar vice tofu. Locavore you probably haven't heard of them pug\n" + "pickled, hella tonx labore truffaut DIY mlkshk elit cosby sweater sint\n" + "et mumblecore. Elit swag semiotics, reprehenderit DIY sartorial nisi ugh\n" + "nesciunt pug pork belly wayfarers selfies delectus. Ethical hoodie\n" + "seitan fingerstache kale chips. Terry richardson artisan williamsburg,\n" + "eiusmod fanny pack irony tonx ennui lo-fi incididunt tofu YOLO\n" + "readymade. 8-bit sed ethnic beard officia. Pour-over iphone DIY butcher,\n" + "ethnic art party qui letterpress nisi proident jean shorts mlkshk\n" + "locavore.\n" + "\n" + "Narwhal flexitarian letterpress, do gluten-free voluptate next level\n" + "banh mi tonx incididunt carles DIY. Odd future nulla 8-bit beard ut\n" + "cillum pickled velit, YOLO officia you probably haven't heard of them\n" + "trust fund gastropub. Nisi adipisicing tattooed, Austin mlkshk 90's\n" + "small batch american apparel. Put a bird on it cosby sweater before they\n" + "sold out pork belly kogi hella. Street art mollit sustainable polaroid,\n" + "DIY ethnic ea pug beard dreamcatcher cosby sweater magna scenester nisi.\n" + "Sed pork belly skateboard mollit, labore proident eiusmod. Sriracha\n" + "excepteur cosby sweater, anim deserunt laborum eu aliquip ethical et\n" + "neutra PBR selvage.\n" + "\n" + "Raw denim pork belly truffaut, irony plaid sustainable put a bird on it\n" + "next level jean shorts exercitation. Hashtag keytar whatever, nihil\n" + "authentic aliquip disrupt laborum. Tattooed selfies deserunt trust fund\n" + "wayfarers. 3 wolf moon synth church-key sartorial, gastropub leggings\n" + "tattooed. Labore high life commodo, meggings raw denim fingerstache pug\n" + "trust fund leggings seitan forage. Nostrud ullamco duis, reprehenderit\n" + "incididunt flannel sustainable helvetica pork belly pug banksy you\n" + "probably haven't heard of them nesciunt farm-to-table. Disrupt nostrud\n" + "mollit magna, sriracha sartorial helvetica.\n" + "\n" + "Nulla kogi reprehenderit, skateboard sustainable duis adipisicing viral\n" + "ad fanny pack salvia. Fanny pack trust fund you probably haven't heard\n" + "of them YOLO vice nihil. Keffiyeh cray lo-fi pinterest cardigan aliqua,\n" + "reprehenderit aute. Culpa tousled williamsburg, marfa lomo actually anim\n" + "skateboard. Iphone aliqua ugh, semiotics pariatur vero readymade\n" + "organic. Marfa squid nulla, in laborum disrupt laboris irure gastropub.\n" + "Veniam sunt food truck leggings, sint vinyl fap.\n" + "\n" + "Hella dolore pork belly, truffaut carles you probably haven't heard of\n" + "them PBR helvetica in sapiente. Fashion axe ugh bushwick american\n" + "apparel. Fingerstache sed iphone, jean shorts blue bottle nisi bushwick\n" + "flexitarian officia veniam plaid bespoke fap YOLO lo-fi. Blog\n" + "letterpress mumblecore, food truck id cray brooklyn cillum ad sed.\n" + "Assumenda chambray wayfarers vinyl mixtape sustainable. VHS vinyl\n" + "delectus, culpa williamsburg polaroid cliche swag church-key synth kogi\n" + "magna pop-up literally. Swag thundercats ennui shoreditch vegan\n" + "pitchfork neutra truffaut etsy, sed single-origin coffee craft beer.\n" + "\n" + "Odio letterpress brooklyn elit. Nulla single-origin coffee in occaecat\n" + "meggings. Irony meggings 8-bit, chillwave lo-fi adipisicing cred\n" + "dreamcatcher veniam. Put a bird on it irony umami, trust fund bushwick\n" + "locavore kale chips. Sriracha swag thundercats, chillwave disrupt\n" + "tousled beard mollit mustache leggings portland next level. Nihil esse\n" + "est, skateboard art party etsy thundercats sed dreamcatcher ut iphone\n" + "swag consectetur et. Irure skateboard banjo, nulla deserunt messenger\n" + "bag dolor terry richardson sapiente.\n"; + + +int compress_test(void) +{ + int ret = 0; + word32 dSz = sizeof(sample_text); + word32 cSz = (dSz + (word32)(dSz * 0.001) + 12); + byte *c = NULL; + byte *d = NULL; + + c = calloc(cSz, sizeof(byte)); + d = calloc(dSz, sizeof(byte)); + + if (c == NULL || d == NULL) + ret = -300; + + if (ret == 0 && Compress(c, cSz, sample_text, dSz, 0) < 0) + ret = -301; + + if (ret == 0 && DeCompress(d, dSz, c, cSz) != (int)dSz) + ret = -302; + + if (ret == 0 && memcmp(d, sample_text, dSz)) + ret = -303; + + if (c) free(c); + if (d) free(d); + + return ret; +} + +#endif /* HAVE_LIBZ */ + diff --git a/cyassl/ctaocrypt/compress.h b/cyassl/ctaocrypt/compress.h new file mode 100644 index 000000000..8d2a026ca --- /dev/null +++ b/cyassl/ctaocrypt/compress.h @@ -0,0 +1,52 @@ +/* compress.h + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +#ifdef HAVE_LIBZ + +#ifndef CTAO_CRYPT_COMPRESS_H +#define CTAO_CRYPT_COMPRESS_H + + +#include + + +#ifdef __cplusplus + extern "C" { +#endif + + +#define COMPRESS_FIXED 4 + + +CYASSL_API int Compress(byte*, word32, const byte*, word32, word32); +CYASSL_API int DeCompress(byte*, word32, const byte*, word32); + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* CTAO_CRYPT_COMPRESS_H */ + +#endif /* HAVE_LIBZ */ + diff --git a/cyassl/ctaocrypt/include.am b/cyassl/ctaocrypt/include.am index d7b54990b..18c3c0d9c 100644 --- a/cyassl/ctaocrypt/include.am +++ b/cyassl/ctaocrypt/include.am @@ -8,6 +8,7 @@ nobase_include_HEADERS+= \ cyassl/ctaocrypt/asn_public.h \ cyassl/ctaocrypt/camellia.h \ cyassl/ctaocrypt/coding.h \ + cyassl/ctaocrypt/compress.h \ cyassl/ctaocrypt/des3.h \ cyassl/ctaocrypt/dh.h \ cyassl/ctaocrypt/dsa.h \ diff --git a/src/include.am b/src/include.am index 4807557b2..a227827a1 100644 --- a/src/include.am +++ b/src/include.am @@ -132,3 +132,7 @@ src_libcyassl_la_CFLAGS += $(PTHREAD_CFLAGS) src_libcyassl_la_LIBADD += $(PTHREAD_LIBS) endif +if BUILD_LIBZ +src_libcyassl_la_SOURCES += ctaocrypt/src/compress.c +endif + From e8b9651075317981902bbee8325179a7f1902e29 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 19 Mar 2013 16:44:50 -0700 Subject: [PATCH 2/6] hid the internal compress functions from the cryptlib versions --- src/internal.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/internal.c b/src/internal.c index bb3825acd..305695a67 100644 --- a/src/internal.c +++ b/src/internal.c @@ -282,7 +282,7 @@ static INLINE void ato32(const byte* c, word32* u32) /* compress in to out, return out size or error */ - static int Compress(CYASSL* ssl, byte* in, int inSz, byte* out, int outSz) + static int myCompress(CYASSL* ssl, byte* in, int inSz, byte* out, int outSz) { int err; int currTotal = (int)ssl->c_stream.total_out; @@ -300,7 +300,7 @@ static INLINE void ato32(const byte* c, word32* u32) /* decompress in to out, returnn out size or error */ - static int DeCompress(CYASSL* ssl, byte* in, int inSz, byte* out, int outSz) + static int myDeCompress(CYASSL* ssl, byte* in,int inSz, byte* out,int outSz) { int err; int currTotal = (int)ssl->d_stream.total_out; @@ -4081,7 +4081,7 @@ int DoApplicationData(CYASSL* ssl, byte* input, word32* inOutIdx) #ifdef HAVE_LIBZ if (ssl->options.usingCompression) { - dataSz = DeCompress(ssl, rawData, dataSz, decomp, sizeof(decomp)); + dataSz = myDeCompress(ssl, rawData, dataSz, decomp, sizeof(decomp)); if (dataSz < 0) return dataSz; } #endif @@ -5095,7 +5095,7 @@ int SendData(CYASSL* ssl, const void* data, int sz) #ifdef HAVE_LIBZ if (ssl->options.usingCompression) { - buffSz = Compress(ssl, sendBuffer, buffSz, comp, sizeof(comp)); + buffSz = myCompress(ssl, sendBuffer, buffSz, comp, sizeof(comp)); if (buffSz < 0) { return buffSz; } From 0f8111fc77dc81dac41e16727766e6712bd9e707 Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 20 Mar 2013 09:12:00 -0700 Subject: [PATCH 3/6] zero out psk keys asap, ssn4 --- src/internal.c | 11 +++++++++++ src/tls.c | 3 +++ 2 files changed, 14 insertions(+) diff --git a/src/internal.c b/src/internal.c index 8e245b4f4..e98856313 100644 --- a/src/internal.c +++ b/src/internal.c @@ -7157,6 +7157,8 @@ int SetCipherList(Suites* s, const char* list) pms += 2; XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz); ssl->arrays->preMasterSz = ssl->arrays->psk_keySz * 2 + 4; + XMEMSET(ssl->arrays->psk_key, 0, ssl->arrays->psk_keySz); + ssl->arrays->psk_keySz = 0; /* No further need */ } break; #endif /* NO_PSK */ @@ -7313,6 +7315,9 @@ int SetCipherList(Suites* s, const char* list) ret = tmpRet; /* save WANT_WRITE unless more serious */ ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE; } + /* No further need for PMS */ + XMEMSET(ssl->arrays->preMasterSecret, 0, ssl->arrays->preMasterSz); + ssl->arrays->preMasterSz = 0; return ret; } @@ -9513,6 +9518,9 @@ int SetCipherList(Suites* s, const char* list) ssl->arrays->preMasterSz = ssl->arrays->psk_keySz * 2 + 4; ret = MakeMasterSecret(ssl); + /* No further need for PSK */ + XMEMSET(ssl->arrays->psk_key, 0, ssl->arrays->psk_keySz); + ssl->arrays->psk_keySz = 0; } break; #endif /* NO_PSK */ @@ -9620,6 +9628,9 @@ int SetCipherList(Suites* s, const char* list) } break; } + /* No further need for PMS */ + XMEMSET(ssl->arrays->preMasterSecret, 0, ssl->arrays->preMasterSz); + ssl->arrays->preMasterSz = 0; if (ret == 0) { ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE; diff --git a/src/tls.c b/src/tls.c index 67433da0e..4a89be320 100644 --- a/src/tls.c +++ b/src/tls.c @@ -123,6 +123,9 @@ static void p_hash(byte* result, word32 resLen, const byte* secret, HmacFinal(&hmac, previous); } } + XMEMSET(previous, 0, sizeof previous); + XMEMSET(current, 0, sizeof current); + XMEMSET(&hmac, 0, sizeof hmac); } From f878dbcef2eebbb017f6ddee6f19af67ce8761a8 Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 20 Mar 2013 09:18:05 -0700 Subject: [PATCH 4/6] fix ecc key load w/ no rsa, ssn5 --- src/internal.c | 16 ++++++++++------ src/ssl.c | 6 +++++- 2 files changed, 15 insertions(+), 7 deletions(-) diff --git a/src/internal.c b/src/internal.c index e98856313..90c31eefb 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1010,14 +1010,14 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK, #endif #ifdef BUILD_TLS_PSK_WITH_NULL_SHA256 - if (tls & havePSK) { + if (tls && havePSK) { suites->suites[idx++] = 0; suites->suites[idx++] = TLS_PSK_WITH_NULL_SHA256; } #endif #ifdef BUILD_TLS_PSK_WITH_NULL_SHA - if (tls & havePSK) { + if (tls && havePSK) { suites->suites[idx++] = 0; suites->suites[idx++] = TLS_PSK_WITH_NULL_SHA; } @@ -1135,8 +1135,10 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK, suites->hashSigAlgo[idx++] = sha256_mac; suites->hashSigAlgo[idx++] = ecc_dsa_sa_algo; #endif - suites->hashSigAlgo[idx++] = sha_mac; - suites->hashSigAlgo[idx++] = ecc_dsa_sa_algo; + #ifndef NO_SHA + suites->hashSigAlgo[idx++] = sha_mac; + suites->hashSigAlgo[idx++] = ecc_dsa_sa_algo; + #endif } if (haveRSAsig) { @@ -1148,8 +1150,10 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK, suites->hashSigAlgo[idx++] = sha256_mac; suites->hashSigAlgo[idx++] = rsa_sa_algo; #endif - suites->hashSigAlgo[idx++] = sha_mac; - suites->hashSigAlgo[idx++] = rsa_sa_algo; + #ifndef NO_SHA + suites->hashSigAlgo[idx++] = sha_mac; + suites->hashSigAlgo[idx++] = rsa_sa_algo; + #endif } suites->hashSigAlgoSz = idx; diff --git a/src/ssl.c b/src/ssl.c index 7a337f7ab..90e73ff47 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1178,6 +1178,7 @@ int CyaSSL_Init(void) int ret; int dynamicType = 0; int eccKey = 0; + int rsaKey = 0; void* heap = ctx ? ctx->heap : NULL; info.set = 0; @@ -1416,12 +1417,14 @@ int CyaSSL_Init(void) FreeRsaKey(&key); return SSL_BAD_FILE; } + } else { + rsaKey = 1; } FreeRsaKey(&key); } #endif #ifdef HAVE_ECC - if (eccKey ) { + if (!rsaKey) { /* make sure ECC key can be used */ word32 idx = 0; ecc_key key; @@ -1432,6 +1435,7 @@ int CyaSSL_Init(void) return SSL_BAD_FILE; } ecc_free(&key); + eccKey = 1; ctx->haveStaticECC = 1; if (ssl) ssl->options.haveStaticECC = 1; From 72c5a92bdee5c3d101f3d001768bdd48bd67a268 Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 20 Mar 2013 09:19:59 -0700 Subject: [PATCH 5/6] add ecc to commit tests, fastmath now on by default --- commit-tests.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/commit-tests.sh b/commit-tests.sh index 06408ec12..1c0a1fa8f 100755 --- a/commit-tests.sh +++ b/commit-tests.sh @@ -23,7 +23,7 @@ RESULT=$? # make sure full config is ok echo -e "\n\nTesting full config as well...\n\n" -./configure --enable-opensslextra --enable-fastmath --enable-dtls --enable-aesgcm --enable-aesccm --enable-hc128 --enable-sniffer --enable-psk --enable-rabbit --enable-camellia; +./configure --enable-opensslextra --enable-ecc --enable-dtls --enable-aesgcm --enable-aesccm --enable-hc128 --enable-sniffer --enable-psk --enable-rabbit --enable-camellia; RESULT=$? [ $RESULT -ne 0 ] && echo -e "\n\nFull config ./configure failed" && exit 1 From 615f652bd0a4ef147db6e23659e83a584c3fad64 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Wed, 20 Mar 2013 09:58:31 -0700 Subject: [PATCH 6/6] filled out our Compress and DeCompress functions, updated the test case --- ctaocrypt/src/compress.c | 84 ++++++++++++++++++++++++++++++++++++---- ctaocrypt/src/error.c | 16 ++++++++ ctaocrypt/test/test.c | 8 +++- cyassl/ctaocrypt/error.h | 5 +++ 4 files changed, 105 insertions(+), 8 deletions(-) diff --git a/ctaocrypt/src/compress.c b/ctaocrypt/src/compress.c index 35291092b..b7c9efd68 100644 --- a/ctaocrypt/src/compress.c +++ b/ctaocrypt/src/compress.c @@ -37,6 +37,12 @@ #include #endif +#include + + +#define DEFLATE_DEFAULT_WINDOWBITS 15 +#define DEFLATE_DEFAULT_MEMLEVEL 8 + int Compress(byte* out, word32 outSz, const byte* in, word32 inSz, word32 flags) /* @@ -56,20 +62,84 @@ int Compress(byte* out, word32 outSz, const byte* in, word32 inSz, word32 flags) * buffer should be srcSz + 0.1% + 12. */ { - word32 copySz = outSz <= inSz ? outSz : inSz; - (void)flags; - XMEMMOVE(out, in, copySz); + z_stream stream; + int result = 0; - return (int)copySz; + stream.next_in = (Bytef*)in; + stream.avail_in = (uInt)inSz; +#ifdef MAXSEG_64K + /* Check for source > 64K on 16-bit machine: */ + if ((uLong)stream.avail_in != inSz) return COMPRESS_INIT_E; +#endif + stream.next_out = out; + stream.avail_out = (uInt)outSz; + if ((uLong)stream.avail_out != outSz) return COMPRESS_INIT_E; + + stream.zalloc = (alloc_func)0; + stream.zfree = (free_func)0; + stream.opaque = (voidpf)0; + + if (deflateInit2(&stream, Z_DEFAULT_COMPRESSION, Z_DEFLATED, + DEFLATE_DEFAULT_WINDOWBITS, DEFLATE_DEFAULT_MEMLEVEL, + flags ? Z_FIXED : Z_DEFAULT_STRATEGY) != Z_OK) + return COMPRESS_INIT_E; + + if (deflate(&stream, Z_FINISH) != Z_STREAM_END) { + deflateEnd(&stream); + return COMPRESS_E; + } + + result = (int)stream.total_out; + + if (deflateEnd(&stream) != Z_OK) + result = COMPRESS_E; + + return result; } int DeCompress(byte* out, word32 outSz, const byte* in, word32 inSz) +/* + * out - pointer to destination buffer + * outSz - size of destination buffer + * in - pointer to source buffer to compress + * inSz - size of source to compress + * flags - flags to control how compress operates + * + * return: + * negative - error code + * positive - bytes stored in out buffer + */ { - word32 copySz = outSz <= inSz ? outSz : inSz; - XMEMMOVE(out, in, copySz); + z_stream stream; + int result = 0; - return (int)copySz; + stream.next_in = (Bytef*)in; + stream.avail_in = (uInt)inSz; + /* Check for source > 64K on 16-bit machine: */ + if ((uLong)stream.avail_in != inSz) return DECOMPRESS_INIT_E; + + stream.next_out = out; + stream.avail_out = (uInt)outSz; + if ((uLong)stream.avail_out != outSz) return DECOMPRESS_INIT_E; + + stream.zalloc = (alloc_func)0; + stream.zfree = (free_func)0; + + if (inflateInit(&stream) != Z_OK) + return DECOMPRESS_INIT_E; + + if (inflate(&stream, Z_FINISH) != Z_STREAM_END) { + inflateEnd(&stream); + return DECOMPRESS_E; + } + + result = (int)stream.total_out; + + if (inflateEnd(&stream) != Z_OK) + result = DECOMPRESS_E; + + return result; } diff --git a/ctaocrypt/src/error.c b/ctaocrypt/src/error.c index b98db04ca..b1041659e 100644 --- a/ctaocrypt/src/error.c +++ b/ctaocrypt/src/error.c @@ -281,6 +281,22 @@ void CTaoCryptErrorString(int error, char* buffer) XSTRNCPY(buffer, "Cavium Init type error", max); break; + case COMPRESS_INIT_E: + XSTRNCPY(buffer, "Compress Init error", max); + break; + + case COMPRESS_E: + XSTRNCPY(buffer, "Compress error", max); + break; + + case DECOMPRESS_INIT_E: + XSTRNCPY(buffer, "DeCompress Init error", max); + break; + + case DECOMPRESS_E: + XSTRNCPY(buffer, "DeCompress error", max); + break; + default: XSTRNCPY(buffer, "unknown error number", max); diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index 411b5435c..628827247 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -3170,9 +3170,15 @@ int compress_test(void) if (c == NULL || d == NULL) ret = -300; - if (ret == 0 && Compress(c, cSz, sample_text, dSz, 0) < 0) + if (ret == 0 && + (ret = Compress(c, cSz, sample_text, dSz, 0)) < 0) ret = -301; + if (ret > 0) { + cSz = (word32)ret; + ret = 0; + } + if (ret == 0 && DeCompress(d, dSz, c, cSz) != (int)dSz) ret = -302; diff --git a/cyassl/ctaocrypt/error.h b/cyassl/ctaocrypt/error.h index c7b24eb83..265019822 100644 --- a/cyassl/ctaocrypt/error.h +++ b/cyassl/ctaocrypt/error.h @@ -103,6 +103,11 @@ enum { CAVIUM_INIT_E = -182, /* Cavium Init type error */ + COMPRESS_INIT_E = -183, /* Compress init error */ + COMPRESS_E = -184, /* Compress error */ + DECOMPRESS_INIT_E = -185, /* DeCompress init error */ + DECOMPRESS_E = -186, /* DeCompress error */ + MIN_CODE_E = -200 /* errors -101 - -199 */ };