feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge branch 'master' of github.com:cyassl/cyassl

Browse Source
This commit is contained in:
toddouska
2014-05-08 10:27:54 -07:00
parent abbfcde0dc 72e9ea8e4b
commit e57d5d1d2f
23 changed files with 1897 additions and 830 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
README
View File

@@ -35,7 +35,23 @@ before calling SSL_new(); Though it's not recommended.
*** end Notes ***
CyaSSL Release 2.9.4 (04/09/2014)
CyaSSL Release 3.0.0 (04/29/2014)
Release 3.0.0 CyaSSL has bug fixes and new features including:
- FIPS release candidate
- X.509 improvements that address items reported by Suman Jana with security
researchers at UT Austin and UC Davis
- Small stack size improvements, --enable-smallstack. Offloads large local
variables to the heap. (Note this is not complete.)
- Updated AES-CCM-8 cipher suites to use approved suite numbers.
The CyaSSL manual is available at:
http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions
and comments about the new features please check the manual.
************ CyaSSL Release 2.9.4 (04/09/2014)
Release 2.9.4 CyaSSL has bug fixes and new features including:

2
commit-tests.sh
View File

@@ -23,7 +23,7 @@ RESULT=$?
# make sure full config is ok
echo -e "\n\nTesting full config as well...\n\n"
./configure --enable-opensslextra --enable-ecc --enable-dtls --enable-aesgcm --enable-aesccm --enable-hc128 --enable-sniffer --enable-psk --enable-rabbit --enable-camellia --enable-sha512;
./configure --enable-opensslextra --enable-ecc --enable-dtls --enable-aesgcm --enable-aesccm --enable-hc128 --enable-sniffer --enable-psk --enable-rabbit --enable-camellia --enable-sha512 --enable-crl --enable-ocsp --enable-savesession --enable-savecert --enable-atomicuser --enable-pkcallbacks --enable-scep;
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nFull config ./configure failed" && exit 1

25
configure.ac
View File

@@ -6,7 +6,7 @@
#
#
AC_INIT([cyassl],[2.9.5],[https://github.com/cyassl/cyassl/issues],[cyassl],[http://www.yassl.com])
AC_INIT([cyassl],[3.0.0],[https://github.com/cyassl/cyassl/issues],[cyassl],[http://www.wolfssl.com])
AC_CONFIG_AUX_DIR([build-aux])
@@ -31,7 +31,7 @@ AC_CONFIG_MACRO_DIR([m4])
AC_CONFIG_HEADERS([config.h:config.in])dnl Keep filename to 8.3 for MS-DOS.
#shared library versioning
CYASSL_LIBRARY_VERSION=5:4:0
CYASSL_LIBRARY_VERSION=5:5:0
# | | |
# +------+ | +---+
# | | |
@@ -1085,6 +1085,26 @@ fi
AM_CONDITIONAL([BUILD_FIPS], [test "x$ENABLED_FIPS" = "xyes"])
# Hash DRBG
AC_ARG_ENABLE([hashdrbg],
[ --enable-hashdrbg Enable Hash DRBG support (default: disabled)],
[ ENABLED_HASHDRBG=$enableval ],
[ ENABLED_HASHDRBG=no ]
)
if test "x$ENABLED_HASHDRBG" = "xyes"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_HASHDRBG"
else
# turn on Hash DRBG if FIPS is on or ARC4 is off
if test "x$ENABLED_FIPS" = "xyes" || test "x$ENABLED_ARC4" = "xno"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_HASHDRBG"
ENABLED_HASHDRBG=yes
fi
fi
# Filesystem Build
AC_ARG_ENABLE([filesystem],
[ --enable-filesystem Enable Filesystem support (default: enabled)],
@@ -1743,6 +1763,7 @@ echo " * certgen: $ENABLED_CERTGEN"
echo " * certreq: $ENABLED_CERTREQ"
echo " * HC-128: $ENABLED_HC128"
echo " * RABBIT: $ENABLED_RABBIT"
echo " * Hash DRBG: $ENABLED_HASHDRBG"
echo " * PWDBASED: $ENABLED_PWDBASED"
echo " * HKDF: $ENABLED_HKDF"
echo " * MD4: $ENABLED_MD4"

400
ctaocrypt/src/asn.c
View File

@@ -1057,7 +1057,7 @@ int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
key->type = RSA_PUBLIC;
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) || defined(RSA_DECODE_EXTRA)
{
byte b = input[*inOutIdx];
if (b != ASN_INTEGER) {
@@ -1272,6 +1272,11 @@ void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap)
cert->subjectCNLen = 0;
cert->subjectCNStored = 0;
cert->altNames = NULL;
#ifndef IGNORE_NAME_CONSTRAINTS
cert->altEmailNames = NULL;
cert->permittedNames = NULL;
cert->excludedNames = NULL;
#endif /* IGNORE_NAME_CONSTRAINTS */
cert->issuer[0] = '\0';
cert->subject[0] = '\0';
cert->source = source; /* don't own */
@@ -1341,6 +1346,9 @@ void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap)
cert->extSubjKeyIdSrc = NULL;
cert->extSubjKeyIdSz = 0;
#endif /* OPENSSL_EXTRA */
#if defined(OPENSSL_EXTRA) || !defined(IGNORE_NAME_CONSTRAINTS)
cert->extNameConstraintSet = 0;
#endif /* OPENSSL_EXTRA || !IGNORE_NAME_CONSTRAINTS */
#ifdef HAVE_ECC
cert->pkCurveOID = 0;
#endif /* HAVE_ECC */
@@ -1372,6 +1380,22 @@ void FreeAltNames(DNS_entry* altNames, void* heap)
}
}
#ifndef IGNORE_NAME_CONSTRAINTS
void FreeNameSubtrees(Base_entry* names, void* heap)
{
(void)heap;
while (names) {
Base_entry* tmp = names->next;
XFREE(names->name, heap, DYNAMIC_TYPE_ALTNAME);
XFREE(names, heap, DYNAMIC_TYPE_ALTNAME);
names = tmp;
}
}
#endif /* IGNORE_NAME_CONSTRAINTS */
void FreeDecodedCert(DecodedCert* cert)
{
@@ -1381,6 +1405,14 @@ void FreeDecodedCert(DecodedCert* cert)
XFREE(cert->publicKey, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY);
if (cert->altNames)
FreeAltNames(cert->altNames, cert->heap);
#ifndef IGNORE_NAME_CONSTRAINTS
if (cert->altEmailNames)
FreeAltNames(cert->altEmailNames, cert->heap);
if (cert->permittedNames)
FreeNameSubtrees(cert->permittedNames, cert->heap);
if (cert->excludedNames)
FreeNameSubtrees(cert->excludedNames, cert->heap);
#endif /* IGNORE_NAME_CONSTRAINTS */
#ifdef CYASSL_SEP
XFREE(cert->deviceType, cert->heap, 0);
XFREE(cert->hwType, cert->heap, 0);
@@ -1419,8 +1451,6 @@ static int GetCertHeader(DecodedCert* cert)
len = mp_unsigned_bin_size(&mpi);
if (len < (int)sizeof(serialTmp)) {
if ( (ret = mp_to_unsigned_bin(&mpi, serialTmp)) == MP_OKAY) {
if (len > EXTERNAL_SERIAL_SIZE)
len = EXTERNAL_SERIAL_SIZE;
XMEMCPY(cert->serial, serialTmp, len);
cert->serialSz = len;
}
@@ -1640,6 +1670,12 @@ static int GetName(DecodedCert* cert, int nameType)
cert->issuerRawLen = length - cert->srcIdx;
}
#endif
#ifndef IGNORE_NAME_CONSTRAINTS
if (nameType == SUBJECT) {
cert->subjectRaw = &cert->source[cert->srcIdx];
cert->subjectRawLen = length - cert->srcIdx;
}
#endif
while (cert->srcIdx < (word32)length) {
byte b;
@@ -1863,7 +1899,30 @@ static int GetName(DecodedCert* cert, int nameType)
dName->emailIdx = cert->srcIdx;
dName->emailLen = adv;
#endif /* OPENSSL_EXTRA */
#ifndef IGNORE_NAME_CONSTRAINTS
{
DNS_entry* emailName = NULL;
emailName = (DNS_entry*)XMALLOC(sizeof(DNS_entry),
cert->heap, DYNAMIC_TYPE_ALTNAME);
if (emailName == NULL) {
CYASSL_MSG("\tOut of Memory");
return MEMORY_E;
}
emailName->name = (char*)XMALLOC(adv + 1,
cert->heap, DYNAMIC_TYPE_ALTNAME);
if (emailName->name == NULL) {
CYASSL_MSG("\tOut of Memory");
return MEMORY_E;
}
XMEMCPY(emailName->name,
&cert->source[cert->srcIdx], adv);
emailName->name[adv] = 0;
emailName->next = cert->altEmailNames;
cert->altEmailNames = emailName;
}
#endif /* IGNORE_NAME_CONSTRAINTS */
if (!tooBig) {
XMEMCPY(&full[idx], &cert->source[cert->srcIdx], adv);
idx += adv;
@@ -2057,7 +2116,7 @@ static int DateGreaterThan(const struct tm* a, const struct tm* b)
static INLINE int DateLessThan(const struct tm* a, const struct tm* b)
{
return !DateGreaterThan(a,b);
return DateGreaterThan(b,a);
}
@@ -2870,6 +2929,174 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
}
#ifndef IGNORE_NAME_CONSTRAINTS
static int MatchBaseName(int type, const char* name, int nameSz,
const char* base, int baseSz)
{
if (base == NULL || baseSz <= 0 || name == NULL || nameSz <= 0 ||
name[0] == '.' || nameSz < baseSz ||
(type != ASN_RFC822_TYPE && type != ASN_DNS_TYPE))
return 0;
/* If an email type, handle special cases where the base is only
* a domain, or is an email address itself. */
if (type == ASN_RFC822_TYPE) {
const char* p = NULL;
int count = 0;
if (base[0] != '.') {
p = base;
count = 0;
/* find the '@' in the base */
while (*p != '@' && count < baseSz) {
count++;
p++;
}
/* No '@' in base, reset p to NULL */
if (count >= baseSz)
p = NULL;
}
if (p == NULL) {
/* Base isn't an email address, it is a domain name,
* wind the name forward one character past its '@'. */
p = name;
count = 0;
while (*p != '@' && count < baseSz) {
count++;
p++;
}
if (count < baseSz && *p == '@') {
name = p + 1;
nameSz -= count + 1;
}
}
}
if ((type == ASN_DNS_TYPE || type == ASN_RFC822_TYPE) && base[0] == '.') {
int szAdjust = nameSz - baseSz;
name += szAdjust;
nameSz -= szAdjust;
}
while (nameSz > 0) {
if (XTOLOWER(*name++) != XTOLOWER(*base++))
return 0;
nameSz--;
}
return 1;
}
static int ConfirmNameConstraints(Signer* signer, DecodedCert* cert)
{
if (signer == NULL || cert == NULL)
return 0;
/* Check against the excluded list */
if (signer->excludedNames) {
Base_entry* base = signer->excludedNames;
while (base != NULL) {
if (base->type == ASN_DNS_TYPE) {
DNS_entry* name = cert->altNames;
while (name != NULL) {
if (MatchBaseName(ASN_DNS_TYPE,
name->name, (int)XSTRLEN(name->name),
base->name, base->nameSz))
return 0;
name = name->next;
}
}
else if (base->type == ASN_RFC822_TYPE) {
DNS_entry* name = cert->altEmailNames;
while (name != NULL) {
if (MatchBaseName(ASN_RFC822_TYPE,
name->name, (int)XSTRLEN(name->name),
base->name, base->nameSz))
return 0;
name = name->next;
}
}
else if (base->type == ASN_DIR_TYPE) {
if (cert->subjectRawLen == base->nameSz &&
XMEMCMP(cert->subjectRaw, base->name, base->nameSz) == 0) {
return 0;
}
}
base = base->next;
}
}
/* Check against the permitted list */
if (signer->permittedNames != NULL) {
int needDns = 0;
int matchDns = 0;
int needEmail = 0;
int matchEmail = 0;
int needDir = 0;
int matchDir = 0;
Base_entry* base = signer->permittedNames;
while (base != NULL) {
if (base->type == ASN_DNS_TYPE) {
DNS_entry* name = cert->altNames;
if (name != NULL)
needDns = 1;
while (name != NULL) {
matchDns = MatchBaseName(ASN_DNS_TYPE,
name->name, (int)XSTRLEN(name->name),
base->name, base->nameSz);
name = name->next;
}
}
else if (base->type == ASN_RFC822_TYPE) {
DNS_entry* name = cert->altEmailNames;
if (name != NULL)
needEmail = 1;
while (name != NULL) {
matchEmail = MatchBaseName(ASN_DNS_TYPE,
name->name, (int)XSTRLEN(name->name),
base->name, base->nameSz);
name = name->next;
}
}
else if (base->type == ASN_DIR_TYPE) {
needDir = 1;
if (cert->subjectRaw != NULL &&
cert->subjectRawLen == base->nameSz &&
XMEMCMP(cert->subjectRaw, base->name, base->nameSz) == 0) {
matchDir = 1;
}
}
base = base->next;
}
if ((needDns && !matchDns) || (needEmail && !matchEmail) ||
(needDir && !matchDir)) {
return 0;
}
}
return 1;
}
#endif /* IGNORE_NAME_CONSTRAINTS */
static int DecodeAltNames(byte* input, int sz, DecodedCert* cert)
{
word32 idx = 0;
@@ -2924,6 +3151,43 @@ static int DecodeAltNames(byte* input, int sz, DecodedCert* cert)
length -= strLen;
idx += strLen;
}
#ifndef IGNORE_NAME_CONSTRAINTS
else if (b == (ASN_CONTEXT_SPECIFIC | ASN_RFC822_TYPE)) {
DNS_entry* emailEntry;
int strLen;
word32 lenStartIdx = idx;
if (GetLength(input, &idx, &strLen, sz) < 0) {
CYASSL_MSG("\tfail: str length");
return ASN_PARSE_E;
}
length -= (idx - lenStartIdx);
emailEntry = (DNS_entry*)XMALLOC(sizeof(DNS_entry), cert->heap,
DYNAMIC_TYPE_ALTNAME);
if (emailEntry == NULL) {
CYASSL_MSG("\tOut of Memory");
return ASN_PARSE_E;
}
emailEntry->name = (char*)XMALLOC(strLen + 1, cert->heap,
DYNAMIC_TYPE_ALTNAME);
if (emailEntry->name == NULL) {
CYASSL_MSG("\tOut of Memory");
XFREE(emailEntry, cert->heap, DYNAMIC_TYPE_ALTNAME);
return ASN_PARSE_E;
}
XMEMCPY(emailEntry->name, &input[idx], strLen);
emailEntry->name[strLen] = '\0';
emailEntry->next = cert->altEmailNames;
cert->altEmailNames = emailEntry;
length -= strLen;
idx += strLen;
}
#endif /* IGNORE_NAME_CONSTRAINTS */
#ifdef CYASSL_SEP
else if (b == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | ASN_OTHER_TYPE))
{
@@ -3329,7 +3593,7 @@ static int DecodeExtKeyUsage(byte* input, int sz, DecodedCert* cert)
CYASSL_ENTER("DecodeExtKeyUsage");
if (GetSequence(input, &idx, &length, sz) < 0) {
CYASSL_MSG("\tfail: should be a SEQUENCE\n");
CYASSL_MSG("\tfail: should be a SEQUENCE");
return ASN_PARSE_E;
}
@@ -3366,6 +3630,103 @@ static int DecodeExtKeyUsage(byte* input, int sz, DecodedCert* cert)
}
#ifndef IGNORE_NAME_CONSTRAINTS
static int DecodeSubtree(byte* input, int sz, Base_entry** head, void* heap)
{
word32 idx = 0;
(void)heap;
while (idx < (word32)sz) {
int seqLength, strLength;
word32 nameIdx;
byte b;
if (GetSequence(input, &idx, &seqLength, sz) < 0) {
CYASSL_MSG("\tfail: should be a SEQUENCE");
return ASN_PARSE_E;
}
nameIdx = idx;
b = input[nameIdx++];
if (GetLength(input, &nameIdx, &strLength, sz) <= 0) {
CYASSL_MSG("\tinvalid length");
return ASN_PARSE_E;
}
if (b == (ASN_CONTEXT_SPECIFIC | ASN_DNS_TYPE) ||
b == (ASN_CONTEXT_SPECIFIC | ASN_RFC822_TYPE) ||
b == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | ASN_DIR_TYPE)) {
Base_entry* entry = (Base_entry*)XMALLOC(sizeof(Base_entry),
heap, DYNAMIC_TYPE_ALTNAME);
if (entry == NULL) {
CYASSL_MSG("allocate error");
return MEMORY_E;
}
entry->name = (char*)XMALLOC(strLength, heap, DYNAMIC_TYPE_ALTNAME);
if (entry->name == NULL) {
CYASSL_MSG("allocate error");
return MEMORY_E;
}
XMEMCPY(entry->name, &input[nameIdx], strLength);
entry->nameSz = strLength;
entry->type = b & 0x0F;
entry->next = *head;
*head = entry;
}
idx += seqLength;
}
return 0;
}
static int DecodeNameConstraints(byte* input, int sz, DecodedCert* cert)
{
word32 idx = 0;
int length = 0;
CYASSL_ENTER("DecodeNameConstraints");
if (GetSequence(input, &idx, &length, sz) < 0) {
CYASSL_MSG("\tfail: should be a SEQUENCE");
return ASN_PARSE_E;
}
while (idx < (word32)sz) {
byte b = input[idx++];
Base_entry** subtree = NULL;
if (GetLength(input, &idx, &length, sz) <= 0) {
CYASSL_MSG("\tinvalid length");
return ASN_PARSE_E;
}
if (b == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 0))
subtree = &cert->permittedNames;
else if (b == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1))
subtree = &cert->excludedNames;
else {
CYASSL_MSG("\tinvalid subtree");
return ASN_PARSE_E;
}
DecodeSubtree(input + idx, length, subtree, cert->heap);
idx += length;
}
return 0;
}
#endif /* IGNORE_NAME_CONSTRAINTS */
#ifdef CYASSL_SEP
static int DecodeCertPolicy(byte* input, int sz, DecodedCert* cert)
{
@@ -3552,6 +3913,17 @@ static int DecodeCertExtensions(DecodedCert* cert)
return ASN_PARSE_E;
break;
#ifndef IGNORE_NAME_CONSTRAINTS
case NAME_CONS_OID:
cert->extNameConstraintSet = 1;
#ifdef OPENSSL_EXTRA
cert->extNameConstraintCrit = critical;
#endif
if (DecodeNameConstraints(&input[idx], length, cert) < 0)
return ASN_PARSE_E;
break;
#endif /* IGNORE_NAME_CONSTRAINTS */
case INHIBIT_ANY_OID:
CYASSL_MSG("Inhibit anyPolicy extension not supported yet.");
break;
@@ -3714,6 +4086,14 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
CYASSL_MSG("Confirm signature failed");
return ASN_SIG_CONFIRM_E;
}
#ifndef IGNORE_NAME_CONSTRAINTS
/* check that this cert's name is permitted by the signer's
* name constraints */
if (!ConfirmNameConstraints(ca, cert)) {
CYASSL_MSG("Confirm name constraint failed");
return ASN_NAME_INVALID_E;
}
#endif /* IGNORE_NAME_CONSTRAINTS */
}
else {
/* no signer */
@@ -3743,6 +4123,10 @@ Signer* MakeSigner(void* heap)
signer->publicKey = NULL;
signer->nameLen = 0;
signer->name = NULL;
#ifndef IGNORE_NAME_CONSTRAINTS
signer->permittedNames = NULL;
signer->excludedNames = NULL;
#endif /* IGNORE_NAME_CONSTRAINTS */
signer->next = NULL;
}
(void)heap;
@@ -3756,6 +4140,12 @@ void FreeSigner(Signer* signer, void* heap)
{
XFREE(signer->name, heap, DYNAMIC_TYPE_SUBJECT_CN);
XFREE(signer->publicKey, heap, DYNAMIC_TYPE_PUBLIC_KEY);
#ifndef IGNORE_NAME_CONSTRAINTS
if (signer->permittedNames)
FreeNameSubtrees(signer->permittedNames, heap);
if (signer->excludedNames)
FreeNameSubtrees(signer->excludedNames, heap);
#endif
XFREE(signer, heap, DYNAMIC_TYPE_SIGNER);
(void)heap;

665
ctaocrypt/src/ecc.c
View File

@@ -1299,6 +1299,9 @@ int ecc_make_key(RNG* rng, int keysize, ecc_key* key)
{
int x, err;
if (key == NULL || rng == NULL)
return ECC_BAD_ARG_E;
/* find key size */
for (x = 0; (keysize > ecc_sets[x].size) && (ecc_sets[x].size != 0); x++)
;
@@ -1319,12 +1322,22 @@ int ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp)
ecc_point* base;
mp_int prime;
mp_int order;
#ifdef CYASSL_SMALL_STACK
byte* buf;
#else
byte buf[ECC_MAXSIZE];
#endif
int keysize;
if (key == NULL || rng == NULL || dp == NULL)
return ECC_BAD_ARG_E;
#ifdef CYASSL_SMALL_STACK
buf = (byte*)XMALLOC(ECC_MAXSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (buf == NULL)
return MEMORY_E;
#endif
key->idx = -1;
key->dp = dp;
keysize = dp->size;
@@ -1334,19 +1347,22 @@ int ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp)
/* make up random string */
err = RNG_GenerateBlock(rng, buf, keysize);
if (err != 0)
return err;
buf[0] |= 0x0c;
if (err == 0)
buf[0] |= 0x0c;
/* setup the key variables */
if ((err = mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z,
&key->k, &prime, &order)) != MP_OKAY)
return MEMORY_E;
if (err == 0) {
err = mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z,
&key->k, &prime, &order);
if (err != MP_OKAY)
err = MEMORY_E;
}
base = ecc_new_point();
if (base == NULL)
err = MEMORY_E;
if (err == MP_OKAY) {
base = ecc_new_point();
if (base == NULL)
err = MEMORY_E;
}
/* read in the specs for this key */
if (err == MP_OKAY)
@@ -1384,9 +1400,15 @@ int ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp)
ecc_del_point(base);
mp_clear(&prime);
mp_clear(&order);
#ifdef ECC_CLEAN_STACK
XMEMSET(buff, 0, ECC_MAXSIZE);
XMEMSET(buf, 0, ECC_MAXSIZE);
#endif
#ifdef CYASSL_SMALL_STACK
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return err;
}
@@ -1750,8 +1772,8 @@ static int ecc_mul2add(ecc_point* A, mp_int* kA,
}
}
#ifdef ECC_CLEAN_STACK
XMEMSET(tA, 0, ECC_BUF_SIZE);
XMEMSET(tB, 0, ECC_BUF_SIZE);
XMEMSET(tA, 0, ECC_BUFSIZE);
XMEMSET(tB, 0, ECC_BUFSIZE);
#endif
XFREE(tA, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(tB, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -1955,7 +1977,11 @@ int ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
/* export public ECC key in ANSI X9.63 format */
int ecc_export_x963(ecc_key* key, byte* out, word32* outLen)
{
#ifdef CYASSL_SMALL_STACK
byte* buf;
#else
byte buf[ECC_BUFSIZE];
#endif
word32 numlen;
int ret = MP_OKAY;
@@ -1975,25 +2001,37 @@ int ecc_export_x963(ecc_key* key, byte* out, word32* outLen)
/* store byte 0x04 */
out[0] = 0x04;
/* pad and store x */
XMEMSET(buf, 0, sizeof(buf));
ret = mp_to_unsigned_bin(&key->pubkey.x,
buf + (numlen - mp_unsigned_bin_size(&key->pubkey.x)));
if (ret != MP_OKAY)
return ret;
XMEMCPY(out+1, buf, numlen);
#ifdef CYASSL_SMALL_STACK
buf = (byte*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (buf == NULL)
return MEMORY_E;
#endif
/* pad and store y */
XMEMSET(buf, 0, sizeof(buf));
ret = mp_to_unsigned_bin(&key->pubkey.y,
buf + (numlen - mp_unsigned_bin_size(&key->pubkey.y)));
if (ret != MP_OKAY)
return ret;
XMEMCPY(out+1+numlen, buf, numlen);
do {
/* pad and store x */
XMEMSET(buf, 0, ECC_BUFSIZE);
ret = mp_to_unsigned_bin(&key->pubkey.x,
buf + (numlen - mp_unsigned_bin_size(&key->pubkey.x)));
if (ret != MP_OKAY)
break;
XMEMCPY(out+1, buf, numlen);
*outLen = 1 + 2*numlen;
/* pad and store y */
XMEMSET(buf, 0, ECC_BUFSIZE);
ret = mp_to_unsigned_bin(&key->pubkey.y,
buf + (numlen - mp_unsigned_bin_size(&key->pubkey.y)));
if (ret != MP_OKAY)
break;
XMEMCPY(out+1+numlen, buf, numlen);
return 0;
*outLen = 1 + 2*numlen;
} while (0);
#ifdef CYASSL_SMALL_STACK
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
@@ -2928,7 +2966,13 @@ static int build_lut(int idx, mp_int* modulus, mp_digit* mp, mp_int* mu)
static int accel_fp_mul(int idx, mp_int* k, ecc_point *R, mp_int* modulus,
mp_digit* mp, int map)
{
#define KB_SIZE 128
#ifdef CYASSL_SMALL_STACK
unsigned char* kb;
#else
unsigned char kb[128];
#endif
int x;
unsigned y, z, err, bitlen, bitpos, lut_gap, first;
mp_int tk;
@@ -2983,71 +3027,88 @@ static int accel_fp_mul(int idx, mp_int* k, ecc_point *R, mp_int* modulus,
lut_gap = bitlen / FP_LUT;
/* get the k value */
if (mp_unsigned_bin_size(&tk) > (int)(sizeof(kb) - 2)) {
if (mp_unsigned_bin_size(&tk) > (int)(KB_SIZE - 2)) {
mp_clear(&tk);
return BUFFER_E;
}
/* store k */
XMEMSET(kb, 0, sizeof(kb));
#ifdef CYASSL_SMALL_STACK
kb = (unsigned char*)XMALLOC(KB_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (kb == NULL)
return MEMORY_E;
#endif
XMEMSET(kb, 0, KB_SIZE);
if ((err = mp_to_unsigned_bin(&tk, kb)) != MP_OKAY) {
mp_clear(&tk);
return err;
}
/* let's reverse kb so it's little endian */
x = 0;
y = mp_unsigned_bin_size(&tk) - 1;
mp_clear(&tk);
else {
/* let's reverse kb so it's little endian */
x = 0;
y = mp_unsigned_bin_size(&tk) - 1;
mp_clear(&tk);
while ((unsigned)x < y) {
z = kb[x]; kb[x] = kb[y]; kb[y] = z;
++x; --y;
}
/* at this point we can start, yipee */
first = 1;
for (x = lut_gap-1; x >= 0; x--) {
/* extract FP_LUT bits from kb spread out by lut_gap bits and offset
by x bits from the start */
bitpos = x;
for (y = z = 0; y < FP_LUT; y++) {
z |= ((kb[bitpos>>3] >> (bitpos&7)) & 1) << y;
bitpos += lut_gap; /* it's y*lut_gap + x, but here we can avoid
the mult in each loop */
}
/* double if not first */
if (!first) {
if ((err = ecc_projective_dbl_point(R, R, modulus, mp)) != MP_OKAY) {
return err;
while ((unsigned)x < y) {
z = kb[x]; kb[x] = kb[y]; kb[y] = z;
++x; --y;
}
/* at this point we can start, yipee */
first = 1;
for (x = lut_gap-1; x >= 0; x--) {
/* extract FP_LUT bits from kb spread out by lut_gap bits and offset
by x bits from the start */
bitpos = x;
for (y = z = 0; y < FP_LUT; y++) {
z |= ((kb[bitpos>>3] >> (bitpos&7)) & 1) << y;
bitpos += lut_gap; /* it's y*lut_gap + x, but here we can avoid
the mult in each loop */
}
}
/* add if not first, otherwise copy */
if (!first && z) {
if ((err = ecc_projective_add_point(R, fp_cache[idx].LUT[z], R,
modulus, mp)) != MP_OKAY) {
return err;
/* double if not first */
if (!first) {
if ((err = ecc_projective_dbl_point(R, R, modulus,
mp)) != MP_OKAY) {
break;
}
}
} else if (z) {
if ((mp_copy(&fp_cache[idx].LUT[z]->x, &R->x) != MP_OKAY) ||
(mp_copy(&fp_cache[idx].LUT[z]->y, &R->y) != MP_OKAY) ||
(mp_copy(&fp_cache[idx].mu, &R->z) != MP_OKAY)) {
return GEN_MEM_ERR;
/* add if not first, otherwise copy */
if (!first && z) {
if ((err = ecc_projective_add_point(R, fp_cache[idx].LUT[z], R,
modulus, mp)) != MP_OKAY) {
break;
}
} else if (z) {
if ((mp_copy(&fp_cache[idx].LUT[z]->x, &R->x) != MP_OKAY) ||
(mp_copy(&fp_cache[idx].LUT[z]->y, &R->y) != MP_OKAY) ||
(mp_copy(&fp_cache[idx].mu, &R->z) != MP_OKAY)) {
err = GEN_MEM_ERR;
break;
}
first = 0;
}
first = 0;
}
}
z = 0;
XMEMSET(kb, 0, sizeof(kb));
/* map R back from projective space */
if (map) {
err = ecc_map(R, modulus, mp);
} else {
err = MP_OKAY;
}
}
if (err == MP_OKAY) {
z = 0;
XMEMSET(kb, 0, KB_SIZE);
/* map R back from projective space */
if (map) {
err = ecc_map(R, modulus, mp);
} else {
err = MP_OKAY;
}
}
#ifdef CYASSL_SMALL_STACK
XFREE(kb, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
#undef KB_SIZE
return err;
}
@@ -3057,7 +3118,13 @@ static int accel_fp_mul2add(int idx1, int idx2,
mp_int* kA, mp_int* kB,
ecc_point *R, mp_int* modulus, mp_digit* mp)
{
#define KB_SIZE 128
#ifdef CYASSL_SMALL_STACK
unsigned char* kb[2];
#else
unsigned char kb[2][128];
#endif
int x;
unsigned y, z, err, bitlen, bitpos, lut_gap, first, zA, zB;
mp_int tka;
@@ -3154,18 +3221,25 @@ static int accel_fp_mul2add(int idx1, int idx2,
lut_gap = bitlen / FP_LUT;
/* get the k value */
if ((mp_unsigned_bin_size(&tka) > (int)(sizeof(kb[0]) - 2)) ||
(mp_unsigned_bin_size(&tkb) > (int)(sizeof(kb[0]) - 2)) ) {
if ((mp_unsigned_bin_size(&tka) > (int)(KB_SIZE - 2)) ||
(mp_unsigned_bin_size(&tkb) > (int)(KB_SIZE - 2)) ) {
mp_clear(&tka);
mp_clear(&tkb);
return BUFFER_E;
}
/* store k */
XMEMSET(kb, 0, sizeof(kb));
#ifdef CYASSL_SMALL_STACK
kb[0] = (unsigned char*)XMALLOC(KB_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (kb[0] == NULL)
return MEMORY_E;
#endif
XMEMSET(kb[0], 0, KB_SIZE);
if ((err = mp_to_unsigned_bin(&tka, kb[0])) != MP_OKAY) {
mp_clear(&tka);
mp_clear(&tkb);
XFREE(kb[0], NULL, DYNAMIC_TYPE_TMP_BUFFER);
return err;
}
@@ -3179,80 +3253,101 @@ static int accel_fp_mul2add(int idx1, int idx2,
}
/* store b */
#ifdef CYASSL_SMALL_STACK
kb[1] = (unsigned char*)XMALLOC(KB_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (kb[1] == NULL) {
XFREE(kb[0], NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_E;
}
#endif
XMEMSET(kb[1], 0, KB_SIZE);
if ((err = mp_to_unsigned_bin(&tkb, kb[1])) != MP_OKAY) {
mp_clear(&tkb);
return err;
}
else {
x = 0;
y = mp_unsigned_bin_size(&tkb) - 1;
mp_clear(&tkb);
while ((unsigned)x < y) {
z = kb[1][x]; kb[1][x] = kb[1][y]; kb[1][y] = z;
++x; --y;
}
x = 0;
y = mp_unsigned_bin_size(&tkb) - 1;
mp_clear(&tkb);
while ((unsigned)x < y) {
z = kb[1][x]; kb[1][x] = kb[1][y]; kb[1][y] = z;
++x; --y;
}
/* at this point we can start, yipee */
first = 1;
for (x = lut_gap-1; x >= 0; x--) {
/* extract FP_LUT bits from kb spread out by lut_gap bits and
offset by x bits from the start */
bitpos = x;
for (y = zA = zB = 0; y < FP_LUT; y++) {
zA |= ((kb[0][bitpos>>3] >> (bitpos&7)) & 1) << y;
zB |= ((kb[1][bitpos>>3] >> (bitpos&7)) & 1) << y;
bitpos += lut_gap; /* it's y*lut_gap + x, but here we can avoid
the mult in each loop */
}
/* double if not first */
if (!first) {
if ((err = ecc_projective_dbl_point(R, R, modulus, mp)) != MP_OKAY) {
return err;
/* at this point we can start, yipee */
first = 1;
for (x = lut_gap-1; x >= 0; x--) {
/* extract FP_LUT bits from kb spread out by lut_gap bits and
offset by x bits from the start */
bitpos = x;
for (y = zA = zB = 0; y < FP_LUT; y++) {
zA |= ((kb[0][bitpos>>3] >> (bitpos&7)) & 1) << y;
zB |= ((kb[1][bitpos>>3] >> (bitpos&7)) & 1) << y;
bitpos += lut_gap; /* it's y*lut_gap + x, but here we can avoid
the mult in each loop */
}
}
/* add if not first, otherwise copy */
if (!first) {
if (zA) {
if ((err = ecc_projective_add_point(R, fp_cache[idx1].LUT[zA],
R, modulus, mp)) != MP_OKAY) {
return err;
/* double if not first */
if (!first) {
if ((err = ecc_projective_dbl_point(R, R, modulus,
mp)) != MP_OKAY) {
break;
}
}
if (zB) {
if ((err = ecc_projective_add_point(R, fp_cache[idx2].LUT[zB],
R, modulus, mp)) != MP_OKAY) {
return err;
}
}
} else {
if (zA) {
if ((mp_copy(&fp_cache[idx1].LUT[zA]->x, &R->x) != MP_OKAY) ||
(mp_copy(&fp_cache[idx1].LUT[zA]->y, &R->y) != MP_OKAY) ||
(mp_copy(&fp_cache[idx1].mu, &R->z) != MP_OKAY)) {
return GEN_MEM_ERR;
}
first = 0;
}
if (zB && first == 0) {
if (zB) {
if ((err = ecc_projective_add_point(R, fp_cache[idx2].LUT[zB],
R, modulus, mp)) != MP_OKAY){
return err;
/* add if not first, otherwise copy */
if (!first) {
if (zA) {
if ((err = ecc_projective_add_point(R, fp_cache[idx1].LUT[zA],
R, modulus, mp)) != MP_OKAY) {
break;
}
}
} else if (zB && first == 1) {
if ((mp_copy(&fp_cache[idx2].LUT[zB]->x, &R->x) != MP_OKAY) ||
(mp_copy(&fp_cache[idx2].LUT[zB]->y, &R->y) != MP_OKAY) ||
(mp_copy(&fp_cache[idx2].mu, &R->z) != MP_OKAY)) {
return GEN_MEM_ERR;
}
first = 0;
if (zB) {
if ((err = ecc_projective_add_point(R, fp_cache[idx2].LUT[zB],
R, modulus, mp)) != MP_OKAY) {
break;
}
}
} else {
if (zA) {
if ((mp_copy(&fp_cache[idx1].LUT[zA]->x, &R->x) != MP_OKAY) ||
(mp_copy(&fp_cache[idx1].LUT[zA]->y, &R->y) != MP_OKAY) ||
(mp_copy(&fp_cache[idx1].mu, &R->z) != MP_OKAY)) {
err = GEN_MEM_ERR;
break;
}
first = 0;
}
if (zB && first == 0) {
if (zB) {
if ((err = ecc_projective_add_point(R,
fp_cache[idx2].LUT[zB], R, modulus, mp)) != MP_OKAY){
break;
}
}
} else if (zB && first == 1) {
if ((mp_copy(&fp_cache[idx2].LUT[zB]->x, &R->x) != MP_OKAY) ||
(mp_copy(&fp_cache[idx2].LUT[zB]->y, &R->y) != MP_OKAY) ||
(mp_copy(&fp_cache[idx2].mu, &R->z) != MP_OKAY)) {
err = GEN_MEM_ERR;
break;
}
first = 0;
}
}
}
}
XMEMSET(kb, 0, sizeof(kb));
}
}
XMEMSET(kb[0], 0, KB_SIZE);
XMEMSET(kb[1], 0, KB_SIZE);
#ifdef CYASSL_SMALL_STACK
XFREE(kb[0], NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(kb[1], NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
#undef KB_SIZE
return ecc_map(R, modulus, mp);
}
@@ -3741,9 +3836,14 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 blockSz;
word32 digestSz;
ecEncCtx localCtx;
#ifdef CYASSL_SMALL_STACK
byte* sharedSecret;
byte* keys;
#else
byte sharedSecret[ECC_MAXSIZE]; /* 521 max size */
byte keys[ECC_BUFSIZE]; /* max size */
word32 sharedSz = sizeof(sharedSecret);
#endif
word32 sharedSz = ECC_MAXSIZE;
int keysLen;
int encKeySz;
int ivSz;
@@ -3782,7 +3882,7 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
ctx->cliSt = ecCLI_SENT_REQ; /* only do this once */
}
if (keysLen > (int)sizeof(keys))
if (keysLen > ECC_BUFSIZE) /* keys size */
return BUFFER_E;
if ( (msgSz%blockSz) != 0)
@@ -3791,70 +3891,90 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
if (*outSz < (msgSz + digestSz))
return BUFFER_E;
ret = ecc_shared_secret(privKey, pubKey, sharedSecret, &sharedSz);
if (ret != 0)
return ret;
#ifdef CYASSL_SMALL_STACK
sharedSecret = (byte*)XMALLOC(ECC_MAXSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sharedSecret == NULL)
return MEMORY_E;
switch (ctx->kdfAlgo) {
case ecHKDF_SHA256 :
ret = HKDF(SHA256, sharedSecret, sharedSz, ctx->kdfSalt,
ctx->kdfSaltSz, ctx->kdfInfo,
ctx->kdfInfoSz, keys, keysLen);
if (ret != 0)
return ret;
break;
keys = (byte*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (keys == NULL) {
XFREE(sharedSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_E;
}
#endif
default:
return BAD_FUNC_ARG;
ret = ecc_shared_secret(privKey, pubKey, sharedSecret, &sharedSz);
if (ret == 0) {
switch (ctx->kdfAlgo) {
case ecHKDF_SHA256 :
ret = HKDF(SHA256, sharedSecret, sharedSz, ctx->kdfSalt,
ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz,
keys, keysLen);
break;
default:
ret = BAD_FUNC_ARG;
break;
}
}
encKey = keys + offset;
encIv = encKey + encKeySz;
macKey = encKey + encKeySz + ivSz;
if (ret == 0) {
encKey = keys + offset;
encIv = encKey + encKeySz;
macKey = encKey + encKeySz + ivSz;
switch (ctx->encAlgo) {
case ecAES_128_CBC:
{
Aes aes;
ret = AesSetKey(&aes, encKey,KEY_SIZE_128,encIv,AES_ENCRYPTION);
if (ret != 0)
return ret;
ret = AesCbcEncrypt(&aes, out, msg, msgSz);
if (ret != 0)
return ret;
}
break;
switch (ctx->encAlgo) {
case ecAES_128_CBC:
{
Aes aes;
ret = AesSetKey(&aes, encKey, KEY_SIZE_128, encIv,
AES_ENCRYPTION);
if (ret != 0)
break;
ret = AesCbcEncrypt(&aes, out, msg, msgSz);
}
break;
default:
return BAD_FUNC_ARG;
default:
ret = BAD_FUNC_ARG;
break;
}
}
switch (ctx->macAlgo) {
case ecHMAC_SHA256:
{
Hmac hmac;
ret = HmacSetKey(&hmac, SHA256, macKey, SHA256_DIGEST_SIZE);
if (ret != 0)
return ret;
ret = HmacUpdate(&hmac, out, msgSz);
if (ret != 0)
return ret;
ret = HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz);
if (ret != 0)
return ret;
ret = HmacFinal(&hmac, out+msgSz);
if (ret != 0)
return ret;
}
break;
if (ret == 0) {
switch (ctx->macAlgo) {
case ecHMAC_SHA256:
{
Hmac hmac;
ret = HmacSetKey(&hmac, SHA256, macKey, SHA256_DIGEST_SIZE);
if (ret != 0)
break;
ret = HmacUpdate(&hmac, out, msgSz);
if (ret != 0)
break;
ret = HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz);
if (ret != 0)
break;
ret = HmacFinal(&hmac, out+msgSz);
}
break;
default:
return BAD_FUNC_ARG;
default:
ret = BAD_FUNC_ARG;
break;
}
}
*outSz = msgSz + digestSz;
if (ret == 0)
*outSz = msgSz + digestSz;
return 0;
#ifdef CYASSL_SMALL_STACK
XFREE(sharedSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keys, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
@@ -3868,9 +3988,14 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 blockSz;
word32 digestSz;
ecEncCtx localCtx;
#ifdef CYASSL_SMALL_STACK
byte* sharedSecret;
byte* keys;
#else
byte sharedSecret[ECC_MAXSIZE]; /* 521 max size */
byte keys[ECC_BUFSIZE]; /* max size */
word32 sharedSz = sizeof(sharedSecret);
#endif
word32 sharedSz = ECC_MAXSIZE;
int keysLen;
int encKeySz;
int ivSz;
@@ -3909,7 +4034,7 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
ctx->srvSt = ecSRV_RECV_REQ; /* only do this once */
}
if (keysLen > (int)sizeof(keys))
if (keysLen > ECC_BUFSIZE) /* keys size */
return BUFFER_E;
if ( ((msgSz-digestSz) % blockSz) != 0)
@@ -3918,75 +4043,95 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
if (*outSz < (msgSz - digestSz))
return BUFFER_E;
ret = ecc_shared_secret(privKey, pubKey, sharedSecret, &sharedSz);
if (ret != 0)
return ret;
#ifdef CYASSL_SMALL_STACK
sharedSecret = (byte*)XMALLOC(ECC_MAXSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sharedSecret == NULL)
return MEMORY_E;
switch (ctx->kdfAlgo) {
case ecHKDF_SHA256 :
ret = HKDF(SHA256, sharedSecret, sharedSz, ctx->kdfSalt,
ctx->kdfSaltSz, ctx->kdfInfo,
ctx->kdfInfoSz, keys, keysLen);
if (ret != 0)
return ret;
break;
keys = (byte*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (keys == NULL) {
XFREE(sharedSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_E;
}
#endif
default:
return BAD_FUNC_ARG;
ret = ecc_shared_secret(privKey, pubKey, sharedSecret, &sharedSz);
if (ret == 0) {
switch (ctx->kdfAlgo) {
case ecHKDF_SHA256 :
ret = HKDF(SHA256, sharedSecret, sharedSz, ctx->kdfSalt,
ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz,
keys, keysLen);
break;
default:
ret = BAD_FUNC_ARG;
break;
}
}
encKey = keys + offset;
encIv = encKey + encKeySz;
macKey = encKey + encKeySz + ivSz;
if (ret == 0) {
encKey = keys + offset;
encIv = encKey + encKeySz;
macKey = encKey + encKeySz + ivSz;
switch (ctx->macAlgo) {
case ecHMAC_SHA256:
{
byte verify[SHA256_DIGEST_SIZE];
Hmac hmac;
ret = HmacSetKey(&hmac, SHA256, macKey, SHA256_DIGEST_SIZE);
if (ret != 0)
return ret;
ret = HmacUpdate(&hmac, msg, msgSz-digestSz);
if (ret != 0)
return ret;
ret = HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz);
if (ret != 0)
return ret;
ret = HmacFinal(&hmac, verify);
if (ret != 0)
return ret;
switch (ctx->macAlgo) {
case ecHMAC_SHA256:
{
byte verify[SHA256_DIGEST_SIZE];
Hmac hmac;
ret = HmacSetKey(&hmac, SHA256, macKey, SHA256_DIGEST_SIZE);
if (ret != 0)
break;
ret = HmacUpdate(&hmac, msg, msgSz-digestSz);
if (ret != 0)
break;
ret = HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz);
if (ret != 0)
break;
ret = HmacFinal(&hmac, verify);
if (ret != 0)
break;
if (memcmp(verify, msg + msgSz - digestSz, digestSz) != 0)
ret = -1;
}
break;
if (memcmp(verify, msg + msgSz - digestSz, digestSz) != 0) {
return -1;
}
}
break;
default:
return BAD_FUNC_ARG;
default:
ret = BAD_FUNC_ARG;
break;
}
}
switch (ctx->encAlgo) {
case ecAES_128_CBC:
{
Aes aes;
ret = AesSetKey(&aes, encKey,KEY_SIZE_128,encIv,AES_DECRYPTION);
if (ret != 0)
return ret;
ret = AesCbcDecrypt(&aes, out, msg, msgSz-digestSz);
if (ret != 0)
return ret;
}
break;
if (ret == 0) {
switch (ctx->encAlgo) {
case ecAES_128_CBC:
{
Aes aes;
ret = AesSetKey(&aes, encKey, KEY_SIZE_128, encIv,
AES_DECRYPTION);
if (ret != 0)
break;
ret = AesCbcDecrypt(&aes, out, msg, msgSz-digestSz);
}
break;
default:
return BAD_FUNC_ARG;
default:
ret = BAD_FUNC_ARG;
break;
}
}
*outSz = msgSz - digestSz;
if (ret == 0)
*outSz = msgSz - digestSz;
return 0;
#ifdef CYASSL_SMALL_STACK
XFREE(sharedSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keys, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}

4
ctaocrypt/src/error.c
View File

@@ -351,6 +351,10 @@ void CTaoCryptErrorString(int error, char* buffer)
XSTRNCPY(buffer, "FIPS mode not allowed error", max);
break;
case ASN_NAME_INVALID_E:
XSTRNCPY(buffer, "Name Constraint error", max);
break;
default:
XSTRNCPY(buffer, "unknown error number", max);

1
ctaocrypt/src/hc128.c
View File

@@ -338,6 +338,7 @@ static INLINE int DoProcess(HC128* ctx, byte* output, const byte* input,
if (msglen > 0)
{
XMEMSET(keystream, 0, sizeof(keystream)); /* hush the static analysis */
generate_keystream(ctx, keystream);
#ifdef BIG_ENDIAN_ORDER

10
ctaocrypt/src/pkcs7.c
View File

@@ -585,11 +585,7 @@ int PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz)
byte* content = NULL;
byte* sig = NULL;
byte* cert = NULL;
byte* signedAttr = NULL;
int contentSz = 0, sigSz = 0, certSz = 0, signedAttrSz = 0;
(void)signedAttr; /* not used yet, just set */
(void)signedAttrSz;
int contentSz = 0, sigSz = 0, certSz = 0;
if (pkcs7 == NULL || pkiMsg == NULL || pkiMsgSz == 0)
return BAD_FUNC_ARG;
@@ -750,10 +746,6 @@ int PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz)
if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
return ASN_PARSE_E;
/* save pointer and length */
signedAttr = &pkiMsg[idx];
signedAttrSz = length;
idx += length;
}

213
ctaocrypt/src/random.c
View File

@@ -33,16 +33,15 @@
#include <cyassl/ctaocrypt/random.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#ifdef NO_RC4
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
#include <cyassl/ctaocrypt/sha256.h>
#ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h>
#else
#define MISC_DUMM_FUNC misc_dummy_random
#include <ctaocrypt/src/misc.c>
#endif
#endif
#endif /* HAVE_HASHDRBG || NO_RC4 */
#if defined(USE_WINDOWS_API)
#ifndef _WIN32_WINNT
@@ -63,32 +62,36 @@
#endif /* USE_WINDOWS_API */
#ifdef NO_RC4
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
/* Start NIST DRBG code */
#define OUTPUT_BLOCK_LEN (256/8)
#define MAX_REQUEST_LEN (0x1000)
#define MAX_STRING_LEN (0x100000000)
#define RESEED_MAX (0x100000000000LL)
#define ENTROPY_SZ 256
#define OUTPUT_BLOCK_LEN (SHA256_DIGEST_SIZE)
#define MAX_REQUEST_LEN (0x10000)
#define RESEED_INTERVAL (1000000)
#define SECURITY_STRENGTH (256)
#define ENTROPY_SZ (SECURITY_STRENGTH/8)
#define NONCE_SZ (ENTROPY_SZ/2)
#define ENTROPY_NONCE_SZ (ENTROPY_SZ+NONCE_SZ)
#define DBRG_SUCCESS 0
#define DBRG_ERROR 1
#define DBRG_NEED_RESEED 2
#define DRBG_SUCCESS 0
#define DRBG_ERROR 1
#define DRBG_NEED_RESEED 2
enum {
dbrgInitC = 0,
dbrgReseed = 1,
dbrgGenerateW = 2,
dbrgGenerateH = 3,
dbrgInitV
drbgInitC = 0,
drbgReseed = 1,
drbgGenerateW = 2,
drbgGenerateH = 3,
drbgInitV
};
static int Hash_df(RNG* rng, byte* out, word32 outSz, byte type, byte* inA, word32 inASz,
byte* inB, word32 inBSz, byte* inC, word32 inCSz)
static int Hash_df(RNG* rng, byte* out, word32 outSz, byte type,
byte* inA, word32 inASz,
byte* inB, word32 inBSz,
byte* inC, word32 inCSz)
{
byte ctr;
int i;
@@ -98,60 +101,60 @@ static int Hash_df(RNG* rng, byte* out, word32 outSz, byte type, byte* inA, word
#ifdef LITTLE_ENDIAN_ORDER
bits = ByteReverseWord32(bits);
#endif
len = (outSz / SHA256_DIGEST_SIZE)
+ ((outSz % SHA256_DIGEST_SIZE) ? 1 : 0);
len = (outSz / OUTPUT_BLOCK_LEN)
+ ((outSz % OUTPUT_BLOCK_LEN) ? 1 : 0);
for (i = 0, ctr = 1; i < len; i++, ctr++)
{
if (InitSha256(&rng->sha) != 0)
return DBRG_ERROR;
return DRBG_ERROR;
if (Sha256Update(&rng->sha, &ctr, sizeof(ctr)) != 0)
return DBRG_ERROR;
return DRBG_ERROR;
if (Sha256Update(&rng->sha, (byte*)&bits, sizeof(bits)) != 0)
return DBRG_ERROR;
return DRBG_ERROR;
/* churning V is the only string that doesn't have
* the type added */
if (type != dbrgInitV)
if (type != drbgInitV)
if (Sha256Update(&rng->sha, &type, sizeof(type)) != 0)
return DBRG_ERROR;
return DRBG_ERROR;
if (Sha256Update(&rng->sha, inA, inASz) != 0)
return DBRG_ERROR;
return DRBG_ERROR;
if (inB != NULL && inBSz > 0)
if (Sha256Update(&rng->sha, inB, inBSz) != 0)
return DBRG_ERROR;
return DRBG_ERROR;
if (inC != NULL && inCSz > 0)
if (Sha256Update(&rng->sha, inC, inCSz) != 0)
return DBRG_ERROR;
return DRBG_ERROR;
if (Sha256Final(&rng->sha, rng->digest) != 0)
return DBRG_ERROR;
return DRBG_ERROR;
if (outSz > SHA256_DIGEST_SIZE) {
XMEMCPY(out, rng->digest, SHA256_DIGEST_SIZE);
outSz -= SHA256_DIGEST_SIZE;
out += SHA256_DIGEST_SIZE;
if (outSz > OUTPUT_BLOCK_LEN) {
XMEMCPY(out, rng->digest, OUTPUT_BLOCK_LEN);
outSz -= OUTPUT_BLOCK_LEN;
out += OUTPUT_BLOCK_LEN;
}
else {
XMEMCPY(out, rng->digest, outSz);
}
}
return DBRG_SUCCESS;
return DRBG_SUCCESS;
}
static int Hash_DBRG_Reseed(RNG* rng, byte* entropy, word32 entropySz)
static int Hash_DRBG_Reseed(RNG* rng, byte* entropy, word32 entropySz)
{
int ret;
byte seed[DBRG_SEED_LEN];
byte seed[DRBG_SEED_LEN];
ret = Hash_df(rng, seed, sizeof(seed), dbrgInitV, rng->V, sizeof(rng->V),
ret = Hash_df(rng, seed, sizeof(seed), drbgReseed, rng->V, sizeof(rng->V),
entropy, entropySz, NULL, 0);
if (ret != 0)
return ret;
@@ -159,12 +162,12 @@ static int Hash_DBRG_Reseed(RNG* rng, byte* entropy, word32 entropySz)
XMEMCPY(rng->V, seed, sizeof(rng->V));
XMEMSET(seed, 0, sizeof(seed));
ret = Hash_df(rng, rng->C, sizeof(rng->C), dbrgInitC, rng->V,
ret = Hash_df(rng, rng->C, sizeof(rng->C), drbgInitC, rng->V,
sizeof(rng->V), NULL, 0, NULL, 0);
if (ret != 0)
return ret;
rng->reseed_ctr = 1;
rng->reseedCtr = 1;
return 0;
}
@@ -181,10 +184,10 @@ static INLINE void array_add_one(byte* data, word32 dataSz)
static int Hash_gen(RNG* rng, byte* out, word32 outSz, byte* V)
{
byte data[DBRG_SEED_LEN];
byte data[DRBG_SEED_LEN];
int i, ret;
int len = (outSz / SHA256_DIGEST_SIZE)
+ ((outSz % SHA256_DIGEST_SIZE) ? 1 : 0);
int len = (outSz / OUTPUT_BLOCK_LEN)
+ ((outSz % OUTPUT_BLOCK_LEN) ? 1 : 0);
XMEMCPY(data, V, sizeof(data));
for (i = 0; i < len; i++) {
@@ -200,11 +203,11 @@ static int Hash_gen(RNG* rng, byte* out, word32 outSz, byte* V)
if (ret != 0)
return ret;
if (outSz > SHA256_DIGEST_SIZE) {
XMEMCPY(out, rng->digest, SHA256_DIGEST_SIZE);
outSz -= SHA256_DIGEST_SIZE;
out += SHA256_DIGEST_SIZE;
array_add_one(data, DBRG_SEED_LEN);
if (outSz > OUTPUT_BLOCK_LEN) {
XMEMCPY(out, rng->digest, OUTPUT_BLOCK_LEN);
outSz -= OUTPUT_BLOCK_LEN;
out += OUTPUT_BLOCK_LEN;
array_add_one(data, DRBG_SEED_LEN);
}
else {
XMEMCPY(out, rng->digest, outSz);
@@ -235,66 +238,71 @@ static INLINE void array_add(byte* d, word32 dLen, byte* s, word32 sLen)
}
static int Hash_DBRG_Generate(RNG* rng, byte* out, word32 outSz)
static int Hash_DRBG_Generate(RNG* rng, byte* out, word32 outSz)
{
int ret;
if (rng->reseed_ctr != RESEED_MAX) {
byte type = dbrgGenerateH;
if (rng->reseedCtr != RESEED_INTERVAL) {
byte type = drbgGenerateH;
word32 reseedCtr = rng->reseedCtr;
rng->reseedCtr++;
if (Hash_gen(rng, out, outSz, rng->V) != 0)
return DBRG_ERROR;
return DRBG_ERROR;
if (InitSha256(&rng->sha) != 0)
return DBRG_ERROR;
return DRBG_ERROR;
if (Sha256Update(&rng->sha, &type, sizeof(type)) != 0)
return DBRG_ERROR;
return DRBG_ERROR;
if (Sha256Update(&rng->sha, rng->V, sizeof(rng->V)) != 0)
return DBRG_ERROR;
return DRBG_ERROR;
if (Sha256Final(&rng->sha, rng->digest) != 0)
return DBRG_ERROR;
return DRBG_ERROR;
array_add(rng->V, sizeof(rng->V), rng->digest, sizeof(rng->digest));
array_add(rng->V, sizeof(rng->V), rng->C, sizeof(rng->C));
array_add(rng->V, sizeof(rng->V),
(byte*)&rng->reseed_ctr, sizeof(rng->reseed_ctr));
rng->reseed_ctr++;
ret = DBRG_SUCCESS;
#ifdef LITTLE_ENDIAN_ORDER
reseedCtr = ByteReverseWord32(reseedCtr);
#endif
array_add(rng->V, sizeof(rng->V), (byte*)&reseedCtr, sizeof(reseedCtr));
ret = DRBG_SUCCESS;
}
else {
ret = DBRG_NEED_RESEED;
ret = DRBG_NEED_RESEED;
}
return ret;
}
static int Hash_DBRG_Instantiate(RNG* rng, byte* seed, word32 seedSz)
static int Hash_DRBG_Instantiate(RNG* rng, byte* seed, word32 seedSz,
byte* nonce, word32 nonceSz, byte* personal, word32 personalSz)
{
int ret;
XMEMSET(rng, 0, sizeof(*rng));
ret = Hash_df(rng, rng->V, sizeof(rng->V), dbrgInitV, seed, seedSz, NULL, 0,
NULL, 0);
ret = Hash_df(rng, rng->V, sizeof(rng->V), drbgInitV, seed, seedSz,
nonce, nonceSz, personal, personalSz);
if (ret != 0)
return ret;
ret = Hash_df(rng, rng->C, sizeof(rng->C), dbrgInitC, rng->V,
ret = Hash_df(rng, rng->C, sizeof(rng->C), drbgInitC, rng->V,
sizeof(rng->V), NULL, 0, NULL, 0);
if (ret != 0)
return ret;
rng->reseed_ctr = 1;
rng->reseedCtr = 1;
return 0;
}
static int Hash_DBRG_Uninstantiate(RNG* rng)
static int Hash_DRBG_Uninstantiate(RNG* rng)
{
int result = DBRG_ERROR;
int result = DRBG_ERROR;
if (rng != NULL) {
XMEMSET(rng, 0, sizeof(*rng));
result = DBRG_SUCCESS;
result = DRBG_SUCCESS;
}
return result;
@@ -303,17 +311,21 @@ static int Hash_DBRG_Uninstantiate(RNG* rng)
/* End NIST DRBG Code */
/* Get seed and key cipher */
int InitRng(RNG* rng)
{
byte entropy[ENTROPY_SZ];
int ret = DBRG_ERROR;
byte entropy[ENTROPY_NONCE_SZ];
int ret = DRBG_ERROR;
if (GenerateSeed(&rng->seed, entropy, sizeof(entropy)) == 0)
ret = Hash_DBRG_Instantiate(rng, entropy, sizeof(entropy));
/* This doesn't use a separate nonce. The entropy input will be
* the default size plus the size of the nonce making the seed
* size. */
if (GenerateSeed(&rng->seed, entropy, ENTROPY_NONCE_SZ) == 0)
ret = Hash_DRBG_Instantiate(rng, entropy, ENTROPY_NONCE_SZ,
NULL, 0, NULL, 0);
XMEMSET(entropy, 0, ENTROPY_NONCE_SZ);
XMEMSET(entropy, 0, sizeof(entropy));
return ret;
}
@@ -324,20 +336,22 @@ int RNG_GenerateBlock(RNG* rng, byte* output, word32 sz)
int ret;
XMEMSET(output, 0, sz);
ret = Hash_DBRG_Generate(rng, output, sz);
ret = Hash_DRBG_Generate(rng, output, sz);
if (ret == DBRG_NEED_RESEED) {
if (ret == DRBG_NEED_RESEED) {
byte entropy[ENTROPY_SZ];
ret = GenerateSeed(&rng->seed, entropy, sizeof(entropy));
ret = GenerateSeed(&rng->seed, entropy, ENTROPY_SZ);
if (ret == 0) {
ret = Hash_DBRG_Reseed(rng, entropy, sizeof(entropy));
ret = Hash_DRBG_Reseed(rng, entropy, ENTROPY_SZ);
if (ret == 0)
ret = Hash_DBRG_Generate(rng, output, sz);
ret = Hash_DRBG_Generate(rng, output, sz);
}
else
ret = DBRG_ERROR;
XMEMSET(entropy, 0, sizeof(entropy));
ret = DRBG_ERROR;
XMEMSET(entropy, 0, ENTROPY_SZ);
}
return ret;
@@ -352,30 +366,53 @@ int RNG_GenerateByte(RNG* rng, byte* b)
void FreeRng(RNG* rng)
{
Hash_DBRG_Uninstantiate(rng);
Hash_DRBG_Uninstantiate(rng);
}
#else /* NO_RC4 */
#else /* HAVE_HASHDRBG || NO_RC4 */
/* Get seed and key cipher */
int InitRng(RNG* rng)
{
int ret;
#ifdef CYASSL_SMALL_STACK
byte* key;
byte* junk;
#else
byte key[32];
byte junk[256];
int ret;
#endif
#ifdef HAVE_CAVIUM
if (rng->magic == CYASSL_RNG_CAVIUM_MAGIC)
return 0;
#endif
ret = GenerateSeed(&rng->seed, key, sizeof(key));
#ifdef CYASSL_SMALL_STACK
key = (byte*)XMALLOC(32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (key == NULL)
return MEMORY_E;
junk = (byte*)XMALLOC(256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (junk == NULL) {
XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_E;
}
#endif
ret = GenerateSeed(&rng->seed, key, 32);
if (ret == 0) {
Arc4SetKey(&rng->cipher, key, sizeof(key));
return RNG_GenerateBlock(rng, junk, sizeof(junk)); /*rid initial state*/
ret = RNG_GenerateBlock(rng, junk, 256); /*rid initial state*/
}
#ifdef CYASSL_SMALL_STACK
XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(junk, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
@@ -446,7 +483,7 @@ static void CaviumRNG_GenerateBlock(RNG* rng, byte* output, word32 sz)
#endif /* HAVE_CAVIUM */
#endif /* NO_RC4 */
#endif /* HAVE_HASHDRBG || NO_RC4 */
#if defined(USE_WINDOWS_API)

2
ctaocrypt/src/tfm.c
View File

@@ -95,7 +95,7 @@ void s_fp_add(fp_int *a, fp_int *b, fp_int *c)
register fp_word t;
y = MAX(a->used, b->used);
oldused = c->used;
oldused = MAX(c->used, FP_SIZE); /* help static analysis w/ max size */
c->used = y;
t = 0;

492
ctaocrypt/test/test.c
View File

@@ -2792,44 +2792,87 @@ int rsa_test(void)
FILE* pemFile;
ret = InitRsaKey(&genKey, 0);
if (ret != 0) return -300;
if (ret != 0)
return -300;
ret = MakeRsaKey(&genKey, 1024, 65537, &rng);
if (ret != 0)
return -301;
der = (byte*)malloc(FOURK_BUF);
if (der == NULL)
if (der == NULL) {
FreeRsaKey(&genKey);
return -307;
}
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
if (pem == NULL) {
free(der);
FreeRsaKey(&genKey);
return -308;
}
derSz = RsaKeyToDer(&genKey, der, FOURK_BUF);
if (derSz < 0)
if (derSz < 0) {
free(der);
free(pem);
return -302;
}
keyFile = fopen("./key.der", "wb");
if (!keyFile)
if (!keyFile) {
free(der);
free(pem);
FreeRsaKey(&genKey);
return -303;
ret = (int)fwrite(der, derSz, 1, keyFile);
}
ret = (int)fwrite(der, 1, derSz, keyFile);
fclose(keyFile);
if (ret != derSz) {
free(der);
free(pem);
FreeRsaKey(&genKey);
return -313;
}
pemSz = DerToPem(der, derSz, pem, FOURK_BUF, PRIVATEKEY_TYPE);
if (pemSz < 0)
if (pemSz < 0) {
free(der);
free(pem);
FreeRsaKey(&genKey);
return -304;
}
pemFile = fopen("./key.pem", "wb");
if (!pemFile)
if (!pemFile) {
free(der);
free(pem);
FreeRsaKey(&genKey);
return -305;
ret = (int)fwrite(pem, pemSz, 1, pemFile);
}
ret = (int)fwrite(pem, 1, pemSz, pemFile);
fclose(pemFile);
if (ret != pemSz) {
free(der);
free(pem);
FreeRsaKey(&genKey);
return -314;
}
ret = InitRsaKey(&derIn, 0);
if (ret != 0) return -3060;
if (ret != 0) {
free(der);
free(pem);
FreeRsaKey(&genKey);
return -3060;
}
idx = 0;
ret = RsaPrivateKeyDecode(der, &idx, &derIn, derSz);
if (ret != 0)
if (ret != 0) {
free(der);
free(pem);
FreeRsaKey(&derIn);
FreeRsaKey(&genKey);
return -306;
}
FreeRsaKey(&derIn);
FreeRsaKey(&genKey);
@@ -2857,8 +2900,10 @@ int rsa_test(void)
if (derCert == NULL)
return -309;
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
if (pem == NULL) {
free(derCert);
return -310;
}
InitCert(&myCert);
@@ -2873,31 +2918,56 @@ int rsa_test(void)
myCert.sigType = CTC_SHA256wRSA;
certSz = MakeSelfCert(&myCert, derCert, FOURK_BUF, &key, &rng);
if (certSz < 0)
if (certSz < 0) {
free(derCert);
free(pem);
return -401;
}
#ifdef CYASSL_TEST_CERT
InitDecodedCert(&decode, derCert, certSz, 0);
ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
if (ret != 0)
if (ret != 0) {
free(derCert);
free(pem);
return -402;
}
FreeDecodedCert(&decode);
#endif
derFile = fopen("./cert.der", "wb");
if (!derFile)
if (!derFile) {
free(derCert);
free(pem);
return -403;
ret = (int)fwrite(derCert, certSz, 1, derFile);
}
ret = (int)fwrite(derCert, 1, certSz, derFile);
fclose(derFile);
if (ret != certSz) {
free(derCert);
free(pem);
return -414;
}
pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
if (pemSz < 0)
if (pemSz < 0) {
free(derCert);
free(pem);
return -404;
}
pemFile = fopen("./cert.pem", "wb");
if (!pemFile)
if (!pemFile) {
free(derCert);
free(pem);
return -405;
ret = (int)fwrite(pem, pemSz, 1, pemFile);
}
ret = (int)fwrite(pem, 1, pemSz, pemFile);
fclose(pemFile);
if (ret != pemSz) {
free(derCert);
free(pem);
return -406;
}
free(pem);
free(derCert);
}
@@ -2922,21 +2992,35 @@ int rsa_test(void)
if (derCert == NULL)
return -311;
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
if (pem == NULL) {
free(derCert);
return -312;
}
file3 = fopen(caKeyFile, "rb");
if (!file3)
if (!file3) {
free(derCert);
free(pem);
return -412;
}
bytes3 = fread(tmp, 1, FOURK_BUF, file3);
fclose(file3);
ret = InitRsaKey(&caKey, 0);
if (ret != 0) return -411;
if (ret != 0) {
free(derCert);
free(pem);
return -411;
}
ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3);
if (ret != 0) return -413;
if (ret != 0) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -413;
}
InitCert(&myCert);
@@ -2949,41 +3033,81 @@ int rsa_test(void)
strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
ret = SetIssuer(&myCert, caCertFile);
if (ret < 0)
if (ret < 0) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -405;
}
certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, NULL, &rng);
if (certSz < 0)
if (certSz < 0) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -407;
}
certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
&caKey, NULL, &rng);
if (certSz < 0)
if (certSz < 0) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -408;
}
#ifdef CYASSL_TEST_CERT
InitDecodedCert(&decode, derCert, certSz, 0);
ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
if (ret != 0)
if (ret != 0) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -409;
}
FreeDecodedCert(&decode);
#endif
derFile = fopen("./othercert.der", "wb");
if (!derFile)
if (!derFile) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -410;
ret = (int)fwrite(derCert, certSz, 1, derFile);
}
ret = (int)fwrite(derCert, 1, certSz, derFile);
fclose(derFile);
if (ret != certSz) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -416;
}
pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
if (pemSz < 0)
if (pemSz < 0) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -411;
}
pemFile = fopen("./othercert.pem", "wb");
if (!pemFile)
if (!pemFile) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -412;
ret = (int)fwrite(pem, pemSz, 1, pemFile);
}
ret = (int)fwrite(pem, 1, pemSz, pemFile);
if (ret != pemSz) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -415;
}
fclose(pemFile);
free(pem);
free(derCert);
@@ -3002,7 +3126,7 @@ int rsa_test(void)
int pemSz;
size_t bytes3;
word32 idx3 = 0;
FILE* file3 ;
FILE* file3;
#ifdef CYASSL_TEST_CERT
DecodedCert decode;
#endif
@@ -3011,20 +3135,29 @@ int rsa_test(void)
if (derCert == NULL)
return -5311;
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
if (pem == NULL) {
free(derCert);
return -5312;
}
file3 = fopen(eccCaKeyFile, "rb");
if (!file3)
if (!file3) {
free(derCert);
free(pem);
return -5412;
}
bytes3 = fread(tmp, 1, FOURK_BUF, file3);
fclose(file3);
ecc_init(&caKey);
ret = EccPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3);
if (ret != 0) return -5413;
if (ret != 0) {
free(derCert);
free(pem);
return -5413;
}
InitCert(&myCert);
myCert.sigType = CTC_SHA256wECDSA;
@@ -3038,40 +3171,80 @@ int rsa_test(void)
strncpy(myCert.subject.email, "info@wolfssl.com", CTC_NAME_SIZE);
ret = SetIssuer(&myCert, eccCaCertFile);
if (ret < 0)
if (ret < 0) {
free(pem);
free(derCert);
ecc_free(&caKey);
return -5405;
}
certSz = MakeCert(&myCert, derCert, FOURK_BUF, NULL, &caKey, &rng);
if (certSz < 0)
if (certSz < 0) {
free(pem);
free(derCert);
ecc_free(&caKey);
return -5407;
}
certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
NULL, &caKey, &rng);
if (certSz < 0)
if (certSz < 0) {
free(pem);
free(derCert);
ecc_free(&caKey);
return -5408;
}
#ifdef CYASSL_TEST_CERT
InitDecodedCert(&decode, derCert, certSz, 0);
ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
if (ret != 0)
if (ret != 0) {
free(pem);
free(derCert);
ecc_free(&caKey);
return -5409;
}
FreeDecodedCert(&decode);
#endif
derFile = fopen("./certecc.der", "wb");
if (!derFile)
if (!derFile) {
free(pem);
free(derCert);
ecc_free(&caKey);
return -5410;
ret = (int)fwrite(derCert, certSz, 1, derFile);
}
ret = (int)fwrite(derCert, 1, certSz, derFile);
fclose(derFile);
if (ret != certSz) {
free(pem);
free(derCert);
ecc_free(&caKey);
return -5414;
}
pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
if (pemSz < 0)
if (pemSz < 0) {
free(pem);
free(derCert);
ecc_free(&caKey);
return -5411;
}
pemFile = fopen("./certecc.pem", "wb");
if (!pemFile)
if (!pemFile) {
free(pem);
free(derCert);
ecc_free(&caKey);
return -5412;
ret = (int)fwrite(pem, pemSz, 1, pemFile);
}
ret = (int)fwrite(pem, 1, pemSz, pemFile);
if (ret != pemSz) {
free(pem);
free(derCert);
ecc_free(&caKey);
return -5415;
}
fclose(pemFile);
free(pem);
free(derCert);
@@ -3090,8 +3263,7 @@ int rsa_test(void)
FILE* ntruPrivFile;
int certSz;
int pemSz;
size_t bytes;
word32 idx = 0;
word32 idx3;
#ifdef CYASSL_TEST_CERT
DecodedCert decode;
#endif
@@ -3099,8 +3271,10 @@ int rsa_test(void)
if (derCert == NULL)
return -311;
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
if (pem == NULL) {
free(derCert);
return -312;
}
byte public_key[557]; /* sized for EES401EP2 */
word16 public_key_len; /* no. of octets in public key */
@@ -3112,33 +3286,53 @@ int rsa_test(void)
};
word32 rc = crypto_drbg_instantiate(112, pers_str, sizeof(pers_str),
GetEntropy, &drbg);
if (rc != DRBG_OK)
if (rc != DRBG_OK) {
free(derCert);
free(pem);
return -450;
}
rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
NULL, &private_key_len, NULL);
if (rc != NTRU_OK)
if (rc != NTRU_OK) {
free(derCert);
free(pem);
return -451;
}
rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
public_key, &private_key_len, private_key);
crypto_drbg_uninstantiate(drbg);
if (rc != NTRU_OK)
if (rc != NTRU_OK) {
free(derCert);
free(pem);
return -452;
}
caFile = fopen(caKeyFile, "rb");
if (!caFile)
if (!caFile) {
free(derCert);
free(pem);
return -453;
}
bytes = fread(tmp, 1, FOURK_BUF, caFile);
fclose(caFile);
ret = InitRsaKey(&caKey, 0);
if (ret != 0) return -459;
ret = RsaPrivateKeyDecode(tmp, &idx, &caKey, (word32)bytes);
if (ret != 0) return -454;
if (ret != 0) {
free(derCert);
free(pem);
return -459;
}
ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes);
if (ret != 0) {
free(derCert);
free(pem);
return -454;
}
InitCert(&myCert);
@@ -3151,51 +3345,92 @@ int rsa_test(void)
strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
ret = SetIssuer(&myCert, caCertFile);
if (ret < 0)
if (ret < 0) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -455;
}
certSz = MakeNtruCert(&myCert, derCert, FOURK_BUF, public_key,
public_key_len, &rng);
if (certSz < 0)
if (certSz < 0) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -456;
}
certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
&caKey, NULL, &rng);
if (certSz < 0)
FreeRsaKey(&caKey);
if (certSz < 0) {
free(derCert);
free(pem);
return -457;
}
#ifdef CYASSL_TEST_CERT
InitDecodedCert(&decode, derCert, certSz, 0);
ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
if (ret != 0)
if (ret != 0) {
free(derCert);
free(pem);
return -458;
}
FreeDecodedCert(&decode);
#endif
derFile = fopen("./ntru-cert.der", "wb");
if (!derFile)
if (!derFile) {
free(derCert);
free(pem);
return -459;
ret = fwrite(derCert, certSz, 1, derFile);
}
ret = (int)fwrite(derCert, 1, certSz, derFile);
fclose(derFile);
if (ret != certSz) {
free(derCert);
free(pem);
return -473;
}
pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
if (pemSz < 0)
if (pemSz < 0) {
free(derCert);
free(pem);
return -460;
}
pemFile = fopen("./ntru-cert.pem", "wb");
if (!pemFile)
if (!pemFile) {
free(derCert);
free(pem);
return -461;
ret = fwrite(pem, pemSz, 1, pemFile);
}
ret = (int)fwrite(pem, 1, pemSz, pemFile);
fclose(pemFile);
if (ret != pemSz) {
free(derCert);
free(pem);
return -474;
}
ntruPrivFile = fopen("./ntru-key.raw", "wb");
if (!ntruPrivFile)
if (!ntruPrivFile) {
free(derCert);
free(pem);
return -462;
ret = fwrite(private_key, private_key_len, 1, ntruPrivFile);
}
ret = (int)fwrite(private_key, 1, private_key_len, ntruPrivFile);
fclose(ntruPrivFile);
if (ret != private_key_len) {
free(pem);
free(derCert);
return -475;
}
free(pem);
free(derCert);
FreeRsaKey(&caKey);
}
#endif /* HAVE_NTRU */
#ifdef CYASSL_CERT_REQ
@@ -3211,8 +3446,10 @@ int rsa_test(void)
if (der == NULL)
return -463;
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
if (pem == NULL) {
free(der);
return -464;
}
InitCert(&req);
@@ -3229,30 +3466,55 @@ int rsa_test(void)
req.sigType = CTC_SHA256wRSA;
derSz = MakeCertReq(&req, der, FOURK_BUF, &key, NULL);
if (derSz < 0)
if (derSz < 0) {
free(pem);
free(der);
return -465;
}
derSz = SignCert(req.bodySz, req.sigType, der, FOURK_BUF,
&key, NULL, &rng);
if (derSz < 0)
if (derSz < 0) {
free(pem);
free(der);
return -466;
}
pemSz = DerToPem(der, derSz, pem, FOURK_BUF, CERTREQ_TYPE);
if (pemSz < 0)
if (pemSz < 0) {
free(pem);
free(der);
return -467;
}
reqFile = fopen("./certreq.der", "wb");
if (!reqFile)
if (!reqFile) {
free(pem);
free(der);
return -468;
}
ret = (int)fwrite(der, derSz, 1, reqFile);
ret = (int)fwrite(der, 1, derSz, reqFile);
fclose(reqFile);
if (ret != derSz) {
free(pem);
free(der);
return -471;
}
reqFile = fopen("./certreq.pem", "wb");
if (!reqFile)
if (!reqFile) {
free(pem);
free(der);
return -469;
ret = (int)fwrite(pem, pemSz, 1, reqFile);
}
ret = (int)fwrite(pem, 1, pemSz, reqFile);
fclose(reqFile);
if (ret != pemSz) {
free(pem);
free(der);
return -470;
}
free(pem);
free(der);
@@ -3855,6 +4117,10 @@ int ecc_test(void)
ecc_init(&pubKey);
ret = ecc_make_key(&rng, 32, &userA);
if (ret != 0)
return -1014;
ret = ecc_make_key(&rng, 32, &userB);
if (ret != 0)
@@ -3863,6 +4129,9 @@ int ecc_test(void)
x = sizeof(sharedA);
ret = ecc_shared_secret(&userA, &userB, sharedA, &x);
if (ret != 0)
return -1015;
y = sizeof(sharedB);
ret = ecc_shared_secret(&userB, &userA, sharedB, &y);
@@ -3901,6 +4170,9 @@ int ecc_test(void)
x = sizeof(sig);
ret = ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &userA);
if (ret != 0)
return -1016;
verify = 0;
ret = ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &userA);
@@ -4200,21 +4472,29 @@ int pkcs7enveloped_test(void)
return -201;
privKey = (byte*)malloc(FOURK_BUF);
if (privKey == NULL)
if (privKey == NULL) {
free(cert);
return -202;
}
certFile = fopen(clientCert, "rb");
if (!certFile)
if (!certFile) {
free(cert);
free(privKey);
err_sys("can't open ./certs/client-cert.der, "
"Please run from CyaSSL home dir", -42);
}
certSz = fread(cert, 1, FOURK_BUF, certFile);
fclose(certFile);
keyFile = fopen(clientKey, "rb");
if (!keyFile)
if (!keyFile) {
free(cert);
free(privKey);
err_sys("can't open ./certs/client-key.der, "
"Please run from CyaSSL home dir", -43);
}
privKeySz = fread(privKey, 1, FOURK_BUF, keyFile);
fclose(keyFile);
@@ -4230,24 +4510,35 @@ int pkcs7enveloped_test(void)
/* encode envelopedData */
envelopedSz = PKCS7_EncodeEnvelopedData(&pkcs7, enveloped,
sizeof(enveloped));
if (envelopedSz <= 0)
if (envelopedSz <= 0) {
free(cert);
free(privKey);
return -203;
}
/* decode envelopedData */
decodedSz = PKCS7_DecodeEnvelopedData(&pkcs7, enveloped, envelopedSz,
decoded, sizeof(decoded));
if (decodedSz <= 0)
if (decodedSz <= 0) {
free(cert);
free(privKey);
return -204;
}
/* test decode result */
if (memcmp(decoded, data, sizeof(data)) != 0) {
free(cert);
free(privKey);
return -205;
}
/* output pkcs7 envelopedData for external testing */
pkcs7File = fopen(pkcs7OutFile, "wb");
if (!pkcs7File)
if (!pkcs7File) {
free(cert);
free(privKey);
return -206;
}
ret = (int)fwrite(enveloped, envelopedSz, 1, pkcs7File);
fclose(pkcs7File);
@@ -4302,15 +4593,19 @@ int pkcs7signed_test(void)
outSz = FOURK_BUF;
certDer = (byte*)malloc(FOURK_BUF);
keyDer = (byte*)malloc(FOURK_BUF);
out = (byte*)malloc(FOURK_BUF);
if (certDer == NULL)
return -207;
if (keyDer == NULL)
keyDer = (byte*)malloc(FOURK_BUF);
if (keyDer == NULL) {
free(certDer);
return -208;
if (out == NULL)
}
out = (byte*)malloc(FOURK_BUF);
if (out == NULL) {
free(certDer);
free(keyDer);
return -209;
}
/* read in DER cert of recipient, into cert of size certSz */
file = fopen(clientCert, "rb");
@@ -4336,15 +4631,23 @@ int pkcs7signed_test(void)
fclose(file);
ret = InitRng(&rng);
if (ret != 0)
if (ret != 0) {
free(certDer);
free(keyDer);
free(out);
return -210;
}
senderNonce[0] = 0x04;
senderNonce[1] = PKCS7_NONCE_SZ;
ret = RNG_GenerateBlock(&rng, &senderNonce[2], PKCS7_NONCE_SZ);
if (ret != 0)
if (ret != 0) {
free(certDer);
free(keyDer);
free(out);
return -211;
}
PKCS7_InitWithCert(&msg, certDer, certDerSz);
msg.privateKey = keyDer;
@@ -4365,8 +4668,12 @@ int pkcs7signed_test(void)
transId[1] = SHA_DIGEST_SIZE * 2;
ret = InitSha(&sha);
if (ret != 0)
if (ret != 0) {
free(certDer);
free(keyDer);
free(out);
return -4003;
}
ShaUpdate(&sha, msg.publicKey, msg.publicKeySz);
ShaFinal(&sha, digest);
@@ -4396,6 +4703,13 @@ int pkcs7signed_test(void)
}
ret = (int)fwrite(out, 1, outSz, file);
fclose(file);
if (ret != (int)outSz) {
free(certDer);
free(keyDer);
free(out);
PKCS7_Free(&msg);
return -218;
}
PKCS7_Free(&msg);
PKCS7_InitWithCert(&msg, NULL, 0);

35
cyassl/ctaocrypt/asn.h
View File

@@ -64,7 +64,9 @@ enum ASN_Tags {
ASN_SET = 0x11,
ASN_UTC_TIME = 0x17,
ASN_OTHER_TYPE = 0x00,
ASN_RFC822_TYPE = 0x01,
ASN_DNS_TYPE = 0x02,
ASN_DIR_TYPE = 0x04,
ASN_GENERALIZED_TIME = 0x18,
CRL_EXTENSIONS = 0xa0,
ASN_EXTENSIONS = 0xa3,
@@ -219,6 +221,7 @@ enum Extensions_Sum {
KEY_USAGE_OID = 129, /* 2.5.29.15 */
INHIBIT_ANY_OID = 168, /* 2.5.29.54 */
EXT_KEY_USAGE_OID = 151, /* 2.5.29.37 */
NAME_CONS_OID = 144 /* 2.5.29.30 */
};
enum CertificatePolicy_Sum {
@@ -272,6 +275,16 @@ struct DNS_entry {
};
typedef struct Base_entry Base_entry;
struct Base_entry {
Base_entry* next; /* next on name base list */
char* name; /* actual name base */
int nameSz; /* name length */
byte type; /* Name base type (DNS or RFC822) */
};
struct DecodedName {
char* fullName;
int fullNameLen;
@@ -315,6 +328,11 @@ struct DecodedCert {
word32 keyOID; /* sum of key algo object id */
int version; /* cert version, 1 or 3 */
DNS_entry* altNames; /* alt names list of dns entries */
#ifndef IGNORE_NAME_CONSTRAINTS
DNS_entry* altEmailNames; /* alt names list of RFC822 entries */
Base_entry* permittedNames; /* Permitted name bases */
Base_entry* excludedNames; /* Excluded name bases */
#endif /* IGNORE_NAME_CONSTRAINTS */
byte subjectHash[SHA_SIZE]; /* hash of all Names */
byte issuerHash[SHA_SIZE]; /* hash of all Names */
#ifdef HAVE_OCSP
@@ -344,6 +362,9 @@ struct DecodedCert {
byte extSubjKeyIdSet; /* Set when the SKID was read from cert */
byte extAuthKeyId[SHA_SIZE]; /* Authority Key ID */
byte extAuthKeyIdSet; /* Set when the AKID was read from cert */
#ifndef IGNORE_NAME_CONSTRAINTS
byte extNameConstraintSet;
#endif /* IGNORE_NAME_CONSTRAINTS */
byte isCA; /* CA basic constraint true */
byte extKeyUsageSet;
word16 extKeyUsage; /* Key usage bitfield */
@@ -357,6 +378,9 @@ struct DecodedCert {
byte extSubjAltNameSet;
byte extSubjAltNameCrit;
byte extAuthKeyIdCrit;
#ifndef IGNORE_NAME_CONSTRAINTS
byte extNameConstraintCrit;
#endif /* IGNORE_NAME_CONSTRAINTS */
byte extSubjKeyIdCrit;
byte extKeyUsageCrit;
byte extExtKeyUsageCrit;
@@ -379,6 +403,10 @@ struct DecodedCert {
byte* issuerRaw; /* pointer to issuer inside source */
int issuerRawLen;
#endif
#ifndef IGNORE_NAME_CONSTRAINT
byte* subjectRaw; /* pointer to subject inside source */
int subjectRawLen;
#endif
#if defined(CYASSL_CERT_GEN)
/* easy access to subject info for other sign */
char* subjectSN;
@@ -430,6 +458,10 @@ struct Signer {
byte* publicKey;
int nameLen;
char* name; /* common name */
#ifndef IGNORE_NAME_CONSTRAINTS
Base_entry* permittedNames;
Base_entry* excludedNames;
#endif /* IGNORE_NAME_CONSTRAINTS */
byte subjectNameHash[SIGNER_DIGEST_SIZE];
/* sha hash of names in certificate */
#ifndef NO_SKID
@@ -448,6 +480,9 @@ struct Signer {
#endif
CYASSL_TEST_API void FreeAltNames(DNS_entry*, void*);
#ifndef IGNORE_NAME_CONSTRAINTS
CYASSL_TEST_API void FreeNameSubtrees(Base_entry*, void*);
#endif /* IGNORE_NAME_CONSTRAINTS */
CYASSL_TEST_API void InitDecodedCert(DecodedCert*, byte*, word32, void*);
CYASSL_TEST_API void FreeDecodedCert(DecodedCert*);
CYASSL_TEST_API int ParseCert(DecodedCert*, int type, int verify, void* cm);

1
cyassl/ctaocrypt/error-crypt.h
View File

@@ -123,6 +123,7 @@ enum {
PKCS7_OID_E = -195, /* PKCS#7, mismatched OID error */
PKCS7_RECIP_E = -196, /* PKCS#7, recipient error */
FIPS_NOT_ALLOWED_E = -197, /* FIPS not allowed error */
ASN_NAME_INVALID_E = -198, /* ASN name constraint error */
MIN_CODE_E = -200 /* errors -101 - -199 */
};

58
cyassl/ctaocrypt/random.h
View File

@@ -25,11 +25,15 @@
#include <cyassl/ctaocrypt/types.h>
#ifndef NO_RC4
#include <cyassl/ctaocrypt/arc4.h>
#else
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
#ifdef NO_SHA256
#error "Hash DRBG requires SHA-256."
#endif /* NO_SHA256 */
#include <cyassl/ctaocrypt/sha256.h>
#endif
#else /* HAVE_HASHDRBG || NO_RC4 */
#include <cyassl/ctaocrypt/arc4.h>
#endif /* HAVE_HASHDRBG || NO_RC4 */
#ifdef __cplusplus
extern "C" {
@@ -64,11 +68,31 @@ int GenerateSeed(OS_Seed* os, byte* seed, word32 sz);
#define RNG CyaSSL_RNG /* for avoiding name conflict in "stm32f2xx.h" */
#endif
#ifndef NO_RC4
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
#define DRBG_SEED_LEN (440/8)
/* Hash-based Deterministic Random Bit Generator */
typedef struct RNG {
OS_Seed seed;
Sha256 sha;
byte digest[SHA256_DIGEST_SIZE];
byte V[DRBG_SEED_LEN];
byte C[DRBG_SEED_LEN];
word32 reseedCtr;
} RNG;
#else /* HAVE_HASHDRBG || NO_RC4 */
#define CYASSL_RNG_CAVIUM_MAGIC 0xBEEF0004
/* secure Random Nnumber Generator */
/* secure Random Number Generator */
typedef struct RNG {
@@ -85,31 +109,19 @@ typedef struct RNG {
CYASSL_API int InitRngCavium(RNG*, int);
#endif
#else /* NO_RC4 */
#define DBRG_SEED_LEN (440/8)
#endif /* HAVE_HASH_DRBG || NO_RC4 */
/* secure Random Nnumber Generator */
typedef struct RNG {
OS_Seed seed;
Sha256 sha;
byte digest[SHA256_DIGEST_SIZE];
byte V[DBRG_SEED_LEN];
byte C[DBRG_SEED_LEN];
word64 reseed_ctr;
} RNG;
#endif
CYASSL_API int InitRng(RNG*);
CYASSL_API int RNG_GenerateBlock(RNG*, byte*, word32 sz);
CYASSL_API int RNG_GenerateByte(RNG*, byte*);
#ifdef NO_RC4
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
CYASSL_API void FreeRng(RNG*);
#endif
#endif /* HAVE_HASHDRBG || NO_RC4 */
#ifdef __cplusplus
} /* extern "C" */

1
cyassl/internal.h
View File

@@ -1057,6 +1057,7 @@ struct CYASSL_CRL {
CRL_Monitor monitors[2]; /* PEM and DER possible */
#ifdef HAVE_CRL_MONITOR
pthread_t tid; /* monitoring thread */
int mfd; /* monitor fd, -1 if no init yet */
#endif
};

4
cyassl/version.h
View File

@@ -26,8 +26,8 @@
extern "C" {
#endif
#define LIBCYASSL_VERSION_STRING "2.9.5"
#define LIBCYASSL_VERSION_HEX 0x02009005
#define LIBCYASSL_VERSION_STRING "3.0.0"
#define LIBCYASSL_VERSION_HEX 0x03000000
#ifdef __cplusplus
}

82
mplabx/crypto.h
View File

@@ -1,82 +0,0 @@
/*
* File: crypto.h
* Author: C15009
*
* Created on July 23, 2013, 12:26 PM
*/
#ifndef CRYPTO_H
#define CRYPTO_H
#ifdef __cplusplus
extern "C" {
#endif
typedef struct saCtrl {
unsigned int CRYPTOALGO : 4;
unsigned int MULTITASK : 3;
unsigned int KEYSIZE : 2;
unsigned int ENCTYPE : 1;
unsigned int ALGO : 7;
unsigned int : 3;
unsigned int FLAGS : 1;
unsigned int FB : 1;
unsigned int LOADIV : 1;
unsigned int LNC : 1;
unsigned int IRFLAG : 1;
unsigned int ICVONLY : 1;
unsigned int OR_EN : 1;
unsigned int NO_RX : 1;
unsigned int : 1;
unsigned int VERIFY : 1;
unsigned int : 2;
} saCtrl;
typedef struct securityAssociation {
saCtrl SA_CTRL;
unsigned int SA_AUTHKEY[8];
unsigned int SA_ENCKEY[8];
unsigned int SA_AUTHIV[8];
unsigned int SA_ENCIV[4];
} securityAssociation;
typedef struct bdCtrl {
unsigned int BUFLEN : 16;
unsigned int CBD_INT_EN : 1;
unsigned int PKT_INT_EN : 1;
unsigned int LIFM : 1;
unsigned int LAST_BD: 1;
unsigned int : 2;
unsigned int SA_FETCH_EN : 1;
unsigned int : 4;
unsigned int CRY_MODE: 3;
unsigned int : 1;
unsigned int DESC_EN : 1;
/* Naveen did this
unsigned int CRDMA_EN: 1;
unsigned int UPD_RES : 1;
unsigned int SA_FETCH_EN : 1;
unsigned int SEC_CODE : 1;
unsigned int : 7;
unsigned int DESC_EN : 1; */
} bdCtrl;
typedef struct bufferDescriptor {
bdCtrl BD_CTRL;
// unsigned int BD_CTRL;
unsigned int SA_ADDR;
unsigned int SRCADDR;
unsigned int DSTADDR;
unsigned int NXTPTR;
unsigned int UPDPTR;
unsigned int MSGLEN;
unsigned int ENCOFF;
} bufferDescriptor;
#ifdef __cplusplus
}
#endif
#endif /* CRYPTO_H */

3
rpm/spec.in
View File

@@ -69,7 +69,7 @@ mkdir -p $RPM_BUILD_ROOT/
%{_libdir}/libcyassl.la
%{_libdir}/libcyassl.so
%{_libdir}/libcyassl.so.5
%{_libdir}/libcyassl.so.5.0.3
%{_libdir}/libcyassl.so.5.0.5
%files devel
%defattr(-,root,root,-)
@@ -93,6 +93,7 @@ mkdir -p $RPM_BUILD_ROOT/
%{_includedir}/cyassl/ctaocrypt/dsa.h
%{_includedir}/cyassl/ctaocrypt/ecc.h
%{_includedir}/cyassl/ctaocrypt/error-crypt.h
%{_includedir}/cyassl/ctaocrypt/fips_test.h
%{_includedir}/cyassl/ctaocrypt/hc128.h
%{_includedir}/cyassl/ctaocrypt/hmac.h
%{_includedir}/cyassl/ctaocrypt/integer.h

130
src/crl.c
View File

@@ -34,6 +34,10 @@
#include <sys/stat.h>
#include <string.h>
#ifdef HAVE_CRL_MONITOR
static int StopMonitor(int mfd);
#endif
/* Initialze CRL members */
int InitCRL(CYASSL_CRL* crl, CYASSL_CERT_MANAGER* cm)
@@ -45,7 +49,8 @@ int InitCRL(CYASSL_CRL* crl, CYASSL_CERT_MANAGER* cm)
crl->monitors[0].path = NULL;
crl->monitors[1].path = NULL;
#ifdef HAVE_CRL_MONITOR
crl->tid = 0;
crl->tid = 0;
crl->mfd = -1; /* mfd for bsd is kqueue fd, eventfd for linux */
#endif
if (InitMutex(&crl->crlLock) != 0)
return BAD_MUTEX_E;
@@ -113,8 +118,13 @@ void FreeCRL(CYASSL_CRL* crl, int dynamic)
#ifdef HAVE_CRL_MONITOR
if (crl->tid != 0) {
CYASSL_MSG("Canceling monitor thread");
pthread_cancel(crl->tid);
CYASSL_MSG("stopping monitor thread");
if (StopMonitor(crl->mfd) == 0)
pthread_join(crl->tid, NULL);
else {
CYASSL_MSG("stop monitor failed, cancel instead");
pthread_cancel(crl->tid);
}
}
#endif
FreeMutex(&crl->crlLock);
@@ -339,6 +349,7 @@ static int SwapLists(CYASSL_CRL* crl)
#include <sys/event.h>
#include <sys/time.h>
#include <fcntl.h>
#include <unistd.h>
#ifdef __MACH__
#define XEVENT_MODE O_EVTONLY
@@ -347,22 +358,53 @@ static int SwapLists(CYASSL_CRL* crl)
#endif
/* we need a unique kqueue user filter fd for crl in case user is doing custom
* events too */
#ifndef CRL_CUSTOM_FD
#define CRL_CUSTOM_FD 123456
#endif
/* shutdown monitor thread, 0 on success */
static int StopMonitor(int mfd)
{
struct kevent change;
/* trigger custom shutdown */
EV_SET(&change, CRL_CUSTOM_FD, EVFILT_USER, 0, NOTE_TRIGGER, 0, NULL);
if (kevent(mfd, &change, 1, NULL, 0, NULL) < 0) {
CYASSL_MSG("kevent trigger customer event failed");
return -1;
}
return 0;
}
/* OS X monitoring */
static void* DoMonitor(void* arg)
{
int fPEM, fDER, kq;
int fPEM, fDER;
struct kevent change;
CYASSL_CRL* crl = (CYASSL_CRL*)arg;
CYASSL_ENTER("DoMonitor");
kq = kqueue();
if (kq == -1) {
crl->mfd = kqueue();
if (crl->mfd == -1) {
CYASSL_MSG("kqueue failed");
return NULL;
}
/* listen for custom shutdown event */
EV_SET(&change, CRL_CUSTOM_FD, EVFILT_USER, EV_ADD, 0, 0, NULL);
if (kevent(crl->mfd, &change, 1, NULL, 0, NULL) < 0) {
CYASSL_MSG("kevent monitor customer event failed");
close(crl->mfd);
return NULL;
}
fPEM = -1;
fDER = -1;
@@ -370,6 +412,7 @@ static void* DoMonitor(void* arg)
fPEM = open(crl->monitors[0].path, XEVENT_MODE);
if (fPEM == -1) {
CYASSL_MSG("PEM event dir open failed");
close(crl->mfd);
return NULL;
}
}
@@ -378,6 +421,7 @@ static void* DoMonitor(void* arg)
fDER = open(crl->monitors[1].path, XEVENT_MODE);
if (fDER == -1) {
CYASSL_MSG("DER event dir open failed");
close(crl->mfd);
return NULL;
}
}
@@ -392,7 +436,7 @@ static void* DoMonitor(void* arg)
for (;;) {
struct kevent event;
int numEvents = kevent(kq, &change, 1, &event, 1, NULL);
int numEvents = kevent(crl->mfd, &change, 1, &event, 1, NULL);
CYASSL_MSG("Got kevent");
@@ -401,11 +445,23 @@ static void* DoMonitor(void* arg)
continue;
}
if (event.filter == EVFILT_USER) {
CYASSL_MSG("Got user shutdown event, breaking out");
break;
}
if (SwapLists(crl) < 0) {
CYASSL_MSG("SwapLists problem, continue");
}
}
if (fPEM != -1)
close(fPEM);
if (fDER != -1)
close(fDER);
close(crl->mfd);
return NULL;
}
@@ -414,8 +470,33 @@ static void* DoMonitor(void* arg)
#include <sys/types.h>
#include <sys/inotify.h>
#include <sys/eventfd.h>
#include <unistd.h>
#ifndef max
static INLINE int max(int a, int b)
{
return a > b ? a : b;
}
#endif /* max */
/* shutdown monitor thread, 0 on success */
static int StopMonitor(int mfd)
{
word64 w64 = 1;
/* write to our custom event */
if (write(mfd, &w64, sizeof(w64)) < 0) {
CYASSL_MSG("StopMonitor write failed");
return -1;
}
return 0;
}
/* linux monitoring */
static void* DoMonitor(void* arg)
{
@@ -425,9 +506,16 @@ static void* DoMonitor(void* arg)
CYASSL_ENTER("DoMonitor");
crl->mfd = eventfd(0, 0); /* our custom shutdown event */
if (crl->mfd < 0) {
CYASSL_MSG("eventfd failed");
return NULL;
}
notifyFd = inotify_init();
if (notifyFd < 0) {
CYASSL_MSG("inotify failed");
close(crl->mfd);
return NULL;
}
@@ -436,6 +524,8 @@ static void* DoMonitor(void* arg)
IN_DELETE);
if (wd < 0) {
CYASSL_MSG("PEM notify add watch failed");
close(crl->mfd);
close(notifyFd);
return NULL;
}
}
@@ -445,16 +535,36 @@ static void* DoMonitor(void* arg)
IN_DELETE);
if (wd < 0) {
CYASSL_MSG("DER notify add watch failed");
close(crl->mfd);
close(notifyFd);
return NULL;
}
}
for (;;) {
fd_set readfds;
char buff[8192];
int length = read(notifyFd, buff, sizeof(buff));
int result, length;
FD_ZERO(&readfds);
FD_SET(notifyFd, &readfds);
FD_SET(crl->mfd, &readfds);
result = select(max(notifyFd, crl->mfd) + 1, &readfds, NULL, NULL,NULL);
CYASSL_MSG("Got notify event");
if (result < 0) {
CYASSL_MSG("select problem, continue");
continue;
}
if (FD_ISSET(crl->mfd, &readfds)) {
CYASSL_MSG("got custom shutdown event, breaking out");
break;
}
length = read(notifyFd, buff, sizeof(buff));
if (length < 0) {
CYASSL_MSG("notify read problem, continue");
continue;
@@ -465,6 +575,10 @@ static void* DoMonitor(void* arg)
}
}
inotify_rm_watch(notifyFd, wd);
close(crl->mfd);
close(notifyFd);
return NULL;
}

4
src/internal.c
View File

@@ -8183,8 +8183,8 @@ static void PickHashSigAlgo(CYASSL* ssl,
if (doUserRsa) {
#ifdef HAVE_PK_CALLBACKS
ret = ssl->ctx->RsaVerifyCb(ssl, input + *inOutIdx, length,
&out,
ret = ssl->ctx->RsaVerifyCb(ssl, (byte *) input + *inOutIdx,
length, &out,
ssl->buffers.peerRsaKey.buffer,
ssl->buffers.peerRsaKey.length,
ssl->RsaVerifyCtx);

74
src/io.c
View File

@@ -503,6 +503,38 @@ int EmbedGenerateCookie(CYASSL* ssl, byte *buf, int sz, void *ctx)
#ifdef HAVE_OCSP
static int Word16ToString(char* d, word16 number)
{
int i = 0;
if (d != NULL) {
word16 order = 10000;
word16 digit;
if (number == 0) {
d[i++] = '0';
}
else {
while (order) {
digit = number / order;
if (i > 0 || digit != 0) {
d[i++] = digit + '0';
}
if (digit != 0)
number %= digit * order;
if (order > 1)
order /= 10;
else
order = 0;
}
}
d[i] = 0;
}
return i;
}
static int tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port)
{
struct sockaddr_storage addr;
@@ -513,15 +545,17 @@ static int tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port)
{
struct addrinfo hints;
struct addrinfo* answer = NULL;
char strPort[8];
char strPort[6];
XMEMSET(&hints, 0, sizeof(hints));
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
hints.ai_protocol = IPPROTO_TCP;
XSNPRINTF(strPort, sizeof(strPort), "%d", port);
strPort[7] = '\0';
if (Word16ToString(strPort, port) == 0) {
CYASSL_MSG("invalid port number for OCSP responder");
return -1;
}
if (getaddrinfo(ip, strPort, &hints, &answer) < 0 || answer == NULL) {
CYASSL_MSG("no addr info for OCSP responder");
@@ -569,13 +603,33 @@ static int tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port)
static int build_http_request(const char* domainName, const char* path,
int ocspReqSz, byte* buf, int bufSize)
{
return XSNPRINTF((char*)buf, bufSize,
"POST %s HTTP/1.1\r\n"
"Host: %s\r\n"
"Content-Length: %d\r\n"
"Content-Type: application/ocsp-request\r\n"
"\r\n",
path, domainName, ocspReqSz);
word32 domainNameLen, pathLen, ocspReqSzStrLen, completeLen;
char ocspReqSzStr[6];
domainNameLen = (word32)XSTRLEN(domainName);
pathLen = (word32)XSTRLEN(path);
ocspReqSzStrLen = Word16ToString(ocspReqSzStr, ocspReqSz);
completeLen = domainNameLen + pathLen + ocspReqSzStrLen + 84;
if (completeLen > (word32)bufSize)
return 0;
XSTRNCPY((char*)buf, "POST ", 5);
buf += 5;
XSTRNCPY((char*)buf, path, pathLen);
buf += pathLen;
XSTRNCPY((char*)buf, " HTTP/1.1\r\nHost: ", 17);
buf += 17;
XSTRNCPY((char*)buf, domainName, domainNameLen);
buf += domainNameLen;
XSTRNCPY((char*)buf, "\r\nContent-Length: ", 18);
buf += 18;
XSTRNCPY((char*)buf, ocspReqSzStr, ocspReqSzStrLen);
buf += ocspReqSzStrLen;
XSTRNCPY((char*)buf,
"\r\nContent-Type: application/ocsp-request\r\n\r\n", 44);
return completeLen;
}

500
src/ssl.c
View File

@@ -1520,6 +1520,10 @@ int AddCA(CYASSL_CERT_MANAGER* cm, buffer der, int type, int verify)
signer->pubKeySize = cert.pubKeySize;
signer->nameLen = cert.subjectCNLen;
signer->name = cert.subjectCN;
#ifndef IGNORE_NAME_CONSTRAINTS
signer->permittedNames = cert.permittedNames;
signer->excludedNames = cert.excludedNames;
#endif
#ifndef NO_SKID
XMEMCPY(signer->subjectKeyIdHash,
cert.extSubjKeyId, SHA_DIGEST_SIZE);
@@ -1531,6 +1535,10 @@ int AddCA(CYASSL_CERT_MANAGER* cm, buffer der, int type, int verify)
cert.publicKey = 0; /* don't free here */
cert.subjectCN = 0;
#ifndef IGNORE_NAME_CONSTRAINTS
cert.permittedNames = NULL;
cert.excludedNames = NULL;
#endif
#ifndef NO_SKID
row = HashSigner(signer->subjectKeyIdHash);
@@ -1969,6 +1977,8 @@ int CyaSSL_Init(void)
if (ret < 0) {
CYASSL_MSG(" Error in Cert in Chain");
if (dynamicBuffer)
XFREE(chainBuffer, heap, DYNAMIC_TYPE_FILE);
XFREE(der.buffer, heap, dynamicType);
return ret;
}
@@ -1978,6 +1988,9 @@ int CyaSSL_Init(void)
if (ctx == NULL) {
CYASSL_MSG("certChain needs context");
if (dynamicBuffer)
XFREE(chainBuffer, heap, DYNAMIC_TYPE_FILE);
XFREE(der.buffer, heap, dynamicType);
return BAD_FUNC_ARG;
}
ctx->certChain.buffer = (byte*)XMALLOC(idx, heap,
@@ -2028,7 +2041,6 @@ int CyaSSL_Init(void)
XFREE(der.buffer, heap, dynamicType);
return ret;
}
ret = 0; /* back to good status */
if (XSTRNCMP(info.name, "DES-CBC", 7) == 0) {
Des enc;
@@ -2287,6 +2299,227 @@ int CyaSSL_CertManagerVerifyBuffer(CYASSL_CERT_MANAGER* cm, const byte* buff,
}
/* turn on OCSP if off and compiled in, set options */
int CyaSSL_CertManagerEnableOCSP(CYASSL_CERT_MANAGER* cm, int options)
{
int ret = SSL_SUCCESS;
(void)options;
CYASSL_ENTER("CyaSSL_CertManagerEnableOCSP");
if (cm == NULL)
return BAD_FUNC_ARG;
#ifdef HAVE_OCSP
if (cm->ocsp == NULL) {
cm->ocsp = (CYASSL_OCSP*)XMALLOC(sizeof(CYASSL_OCSP), cm->heap,
DYNAMIC_TYPE_OCSP);
if (cm->ocsp == NULL)
return MEMORY_E;
if (InitOCSP(cm->ocsp, cm) != 0) {
CYASSL_MSG("Init OCSP failed");
FreeOCSP(cm->ocsp, 1);
cm->ocsp = NULL;
return SSL_FAILURE;
}
}
cm->ocspEnabled = 1;
if (options & CYASSL_OCSP_URL_OVERRIDE)
cm->ocspUseOverrideURL = 1;
if (options & CYASSL_OCSP_NO_NONCE)
cm->ocspSendNonce = 0;
else
cm->ocspSendNonce = 1;
#ifndef CYASSL_USER_IO
cm->ocspIOCb = EmbedOcspLookup;
cm->ocspRespFreeCb = EmbedOcspRespFree;
#endif /* CYASSL_USER_IO */
#else
ret = NOT_COMPILED_IN;
#endif
return ret;
}
int CyaSSL_CertManagerDisableOCSP(CYASSL_CERT_MANAGER* cm)
{
CYASSL_ENTER("CyaSSL_CertManagerDisableOCSP");
if (cm == NULL)
return BAD_FUNC_ARG;
cm->ocspEnabled = 0;
return SSL_SUCCESS;
}
#ifdef HAVE_OCSP
/* check CRL if enabled, SSL_SUCCESS */
int CyaSSL_CertManagerCheckOCSP(CYASSL_CERT_MANAGER* cm, byte* der, int sz)
{
int ret;
DecodedCert cert;
CYASSL_ENTER("CyaSSL_CertManagerCheckOCSP");
if (cm == NULL)
return BAD_FUNC_ARG;
if (cm->ocspEnabled == 0)
return SSL_SUCCESS;
InitDecodedCert(&cert, der, sz, NULL);
ret = ParseCertRelative(&cert, CERT_TYPE, NO_VERIFY, cm);
if (ret != 0) {
CYASSL_MSG("ParseCert failed");
return ret;
}
else {
ret = CheckCertOCSP(cm->ocsp, &cert);
if (ret != 0) {
CYASSL_MSG("CheckCertOCSP failed");
}
}
FreeDecodedCert(&cert);
if (ret == 0)
return SSL_SUCCESS; /* convert */
return ret;
}
int CyaSSL_CertManagerSetOCSPOverrideURL(CYASSL_CERT_MANAGER* cm,
const char* url)
{
CYASSL_ENTER("CyaSSL_CertManagerSetOCSPOverrideURL");
if (cm == NULL)
return BAD_FUNC_ARG;
XFREE(cm->ocspOverrideURL, cm->heap, 0);
if (url != NULL) {
int urlSz = (int)XSTRLEN(url) + 1;
cm->ocspOverrideURL = (char*)XMALLOC(urlSz, cm->heap, 0);
if (cm->ocspOverrideURL != NULL) {
XMEMCPY(cm->ocspOverrideURL, url, urlSz);
}
else
return MEMORY_E;
}
else
cm->ocspOverrideURL = NULL;
return SSL_SUCCESS;
}
int CyaSSL_CertManagerSetOCSP_Cb(CYASSL_CERT_MANAGER* cm,
CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx)
{
CYASSL_ENTER("CyaSSL_CertManagerSetOCSP_Cb");
if (cm == NULL)
return BAD_FUNC_ARG;
cm->ocspIOCb = ioCb;
cm->ocspRespFreeCb = respFreeCb;
cm->ocspIOCtx = ioCbCtx;
return SSL_SUCCESS;
}
int CyaSSL_EnableOCSP(CYASSL* ssl, int options)
{
CYASSL_ENTER("CyaSSL_EnableOCSP");
if (ssl)
return CyaSSL_CertManagerEnableOCSP(ssl->ctx->cm, options);
else
return BAD_FUNC_ARG;
}
int CyaSSL_DisableOCSP(CYASSL* ssl)
{
CYASSL_ENTER("CyaSSL_DisableOCSP");
if (ssl)
return CyaSSL_CertManagerDisableOCSP(ssl->ctx->cm);
else
return BAD_FUNC_ARG;
}
int CyaSSL_SetOCSP_OverrideURL(CYASSL* ssl, const char* url)
{
CYASSL_ENTER("CyaSSL_SetOCSP_OverrideURL");
if (ssl)
return CyaSSL_CertManagerSetOCSPOverrideURL(ssl->ctx->cm, url);
else
return BAD_FUNC_ARG;
}
int CyaSSL_SetOCSP_Cb(CYASSL* ssl,
CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx)
{
CYASSL_ENTER("CyaSSL_SetOCSP_Cb");
if (ssl)
return CyaSSL_CertManagerSetOCSP_Cb(ssl->ctx->cm,
ioCb, respFreeCb, ioCbCtx);
else
return BAD_FUNC_ARG;
}
int CyaSSL_CTX_EnableOCSP(CYASSL_CTX* ctx, int options)
{
CYASSL_ENTER("CyaSSL_CTX_EnableOCSP");
if (ctx)
return CyaSSL_CertManagerEnableOCSP(ctx->cm, options);
else
return BAD_FUNC_ARG;
}
int CyaSSL_CTX_DisableOCSP(CYASSL_CTX* ctx)
{
CYASSL_ENTER("CyaSSL_CTX_DisableOCSP");
if (ctx)
return CyaSSL_CertManagerDisableOCSP(ctx->cm);
else
return BAD_FUNC_ARG;
}
int CyaSSL_CTX_SetOCSP_OverrideURL(CYASSL_CTX* ctx, const char* url)
{
CYASSL_ENTER("CyaSSL_SetOCSP_OverrideURL");
if (ctx)
return CyaSSL_CertManagerSetOCSPOverrideURL(ctx->cm, url);
else
return BAD_FUNC_ARG;
}
int CyaSSL_CTX_SetOCSP_Cb(CYASSL_CTX* ctx,
CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx)
{
CYASSL_ENTER("CyaSSL_CTX_SetOCSP_Cb");
if (ctx)
return CyaSSL_CertManagerSetOCSP_Cb(ctx->cm, ioCb, respFreeCb, ioCbCtx);
else
return BAD_FUNC_ARG;
}
#endif /* HAVE_OCSP */
#ifndef NO_FILESYSTEM
#if defined(CYASSL_MDK_ARM)
@@ -2583,62 +2816,6 @@ int CyaSSL_CertManagerDisableCRL(CYASSL_CERT_MANAGER* cm)
}
/* turn on OCSP if off and compiled in, set options */
int CyaSSL_CertManagerEnableOCSP(CYASSL_CERT_MANAGER* cm, int options)
{
int ret = SSL_SUCCESS;
(void)options;
CYASSL_ENTER("CyaSSL_CertManagerEnableOCSP");
if (cm == NULL)
return BAD_FUNC_ARG;
#ifdef HAVE_OCSP
if (cm->ocsp == NULL) {
cm->ocsp = (CYASSL_OCSP*)XMALLOC(sizeof(CYASSL_OCSP), cm->heap,
DYNAMIC_TYPE_OCSP);
if (cm->ocsp == NULL)
return MEMORY_E;
if (InitOCSP(cm->ocsp, cm) != 0) {
CYASSL_MSG("Init OCSP failed");
FreeOCSP(cm->ocsp, 1);
cm->ocsp = NULL;
return SSL_FAILURE;
}
}
cm->ocspEnabled = 1;
if (options & CYASSL_OCSP_URL_OVERRIDE)
cm->ocspUseOverrideURL = 1;
if (options & CYASSL_OCSP_NO_NONCE)
cm->ocspSendNonce = 0;
else
cm->ocspSendNonce = 1;
#ifndef CYASSL_USER_IO
cm->ocspIOCb = EmbedOcspLookup;
cm->ocspRespFreeCb = EmbedOcspRespFree;
#endif /* CYASSL_USER_IO */
#else
ret = NOT_COMPILED_IN;
#endif
return ret;
}
int CyaSSL_CertManagerDisableOCSP(CYASSL_CERT_MANAGER* cm)
{
CYASSL_ENTER("CyaSSL_CertManagerDisableOCSP");
if (cm == NULL)
return BAD_FUNC_ARG;
cm->ocspEnabled = 0;
return SSL_SUCCESS;
}
int CyaSSL_CTX_check_private_key(CYASSL_CTX* ctx)
{
/* TODO: check private against public for RSA match */
@@ -2801,171 +2978,6 @@ int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX* ctx, CbMissingCRL cb)
#endif /* HAVE_CRL */
#ifdef HAVE_OCSP
/* check CRL if enabled, SSL_SUCCESS */
int CyaSSL_CertManagerCheckOCSP(CYASSL_CERT_MANAGER* cm, byte* der, int sz)
{
int ret;
DecodedCert cert;
CYASSL_ENTER("CyaSSL_CertManagerCheckOCSP");
if (cm == NULL)
return BAD_FUNC_ARG;
if (cm->ocspEnabled == 0)
return SSL_SUCCESS;
InitDecodedCert(&cert, der, sz, NULL);
ret = ParseCertRelative(&cert, CERT_TYPE, NO_VERIFY, cm);
if (ret != 0) {
CYASSL_MSG("ParseCert failed");
return ret;
}
else {
ret = CheckCertOCSP(cm->ocsp, &cert);
if (ret != 0) {
CYASSL_MSG("CheckCertOCSP failed");
}
}
FreeDecodedCert(&cert);
if (ret == 0)
return SSL_SUCCESS; /* convert */
return ret;
}
int CyaSSL_CertManagerSetOCSPOverrideURL(CYASSL_CERT_MANAGER* cm,
const char* url)
{
CYASSL_ENTER("CyaSSL_CertManagerSetOCSPOverrideURL");
if (cm == NULL)
return BAD_FUNC_ARG;
XFREE(cm->ocspOverrideURL, cm->heap, 0);
if (url != NULL) {
int urlSz = (int)XSTRLEN(url) + 1;
cm->ocspOverrideURL = (char*)XMALLOC(urlSz, cm->heap, 0);
if (cm->ocspOverrideURL != NULL) {
XMEMCPY(cm->ocspOverrideURL, url, urlSz);
}
else
return MEMORY_E;
}
else
cm->ocspOverrideURL = NULL;
return SSL_SUCCESS;
}
int CyaSSL_CertManagerSetOCSP_Cb(CYASSL_CERT_MANAGER* cm,
CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx)
{
CYASSL_ENTER("CyaSSL_CertManagerSetOCSP_Cb");
if (cm == NULL)
return BAD_FUNC_ARG;
cm->ocspIOCb = ioCb;
cm->ocspRespFreeCb = respFreeCb;
cm->ocspIOCtx = ioCbCtx;
return SSL_SUCCESS;
}
int CyaSSL_EnableOCSP(CYASSL* ssl, int options)
{
CYASSL_ENTER("CyaSSL_EnableOCSP");
if (ssl)
return CyaSSL_CertManagerEnableOCSP(ssl->ctx->cm, options);
else
return BAD_FUNC_ARG;
}
int CyaSSL_DisableOCSP(CYASSL* ssl)
{
CYASSL_ENTER("CyaSSL_DisableOCSP");
if (ssl)
return CyaSSL_CertManagerDisableOCSP(ssl->ctx->cm);
else
return BAD_FUNC_ARG;
}
int CyaSSL_SetOCSP_OverrideURL(CYASSL* ssl, const char* url)
{
CYASSL_ENTER("CyaSSL_SetOCSP_OverrideURL");
if (ssl)
return CyaSSL_CertManagerSetOCSPOverrideURL(ssl->ctx->cm, url);
else
return BAD_FUNC_ARG;
}
int CyaSSL_SetOCSP_Cb(CYASSL* ssl,
CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx)
{
CYASSL_ENTER("CyaSSL_SetOCSP_Cb");
if (ssl)
return CyaSSL_CertManagerSetOCSP_Cb(ssl->ctx->cm,
ioCb, respFreeCb, ioCbCtx);
else
return BAD_FUNC_ARG;
}
int CyaSSL_CTX_EnableOCSP(CYASSL_CTX* ctx, int options)
{
CYASSL_ENTER("CyaSSL_CTX_EnableOCSP");
if (ctx)
return CyaSSL_CertManagerEnableOCSP(ctx->cm, options);
else
return BAD_FUNC_ARG;
}
int CyaSSL_CTX_DisableOCSP(CYASSL_CTX* ctx)
{
CYASSL_ENTER("CyaSSL_CTX_DisableOCSP");
if (ctx)
return CyaSSL_CertManagerDisableOCSP(ctx->cm);
else
return BAD_FUNC_ARG;
}
int CyaSSL_CTX_SetOCSP_OverrideURL(CYASSL_CTX* ctx, const char* url)
{
CYASSL_ENTER("CyaSSL_SetOCSP_OverrideURL");
if (ctx)
return CyaSSL_CertManagerSetOCSPOverrideURL(ctx->cm, url);
else
return BAD_FUNC_ARG;
}
int CyaSSL_CTX_SetOCSP_Cb(CYASSL_CTX* ctx,
CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx)
{
CYASSL_ENTER("CyaSSL_CTX_SetOCSP_Cb");
if (ctx)
return CyaSSL_CertManagerSetOCSP_Cb(ctx->cm, ioCb, respFreeCb, ioCbCtx);
else
return BAD_FUNC_ARG;
}
#endif /* HAVE_OCSP */
#ifdef CYASSL_DER_LOAD
/* Add format parameter to allow DER load of CA files */
@@ -3204,8 +3216,6 @@ int CyaSSL_SetTmpEC_DHE_Sz(CYASSL* ssl, word16 sz)
#endif /* HAVE_ECC */
#if !defined(NO_FILESYSTEM)
/* server Diffie-Hellman parameters */
static int CyaSSL_SetTmpDH_file_wrapper(CYASSL_CTX* ctx, CYASSL* ssl,
const char* fname, int format)
@@ -3265,7 +3275,22 @@ int CyaSSL_CTX_SetTmpDH_file(CYASSL_CTX* ctx, const char* fname, int format)
}
#endif /* !NO_FILESYSTEM */
int CyaSSL_CTX_use_RSAPrivateKey_file(CYASSL_CTX* ctx,const char* file,
int format)
{
CYASSL_ENTER("SSL_CTX_use_RSAPrivateKey_file");
return CyaSSL_CTX_use_PrivateKey_file(ctx, file, format);
}
int CyaSSL_use_RSAPrivateKey_file(CYASSL* ssl, const char* file, int format)
{
CYASSL_ENTER("CyaSSL_use_RSAPrivateKey_file");
return CyaSSL_use_PrivateKey_file(ssl, file, format);
}
#endif /* OPENSSL_EXTRA */
#ifdef HAVE_NTRU
@@ -3273,6 +3298,9 @@ int CyaSSL_CTX_SetTmpDH_file(CYASSL_CTX* ctx, const char* fname, int format)
int CyaSSL_CTX_use_NTRUPrivateKey_file(CYASSL_CTX* ctx, const char* file)
{
CYASSL_ENTER("CyaSSL_CTX_use_NTRUPrivateKey_file");
if (ctx == NULL)
return SSL_FAILURE;
if (ProcessFile(ctx, file, SSL_FILETYPE_RAW, PRIVATEKEY_TYPE, NULL, 0, NULL)
== SSL_SUCCESS) {
ctx->haveNTRU = 1;
@@ -3285,26 +3313,6 @@ int CyaSSL_CTX_use_NTRUPrivateKey_file(CYASSL_CTX* ctx, const char* file)
#endif /* HAVE_NTRU */
#if defined(OPENSSL_EXTRA)
int CyaSSL_CTX_use_RSAPrivateKey_file(CYASSL_CTX* ctx,const char* file,
int format)
{
CYASSL_ENTER("SSL_CTX_use_RSAPrivateKey_file");
return CyaSSL_CTX_use_PrivateKey_file(ctx, file, format);
}
int CyaSSL_use_RSAPrivateKey_file(CYASSL* ssl, const char* file, int format)
{
CYASSL_ENTER("CyaSSL_use_RSAPrivateKey_file");
return CyaSSL_use_PrivateKey_file(ssl, file, format);
}
#endif /* OPENSSL_EXTRA */
#endif /* NO_FILESYSTEM */
@@ -7815,7 +7823,7 @@ int CyaSSL_set_compression(CYASSL* ssl)
break;
}
if (buf != NULL) {
if (buf != NULL && text != NULL) {
textSz = min(textSz, len);
XMEMCPY(buf, text, textSz);
buf[textSz] = '\0';

3
src/tls.c
View File

@@ -550,6 +550,9 @@ int TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
Hmac hmac;
int ret;
byte myInner[CYASSL_TLS_HMAC_INNER_SZ];
if (ssl == NULL)
return BAD_FUNC_ARG;
CyaSSL_SetTlsHmacInner(ssl, myInner, sz, content, verify);