feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Catching up 2.9.0

Browse Source
This commit is contained in:
Takashi Kojo
2014-03-04 22:09:38 +09:00
parent 0048c20fe5
commit f5922255b0
164 changed files with 9606 additions and 5289 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
IDE/MDK5-ARM/MDK-ARM/CyaSSL/config.h
View File

@@ -1,64 +0,0 @@
/* config.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#define __CORTEX_M3__
#define CYASSL_MDK_ARM
#define CYASSL_MDK5
#define CYASSL_CMSIS_RTOS
#define NO_WRITEV
#define NO_CYASSL_DIR
#define BENCH_EMBEDDED
#define CYASSL_DER_LOAD
#define HAVE_NULL_CIPHER
#define NO_MAIN_DRIVER
#define CYASSL_STM32F2xx
#if defined(MDK_CONF_CYASSL)
#define CYASSL_MDK_SHELL
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_SimpleClient)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_SimpleServer)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_EchoClient)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_EchoServer)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_Benchmark)
#define SINGLE_THREADED
#define NO_INLINE
#include "config-Crypt.h"
#elif defined(MDK_CONF_CryptTest)
#define SINGLE_THREADED
#define NO_INLINE
#include "config-Crypt.h"
#endif

185
IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/config-Crypt.h
View File

@@ -1,185 +0,0 @@
/* config-FS.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
// <<< Use Configuration Wizard in Context Menu >>>
// <h> wolfCrypt Configuration
// <h>Cert/Key Strage
// <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
#define MDK_CONF_CERT_BUFF 0
#if MDK_CONF_CERT_BUFF== 1
#define USE_CERT_BUFFERS_1024
#elif MDK_CONF_CERT_BUFF == 2
#define USE_CERT_BUFFERS_2048
#endif
//</h>
// <h>Crypt Algrithm
// <h>MD5, SHA, SHA-256, AES, RC4, ASN, RSA
// </h>
// <e>MD2
#define MDK_CONF_MD2 0
#if MDK_CONF_MD2 == 1
#define CYASSL_MD2
#endif
// </e>
// <e>MD4
#define MDK_CONF_MD4 1
#if MDK_CONF_MD4 == 0
#define NO_MD4
#endif
// </e>
// <e>SHA-384
// <i>This has to be with SHA512
#define MDK_CONF_SHA384 0
#if MDK_CONF_SHA384 == 1
#define CYASSL_SHA384
#endif
// </e>
// <e>SHA-512
#define MDK_CONF_SHA512 0
#if MDK_CONF_SHA512 == 1
#define CYASSL_SHA512
#endif
// </e>
// <e>RIPEMD
#define MDK_CONF_RIPEMD 0
#if MDK_CONF_RIPEMD == 1
#define CYASSL_RIPEMD
#endif
// </e>
// <e>HMAC
#define MDK_CONF_HMAC 1
#if MDK_CONF_HMAC == 0
#define NO_HMAC
#endif
// </e>
// <e>HC128
#define MDK_CONF_HC128 0
#if MDK_CONF_HC128 == 1
#define HAVE_HC128
#endif
// </e>
// <e>RABBIT
#define MDK_CONF_RABBIT 1
#if MDK_CONF_RABBI == 0
#define NO_RABBIT
#endif
// </e>
// <e>AEAD
#define MDK_CONF_AEAD 0
#if MDK_CONF_AEAD == 1
#define HAVE_AEAD
#endif
// </e>
// <e>DES3
#define MDK_CONF_DES3 1
#if MDK_CONF_DES3 == 0
#define NO_DES3
#endif
// </e>
// <e>CAMELLIA
#define MDK_CONF_CAMELLIA 0
#if MDK_CONF_CAMELLIA == 1
#define HAVE_CAMELLIA
#endif
// </e>
// <e>DH
// <i>need this for CYASSL_SERVER, OPENSSL_EXTRA
#define MDK_CONF_DH 1
#if MDK_CONF_DH == 0
#define NO_DH
#endif
// </e>
// <e>DSA
#define MDK_CONF_DSA 1
#if MDK_CONF_DSA == 0
#define NO_DSA
#endif
// </e>
// <e>PWDBASED
#define MDK_CONF_PWDBASED 1
#if MDK_CONF_PWDBASED == 0
#define NO_PWDBASED
#endif
// </e>
// <e>ECC
#define MDK_CONF_ECC 0
#if MDK_CONF_ECC == 1
#define HAVE_ECC
#endif
// </e>
// <e>PSK
#define MDK_CONF_PSK 1
#if MDK_CONF_PSK == 0
#define NO_PSK
#endif
// </e>
// <e>AESCCM (Turn off Hardware Crypt)
#define MDK_CONF_AESCCM 0
#if MDK_CONF_AESCCM == 1
#define HAVE_AESCCM
#endif
// </e>
// <e>AESGCM (Turn off Hardware Crypt)
#define MDK_CONF_AESGCM 0
#if MDK_CONF_AESGCM == 1
#define HAVE_AESGCM
#define BUILD_AESGCM
#endif
// </e>
// <e>NTRU (need License, "crypto_ntru.h")
#define MDK_CONF_NTRU 0
#if MDK_CONF_NTRU == 1
#define HAVE_NTRU
#endif
// </e>
// </h>
// <h>Hardware Crypt (See document for usage)
// <e>Hardware RNG
#define MDK_CONF_STM32F2_RNG 0
#if MDK_CONF_STM32F2_RNG == 1
#define STM32F2_RNG
#else
#endif
// </e>
// <e>Hardware Crypt
#define MDK_CONF_STM32F2_CRYPTO 0
#if MDK_CONF_STM32F2_CRYPTO == 1
#define STM32F2_CRYPTO
#endif
// </e>
// </h>
//</h>
// <<< end of configuration section >>>

61
IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/config.h
View File

@@ -1,61 +0,0 @@
/* config.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#define __CORTEX_M3__
#define CYASSL_MDK_ARM
#define CYASSL_MDK5
#define NO_WRITEV
#define NO_CYASSL_DIR
#define BENCH_EMBEDDED
#define CYASSL_DER_LOAD
#define HAVE_NULL_CIPHER
#define NO_MAIN_DRIVER
#if defined(MDK_CONF_CYASSL)
#define CYASSL_MDK_SHELL
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_SimpleClient)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_SimpleServer)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_EchoClient)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_EchoServer)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_Benchmark)
#define SINGLE_THREADED
#define NO_INLINE
#include "config-Crypt.h"
#elif defined(MDK_CONF_CryptTest)
#define SINGLE_THREADED
#define NO_INLINE
#include "config-Crypt.h"
#endif

185
IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/config-Crypt.h
View File

@@ -1,185 +0,0 @@
/* config-FS.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
// <<< Use Configuration Wizard in Context Menu >>>
// <h> wolfCrypt Configuration
// <h>Cert/Key Strage
// <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
#define MDK_CONF_CERT_BUFF 0
#if MDK_CONF_CERT_BUFF== 1
#define USE_CERT_BUFFERS_1024
#elif MDK_CONF_CERT_BUFF == 2
#define USE_CERT_BUFFERS_2048
#endif
//</h>
// <h>Crypt Algrithm
// <h>MD5, SHA, SHA-256, AES, RC4, ASN, RSA
// </h>
// <e>MD2
#define MDK_CONF_MD2 0
#if MDK_CONF_MD2 == 1
#define CYASSL_MD2
#endif
// </e>
// <e>MD4
#define MDK_CONF_MD4 1
#if MDK_CONF_MD4 == 0
#define NO_MD4
#endif
// </e>
// <e>SHA-384
// <i>This has to be with SHA512
#define MDK_CONF_SHA384 0
#if MDK_CONF_SHA384 == 1
#define CYASSL_SHA384
#endif
// </e>
// <e>SHA-512
#define MDK_CONF_SHA512 0
#if MDK_CONF_SHA512 == 1
#define CYASSL_SHA512
#endif
// </e>
// <e>RIPEMD
#define MDK_CONF_RIPEMD 0
#if MDK_CONF_RIPEMD == 1
#define CYASSL_RIPEMD
#endif
// </e>
// <e>HMAC
#define MDK_CONF_HMAC 1
#if MDK_CONF_HMAC == 0
#define NO_HMAC
#endif
// </e>
// <e>HC128
#define MDK_CONF_HC128 0
#if MDK_CONF_HC128 == 1
#define HAVE_HC128
#endif
// </e>
// <e>RABBIT
#define MDK_CONF_RABBIT 1
#if MDK_CONF_RABBI == 0
#define NO_RABBIT
#endif
// </e>
// <e>AEAD
#define MDK_CONF_AEAD 0
#if MDK_CONF_AEAD == 1
#define HAVE_AEAD
#endif
// </e>
// <e>DES3
#define MDK_CONF_DES3 1
#if MDK_CONF_DES3 == 0
#define NO_DES3
#endif
// </e>
// <e>CAMELLIA
#define MDK_CONF_CAMELLIA 0
#if MDK_CONF_CAMELLIA == 1
#define HAVE_CAMELLIA
#endif
// </e>
// <e>DH
// <i>need this for CYASSL_SERVER, OPENSSL_EXTRA
#define MDK_CONF_DH 1
#if MDK_CONF_DH == 0
#define NO_DH
#endif
// </e>
// <e>DSA
#define MDK_CONF_DSA 1
#if MDK_CONF_DSA == 0
#define NO_DSA
#endif
// </e>
// <e>PWDBASED
#define MDK_CONF_PWDBASED 1
#if MDK_CONF_PWDBASED == 0
#define NO_PWDBASED
#endif
// </e>
// <e>ECC
#define MDK_CONF_ECC 0
#if MDK_CONF_ECC == 1
#define HAVE_ECC
#endif
// </e>
// <e>PSK
#define MDK_CONF_PSK 1
#if MDK_CONF_PSK == 0
#define NO_PSK
#endif
// </e>
// <e>AESCCM (Turn off Hardware Crypt)
#define MDK_CONF_AESCCM 0
#if MDK_CONF_AESCCM == 1
#define HAVE_AESCCM
#endif
// </e>
// <e>AESGCM (Turn off Hardware Crypt)
#define MDK_CONF_AESGCM 0
#if MDK_CONF_AESGCM == 1
#define HAVE_AESGCM
#define BUILD_AESGCM
#endif
// </e>
// <e>NTRU (need License, "crypto_ntru.h")
#define MDK_CONF_NTRU 0
#if MDK_CONF_NTRU == 1
#define HAVE_NTRU
#endif
// </e>
// </h>
// <h>Hardware Crypt (See document for usage)
// <e>Hardware RNG
#define MDK_CONF_STM32F2_RNG 0
#if MDK_CONF_STM32F2_RNG == 1
#define STM32F2_RNG
#else
#endif
// </e>
// <e>Hardware Crypt
#define MDK_CONF_STM32F2_CRYPTO 0
#if MDK_CONF_STM32F2_CRYPTO == 1
#define STM32F2_CRYPTO
#endif
// </e>
// </h>
//</h>
// <<< end of configuration section >>>

61
IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/config.h
View File

@@ -1,61 +0,0 @@
/* config.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#define __CORTEX_M3__
#define CYASSL_MDK_ARM
#define CYASSL_MDK5
#define NO_WRITEV
#define NO_CYASSL_DIR
#define BENCH_EMBEDDED
#define CYASSL_DER_LOAD
#define HAVE_NULL_CIPHER
#define NO_MAIN_DRIVER
#if defined(MDK_CONF_CYASSL)
#define CYASSL_MDK_SHELL
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_SimpleClient)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_SimpleServer)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_EchoClient)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_EchoServer)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_Benchmark)
#define SINGLE_THREADED
#define NO_INLINE
#include "config-Crypt.h"
#elif defined(MDK_CONF_CryptTest)
#define SINGLE_THREADED
#define NO_INLINE
#include "config-Crypt.h"
#endif

6
IDE/MDK5-ARM/Projects/CryptTest/test.c
View File

@@ -2779,7 +2779,8 @@ int rsa_test(void)
if (certSz < 0) if (certSz < 0)
return -407; return -407;
certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng); certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
&caKey, &rng);
if (certSz < 0) if (certSz < 0)
return -408; return -408;
@@ -2891,7 +2892,8 @@ int rsa_test(void)
if (certSz < 0) if (certSz < 0)
return -456; return -456;
certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng); certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
&caKey, &rng);
if (certSz < 0) if (certSz < 0)
return -457; return -457;

1342
IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvguix.kojo
View File

File diff suppressed because one or more lines are too long

79
IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full_CyaSSL-Full.dep
View File

@@ -1,79 +0,0 @@
Dependencies for Project 'CyaSSL-Full', Target 'CyaSSL-Full': (DO NOT MODIFY !)
F (.\main.c)(0x52675C4A)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork
-I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE
-I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG
-I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL
-I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include
-I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include
-I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC
-I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include
-I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include
-I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include
-I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver
-I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl
-I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL
-D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\main.o --omf_browse .\object\main.crf --depend .\object\main.d)
F (.\shell.c)(0x523B984C)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork
-I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE
-I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG
-I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL
-I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include
-I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include
-I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC
-I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include
-I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include
-I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include
-I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver
-I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl
-I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL
-D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\shell.o --omf_browse .\object\shell.crf --depend .\object\shell.d)
F (.\test.c)(0x524E6E34)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork
-I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE
-I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG
-I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL
-I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include
-I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include
-I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC
-I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include
-I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include
-I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include
-I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver
-I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl

12
IDE/MDK5-ARM/Projects/CyaSSL-Full/Object/CyaSSL-Full.build_log.htm
View File

@@ -1,12 +0,0 @@
<html>
<body>
<pre>
<h1><EFBFBD>Vision Build Log</h1>
<h2>Project:</h2>
C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\CyaSSL-Full.uvprojx
Project File Date: 10/23/2013
<h2>Output:</h2>
</pre>
</body>
</html>

185
IDE/MDK5-ARM/Projects/CyaSSL-Full/RTE/wolfSSL/config-Crypt.h
View File

@@ -1,185 +0,0 @@
/* config-FS.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
// <<< Use Configuration Wizard in Context Menu >>>
// <h> wolfCrypt Configuration
// <h>Cert/Key Strage
// <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
#define MDK_CONF_CERT_BUFF 0
#if MDK_CONF_CERT_BUFF== 1
#define USE_CERT_BUFFERS_1024
#elif MDK_CONF_CERT_BUFF == 2
#define USE_CERT_BUFFERS_2048
#endif
//</h>
// <h>Crypt Algrithm
// <h>MD5, SHA, SHA-256, AES, RC4, ASN, RSA
// </h>
// <e>MD2
#define MDK_CONF_MD2 0
#if MDK_CONF_MD2 == 1
#define CYASSL_MD2
#endif
// </e>
// <e>MD4
#define MDK_CONF_MD4 1
#if MDK_CONF_MD4 == 0
#define NO_MD4
#endif
// </e>
// <e>SHA-384
// <i>This has to be with SHA512
#define MDK_CONF_SHA384 0
#if MDK_CONF_SHA384 == 1
#define CYASSL_SHA384
#endif
// </e>
// <e>SHA-512
#define MDK_CONF_SHA512 0
#if MDK_CONF_SHA512 == 1
#define CYASSL_SHA512
#endif
// </e>
// <e>RIPEMD
#define MDK_CONF_RIPEMD 0
#if MDK_CONF_RIPEMD == 1
#define CYASSL_RIPEMD
#endif
// </e>
// <e>HMAC
#define MDK_CONF_HMAC 1
#if MDK_CONF_HMAC == 0
#define NO_HMAC
#endif
// </e>
// <e>HC128
#define MDK_CONF_HC128 0
#if MDK_CONF_HC128 == 1
#define HAVE_HC128
#endif
// </e>
// <e>RABBIT
#define MDK_CONF_RABBIT 1
#if MDK_CONF_RABBI == 0
#define NO_RABBIT
#endif
// </e>
// <e>AEAD
#define MDK_CONF_AEAD 0
#if MDK_CONF_AEAD == 1
#define HAVE_AEAD
#endif
// </e>
// <e>DES3
#define MDK_CONF_DES3 1
#if MDK_CONF_DES3 == 0
#define NO_DES3
#endif
// </e>
// <e>CAMELLIA
#define MDK_CONF_CAMELLIA 0
#if MDK_CONF_CAMELLIA == 1
#define HAVE_CAMELLIA
#endif
// </e>
// <e>DH
// <i>need this for CYASSL_SERVER, OPENSSL_EXTRA
#define MDK_CONF_DH 1
#if MDK_CONF_DH == 0
#define NO_DH
#endif
// </e>
// <e>DSA
#define MDK_CONF_DSA 1
#if MDK_CONF_DSA == 0
#define NO_DSA
#endif
// </e>
// <e>PWDBASED
#define MDK_CONF_PWDBASED 1
#if MDK_CONF_PWDBASED == 0
#define NO_PWDBASED
#endif
// </e>
// <e>ECC
#define MDK_CONF_ECC 0
#if MDK_CONF_ECC == 1
#define HAVE_ECC
#endif
// </e>
// <e>PSK
#define MDK_CONF_PSK 1
#if MDK_CONF_PSK == 0
#define NO_PSK
#endif
// </e>
// <e>AESCCM (Turn off Hardware Crypt)
#define MDK_CONF_AESCCM 0
#if MDK_CONF_AESCCM == 1
#define HAVE_AESCCM
#endif
// </e>
// <e>AESGCM (Turn off Hardware Crypt)
#define MDK_CONF_AESGCM 0
#if MDK_CONF_AESGCM == 1
#define HAVE_AESGCM
#define BUILD_AESGCM
#endif
// </e>
// <e>NTRU (need License, "crypto_ntru.h")
#define MDK_CONF_NTRU 0
#if MDK_CONF_NTRU == 1
#define HAVE_NTRU
#endif
// </e>
// </h>
// <h>Hardware Crypt (See document for usage)
// <e>Hardware RNG
#define MDK_CONF_STM32F2_RNG 0
#if MDK_CONF_STM32F2_RNG == 1
#define STM32F2_RNG
#else
#endif
// </e>
// <e>Hardware Crypt
#define MDK_CONF_STM32F2_CRYPTO 0
#if MDK_CONF_STM32F2_CRYPTO == 1
#define STM32F2_CRYPTO
#endif
// </e>
// </h>
//</h>
// <<< end of configuration section >>>

144
IDE/MDK5-ARM/Projects/CyaSSL-Full/RTE/wolfSSL/config-CyaSSL.h
View File

@@ -1,144 +0,0 @@
/* config-RTX-TCP-FS.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/**** CyaSSL for KEIL-RL Configuration ****/
#define __CORTEX_M3__
#define CYASSL_MDK_ARM
#define NO_WRITEV
#define NO_CYASSL_DIR
#define NO_MAIN_DRIVER
#define CYASSL_DER_LOAD
#define HAVE_NULL_CIPHER
#define HAVE_KEIL_RTX
#define CYASSL_CMSIS_RTOS
#define CYASSL_KEIL_TCP_NET
// <<< Use Configuration Wizard in Context Menu >>>
// <h> CyaSSL Configuration
// <h>SSL (Included by default)
// </h>
// <e>TLS
#define MDK_CONF_TLS 1
#if MDK_CONF_TLS == 0
#define NO_TLS
#endif
// </e>
// <e>CRL
#define MDK_CONF_DER_LOAD 0
#if MDK_CONF_DER_LOAD == 1
#define CYASSL_DER_LOAD
#endif
// </e>
// <e>OpenSSL Extra
#define MDK_CONF_OPENSSL_EXTRA 1
#if MDK_CONF_OPENSSL_EXTRA == 1
#define OPENSSL_EXTRA
#endif
// </e>
//</h>
// <h>Cert/Key Generation
// <e>CertGen
#define MDK_CONF_CERT_GEN 0
#if MDK_CONF_CERT_GEN == 1
#define CYASSL_CERT_GEN
#endif
// </e>
// <e>KeyGen
#define MDK_CONF_KEY_GEN 0
#if MDK_CONF_KEY_GEN == 1
#define CYASSL_KEY_GEN
#endif
// </e>
//</h>
// <h>Others
// <e>Inline
#define MDK_CONF_INLINE 0
#if MDK_CONF_INLINE == 0
#define NO_INLINE
#endif
// </e>
// <h>Debug
// <e>Debug Message
#define MDK_CONF_DebugMessage 0
#if MDK_CONF_DebugMessage == 1
#define DEBUG_CYASSL
#endif
// </e>
// <e>Check malloc
#define MDK_CONF_CheckMalloc 1
#if MDK_CONF_CheckMalloc == 1
#define CYASSL_MALLOC_CHECK
#endif
// </e>
// </h>
// <e>ErrNo.h
#define MDK_CONF_ErrNo 0
#if MDK_CONF_ErrNo == 1
#define HAVE_ERRNO
#endif
// </e>
// <e>Error Strings
#define MDK_CONF_ErrorStrings 1
#if MDK_CONF_ErrorStrings == 0
#define NO_ERROR_STRINGS
#endif
// </e>
// <e>zlib (need "zlib.h")
#define MDK_CONF_LIBZ 0
#if MDK_CONF_LIBZ == 1
#define HAVE_LIBZ
#endif
// </e>
// <e>CAVIUM (need CAVIUM headers)
#define MDK_CONF_CAVIUM 0
#if MDK_CONF_CAVIUM == 1
#define HAVE_CAVIUM
#endif
// </e>
// <e>Small Stack
#define MDK_CONF_SmallStack 1
#if MDK_CONF_SmallStack == 0
#define NO_CYASSL_SMALL_STACK
#endif
// </e>
// <e>Use Fast Math
#define MDK_CONF_FASTMATH 0
#if MDK_CONF_FASTMATH == 1
#define USE_FAST_MATH
#endif
// </e>
// </h>
// <<< end of configuration section >>>

64
IDE/MDK5-ARM/Projects/CyaSSL-Full/RTE/wolfSSL/config.h
View File

@@ -1,64 +0,0 @@
/* config.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#define __CORTEX_M3__
#define CYASSL_MDK_ARM
#define CYASSL_MDK5
#define CYASSL_CMSIS_RTOS
#define NO_WRITEV
#define NO_CYASSL_DIR
#define BENCH_EMBEDDED
#define CYASSL_DER_LOAD
#define HAVE_NULL_CIPHER
#define NO_MAIN_DRIVER
#define CYASSL_STM32F2xx
#if defined(MDK_CONF_CYASSL)
#define CYASSL_MDK_SHELL
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_SimpleClient)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_SimpleServer)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_EchoClient)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_EchoServer)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_Benchmark)
#define SINGLE_THREADED
#define NO_INLINE
#include "config-Crypt.h"
#elif defined(MDK_CONF_CryptTest)
#define SINGLE_THREADED
#define NO_INLINE
#include "config-Crypt.h"
#endif

3
IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c
View File

@@ -469,7 +469,8 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args)
#ifdef HAVE_SNI #ifdef HAVE_SNI
if (sniHostName) if (sniHostName)
if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))) if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))
!= SSL_SUCCESS)
err_sys("UseSNI failed"); err_sys("UseSNI failed");
#endif #endif

10
IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c
View File

@@ -347,6 +347,10 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
usePsk = 1; usePsk = 1;
#endif #endif
#ifdef OPENSSL_EXTRA
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
if (fewerPackets) if (fewerPackets)
CyaSSL_CTX_set_group_messages(ctx); CyaSSL_CTX_set_group_messages(ctx);
@@ -404,10 +408,6 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
} }
#endif #endif
#ifdef OPENSSL_EXTRA
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) #if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
/* don't use EDH, can't sniff tmp keys */ /* don't use EDH, can't sniff tmp keys */
if (cipherList == NULL) { if (cipherList == NULL) {
@@ -419,7 +419,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
#ifdef HAVE_SNI #ifdef HAVE_SNI
if (sniHostName) { if (sniHostName) {
if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName, if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName,
XSTRLEN(sniHostName))) XSTRLEN(sniHostName)) != SSL_SUCCESS)
err_sys("UseSNI failed"); err_sys("UseSNI failed");
else else
CyaSSL_CTX_SNI_SetOptions(ctx, CYASSL_SNI_HOST_NAME, CyaSSL_CTX_SNI_SetOptions(ctx, CYASSL_SNI_HOST_NAME,

6
IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c
View File

@@ -2550,7 +2550,8 @@ int rsa_test(void)
if (certSz < 0) if (certSz < 0)
return -407; return -407;
certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng); certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
&caKey, &rng);
if (certSz < 0) if (certSz < 0)
return -408; return -408;
@@ -2662,7 +2663,8 @@ int rsa_test(void)
if (certSz < 0) if (certSz < 0)
return -456; return -456;
certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng); certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
&caKey, &rng);
if (certSz < 0) if (certSz < 0)
return -457; return -457;

185
IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/config-Crypt.h
View File

@@ -1,185 +0,0 @@
/* config-FS.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
// <<< Use Configuration Wizard in Context Menu >>>
// <h> wolfCrypt Configuration
// <h>Cert/Key Strage
// <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
#define MDK_CONF_CERT_BUFF 0
#if MDK_CONF_CERT_BUFF== 1
#define USE_CERT_BUFFERS_1024
#elif MDK_CONF_CERT_BUFF == 2
#define USE_CERT_BUFFERS_2048
#endif
//</h>
// <h>Crypt Algrithm
// <h>MD5, SHA, SHA-256, AES, RC4, ASN, RSA
// </h>
// <e>MD2
#define MDK_CONF_MD2 0
#if MDK_CONF_MD2 == 1
#define CYASSL_MD2
#endif
// </e>
// <e>MD4
#define MDK_CONF_MD4 1
#if MDK_CONF_MD4 == 0
#define NO_MD4
#endif
// </e>
// <e>SHA-384
// <i>This has to be with SHA512
#define MDK_CONF_SHA384 0
#if MDK_CONF_SHA384 == 1
#define CYASSL_SHA384
#endif
// </e>
// <e>SHA-512
#define MDK_CONF_SHA512 0
#if MDK_CONF_SHA512 == 1
#define CYASSL_SHA512
#endif
// </e>
// <e>RIPEMD
#define MDK_CONF_RIPEMD 0
#if MDK_CONF_RIPEMD == 1
#define CYASSL_RIPEMD
#endif
// </e>
// <e>HMAC
#define MDK_CONF_HMAC 1
#if MDK_CONF_HMAC == 0
#define NO_HMAC
#endif
// </e>
// <e>HC128
#define MDK_CONF_HC128 0
#if MDK_CONF_HC128 == 1
#define HAVE_HC128
#endif
// </e>
// <e>RABBIT
#define MDK_CONF_RABBIT 1
#if MDK_CONF_RABBI == 0
#define NO_RABBIT
#endif
// </e>
// <e>AEAD
#define MDK_CONF_AEAD 0
#if MDK_CONF_AEAD == 1
#define HAVE_AEAD
#endif
// </e>
// <e>DES3
#define MDK_CONF_DES3 1
#if MDK_CONF_DES3 == 0
#define NO_DES3
#endif
// </e>
// <e>CAMELLIA
#define MDK_CONF_CAMELLIA 0
#if MDK_CONF_CAMELLIA == 1
#define HAVE_CAMELLIA
#endif
// </e>
// <e>DH
// <i>need this for CYASSL_SERVER, OPENSSL_EXTRA
#define MDK_CONF_DH 1
#if MDK_CONF_DH == 0
#define NO_DH
#endif
// </e>
// <e>DSA
#define MDK_CONF_DSA 1
#if MDK_CONF_DSA == 0
#define NO_DSA
#endif
// </e>
// <e>PWDBASED
#define MDK_CONF_PWDBASED 1
#if MDK_CONF_PWDBASED == 0
#define NO_PWDBASED
#endif
// </e>
// <e>ECC
#define MDK_CONF_ECC 0
#if MDK_CONF_ECC == 1
#define HAVE_ECC
#endif
// </e>
// <e>PSK
#define MDK_CONF_PSK 1
#if MDK_CONF_PSK == 0
#define NO_PSK
#endif
// </e>
// <e>AESCCM (Turn off Hardware Crypt)
#define MDK_CONF_AESCCM 0
#if MDK_CONF_AESCCM == 1
#define HAVE_AESCCM
#endif
// </e>
// <e>AESGCM (Turn off Hardware Crypt)
#define MDK_CONF_AESGCM 0
#if MDK_CONF_AESGCM == 1
#define HAVE_AESGCM
#define BUILD_AESGCM
#endif
// </e>
// <e>NTRU (need License, "crypto_ntru.h")
#define MDK_CONF_NTRU 0
#if MDK_CONF_NTRU == 1
#define HAVE_NTRU
#endif
// </e>
// </h>
// <h>Hardware Crypt (See document for usage)
// <e>Hardware RNG
#define MDK_CONF_STM32F2_RNG 0
#if MDK_CONF_STM32F2_RNG == 1
#define STM32F2_RNG
#else
#endif
// </e>
// <e>Hardware Crypt
#define MDK_CONF_STM32F2_CRYPTO 0
#if MDK_CONF_STM32F2_CRYPTO == 1
#define STM32F2_CRYPTO
#endif
// </e>
// </h>
//</h>
// <<< end of configuration section >>>

144
IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/config-CyaSSL.h
View File

@@ -1,144 +0,0 @@
/* config-RTX-TCP-FS.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/**** CyaSSL for KEIL-RL Configuration ****/
#define __CORTEX_M3__
#define CYASSL_MDK_ARM
#define NO_WRITEV
#define NO_CYASSL_DIR
#define NO_MAIN_DRIVER
#define CYASSL_DER_LOAD
#define HAVE_NULL_CIPHER
#define HAVE_KEIL_RTX
#define CYASSL_CMSIS_RTOS
#define CYASSL_KEIL_TCP_NET
// <<< Use Configuration Wizard in Context Menu >>>
// <h> CyaSSL Configuration
// <h>SSL (Included by default)
// </h>
// <e>TLS
#define MDK_CONF_TLS 1
#if MDK_CONF_TLS == 0
#define NO_TLS
#endif
// </e>
// <e>CRL
#define MDK_CONF_DER_LOAD 0
#if MDK_CONF_DER_LOAD == 1
#define CYASSL_DER_LOAD
#endif
// </e>
// <e>OpenSSL Extra
#define MDK_CONF_OPENSSL_EXTRA 1
#if MDK_CONF_OPENSSL_EXTRA == 1
#define OPENSSL_EXTRA
#endif
// </e>
//</h>
// <h>Cert/Key Generation
// <e>CertGen
#define MDK_CONF_CERT_GEN 0
#if MDK_CONF_CERT_GEN == 1
#define CYASSL_CERT_GEN
#endif
// </e>
// <e>KeyGen
#define MDK_CONF_KEY_GEN 0
#if MDK_CONF_KEY_GEN == 1
#define CYASSL_KEY_GEN
#endif
// </e>
//</h>
// <h>Others
// <e>Inline
#define MDK_CONF_INLINE 0
#if MDK_CONF_INLINE == 0
#define NO_INLINE
#endif
// </e>
// <h>Debug
// <e>Debug Message
#define MDK_CONF_DebugMessage 0
#if MDK_CONF_DebugMessage == 1
#define DEBUG_CYASSL
#endif
// </e>
// <e>Check malloc
#define MDK_CONF_CheckMalloc 1
#if MDK_CONF_CheckMalloc == 1
#define CYASSL_MALLOC_CHECK
#endif
// </e>
// </h>
// <e>ErrNo.h
#define MDK_CONF_ErrNo 0
#if MDK_CONF_ErrNo == 1
#define HAVE_ERRNO
#endif
// </e>
// <e>Error Strings
#define MDK_CONF_ErrorStrings 1
#if MDK_CONF_ErrorStrings == 0
#define NO_ERROR_STRINGS
#endif
// </e>
// <e>zlib (need "zlib.h")
#define MDK_CONF_LIBZ 0
#if MDK_CONF_LIBZ == 1
#define HAVE_LIBZ
#endif
// </e>
// <e>CAVIUM (need CAVIUM headers)
#define MDK_CONF_CAVIUM 0
#if MDK_CONF_CAVIUM == 1
#define HAVE_CAVIUM
#endif
// </e>
// <e>Small Stack
#define MDK_CONF_SmallStack 1
#if MDK_CONF_SmallStack == 0
#define NO_CYASSL_SMALL_STACK
#endif
// </e>
// <e>Use Fast Math
#define MDK_CONF_FASTMATH 0
#if MDK_CONF_FASTMATH == 1
#define USE_FAST_MATH
#endif
// </e>
// </h>
// <<< end of configuration section >>>

61
IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/config.h
View File

@@ -1,61 +0,0 @@
/* config.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#define __CORTEX_M3__
#define CYASSL_MDK_ARM
#define CYASSL_MDK5
#define NO_WRITEV
#define NO_CYASSL_DIR
#define BENCH_EMBEDDED
#define CYASSL_DER_LOAD
#define HAVE_NULL_CIPHER
#define NO_MAIN_DRIVER
#if defined(MDK_CONF_CYASSL)
#define CYASSL_MDK_SHELL
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_SimpleClient)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_SimpleServer)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_EchoClient)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_EchoServer)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_Benchmark)
#define SINGLE_THREADED
#define NO_INLINE
#include "config-Crypt.h"
#elif defined(MDK_CONF_CryptTest)
#define SINGLE_THREADED
#define NO_INLINE
#include "config-Crypt.h"
#endif

185
IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/config-Crypt.h
View File

@@ -1,185 +0,0 @@
/* config-FS.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
// <<< Use Configuration Wizard in Context Menu >>>
// <h> wolfCrypt Configuration
// <h>Cert/Key Strage
// <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
#define MDK_CONF_CERT_BUFF 0
#if MDK_CONF_CERT_BUFF== 1
#define USE_CERT_BUFFERS_1024
#elif MDK_CONF_CERT_BUFF == 2
#define USE_CERT_BUFFERS_2048
#endif
//</h>
// <h>Crypt Algrithm
// <h>MD5, SHA, SHA-256, AES, RC4, ASN, RSA
// </h>
// <e>MD2
#define MDK_CONF_MD2 0
#if MDK_CONF_MD2 == 1
#define CYASSL_MD2
#endif
// </e>
// <e>MD4
#define MDK_CONF_MD4 1
#if MDK_CONF_MD4 == 0
#define NO_MD4
#endif
// </e>
// <e>SHA-384
// <i>This has to be with SHA512
#define MDK_CONF_SHA384 0
#if MDK_CONF_SHA384 == 1
#define CYASSL_SHA384
#endif
// </e>
// <e>SHA-512
#define MDK_CONF_SHA512 0
#if MDK_CONF_SHA512 == 1
#define CYASSL_SHA512
#endif
// </e>
// <e>RIPEMD
#define MDK_CONF_RIPEMD 0
#if MDK_CONF_RIPEMD == 1
#define CYASSL_RIPEMD
#endif
// </e>
// <e>HMAC
#define MDK_CONF_HMAC 1
#if MDK_CONF_HMAC == 0
#define NO_HMAC
#endif
// </e>
// <e>HC128
#define MDK_CONF_HC128 0
#if MDK_CONF_HC128 == 1
#define HAVE_HC128
#endif
// </e>
// <e>RABBIT
#define MDK_CONF_RABBIT 1
#if MDK_CONF_RABBI == 0
#define NO_RABBIT
#endif
// </e>
// <e>AEAD
#define MDK_CONF_AEAD 0
#if MDK_CONF_AEAD == 1
#define HAVE_AEAD
#endif
// </e>
// <e>DES3
#define MDK_CONF_DES3 1
#if MDK_CONF_DES3 == 0
#define NO_DES3
#endif
// </e>
// <e>CAMELLIA
#define MDK_CONF_CAMELLIA 0
#if MDK_CONF_CAMELLIA == 1
#define HAVE_CAMELLIA
#endif
// </e>
// <e>DH
// <i>need this for CYASSL_SERVER, OPENSSL_EXTRA
#define MDK_CONF_DH 1
#if MDK_CONF_DH == 0
#define NO_DH
#endif
// </e>
// <e>DSA
#define MDK_CONF_DSA 1
#if MDK_CONF_DSA == 0
#define NO_DSA
#endif
// </e>
// <e>PWDBASED
#define MDK_CONF_PWDBASED 1
#if MDK_CONF_PWDBASED == 0
#define NO_PWDBASED
#endif
// </e>
// <e>ECC
#define MDK_CONF_ECC 0
#if MDK_CONF_ECC == 1
#define HAVE_ECC
#endif
// </e>
// <e>PSK
#define MDK_CONF_PSK 1
#if MDK_CONF_PSK == 0
#define NO_PSK
#endif
// </e>
// <e>AESCCM (Turn off Hardware Crypt)
#define MDK_CONF_AESCCM 0
#if MDK_CONF_AESCCM == 1
#define HAVE_AESCCM
#endif
// </e>
// <e>AESGCM (Turn off Hardware Crypt)
#define MDK_CONF_AESGCM 0
#if MDK_CONF_AESGCM == 1
#define HAVE_AESGCM
#define BUILD_AESGCM
#endif
// </e>
// <e>NTRU (need License, "crypto_ntru.h")
#define MDK_CONF_NTRU 0
#if MDK_CONF_NTRU == 1
#define HAVE_NTRU
#endif
// </e>
// </h>
// <h>Hardware Crypt (See document for usage)
// <e>Hardware RNG
#define MDK_CONF_STM32F2_RNG 0
#if MDK_CONF_STM32F2_RNG == 1
#define STM32F2_RNG
#else
#endif
// </e>
// <e>Hardware Crypt
#define MDK_CONF_STM32F2_CRYPTO 0
#if MDK_CONF_STM32F2_CRYPTO == 1
#define STM32F2_CRYPTO
#endif
// </e>
// </h>
//</h>
// <<< end of configuration section >>>

144
IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/config-CyaSSL.h
View File

@@ -1,144 +0,0 @@
/* config-RTX-TCP-FS.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/**** CyaSSL for KEIL-RL Configuration ****/
#define __CORTEX_M3__
#define CYASSL_MDK_ARM
#define NO_WRITEV
#define NO_CYASSL_DIR
#define NO_MAIN_DRIVER
#define CYASSL_DER_LOAD
#define HAVE_NULL_CIPHER
#define HAVE_KEIL_RTX
#define CYASSL_CMSIS_RTOS
#define CYASSL_KEIL_TCP_NET
// <<< Use Configuration Wizard in Context Menu >>>
// <h> CyaSSL Configuration
// <h>SSL (Included by default)
// </h>
// <e>TLS
#define MDK_CONF_TLS 1
#if MDK_CONF_TLS == 0
#define NO_TLS
#endif
// </e>
// <e>CRL
#define MDK_CONF_DER_LOAD 0
#if MDK_CONF_DER_LOAD == 1
#define CYASSL_DER_LOAD
#endif
// </e>
// <e>OpenSSL Extra
#define MDK_CONF_OPENSSL_EXTRA 1
#if MDK_CONF_OPENSSL_EXTRA == 1
#define OPENSSL_EXTRA
#endif
// </e>
//</h>
// <h>Cert/Key Generation
// <e>CertGen
#define MDK_CONF_CERT_GEN 0
#if MDK_CONF_CERT_GEN == 1
#define CYASSL_CERT_GEN
#endif
// </e>
// <e>KeyGen
#define MDK_CONF_KEY_GEN 0
#if MDK_CONF_KEY_GEN == 1
#define CYASSL_KEY_GEN
#endif
// </e>
//</h>
// <h>Others
// <e>Inline
#define MDK_CONF_INLINE 0
#if MDK_CONF_INLINE == 0
#define NO_INLINE
#endif
// </e>
// <h>Debug
// <e>Debug Message
#define MDK_CONF_DebugMessage 0
#if MDK_CONF_DebugMessage == 1
#define DEBUG_CYASSL
#endif
// </e>
// <e>Check malloc
#define MDK_CONF_CheckMalloc 1
#if MDK_CONF_CheckMalloc == 1
#define CYASSL_MALLOC_CHECK
#endif
// </e>
// </h>
// <e>ErrNo.h
#define MDK_CONF_ErrNo 0
#if MDK_CONF_ErrNo == 1
#define HAVE_ERRNO
#endif
// </e>
// <e>Error Strings
#define MDK_CONF_ErrorStrings 1
#if MDK_CONF_ErrorStrings == 0
#define NO_ERROR_STRINGS
#endif
// </e>
// <e>zlib (need "zlib.h")
#define MDK_CONF_LIBZ 0
#if MDK_CONF_LIBZ == 1
#define HAVE_LIBZ
#endif
// </e>
// <e>CAVIUM (need CAVIUM headers)
#define MDK_CONF_CAVIUM 0
#if MDK_CONF_CAVIUM == 1
#define HAVE_CAVIUM
#endif
// </e>
// <e>Small Stack
#define MDK_CONF_SmallStack 1
#if MDK_CONF_SmallStack == 0
#define NO_CYASSL_SMALL_STACK
#endif
// </e>
// <e>Use Fast Math
#define MDK_CONF_FASTMATH 0
#if MDK_CONF_FASTMATH == 1
#define USE_FAST_MATH
#endif
// </e>
// </h>
// <<< end of configuration section >>>

61
IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/config.h
View File

@@ -1,61 +0,0 @@
/* config.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#define __CORTEX_M3__
#define CYASSL_MDK_ARM
#define CYASSL_MDK5
#define NO_WRITEV
#define NO_CYASSL_DIR
#define BENCH_EMBEDDED
#define CYASSL_DER_LOAD
#define HAVE_NULL_CIPHER
#define NO_MAIN_DRIVER
#if defined(MDK_CONF_CYASSL)
#define CYASSL_MDK_SHELL
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_SimpleClient)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_SimpleServer)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_EchoClient)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_EchoServer)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_Benchmark)
#define SINGLE_THREADED
#define NO_INLINE
#include "config-Crypt.h"
#elif defined(MDK_CONF_CryptTest)
#define SINGLE_THREADED
#define NO_INLINE
#include "config-Crypt.h"
#endif

185
IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/config-Crypt.h
View File

@@ -1,185 +0,0 @@
/* config-FS.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
// <<< Use Configuration Wizard in Context Menu >>>
// <h> wolfCrypt Configuration
// <h>Cert/Key Strage
// <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
#define MDK_CONF_CERT_BUFF 0
#if MDK_CONF_CERT_BUFF== 1
#define USE_CERT_BUFFERS_1024
#elif MDK_CONF_CERT_BUFF == 2
#define USE_CERT_BUFFERS_2048
#endif
//</h>
// <h>Crypt Algrithm
// <h>MD5, SHA, SHA-256, AES, RC4, ASN, RSA
// </h>
// <e>MD2
#define MDK_CONF_MD2 0
#if MDK_CONF_MD2 == 1
#define CYASSL_MD2
#endif
// </e>
// <e>MD4
#define MDK_CONF_MD4 1
#if MDK_CONF_MD4 == 0
#define NO_MD4
#endif
// </e>
// <e>SHA-384
// <i>This has to be with SHA512
#define MDK_CONF_SHA384 0
#if MDK_CONF_SHA384 == 1
#define CYASSL_SHA384
#endif
// </e>
// <e>SHA-512
#define MDK_CONF_SHA512 0
#if MDK_CONF_SHA512 == 1
#define CYASSL_SHA512
#endif
// </e>
// <e>RIPEMD
#define MDK_CONF_RIPEMD 0
#if MDK_CONF_RIPEMD == 1
#define CYASSL_RIPEMD
#endif
// </e>
// <e>HMAC
#define MDK_CONF_HMAC 1
#if MDK_CONF_HMAC == 0
#define NO_HMAC
#endif
// </e>
// <e>HC128
#define MDK_CONF_HC128 0
#if MDK_CONF_HC128 == 1
#define HAVE_HC128
#endif
// </e>
// <e>RABBIT
#define MDK_CONF_RABBIT 1
#if MDK_CONF_RABBI == 0
#define NO_RABBIT
#endif
// </e>
// <e>AEAD
#define MDK_CONF_AEAD 0
#if MDK_CONF_AEAD == 1
#define HAVE_AEAD
#endif
// </e>
// <e>DES3
#define MDK_CONF_DES3 1
#if MDK_CONF_DES3 == 0
#define NO_DES3
#endif
// </e>
// <e>CAMELLIA
#define MDK_CONF_CAMELLIA 0
#if MDK_CONF_CAMELLIA == 1
#define HAVE_CAMELLIA
#endif
// </e>
// <e>DH
// <i>need this for CYASSL_SERVER, OPENSSL_EXTRA
#define MDK_CONF_DH 1
#if MDK_CONF_DH == 0
#define NO_DH
#endif
// </e>
// <e>DSA
#define MDK_CONF_DSA 1
#if MDK_CONF_DSA == 0
#define NO_DSA
#endif
// </e>
// <e>PWDBASED
#define MDK_CONF_PWDBASED 1
#if MDK_CONF_PWDBASED == 0
#define NO_PWDBASED
#endif
// </e>
// <e>ECC
#define MDK_CONF_ECC 0
#if MDK_CONF_ECC == 1
#define HAVE_ECC
#endif
// </e>
// <e>PSK
#define MDK_CONF_PSK 1
#if MDK_CONF_PSK == 0
#define NO_PSK
#endif
// </e>
// <e>AESCCM (Turn off Hardware Crypt)
#define MDK_CONF_AESCCM 0
#if MDK_CONF_AESCCM == 1
#define HAVE_AESCCM
#endif
// </e>
// <e>AESGCM (Turn off Hardware Crypt)
#define MDK_CONF_AESGCM 0
#if MDK_CONF_AESGCM == 1
#define HAVE_AESGCM
#define BUILD_AESGCM
#endif
// </e>
// <e>NTRU (need License, "crypto_ntru.h")
#define MDK_CONF_NTRU 0
#if MDK_CONF_NTRU == 1
#define HAVE_NTRU
#endif
// </e>
// </h>
// <h>Hardware Crypt (See document for usage)
// <e>Hardware RNG
#define MDK_CONF_STM32F2_RNG 0
#if MDK_CONF_STM32F2_RNG == 1
#define STM32F2_RNG
#else
#endif
// </e>
// <e>Hardware Crypt
#define MDK_CONF_STM32F2_CRYPTO 0
#if MDK_CONF_STM32F2_CRYPTO == 1
#define STM32F2_CRYPTO
#endif
// </e>
// </h>
//</h>
// <<< end of configuration section >>>

144
IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/config-CyaSSL.h
View File

@@ -1,144 +0,0 @@
/* config-RTX-TCP-FS.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/**** CyaSSL for KEIL-RL Configuration ****/
#define __CORTEX_M3__
#define CYASSL_MDK_ARM
#define NO_WRITEV
#define NO_CYASSL_DIR
#define NO_MAIN_DRIVER
#define CYASSL_DER_LOAD
#define HAVE_NULL_CIPHER
#define HAVE_KEIL_RTX
#define CYASSL_CMSIS_RTOS
#define CYASSL_KEIL_TCP_NET
// <<< Use Configuration Wizard in Context Menu >>>
// <h> CyaSSL Configuration
// <h>SSL (Included by default)
// </h>
// <e>TLS
#define MDK_CONF_TLS 1
#if MDK_CONF_TLS == 0
#define NO_TLS
#endif
// </e>
// <e>CRL
#define MDK_CONF_DER_LOAD 0
#if MDK_CONF_DER_LOAD == 1
#define CYASSL_DER_LOAD
#endif
// </e>
// <e>OpenSSL Extra
#define MDK_CONF_OPENSSL_EXTRA 1
#if MDK_CONF_OPENSSL_EXTRA == 1
#define OPENSSL_EXTRA
#endif
// </e>
//</h>
// <h>Cert/Key Generation
// <e>CertGen
#define MDK_CONF_CERT_GEN 0
#if MDK_CONF_CERT_GEN == 1
#define CYASSL_CERT_GEN
#endif
// </e>
// <e>KeyGen
#define MDK_CONF_KEY_GEN 0
#if MDK_CONF_KEY_GEN == 1
#define CYASSL_KEY_GEN
#endif
// </e>
//</h>
// <h>Others
// <e>Inline
#define MDK_CONF_INLINE 0
#if MDK_CONF_INLINE == 0
#define NO_INLINE
#endif
// </e>
// <h>Debug
// <e>Debug Message
#define MDK_CONF_DebugMessage 0
#if MDK_CONF_DebugMessage == 1
#define DEBUG_CYASSL
#endif
// </e>
// <e>Check malloc
#define MDK_CONF_CheckMalloc 1
#if MDK_CONF_CheckMalloc == 1
#define CYASSL_MALLOC_CHECK
#endif
// </e>
// </h>
// <e>ErrNo.h
#define MDK_CONF_ErrNo 0
#if MDK_CONF_ErrNo == 1
#define HAVE_ERRNO
#endif
// </e>
// <e>Error Strings
#define MDK_CONF_ErrorStrings 1
#if MDK_CONF_ErrorStrings == 0
#define NO_ERROR_STRINGS
#endif
// </e>
// <e>zlib (need "zlib.h")
#define MDK_CONF_LIBZ 0
#if MDK_CONF_LIBZ == 1
#define HAVE_LIBZ
#endif
// </e>
// <e>CAVIUM (need CAVIUM headers)
#define MDK_CONF_CAVIUM 0
#if MDK_CONF_CAVIUM == 1
#define HAVE_CAVIUM
#endif
// </e>
// <e>Small Stack
#define MDK_CONF_SmallStack 1
#if MDK_CONF_SmallStack == 0
#define NO_CYASSL_SMALL_STACK
#endif
// </e>
// <e>Use Fast Math
#define MDK_CONF_FASTMATH 0
#if MDK_CONF_FASTMATH == 1
#define USE_FAST_MATH
#endif
// </e>
// </h>
// <<< end of configuration section >>>

61
IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/config.h
View File

@@ -1,61 +0,0 @@
/* config.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#define __CORTEX_M3__
#define CYASSL_MDK_ARM
#define CYASSL_MDK5
#define NO_WRITEV
#define NO_CYASSL_DIR
#define BENCH_EMBEDDED
#define CYASSL_DER_LOAD
#define HAVE_NULL_CIPHER
#define NO_MAIN_DRIVER
#if defined(MDK_CONF_CYASSL)
#define CYASSL_MDK_SHELL
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_SimpleClient)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_SimpleServer)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_EchoClient)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_EchoServer)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_Benchmark)
#define SINGLE_THREADED
#define NO_INLINE
#include "config-Crypt.h"
#elif defined(MDK_CONF_CryptTest)
#define SINGLE_THREADED
#define NO_INLINE
#include "config-Crypt.h"
#endif

3
IDE/MDK5-ARM/Projects/SimpleClient/client.c
View File

@@ -471,7 +471,8 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args)
#ifdef HAVE_SNI #ifdef HAVE_SNI
if (sniHostName) if (sniHostName)
if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))) if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))
!= SSL_SUCCESS)
err_sys("UseSNI failed"); err_sys("UseSNI failed");
#endif #endif

70
IDE/MDK5-ARM/Projects/SimpleClient/config-SimpleClient.h
View File

@@ -1,70 +0,0 @@
/* config-RTX-TCP-FS.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/**** CyaSSL for KEIL-RL Configuration ****/
#define __CORTEX_M3__
#define CYASSL_MDK_ARM
#define NO_WRITEV
#define NO_CYASSL_DIR
#define NO_MAIN_DRIVER
#define CYASSL_DER_LOAD
#define HAVE_NULL_CIPHER
#define HAVE_KEIL_RTX
#define CYASSL_CMSIS_RTOS
#define CYASSL_KEIL_TCP_NET
// <<< Use Configuration Wizard in Context Menu >>>
// <h> Build Target: Simple Client
// <s.15>Callee IP Address
// <i> Default: "192.168.1.100"
#define CYASSL_CALLEE_IP "192.168.2.101"
// <s.15>Callee Port Number
// <i> Default: "443"
#define CYASSL_CALLEE_PORT "443"
// <o>HTTP GET Option <0=> HTTP Get <1=> SSL/TLS Message
#define MDK_CONF_HTTP_GET 0
#if MDK_CONF_HTTP_GET == 0
#define CYASSL_HTTP_GET "-g"
#define CYASSL_HTTP_GET_COUNT 1
#elif MDK_CONF_HTTP_GET == 1
#define CYASSL_HTTP_GET ""
#define CYASSL_HTTP_GET_COUNT 0
#endif
// <o>SSL/TLS Version <0=> SSL3 <1=> TLS 1.0 <2=> TLS 1.1 <3=> TLS 1.2
#define MDK_CONF_SSL_VERSION 0
#if MDK_CONF_SSL_VERSION == 0
#define CYASSL_SSL_VER "0"
#elif MDK_CONF_SSL_VERSION == 1
#define CYASSL_SSL_VER "1"
#elif MDK_CONF_SSL_VERSION == 2
#define CYASSL_SSL_VER "2"
#elif MDK_CONF_SSL_VERSION == 3
#define CYASSL_SSL_VER "3"
#endif
// </h>
// <<< end of configuration section >>>

185
IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/config-Crypt.h
View File

@@ -1,185 +0,0 @@
/* config-FS.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
// <<< Use Configuration Wizard in Context Menu >>>
// <h> wolfCrypt Configuration
// <h>Cert/Key Strage
// <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
#define MDK_CONF_CERT_BUFF 0
#if MDK_CONF_CERT_BUFF== 1
#define USE_CERT_BUFFERS_1024
#elif MDK_CONF_CERT_BUFF == 2
#define USE_CERT_BUFFERS_2048
#endif
//</h>
// <h>Crypt Algrithm
// <h>MD5, SHA, SHA-256, AES, RC4, ASN, RSA
// </h>
// <e>MD2
#define MDK_CONF_MD2 0
#if MDK_CONF_MD2 == 1
#define CYASSL_MD2
#endif
// </e>
// <e>MD4
#define MDK_CONF_MD4 1
#if MDK_CONF_MD4 == 0
#define NO_MD4
#endif
// </e>
// <e>SHA-384
// <i>This has to be with SHA512
#define MDK_CONF_SHA384 0
#if MDK_CONF_SHA384 == 1
#define CYASSL_SHA384
#endif
// </e>
// <e>SHA-512
#define MDK_CONF_SHA512 0
#if MDK_CONF_SHA512 == 1
#define CYASSL_SHA512
#endif
// </e>
// <e>RIPEMD
#define MDK_CONF_RIPEMD 0
#if MDK_CONF_RIPEMD == 1
#define CYASSL_RIPEMD
#endif
// </e>
// <e>HMAC
#define MDK_CONF_HMAC 1
#if MDK_CONF_HMAC == 0
#define NO_HMAC
#endif
// </e>
// <e>HC128
#define MDK_CONF_HC128 0
#if MDK_CONF_HC128 == 1
#define HAVE_HC128
#endif
// </e>
// <e>RABBIT
#define MDK_CONF_RABBIT 1
#if MDK_CONF_RABBI == 0
#define NO_RABBIT
#endif
// </e>
// <e>AEAD
#define MDK_CONF_AEAD 0
#if MDK_CONF_AEAD == 1
#define HAVE_AEAD
#endif
// </e>
// <e>DES3
#define MDK_CONF_DES3 1
#if MDK_CONF_DES3 == 0
#define NO_DES3
#endif
// </e>
// <e>CAMELLIA
#define MDK_CONF_CAMELLIA 0
#if MDK_CONF_CAMELLIA == 1
#define HAVE_CAMELLIA
#endif
// </e>
// <e>DH
// <i>need this for CYASSL_SERVER, OPENSSL_EXTRA
#define MDK_CONF_DH 1
#if MDK_CONF_DH == 0
#define NO_DH
#endif
// </e>
// <e>DSA
#define MDK_CONF_DSA 1
#if MDK_CONF_DSA == 0
#define NO_DSA
#endif
// </e>
// <e>PWDBASED
#define MDK_CONF_PWDBASED 1
#if MDK_CONF_PWDBASED == 0
#define NO_PWDBASED
#endif
// </e>
// <e>ECC
#define MDK_CONF_ECC 0
#if MDK_CONF_ECC == 1
#define HAVE_ECC
#endif
// </e>
// <e>PSK
#define MDK_CONF_PSK 1
#if MDK_CONF_PSK == 0
#define NO_PSK
#endif
// </e>
// <e>AESCCM (Turn off Hardware Crypt)
#define MDK_CONF_AESCCM 0
#if MDK_CONF_AESCCM == 1
#define HAVE_AESCCM
#endif
// </e>
// <e>AESGCM (Turn off Hardware Crypt)
#define MDK_CONF_AESGCM 0
#if MDK_CONF_AESGCM == 1
#define HAVE_AESGCM
#define BUILD_AESGCM
#endif
// </e>
// <e>NTRU (need License, "crypto_ntru.h")
#define MDK_CONF_NTRU 0
#if MDK_CONF_NTRU == 1
#define HAVE_NTRU
#endif
// </e>
// </h>
// <h>Hardware Crypt (See document for usage)
// <e>Hardware RNG
#define MDK_CONF_STM32F2_RNG 0
#if MDK_CONF_STM32F2_RNG == 1
#define STM32F2_RNG
#else
#endif
// </e>
// <e>Hardware Crypt
#define MDK_CONF_STM32F2_CRYPTO 0
#if MDK_CONF_STM32F2_CRYPTO == 1
#define STM32F2_CRYPTO
#endif
// </e>
// </h>
//</h>
// <<< end of configuration section >>>

144
IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/config-CyaSSL.h
View File

@@ -1,144 +0,0 @@
/* config-RTX-TCP-FS.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/**** CyaSSL for KEIL-RL Configuration ****/
#define __CORTEX_M3__
#define CYASSL_MDK_ARM
#define NO_WRITEV
#define NO_CYASSL_DIR
#define NO_MAIN_DRIVER
#define CYASSL_DER_LOAD
#define HAVE_NULL_CIPHER
#define HAVE_KEIL_RTX
#define CYASSL_CMSIS_RTOS
#define CYASSL_KEIL_TCP_NET
// <<< Use Configuration Wizard in Context Menu >>>
// <h> CyaSSL Configuration
// <h>SSL (Included by default)
// </h>
// <e>TLS
#define MDK_CONF_TLS 1
#if MDK_CONF_TLS == 0
#define NO_TLS
#endif
// </e>
// <e>CRL
#define MDK_CONF_DER_LOAD 0
#if MDK_CONF_DER_LOAD == 1
#define CYASSL_DER_LOAD
#endif
// </e>
// <e>OpenSSL Extra
#define MDK_CONF_OPENSSL_EXTRA 1
#if MDK_CONF_OPENSSL_EXTRA == 1
#define OPENSSL_EXTRA
#endif
// </e>
//</h>
// <h>Cert/Key Generation
// <e>CertGen
#define MDK_CONF_CERT_GEN 0
#if MDK_CONF_CERT_GEN == 1
#define CYASSL_CERT_GEN
#endif
// </e>
// <e>KeyGen
#define MDK_CONF_KEY_GEN 0
#if MDK_CONF_KEY_GEN == 1
#define CYASSL_KEY_GEN
#endif
// </e>
//</h>
// <h>Others
// <e>Inline
#define MDK_CONF_INLINE 0
#if MDK_CONF_INLINE == 0
#define NO_INLINE
#endif
// </e>
// <h>Debug
// <e>Debug Message
#define MDK_CONF_DebugMessage 0
#if MDK_CONF_DebugMessage == 1
#define DEBUG_CYASSL
#endif
// </e>
// <e>Check malloc
#define MDK_CONF_CheckMalloc 1
#if MDK_CONF_CheckMalloc == 1
#define CYASSL_MALLOC_CHECK
#endif
// </e>
// </h>
// <e>ErrNo.h
#define MDK_CONF_ErrNo 0
#if MDK_CONF_ErrNo == 1
#define HAVE_ERRNO
#endif
// </e>
// <e>Error Strings
#define MDK_CONF_ErrorStrings 1
#if MDK_CONF_ErrorStrings == 0
#define NO_ERROR_STRINGS
#endif
// </e>
// <e>zlib (need "zlib.h")
#define MDK_CONF_LIBZ 0
#if MDK_CONF_LIBZ == 1
#define HAVE_LIBZ
#endif
// </e>
// <e>CAVIUM (need CAVIUM headers)
#define MDK_CONF_CAVIUM 0
#if MDK_CONF_CAVIUM == 1
#define HAVE_CAVIUM
#endif
// </e>
// <e>Small Stack
#define MDK_CONF_SmallStack 1
#if MDK_CONF_SmallStack == 0
#define NO_CYASSL_SMALL_STACK
#endif
// </e>
// <e>Use Fast Math
#define MDK_CONF_FASTMATH 0
#if MDK_CONF_FASTMATH == 1
#define USE_FAST_MATH
#endif
// </e>
// </h>
// <<< end of configuration section >>>

61
IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/config.h
View File

@@ -1,61 +0,0 @@
/* config.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#define __CORTEX_M3__
#define CYASSL_MDK_ARM
#define CYASSL_MDK5
#define NO_WRITEV
#define NO_CYASSL_DIR
#define BENCH_EMBEDDED
#define CYASSL_DER_LOAD
#define HAVE_NULL_CIPHER
#define NO_MAIN_DRIVER
#if defined(MDK_CONF_CYASSL)
#define CYASSL_MDK_SHELL
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_SimpleClient)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_SimpleServer)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_EchoClient)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_EchoServer)
#include "config-Crypt.h"
#include "config-CyaSSL.h"
#elif defined(MDK_CONF_Benchmark)
#define SINGLE_THREADED
#define NO_INLINE
#include "config-Crypt.h"
#elif defined(MDK_CONF_CryptTest)
#define SINGLE_THREADED
#define NO_INLINE
#include "config-Crypt.h"
#endif

2
IDE/MDK5-ARM/Projects/SimpleServer/server.c
View File

@@ -418,7 +418,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
#ifdef HAVE_SNI #ifdef HAVE_SNI
if (sniHostName) { if (sniHostName) {
if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName, if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName,
XSTRLEN(sniHostName))) XSTRLEN(sniHostName)) != SSL_SUCCESS)
err_sys("UseSNI failed"); err_sys("UseSNI failed");
else else
CyaSSL_CTX_SNI_SetOptions(ctx, CYASSL_SNI_HOST_NAME, CyaSSL_CTX_SNI_SetOptions(ctx, CYASSL_SNI_HOST_NAME,

1
Makefile.am
View File

@@ -62,6 +62,7 @@ include mqx/ctaocrypt_test/Sources/include.am
include mqx/cyassl/include.am include mqx/cyassl/include.am
include mqx/cyassl_client/Sources/include.am include mqx/cyassl_client/Sources/include.am
include mqx/util_lib/Sources/include.am include mqx/util_lib/Sources/include.am
include mplabx/include.am
include mplabx/ctaocrypt_benchmark.X/nbproject/include.am include mplabx/ctaocrypt_benchmark.X/nbproject/include.am
include mplabx/ctaocrypt_test.X/nbproject/include.am include mplabx/ctaocrypt_test.X/nbproject/include.am
include mplabx/cyassl.X/nbproject/include.am include mplabx/cyassl.X/nbproject/include.am

41
README
View File

@@ -23,10 +23,10 @@ beginning of the note and specify the full path.
Note 2) Note 2)
CyaSSL takes a different approach to certificate verification than OpenSSL does. CyaSSL takes a different approach to certificate verification than OpenSSL does.
The default policy for the client is to verify the server, this means that if The default policy for the client is to verify the server, this means that if
you don't load CAs to verify the server you'll get a connect error, unable to you don't load CAs to verify the server you'll get a connect error, no signer
verify (-155). It you want to mimic OpenSSL behavior of having SSL_connect error to confirm failure (-188). If you want to mimic OpenSSL behavior of
succeed even if verifying the server fails and reducing security you can do having SSL_connect succeed even if verifying the server fails and reducing
this by calling: security you can do this by calling:
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
@@ -35,12 +35,43 @@ before calling SSL_new(); Though it's not recommended.
*** end Notes *** *** end Notes ***
CyaSSL Release 2.9.0 (X/XX/XXXX) CyaSSL Release 2.9.0 (02/07/2014)
Release 2.9.0 CyaSSL has bug fixes and new features including:
- Freescale Kinetis RNGB support
- Freescale Kinetis mmCAU support
- TLS Hello extensions
- ECC
- Secure Renegotiation (null)
- Truncated HMAC
- SCEP support
- PKCS #7 Enveloped data and signed data
- PKCS #10 Certificate Signing Request generation
- DTLS sliding window
- OCSP Improvements
- API change to integrate into Certificate Manager
- IPv4/IPv6 agnostic
- example client/server support for OCSP
- OCSP nonces are optional
- GMAC hashing
- Windows build additions
- Windows CYGWIN build fixes
- Updated test certificates
- Microchip MPLAB Harmony support
- Update autoconf scripts
- Additional X.509 inspection functions
- ECC encrypt/decrypt primitives
- ECC Certificate generation
The Freescale Kinetis K53 RNGB documentation can be found in Chapter 33 of the The Freescale Kinetis K53 RNGB documentation can be found in Chapter 33 of the
K53 Sub-Family Reference Manual: K53 Sub-Family Reference Manual:
http://cache.freescale.com/files/32bit/doc/ref_manual/K53P144M100SF2RM.pdf http://cache.freescale.com/files/32bit/doc/ref_manual/K53P144M100SF2RM.pdf
Freescale Kinetis K60 mmCAU (AES, DES, 3DES, MD5, SHA, SHA256) documentation
can be found in the "ColdFire/ColdFire+ CAU and Kinetis mmCAU Software Library
User Guide":
http://cache.freescale.com/files/32bit/doc/user_guide/CAUAPIUG.pdf
*****************CyaSSL Release 2.8.0 (8/30/2013) *****************CyaSSL Release 2.8.0 (8/30/2013)

58
certs/crl/cliCrl.pem
View File

@@ -2,38 +2,40 @@ Certificate Revocation List (CRL):
Version 2 (0x1) Version 2 (0x1)
Signature Algorithm: sha1WithRSAEncryption Signature Algorithm: sha1WithRSAEncryption
Issuer: /C=US/ST=Oregon/L=Portland/O=yaSSL/OU=Programming/CN=www.yassl.com/emailAddress=info@yassl.com Issuer: /C=US/ST=Oregon/L=Portland/O=yaSSL/OU=Programming/CN=www.yassl.com/emailAddress=info@yassl.com
Last Update: Jun 17 21:32:30 2013 GMT Last Update: Feb 7 20:14:06 2014 GMT
Next Update: Dec 14 21:32:30 2013 GMT Next Update: Feb 7 20:14:06 2015 GMT
CRL extensions: CRL extensions:
X509v3 CRL Number: X509v3 CRL Number:
87 3
No Revoked Certificates. Revoked Certificates:
Serial Number: 02
Revocation Date: Feb 7 20:14:06 2014 GMT
Signature Algorithm: sha1WithRSAEncryption Signature Algorithm: sha1WithRSAEncryption
0f:16:d2:d6:62:f8:c0:db:b2:2c:de:9d:0a:10:72:0e:85:6e: 36:33:8d:75:7a:2c:40:dc:e2:64:71:de:1d:06:b4:0e:d3:98:
25:1d:38:20:1b:d5:66:d9:d3:9e:0e:a6:9e:e8:60:20:1c:b5: 63:05:79:84:53:76:9b:aa:51:70:a1:3a:ab:12:f7:da:69:70:
c9:ab:09:c3:a5:d5:c3:91:a3:9a:ff:44:40:68:da:7b:da:4a: 34:5b:4d:08:01:a6:3b:16:25:ac:3d:11:0c:80:94:bc:dc:b5:
3c:15:17:89:0a:49:b9:af:b2:ac:f0:e2:b5:0e:4d:c0:22:d7: 51:7c:84:11:65:d7:d2:24:16:f5:ac:11:0b:ea:72:62:4a:cb:
5e:c1:02:9e:f3:95:20:62:7c:88:d9:32:97:12:04:1a:6f:8c: 83:c1:6c:96:ec:6b:ce:1f:26:88:89:8a:74:90:fb:d3:67:91:
d8:7b:9f:0c:1e:91:fe:98:52:17:de:f2:ee:7c:66:e7:db:91: 8c:f7:ef:0e:ca:81:39:22:89:1a:52:75:d0:13:ba:ee:83:0c:
99:7a:f7:09:c9:15:16:3d:a2:1c:13:af:ad:e0:70:b8:6b:e5: 61:e9:b4:d8:f1:3f:80:77:29:d2:bb:7e:81:29:a8:fb:1f:ad:
dc:8e:f8:b5:ec:ff:f7:88:1b:ce:46:eb:22:ff:10:2f:ea:53: 92:91:bd:e9:b8:29:3f:a3:ec:44:b5:09:e5:03:3c:1b:2d:df:
f0:86:62:1a:ab:6f:4d:05:45:e8:5c:ba:b5:8d:0d:38:72:cd: 4c:27:45:94:da:be:50:dd:b9:78:3f:1f:92:92:59:a5:ad:5a:
df:a1:74:31:bb:ad:68:7d:56:be:d8:7e:7a:f5:ef:52:be:14: ef:95:71:ff:ca:ff:db:70:53:17:aa:00:40:9b:4c:ff:fb:be:
5c:6d:ed:b4:2a:c9:ab:97:ba:e8:93:c5:6b:79:66:c7:52:a8: 73:7a:8e:0f:07:9b:b9:14:fd:a4:b4:d7:79:4b:3e:ff:c6:90:
0d:62:dc:cb:e2:4c:e6:53:f4:c3:5c:ce:47:0f:39:46:9a:cb: ef:91:2e:a2:f3:ee:4b:1f:16:47:2a:a3:39:f9:b5:fd:74:fa:
82:d9:98:7d:69:41:aa:ac:6a:7a:e9:02:c9:9b:77:59:7f:6a: 8f:c4:15:8d:77:7f:46:78:6f:ba:a5:4e:bc:63:8f:39:63:c9:
90:54:10:8a:45:c7:49:5f:ca:be:66:6a:20:e1:cd:e8:10:09: 68:3d:8f:02:3a:4a:d0:d5:c4:47:6a:2c:4d:6c:d5:e2:a7:5f:
30:7e:16:44 35:ba:65:e4
-----BEGIN X509 CRL----- -----BEGIN X509 CRL-----
MIIB6DCB0QIBATANBgkqhkiG9w0BAQUFADCBjjELMAkGA1UEBhMCVVMxDzANBgNV MIIB/jCB5wIBATANBgkqhkiG9w0BAQUFADCBjjELMAkGA1UEBhMCVVMxDzANBgNV
BAgTBk9yZWdvbjERMA8GA1UEBxMIUG9ydGxhbmQxDjAMBgNVBAoTBXlhU1NMMRQw BAgTBk9yZWdvbjERMA8GA1UEBxMIUG9ydGxhbmQxDjAMBgNVBAoTBXlhU1NMMRQw
EgYDVQQLEwtQcm9ncmFtbWluZzEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEdMBsG EgYDVQQLEwtQcm9ncmFtbWluZzEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEdMBsG
CSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20XDTEzMDYxNzIxMzIzMFoXDTEzMTIx CSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20XDTE0MDIwNzIwMTQwNloXDTE1MDIw
NDIxMzIzMFqgDjAMMAoGA1UdFAQDAgFXMA0GCSqGSIb3DQEBBQUAA4IBAQAPFtLW NzIwMTQwNlowFDASAgECFw0xNDAyMDcyMDE0MDZaoA4wDDAKBgNVHRQEAwIBAzAN
YvjA27Is3p0KEHIOhW4lHTggG9Vm2dOeDqae6GAgHLXJqwnDpdXDkaOa/0RAaNp7 BgkqhkiG9w0BAQUFAAOCAQEANjONdXosQNziZHHeHQa0DtOYYwV5hFN2m6pRcKE6
2ko8FReJCkm5r7Ks8OK1Dk3AItdewQKe85UgYnyI2TKXEgQab4zYe58MHpH+mFIX qxL32mlwNFtNCAGmOxYlrD0RDICUvNy1UXyEEWXX0iQW9awRC+pyYkrLg8Fsluxr
3vLufGbn25GZevcJyRUWPaIcE6+t4HC4a+Xcjvi17P/3iBvORusi/xAv6lPwhmIa zh8miImKdJD702eRjPfvDsqBOSKJGlJ10BO67oMMYem02PE/gHcp0rt+gSmo+x+t
q29NBUXoXLq1jQ04cs3foXQxu61ofVa+2H569e9SvhRcbe20Ksmrl7rok8VreWbH kpG96bgpP6PsRLUJ5QM8Gy3fTCdFlNq+UN25eD8fkpJZpa1a75Vx/8r/23BTF6oA
UqgNYtzL4kzmU/TDXM5HDzlGmsuC2Zh9aUGqrGp66QLJm3dZf2qQVBCKRcdJX8q+ QJtM//u+c3qODwebuRT9pLTXeUs+/8aQ75EuovPuSx8WRyqjOfm1/XT6j8QVjXd/
Zmog4c3oEAkwfhZE RnhvuqVOvGOPOWPJaD2PAjpK0NXER2osTWzV4qdfNbpl5A==
-----END X509 CRL----- -----END X509 CRL-----

52
certs/crl/crl.pem
View File

@@ -2,38 +2,38 @@ Certificate Revocation List (CRL):
Version 2 (0x1) Version 2 (0x1)
Signature Algorithm: sha1WithRSAEncryption Signature Algorithm: sha1WithRSAEncryption
Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.yassl.com/emailAddress=info@yassl.com Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.yassl.com/emailAddress=info@yassl.com
Last Update: Jun 17 21:32:30 2013 GMT Last Update: Feb 7 20:14:06 2014 GMT
Next Update: Dec 14 21:32:30 2013 GMT Next Update: Feb 7 20:14:06 2015 GMT
CRL extensions: CRL extensions:
X509v3 CRL Number: X509v3 CRL Number:
85 1
No Revoked Certificates. No Revoked Certificates.
Signature Algorithm: sha1WithRSAEncryption Signature Algorithm: sha1WithRSAEncryption
4d:9c:63:22:02:91:fe:52:35:93:7c:b6:5b:e8:86:5a:29:a2: 4b:c1:68:4f:80:01:0e:ab:ff:c1:8f:5e:e5:3c:01:7a:fd:9c:
4d:9a:bc:d9:16:e0:8a:04:90:4d:ae:21:00:be:9c:81:5b:68: bb:21:b3:68:73:7c:e9:dc:c5:70:a8:fd:1b:74:27:c2:9e:7d:
6e:90:1a:fd:1a:37:70:85:50:f2:02:87:1c:38:f4:ef:9d:41: 11:9c:95:b9:fb:73:ac:50:bb:b7:4a:5e:f1:f3:44:b4:7c:b5:
f5:4f:53:66:d4:c0:22:80:00:82:7a:09:42:49:c3:1c:c9:4c: 21:0f:32:48:2e:b2:03:95:a7:09:6b:25:87:c3:1d:9c:3f:8f:
9f:92:f9:66:f4:21:1f:24:67:4f:83:6a:bd:3a:19:f1:04:99: 69:91:30:fb:e5:a1:b2:26:1a:ed:8f:73:06:2d:bd:bc:72:f4:
ea:30:05:bf:a7:3d:bf:71:ac:3e:3a:ba:2a:c5:05:12:53:eb: b8:bd:63:61:90:c7:91:2b:68:52:51:47:0d:d6:a1:79:b8:4b:
5c:6f:ed:2d:4b:c0:f5:00:e1:95:45:c9:62:b5:89:66:4b:2b: bc:30:57:94:fa:b7:49:80:1a:1f:4d:aa:a3:8b:cd:8f:5d:8e:
01:fc:66:29:a3:0a:9a:05:ae:f7:9f:51:2a:9c:3b:18:03:ed: ad:8b:d6:d1:5b:c1:cf:f2:0c:60:22:19:87:42:db:42:8b:aa:
c4:7c:33:62:93:30:49:ab:c4:d1:07:f4:18:ac:96:24:1e:c2: 47:36:4d:20:eb:cb:72:ce:4b:48:1b:f3:4d:0b:e0:f8:58:27:
fa:37:ed:82:db:06:66:8d:fb:25:93:35:7b:39:88:e8:8e:70: 65:60:e7:97:50:83:a9:80:58:62:a8:02:ac:4e:37:79:42:47:
e9:c8:be:00:c4:f7:a7:67:83:f8:3d:af:8b:71:5b:25:3b:1d: 65:aa:55:ca:7c:9a:9c:bf:6c:36:89:f3:f7:60:d3:30:be:d4:
56:cd:d0:15:86:31:d1:cb:57:3a:00:b5:1c:7c:3e:99:44:ce: ce:f1:af:41:7e:02:75:6e:82:86:96:b9:16:07:15:29:c0:65:
bc:89:a7:78:37:50:ed:a1:b6:16:cd:72:20:c9:1f:60:b2:8a: 4d:2f:13:4f:01:ec:47:f1:af:36:0a:d6:a1:dc:81:57:18:2d:
c5:62:30:26:f0:aa:b6:73:ca:8e:d6:ba:31:0a:21:a2:6e:40: 00:7b:d4:49:88:c0:61:81:0e:cd:a7:39:6a:53:2a:7c:91:3d:
4b:66:30:11 ac:62:8d:49
-----BEGIN X509 CRL----- -----BEGIN X509 CRL-----
MIIB6jCB0wIBATANBgkqhkiG9w0BAQUFADCBkDELMAkGA1UEBhMCVVMxEDAOBgNV MIIB6jCB0wIBATANBgkqhkiG9w0BAQUFADCBkDELMAkGA1UEBhMCVVMxEDAOBgNV
BAgTB01vbnRhbmExEDAOBgNVBAcTB0JvemVtYW4xETAPBgNVBAoTCFNhd3Rvb3Ro BAgTB01vbnRhbmExEDAOBgNVBAcTB0JvemVtYW4xETAPBgNVBAoTCFNhd3Rvb3Ro
MRMwEQYDVQQLEwpDb25zdWx0aW5nMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0w MRMwEQYDVQQLEwpDb25zdWx0aW5nMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0w
GwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbRcNMTMwNjE3MjEzMjMwWhcNMTMx GwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbRcNMTQwMjA3MjAxNDA2WhcNMTUw
MjE0MjEzMjMwWqAOMAwwCgYDVR0UBAMCAVUwDQYJKoZIhvcNAQEFBQADggEBAE2c MjA3MjAxNDA2WqAOMAwwCgYDVR0UBAMCAQEwDQYJKoZIhvcNAQEFBQADggEBAEvB
YyICkf5SNZN8tlvohlopok2avNkW4IoEkE2uIQC+nIFbaG6QGv0aN3CFUPIChxw4 aE+AAQ6r/8GPXuU8AXr9nLshs2hzfOncxXCo/Rt0J8KefRGclbn7c6xQu7dKXvHz
9O+dQfVPU2bUwCKAAIJ6CUJJwxzJTJ+S+Wb0IR8kZ0+Dar06GfEEmeowBb+nPb9x RLR8tSEPMkgusgOVpwlrJYfDHZw/j2mRMPvlobImGu2PcwYtvbxy9Li9Y2GQx5Er
rD46uirFBRJT61xv7S1LwPUA4ZVFyWK1iWZLKwH8ZimjCpoFrvefUSqcOxgD7cR8 aFJRRw3WoXm4S7wwV5T6t0mAGh9NqqOLzY9djq2L1tFbwc/yDGAiGYdC20KLqkc2
M2KTMEmrxNEH9BisliQewvo37YLbBmaN+yWTNXs5iOiOcOnIvgDE96dng/g9r4tx TSDry3LOS0gb800L4PhYJ2Vg55dQg6mAWGKoAqxON3lCR2WqVcp8mpy/bDaJ8/dg
WyU7HVbN0BWGMdHLVzoAtRx8PplEzryJp3g3UO2hthbNciDJH2CyisViMCbwqrZz 0zC+1M7xr0F+AnVugoaWuRYHFSnAZU0vE08B7EfxrzYK1qHcgVcYLQB71EmIwGGB
yo7WujEKIaJuQEtmMBE= Ds2nOWpTKnyRPaxijUk=
-----END X509 CRL----- -----END X509 CRL-----

54
certs/crl/crl.revoked
View File

@@ -2,40 +2,40 @@ Certificate Revocation List (CRL):
Version 2 (0x1) Version 2 (0x1)
Signature Algorithm: sha1WithRSAEncryption Signature Algorithm: sha1WithRSAEncryption
Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.yassl.com/emailAddress=info@yassl.com Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.yassl.com/emailAddress=info@yassl.com
Last Update: Jun 17 21:32:30 2013 GMT Last Update: Feb 7 20:14:06 2014 GMT
Next Update: Dec 14 21:32:30 2013 GMT Next Update: Feb 7 20:14:06 2015 GMT
CRL extensions: CRL extensions:
X509v3 CRL Number: X509v3 CRL Number:
86 2
Revoked Certificates: Revoked Certificates:
Serial Number: 02 Serial Number: 02
Revocation Date: Jun 17 21:32:30 2013 GMT Revocation Date: Feb 7 20:14:06 2014 GMT
Signature Algorithm: sha1WithRSAEncryption Signature Algorithm: sha1WithRSAEncryption
87:3b:bb:ac:6b:1a:e8:96:87:6f:a3:8e:39:77:28:01:a7:ea: 10:5d:b1:d0:79:d2:8a:15:2d:40:0b:44:d6:d9:df:58:73:eb:
76:36:c2:48:e2:41:02:3f:f3:f7:64:09:60:91:87:9e:57:74: 55:2c:81:fe:e1:7b:62:48:8f:34:c5:06:51:e5:e8:50:70:8c:
38:a0:c3:20:47:7d:82:4b:2c:34:23:fe:66:dc:2b:3e:8a:a1: 12:ba:e3:6e:fe:7d:0d:ce:44:08:9d:dc:d9:57:43:6c:54:12:
d9:e3:06:ec:75:0f:b1:ef:32:e2:28:ab:7d:40:2c:82:59:74: 82:d4:ed:6c:71:e5:74:44:bd:d1:a8:98:96:63:8b:68:5f:d2:
c9:95:b5:62:a6:6a:8e:34:e6:f6:f8:91:ff:aa:c1:21:93:79: 87:28:dd:99:4f:aa:ba:8e:18:9e:c4:4f:69:9e:66:13:03:28:
cb:6f:dc:be:94:21:b1:c8:dd:9e:b8:fe:ad:e8:50:6e:0d:76: 5f:3c:35:01:15:77:22:7c:ed:c5:4a:67:44:af:85:7f:df:8a:
92:32:54:51:96:cd:c7:be:d2:0f:6f:63:69:5f:b3:28:c1:57: fd:49:8b:e1:be:52:e3:ca:e8:ae:a3:ad:07:91:2c:51:c6:28:
0e:61:f7:62:81:9f:ea:e7:a5:14:89:41:56:63:46:da:bc:d8: 5f:26:17:14:39:5d:4e:21:9f:11:6f:c4:a2:ef:ef:b8:ec:27:
e0:78:44:c6:c7:1a:ab:1b:f1:0b:59:d5:4e:6d:14:bc:16:c2: af:45:ad:b9:ed:e0:14:09:60:a0:50:ee:dd:f7:b1:3e:58:c4:
02:43:06:0b:f4:16:6e:26:8c:36:09:61:0c:53:3f:72:85:64: 0d:e8:b5:0b:a9:0d:98:ad:7c:74:ab:1c:d6:fa:c8:7d:e7:5a:
33:4d:bf:70:44:c8:23:83:c3:51:98:a8:14:f7:b2:03:a1:7b: 3b:91:23:d5:62:ba:d4:e4:be:58:78:fe:09:ba:63:f6:9e:2c:
72:48:4d:24:d0:a8:a9:22:3d:9b:94:bf:24:24:01:6f:2e:4b: 3f:93:c2:fe:de:c5:00:21:50:39:91:ac:71:e6:fc:4a:37:a4:
2b:21:24:8f:64:46:20:79:45:b3:45:1a:4f:93:10:e1:8d:04: e4:e9:5e:e7:ac:8d:95:21:d6:76:aa:10:a8:3c:28:3e:ef:1c:
4c:8d:83:63:96:9f:28:c5:37:0f:10:8e:02:9b:4d:96:8b:ea: 64:58:e9:1e:f6:7e:54:f3:cb:bb:ed:6f:5d:27:5a:b1:4b:91:
a3:31:88:9f 8e:8c:67:7d
-----BEGIN X509 CRL----- -----BEGIN X509 CRL-----
MIICADCB6QIBATANBgkqhkiG9w0BAQUFADCBkDELMAkGA1UEBhMCVVMxEDAOBgNV MIICADCB6QIBATANBgkqhkiG9w0BAQUFADCBkDELMAkGA1UEBhMCVVMxEDAOBgNV
BAgTB01vbnRhbmExEDAOBgNVBAcTB0JvemVtYW4xETAPBgNVBAoTCFNhd3Rvb3Ro BAgTB01vbnRhbmExEDAOBgNVBAcTB0JvemVtYW4xETAPBgNVBAoTCFNhd3Rvb3Ro
MRMwEQYDVQQLEwpDb25zdWx0aW5nMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0w MRMwEQYDVQQLEwpDb25zdWx0aW5nMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0w
GwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbRcNMTMwNjE3MjEzMjMwWhcNMTMx GwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbRcNMTQwMjA3MjAxNDA2WhcNMTUw
MjE0MjEzMjMwWjAUMBICAQIXDTEzMDYxNzIxMzIzMFqgDjAMMAoGA1UdFAQDAgFW MjA3MjAxNDA2WjAUMBICAQIXDTE0MDIwNzIwMTQwNlqgDjAMMAoGA1UdFAQDAgEC
MA0GCSqGSIb3DQEBBQUAA4IBAQCHO7usaxrolodvo445dygBp+p2NsJI4kECP/P3 MA0GCSqGSIb3DQEBBQUAA4IBAQAQXbHQedKKFS1AC0TW2d9Yc+tVLIH+4XtiSI80
ZAlgkYeeV3Q4oMMgR32CSyw0I/5m3Cs+iqHZ4wbsdQ+x7zLiKKt9QCyCWXTJlbVi xQZR5ehQcIwSuuNu/n0NzkQIndzZV0NsVBKC1O1sceV0RL3RqJiWY4toX9KHKN2Z
pmqONOb2+JH/qsEhk3nLb9y+lCGxyN2euP6t6FBuDXaSMlRRls3HvtIPb2NpX7Mo T6q6jhiexE9pnmYTAyhfPDUBFXcifO3FSmdEr4V/34r9SYvhvlLjyuiuo60HkSxR
wVcOYfdigZ/q56UUiUFWY0bavNjgeETGxxqrG/ELWdVObRS8FsICQwYL9BZuJow2 xihfJhcUOV1OIZ8Rb8Si7++47CevRa257eAUCWCgUO7d97E+WMQN6LULqQ2YrXx0
CWEMUz9yhWQzTb9wRMgjg8NRmKgU97IDoXtySE0k0KipIj2blL8kJAFvLksrISSP qxzW+sh951o7kSPVYrrU5L5YeP4JumP2niw/k8L+3sUAIVA5kaxx5vxKN6Tk6V7n
ZEYgeUWzRRpPkxDhjQRMjYNjlp8oxTcPEI4Cm02Wi+qjMYif rI2VIdZ2qhCoPCg+7xxkWOke9n5U88u77W9dJ1qxS5GOjGd9
-----END X509 CRL----- -----END X509 CRL-----

28
certs/crl/eccCliCRL.pem
View File

@@ -2,23 +2,25 @@ Certificate Revocation List (CRL):
Version 2 (0x1) Version 2 (0x1)
Signature Algorithm: ecdsa-with-SHA1 Signature Algorithm: ecdsa-with-SHA1
Issuer: /C=US/ST=Oregon/L=Salem/O=Client ECC/OU=Fast/CN=www.yassl.com/emailAddress=info@yassl.com Issuer: /C=US/ST=Oregon/L=Salem/O=Client ECC/OU=Fast/CN=www.yassl.com/emailAddress=info@yassl.com
Last Update: Jun 17 21:32:30 2013 GMT Last Update: Feb 7 20:14:06 2014 GMT
Next Update: Dec 14 21:32:30 2013 GMT Next Update: Feb 7 20:14:06 2015 GMT
CRL extensions: CRL extensions:
X509v3 CRL Number: X509v3 CRL Number:
88 4
No Revoked Certificates. Revoked Certificates:
Serial Number: 02
Revocation Date: Feb 7 20:14:06 2014 GMT
Signature Algorithm: ecdsa-with-SHA1 Signature Algorithm: ecdsa-with-SHA1
30:45:02:21:00:eb:6e:1b:5d:f9:43:f9:67:5b:4e:d1:6d:30: 30:44:02:20:10:95:f9:c8:20:bc:7d:ce:79:6d:35:23:4c:82:
c7:c1:57:a3:e6:25:af:87:7a:77:8d:d9:89:47:1d:a4:64:0e: 8c:f5:8b:d1:4f:69:a9:5e:70:97:dd:bb:c2:67:13:46:b0:47:
21:02:20:11:20:49:d5:84:47:fa:12:61:46:ec:b6:db:0e:d0: 02:20:4f:1f:43:c2:cc:63:1c:6e:26:89:2d:e7:ce:69:45:6d:
9d:3d:95:24:4f:a3:43:ab:d0:ad:dd:d9:61:b7:49:e2:5e fb:8f:53:cd:1f:84:0f:93:fe:83:91:69:f2:91:c6:f9
-----BEGIN X509 CRL----- -----BEGIN X509 CRL-----
MIIBIDCByAIBATAJBgcqhkjOPQQBMIGJMQswCQYDVQQGEwJVUzEPMA0GA1UECBMG MIIBNTCB3gIBATAJBgcqhkjOPQQBMIGJMQswCQYDVQQGEwJVUzEPMA0GA1UECBMG
T3JlZ29uMQ4wDAYDVQQHEwVTYWxlbTETMBEGA1UEChMKQ2xpZW50IEVDQzENMAsG T3JlZ29uMQ4wDAYDVQQHEwVTYWxlbTETMBEGA1UEChMKQ2xpZW50IEVDQzENMAsG
A1UECxMERmFzdDEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEdMBsGCSqGSIb3DQEJ A1UECxMERmFzdDEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEdMBsGCSqGSIb3DQEJ
ARYOaW5mb0B5YXNzbC5jb20XDTEzMDYxNzIxMzIzMFoXDTEzMTIxNDIxMzIzMFqg ARYOaW5mb0B5YXNzbC5jb20XDTE0MDIwNzIwMTQwNloXDTE1MDIwNzIwMTQwNlow
DjAMMAoGA1UdFAQDAgFYMAkGByqGSM49BAEDSAAwRQIhAOtuG135Q/lnW07RbTDH FDASAgECFw0xNDAyMDcyMDE0MDZaoA4wDDAKBgNVHRQEAwIBBDAJBgcqhkjOPQQB
wVej5iWvh3p3jdmJRx2kZA4hAiARIEnVhEf6EmFG7LbbDtCdPZUkT6NDq9Ct3dlh A0cAMEQCIBCV+cggvH3OeW01I0yCjPWL0U9pqV5wl927wmcTRrBHAiBPH0PCzGMc
t0niXg== biaJLefOaUVt+49TzR+ED5P+g5Fp8pHG+Q==
-----END X509 CRL----- -----END X509 CRL-----

28
certs/crl/eccSrvCRL.pem
View File

@@ -2,23 +2,25 @@ Certificate Revocation List (CRL):
Version 2 (0x1) Version 2 (0x1)
Signature Algorithm: ecdsa-with-SHA1 Signature Algorithm: ecdsa-with-SHA1
Issuer: /C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.yassl.com/emailAddress=info@yassl.com Issuer: /C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.yassl.com/emailAddress=info@yassl.com
Last Update: Jun 17 21:32:30 2013 GMT Last Update: Feb 7 20:14:06 2014 GMT
Next Update: Dec 14 21:32:30 2013 GMT Next Update: Feb 7 20:14:06 2015 GMT
CRL extensions: CRL extensions:
X509v3 CRL Number: X509v3 CRL Number:
89 5
No Revoked Certificates. Revoked Certificates:
Serial Number: 02
Revocation Date: Feb 7 20:14:06 2014 GMT
Signature Algorithm: ecdsa-with-SHA1 Signature Algorithm: ecdsa-with-SHA1
30:44:02:20:0c:78:df:c4:4b:8b:e0:70:15:4f:f6:7d:82:d6: 30:44:02:20:2a:2a:2c:ff:8a:0f:6a:74:57:b8:41:a8:5a:5c:
0d:dd:a5:a0:e2:6a:95:4b:2b:6b:29:14:15:ba:51:0d:e3:1f: 8c:7d:c1:7d:b1:76:a3:db:ff:22:1a:69:cd:80:8d:d5:e4:2a:
02:20:2b:4b:1d:7c:9d:2f:5a:01:3d:9b:c1:94:cd:10:86:fe: 02:20:2d:51:3e:01:5b:79:6c:f4:89:89:63:46:0b:65:44:46:
e2:9d:a0:b2:3c:97:10:ba:a6:56:43:78:b3:92:9b:0b 59:2d:42:3e:ba:a8:6d:08:4a:20:1f:9a:06:cc:a9:65
-----BEGIN X509 CRL----- -----BEGIN X509 CRL-----
MIIBITCBygIBATAJBgcqhkjOPQQBMIGLMQswCQYDVQQGEwJVUzETMBEGA1UECBMK MIIBNzCB4AIBATAJBgcqhkjOPQQBMIGLMQswCQYDVQQGEwJVUzETMBEGA1UECBMK
V2FzaGluZ3RvbjEQMA4GA1UEBxMHU2VhdHRsZTEQMA4GA1UEChMHRWxpcHRpYzEM V2FzaGluZ3RvbjEQMA4GA1UEBxMHU2VhdHRsZTEQMA4GA1UEChMHRWxpcHRpYzEM
MAoGA1UECxMDRUNDMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0wGwYJKoZIhvcN MAoGA1UECxMDRUNDMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0wGwYJKoZIhvcN
AQkBFg5pbmZvQHlhc3NsLmNvbRcNMTMwNjE3MjEzMjMwWhcNMTMxMjE0MjEzMjMw AQkBFg5pbmZvQHlhc3NsLmNvbRcNMTQwMjA3MjAxNDA2WhcNMTUwMjA3MjAxNDA2
WqAOMAwwCgYDVR0UBAMCAVkwCQYHKoZIzj0EAQNHADBEAiAMeN/ES4vgcBVP9n2C WjAUMBICAQIXDTE0MDIwNzIwMTQwNlqgDjAMMAoGA1UdFAQDAgEFMAkGByqGSM49
1g3dpaDiapVLK2spFBW6UQ3jHwIgK0sdfJ0vWgE9m8GUzRCG/uKdoLI8lxC6plZD BAEDRwAwRAIgKios/4oPanRXuEGoWlyMfcF9sXaj2/8iGmnNgI3V5CoCIC1RPgFb
eLOSmws= eWz0iYljRgtlREZZLUI+uqhtCEogH5oGzKll
-----END X509 CRL----- -----END X509 CRL-----

10
certs/crl/gencrls.sh
View File

@@ -5,7 +5,7 @@
# caCrl # caCrl
openssl ca -gencrl -crldays 180 -out crl.pem -keyfile ~/cyassl/certs/ca-key.pem -cert ~/cyassl/certs/ca-cert.pem openssl ca -gencrl -crldays 365 -out crl.pem -keyfile ~/cyassl/certs/ca-key.pem -cert ~/cyassl/certs/ca-cert.pem
# metadata # metadata
openssl crl -in crl.pem -text > tmp openssl crl -in crl.pem -text > tmp
@@ -17,7 +17,7 @@ cp crl.pem ~/cyassl/certs/crl/crl.pem
openssl ca -revoke ~/cyassl/certs/server-cert.pem -keyfile ~/cyassl/certs/ca-key.pem -cert ~/cyassl/certs/ca-cert.pem openssl ca -revoke ~/cyassl/certs/server-cert.pem -keyfile ~/cyassl/certs/ca-key.pem -cert ~/cyassl/certs/ca-cert.pem
# caCrl server revoked generation # caCrl server revoked generation
openssl ca -gencrl -crldays 180 -out crl.revoked -keyfile ~/cyassl/certs/ca-key.pem -cert ~/cyassl/certs/ca-cert.pem openssl ca -gencrl -crldays 365 -out crl.revoked -keyfile ~/cyassl/certs/ca-key.pem -cert ~/cyassl/certs/ca-cert.pem
# metadata # metadata
openssl crl -in crl.revoked -text > tmp openssl crl -in crl.revoked -text > tmp
@@ -29,7 +29,7 @@ cp crl.revoked ~/cyassl/certs/crl/crl.revoked
cp blank.index.txt demoCA/index.txt cp blank.index.txt demoCA/index.txt
# cliCrl # cliCrl
openssl ca -gencrl -crldays 180 -out cliCrl.pem -keyfile ~/cyassl/certs/client-key.pem -cert ~/cyassl/certs/client-cert.pem openssl ca -gencrl -crldays 365 -out cliCrl.pem -keyfile ~/cyassl/certs/client-key.pem -cert ~/cyassl/certs/client-cert.pem
# metadata # metadata
openssl crl -in cliCrl.pem -text > tmp openssl crl -in cliCrl.pem -text > tmp
@@ -38,7 +38,7 @@ mv tmp cliCrl.pem
cp cliCrl.pem ~/cyassl/certs/crl/cliCrl.pem cp cliCrl.pem ~/cyassl/certs/crl/cliCrl.pem
# eccCliCRL # eccCliCRL
openssl ca -gencrl -crldays 180 -out eccCliCRL.pem -keyfile ~/cyassl/certs/ecc-client-key.pem -cert ~/cyassl/certs/client-ecc-cert.pem openssl ca -gencrl -crldays 365 -out eccCliCRL.pem -keyfile ~/cyassl/certs/ecc-client-key.pem -cert ~/cyassl/certs/client-ecc-cert.pem
# metadata # metadata
openssl crl -in eccCliCRL.pem -text > tmp openssl crl -in eccCliCRL.pem -text > tmp
@@ -47,7 +47,7 @@ mv tmp eccCliCRL.pem
cp eccCliCRL.pem ~/cyassl/certs/crl/eccCliCRL.pem cp eccCliCRL.pem ~/cyassl/certs/crl/eccCliCRL.pem
# eccSrvCRL # eccSrvCRL
openssl ca -gencrl -crldays 180 -out eccSrvCRL.pem -keyfile ~/cyassl/certs/ecc-key.pem -cert ~/cyassl/certs/server-ecc.pem openssl ca -gencrl -crldays 365 -out eccSrvCRL.pem -keyfile ~/cyassl/certs/ecc-key.pem -cert ~/cyassl/certs/server-ecc.pem
# metadata # metadata
openssl crl -in eccSrvCRL.pem -text > tmp openssl crl -in eccSrvCRL.pem -text > tmp

155
configure.ac
View File

@@ -6,7 +6,7 @@
# #
# #
AC_INIT([cyassl],[2.8.3],[https://github.com/cyassl/cyassl/issues],[cyassl],[http://www.yassl.com]) AC_INIT([cyassl],[2.9.0],[https://github.com/cyassl/cyassl/issues],[cyassl],[http://www.yassl.com])
AC_CONFIG_AUX_DIR([build-aux]) AC_CONFIG_AUX_DIR([build-aux])
@@ -33,7 +33,7 @@ AC_CONFIG_MACRO_DIR([m4])
AC_CONFIG_HEADERS([config.h:config.in])dnl Keep filename to 8.3 for MS-DOS. AC_CONFIG_HEADERS([config.h:config.in])dnl Keep filename to 8.3 for MS-DOS.
#shared library versioning #shared library versioning
CYASSL_LIBRARY_VERSION=5:2:0 CYASSL_LIBRARY_VERSION=5:3:0
# | | | # | | |
# +------+ | +---+ # +------+ | +---+
# | | | # | | |
@@ -103,6 +103,8 @@ OPTIMIZE_FAST_CFLAGS="-O2 -fomit-frame-pointer"
OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET -DTFM_HUGE_SET" OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET -DTFM_HUGE_SET"
DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_CYASSL" DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_CYASSL"
# Thread local storage
AX_TLS([AM_CFLAGS="$AM_CFLAGS -DHAVE_THREAD_LS"])
# DEBUG # DEBUG
AX_DEBUG AX_DEBUG
@@ -308,17 +310,20 @@ fi
# SNIFFER # SNIFFER
ENABLED_SNIFFTEST=no
AC_ARG_ENABLE([sniffer], AC_ARG_ENABLE([sniffer],
[AS_HELP_STRING([--enable-sniffer],[ Enable CyaSSL sniffer support (default: disabled) ])],[ [AS_HELP_STRING([--enable-sniffer],[ Enable CyaSSL sniffer support (default: disabled) ])],[
AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[
ENABLED_SNIFFER=yes ENABLED_SNIFFER=yes
AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA" AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA"
],[ ENABLED_SNIFFER=no ]) ]) AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[
ENABLED_SNIFFTEST=yes
],[ AC_MSG_WARN([cannot enable sniffer test without having libpcap available.]) ]) ])
],[ ],[
ENABLED_SNIFFER=no ENABLED_SNIFFER=no
]) ])
AM_CONDITIONAL([BUILD_SNIFFER], [ test "x$ENABLED_SNIFFER" = "xyes" ]) AM_CONDITIONAL([BUILD_SNIFFER], [ test "x$ENABLED_SNIFFER" = "xyes" ])
AM_CONDITIONAL([BUILD_SNIFFTEST], [ test "x$ENABLED_SNIFFTEST" = "xyes" ])
# AES-GCM # AES-GCM
AC_ARG_ENABLE([aesgcm], AC_ARG_ENABLE([aesgcm],
@@ -526,6 +531,23 @@ then
fi fi
# CERT REQUEST GENERATION
AC_ARG_ENABLE([certreq],
[ --enable-certreq Enable cert request generation (default: disabled)],
[ ENABLED_CERTREQ=$enableval ],
[ ENABLED_CERTREQ=no ]
)
if test "$ENABLED_CERTREQ" = "yes"
then
if test "$ENABLED_CERTGEN" = "no"
then
AC_MSG_ERROR([cannot enable certreq without enabling certgen.])
fi
AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_REQ"
fi
# SEP # SEP
AC_ARG_ENABLE([sep], AC_ARG_ENABLE([sep],
[ --enable-sep Enable sep extensions (default: disabled)], [ --enable-sep Enable sep extensions (default: disabled)],
@@ -595,10 +617,35 @@ AC_ARG_ENABLE([fpecc],
if test "$ENABLED_FPECC" = "yes" if test "$ENABLED_FPECC" = "yes"
then then
if test "$ENABLED_ECC" = "no"
then
AC_MSG_ERROR([cannot enable fpecc without enabling ecc.])
fi
AM_CFLAGS="$AM_CFLAGS -DFP_ECC" AM_CFLAGS="$AM_CFLAGS -DFP_ECC"
fi fi
# ECC encrypt
AC_ARG_ENABLE([eccencrypt],
[ --enable-eccencrypt Enable ECC encrypt (default: disabled)],
[ ENABLED_ECC_ENCRYPT=$enableval ],
[ ENABLED_ECC_ENCRYPT=no ]
)
if test "$ENABLED_ECC_ENCRYPT" = "yes"
then
if test "$ENABLED_ECC" = "no"
then
AC_MSG_ERROR([cannot enable eccencrypt without enabling ecc.])
fi
if test "$ENABLED_HKDF" = "no"
then
AC_MSG_ERROR([cannot enable eccencrypt without enabling hkdf.])
fi
AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC_ENCRYPT"
fi
# PSK # PSK
AC_ARG_ENABLE([psk], AC_ARG_ENABLE([psk],
[ --enable-psk Enable PSK (default: disabled)], [ --enable-psk Enable PSK (default: disabled)],
@@ -1058,6 +1105,20 @@ fi
AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"]) AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"])
if test "$ENABLED_OCSP" = "yes"
then
# check openssl command tool for testing ocsp
AC_CHECK_PROG([HAVE_OPENSSL_CMD],[openssl],[yes],[no])
if test "$HAVE_OPENSSL_CMD" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_OPENSSL_CMD"
else
AC_MSG_WARN([openssl command line tool not available for testing ocsp])
fi
fi
# CRL # CRL
AC_ARG_ENABLE([crl], AC_ARG_ENABLE([crl],
[ --enable-crl Enable CRL (default: disabled)], [ --enable-crl Enable CRL (default: disabled)],
@@ -1153,6 +1214,30 @@ then
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_TRUNCATED_HMAC" AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_TRUNCATED_HMAC"
fi fi
# Renegotiation Indication
AC_ARG_ENABLE([renegotiation-indication],
[ --enable-renegotiation-indication Enable Renegotiation Indication (default: disabled)],
[ ENABLED_RENEGOTIATION_INDICATION=$enableval ],
[ ENABLED_RENEGOTIATION_INDICATION=no ]
)
if test "x$ENABLED_RENEGOTIATION_INDICATION" = "xyes"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_RENEGOTIATION_INDICATION"
fi
# Supported Elliptic Curves Extensions
AC_ARG_ENABLE([supportedcurves],
[ --enable-supportedcurves Enable Supported Elliptic Curves (default: disabled)],
[ ENABLED_SUPPORTED_CURVES=$enableval ],
[ ENABLED_SUPPORTED_CURVES=no ]
)
if test "x$ENABLED_SUPPORTED_CURVES" = "xyes"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SUPPORTED_CURVES"
fi
# TLS Extensions # TLS Extensions
AC_ARG_ENABLE([tlsx], AC_ARG_ENABLE([tlsx],
[ --enable-tlsx Enable all TLS Extensions (default: disabled)], [ --enable-tlsx Enable all TLS Extensions (default: disabled)],
@@ -1164,9 +1249,61 @@ if test "x$ENABLED_TLSX" = "xyes"
then then
ENABLED_SNI=yes ENABLED_SNI=yes
ENABLED_MAX_FRAGMENT=yes ENABLED_MAX_FRAGMENT=yes
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT" ENABLED_TRUNCATED_HMAC=yes
ENABLED_RENEGOTIATION_INDICATION=yes
ENABLED_SUPPORTED_CURVES=yes
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC -DHAVE_RENEGOTIATION_INDICATION -DHAVE_SUPPORTED_CURVES"
fi fi
# PKCS7
AC_ARG_ENABLE([pkcs7],
[ --enable-pkcs7 Enable PKCS7 (default: disabled)],
[ ENABLED_PKCS7=$enableval ],
[ ENABLED_PKCS7=no ],
)
if test "$ENABLED_PKCS7" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7"
fi
AM_CONDITIONAL([BUILD_PKCS7], [test "x$ENABLED_PKCS7" = "xyes"])
# Simple Certificate Enrollment Protocol (SCEP)
AC_ARG_ENABLE([scep],
[ --enable-scep Enable wolfSCEP (default: disabled)],
[ ENABLED_WOLFSCEP=$enableval ],
[ ENABLED_WOLFSCEP=no ]
)
if test "$ENABLED_WOLFSCEP" = "yes"
then
# Enable prereqs if not already enabled
if test "x$ENABLED_KEYGEN" = "xno"
then
ENABLED_KEYGEN="yes"
AM_CFLAGS="$AM_CFLAGS -DCYASSL_KEY_GEN"
fi
if test "x$ENABLED_CERTGEN" = "xno"
then
ENABLED_CERTGEN="yes"
AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_GEN"
fi
if test "x$ENABLED_CERTREQ" = "xno"
then
ENABLED_CERTREQ="yes"
AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_REQ"
fi
if test "x$ENABLED_PKCS7" = "xno"
then
ENABLED_PKCS7="yes"
AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7"
AM_CONDITIONAL([BUILD_PKCS7], [test "x$ENABLED_PKCS7" = "xyes"])
fi
AM_CFLAGS="$AM_CFLAGS -DCYASSL_HAVE_WOLFSCEP"
fi
#valgrind #valgrind
AC_ARG_ENABLE([valgrind], AC_ARG_ENABLE([valgrind],
[ --enable-valgrind Enable valgrind for unit tests (default: disabled)], [ --enable-valgrind Enable valgrind for unit tests (default: disabled)],
@@ -1504,6 +1641,7 @@ echo " * Filesystem: $ENABLED_FILESYSTEM"
echo " * OpenSSL Extra API: $ENABLED_OPENSSLEXTRA" echo " * OpenSSL Extra API: $ENABLED_OPENSSLEXTRA"
echo " * fastmath: $ENABLED_FASTMATH" echo " * fastmath: $ENABLED_FASTMATH"
echo " * sniffer: $ENABLED_SNIFFER" echo " * sniffer: $ENABLED_SNIFFER"
echo " * snifftest: $ENABLED_SNIFFTEST"
echo " * ARC4: $ENABLED_ARC4" echo " * ARC4: $ENABLED_ARC4"
echo " * AES: $ENABLED_AES" echo " * AES: $ENABLED_AES"
echo " * AES-NI: $ENABLED_AESNI" echo " * AES-NI: $ENABLED_AESNI"
@@ -1519,9 +1657,11 @@ echo " * SHA-512: $ENABLED_SHA512"
echo " * BLAKE2: $ENABLED_BLAKE2" echo " * BLAKE2: $ENABLED_BLAKE2"
echo " * keygen: $ENABLED_KEYGEN" echo " * keygen: $ENABLED_KEYGEN"
echo " * certgen: $ENABLED_CERTGEN" echo " * certgen: $ENABLED_CERTGEN"
echo " * certreq: $ENABLED_CERTREQ"
echo " * HC-128: $ENABLED_HC128" echo " * HC-128: $ENABLED_HC128"
echo " * RABBIT: $ENABLED_RABBIT" echo " * RABBIT: $ENABLED_RABBIT"
echo " * PWDBASED: $ENABLED_PWDBASED" echo " * PWDBASED: $ENABLED_PWDBASED"
echo " * HKDF: $ENABLED_HKDF"
echo " * MD4: $ENABLED_MD4" echo " * MD4: $ENABLED_MD4"
echo " * PSK: $ENABLED_PSK" echo " * PSK: $ENABLED_PSK"
echo " * LEANPSK: $ENABLED_LEANPSK" echo " * LEANPSK: $ENABLED_LEANPSK"
@@ -1530,6 +1670,7 @@ echo " * DSA: $ENABLED_DSA"
echo " * DH: $ENABLED_DH" echo " * DH: $ENABLED_DH"
echo " * ECC: $ENABLED_ECC" echo " * ECC: $ENABLED_ECC"
echo " * FPECC: $ENABLED_FPECC" echo " * FPECC: $ENABLED_FPECC"
echo " * ECC_ENCRYPT: $ENABLED_ECC_ENCRYPT"
echo " * ASN: $ENABLED_ASN" echo " * ASN: $ENABLED_ASN"
echo " * CODING: $ENABLED_CODING" echo " * CODING: $ENABLED_CODING"
echo " * MEMORY: $ENABLED_MEMORY" echo " * MEMORY: $ENABLED_MEMORY"
@@ -1547,7 +1688,11 @@ echo " * NTRU: $ENABLED_NTRU"
echo " * SNI: $ENABLED_SNI" echo " * SNI: $ENABLED_SNI"
echo " * Maximum Fragment Length: $ENABLED_MAX_FRAGMENT" echo " * Maximum Fragment Length: $ENABLED_MAX_FRAGMENT"
echo " * Truncated HMAC: $ENABLED_TRUNCATED_HMAC" echo " * Truncated HMAC: $ENABLED_TRUNCATED_HMAC"
echo " * Renegotiation Indication: $ENABLED_RENEGOTIATION_INDICATION"
echo " * Supported Elliptic Curves: $ENABLED_SUPPORTED_CURVES"
echo " * All TLS Extensions: $ENABLED_TLSX" echo " * All TLS Extensions: $ENABLED_TLSX"
echo " * PKCS#7 $ENABLED_PKCS7"
echo " * wolfSCEP $ENABLED_WOLFSCEP"
echo " * valgrind unit tests: $ENABLED_VALGRIND" echo " * valgrind unit tests: $ENABLED_VALGRIND"
echo " * LIBZ: $ENABLED_LIBZ" echo " * LIBZ: $ENABLED_LIBZ"
echo " * Examples: $ENABLED_EXAMPLES" echo " * Examples: $ENABLED_EXAMPLES"

53
ctaocrypt/benchmark/benchmark.c
View File

@@ -221,13 +221,13 @@ int benchmark_test(void *args)
#ifdef BENCH_EMBEDDED #ifdef BENCH_EMBEDDED
const int numBlocks = 25; /* how many kB/megs to test (en/de)cryption */ const int numBlocks = 25; /* how many kB/megs to test (en/de)cryption */
const char blockType[] = "kB"; /* used in printf output */ const char blockType[] = "kB"; /* used in printf output */
const int times = 1; /* public key iterations */ const int ntimes = 1; /* public key iterations */
const int genTimes = 5; const int genTimes = 5;
const int agreeTimes = 5; const int agreeTimes = 5;
#else #else
const int numBlocks = 5; const int numBlocks = 5;
const char blockType[] = "megs"; const char blockType[] = "megs";
const int times = 100; const int ntimes = 100;
const int genTimes = 100; const int genTimes = 100;
const int agreeTimes = 100; const int agreeTimes = 100;
#endif #endif
@@ -742,15 +742,15 @@ void bench_rsa(void)
start = current_time(1); start = current_time(1);
for (i = 0; i < times; i++) for (i = 0; i < ntimes; i++)
ret = RsaPublicEncrypt(message,len,enc,sizeof(enc), &rsaKey, &rng); ret = RsaPublicEncrypt(message,len,enc,sizeof(enc), &rsaKey, &rng);
total = current_time(0) - start; total = current_time(0) - start;
each = total / times; /* per second */ each = total / ntimes; /* per second */
milliEach = each * 1000; /* milliseconds */ milliEach = each * 1000; /* milliseconds */
printf("RSA %d encryption took %6.2f milliseconds, avg over %d" printf("RSA %d encryption took %6.2f milliseconds, avg over %d"
" iterations\n", rsaKeySz, milliEach, times); " iterations\n", rsaKeySz, milliEach, ntimes);
if (ret < 0) { if (ret < 0) {
printf("Rsa Public Encrypt failed\n"); printf("Rsa Public Encrypt failed\n");
@@ -759,17 +759,17 @@ void bench_rsa(void)
start = current_time(1); start = current_time(1);
for (i = 0; i < times; i++) { for (i = 0; i < ntimes; i++) {
byte out[512]; /* for up to 4096 bit */ byte out[512]; /* for up to 4096 bit */
RsaPrivateDecrypt(enc, (word32)ret, out, sizeof(out), &rsaKey); RsaPrivateDecrypt(enc, (word32)ret, out, sizeof(out), &rsaKey);
} }
total = current_time(0) - start; total = current_time(0) - start;
each = total / times; /* per second */ each = total / ntimes; /* per second */
milliEach = each * 1000; /* milliseconds */ milliEach = each * 1000; /* milliseconds */
printf("RSA %d decryption took %6.2f milliseconds, avg over %d" printf("RSA %d decryption took %6.2f milliseconds, avg over %d"
" iterations\n", rsaKeySz, milliEach, times); " iterations\n", rsaKeySz, milliEach, ntimes);
FreeRsaKey(&rsaKey); FreeRsaKey(&rsaKey);
#ifdef HAVE_CAVIUM #ifdef HAVE_CAVIUM
@@ -847,28 +847,28 @@ void bench_dh(void)
start = current_time(1); start = current_time(1);
for (i = 0; i < times; i++) for (i = 0; i < ntimes; i++)
DhGenerateKeyPair(&dhKey, &rng, priv, &privSz, pub, &pubSz); DhGenerateKeyPair(&dhKey, &rng, priv, &privSz, pub, &pubSz);
total = current_time(0) - start; total = current_time(0) - start;
each = total / times; /* per second */ each = total / ntimes; /* per second */
milliEach = each * 1000; /* milliseconds */ milliEach = each * 1000; /* milliseconds */
printf("DH %d key generation %6.2f milliseconds, avg over %d" printf("DH %d key generation %6.2f milliseconds, avg over %d"
" iterations\n", dhKeySz, milliEach, times); " iterations\n", dhKeySz, milliEach, ntimes);
DhGenerateKeyPair(&dhKey, &rng, priv2, &privSz2, pub2, &pubSz2); DhGenerateKeyPair(&dhKey, &rng, priv2, &privSz2, pub2, &pubSz2);
start = current_time(1); start = current_time(1);
for (i = 0; i < times; i++) for (i = 0; i < ntimes; i++)
DhAgree(&dhKey, agree, &agreeSz, priv, privSz, pub2, pubSz2); DhAgree(&dhKey, agree, &agreeSz, priv, privSz, pub2, pubSz2);
total = current_time(0) - start; total = current_time(0) - start;
each = total / times; /* per second */ each = total / ntimes; /* per second */
milliEach = each * 1000; /* milliseconds */ milliEach = each * 1000; /* milliseconds */
printf("DH %d key agreement %6.2f milliseconds, avg over %d" printf("DH %d key agreement %6.2f milliseconds, avg over %d"
" iterations\n", dhKeySz, milliEach, times); " iterations\n", dhKeySz, milliEach, ntimes);
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
fclose(file); fclose(file);
@@ -923,7 +923,6 @@ void bench_eccKeyGen(void)
ecc_key genKey; ecc_key genKey;
double start, total, each, milliEach; double start, total, each, milliEach;
int i, ret; int i, ret;
const int genTimes = 5;
ret = InitRng(&rng); ret = InitRng(&rng);
if (ret < 0) { if (ret < 0) {
@@ -952,7 +951,6 @@ void bench_eccKeyAgree(void)
ecc_key genKey, genKey2; ecc_key genKey, genKey2;
double start, total, each, milliEach; double start, total, each, milliEach;
int i, ret; int i, ret;
const int agreeTimes = 5;
byte shared[1024]; byte shared[1024];
byte sig[1024]; byte sig[1024];
byte digest[32]; byte digest[32];
@@ -1048,13 +1046,13 @@ void bench_eccKeyAgree(void)
double current_time(int reset) double current_time(int reset)
{ {
(void)reset;
static int init = 0; static int init = 0;
static LARGE_INTEGER freq; static LARGE_INTEGER freq;
LARGE_INTEGER count; LARGE_INTEGER count;
(void)reset;
if (!init) { if (!init) {
QueryPerformanceFrequency(&freq); QueryPerformanceFrequency(&freq);
init = 1; init = 1;
@@ -1089,20 +1087,35 @@ void bench_eccKeyAgree(void)
} }
#elif defined CYASSL_MDK_ARM #elif defined CYASSL_MDK_ARM
extern double current_time(int reset) ; extern double current_time(int reset) ;
#elif defined FREERTOS
double current_time(int reset)
{
(void) reset;
portTickType tickCount;
/* tick count == ms, if configTICK_RATE_HZ is set to 1000 */
tickCount = xTaskGetTickCount();
return (double)tickCount / 1000;
}
#else #else
#include <sys/time.h> #include <sys/time.h>
double current_time(int reset) double current_time(int reset)
{ {
struct timeval tv;
(void)reset; (void)reset;
struct timeval tv;
gettimeofday(&tv, 0); gettimeofday(&tv, 0);
return (double)tv.tv_sec + (double)tv.tv_usec / 1000000; return (double)tv.tv_sec + (double)tv.tv_usec / 1000000;
} }
#endif /* _WIN32 */ #endif /* _WIN32 */

12
ctaocrypt/src/asm.c
View File

@@ -1004,15 +1004,17 @@ __asm__( \
#define SQRADDAC(i, j) \ #define SQRADDAC(i, j) \
do { fp_word t; \ do { fp_word t; \
t = sc0 + ((fp_word)i) * ((fp_word)j); sc0 = t; \ t = sc0 + ((fp_word)i) * ((fp_word)j); sc0 = (fp_digit)t; \
t = sc1 + (t >> DIGIT_BIT); sc1 = t; sc2 += t >> DIGIT_BIT; \ t = sc1 + (t >> DIGIT_BIT); sc1 = (fp_digit)t; \
sc2 += (fp_digit)(t >> DIGIT_BIT); \
} while (0); } while (0);
#define SQRADDDB \ #define SQRADDDB \
do { fp_word t; \ do { fp_word t; \
t = ((fp_word)sc0) + ((fp_word)sc0) + c0; c0 = t; \ t = ((fp_word)sc0) + ((fp_word)sc0) + c0; c0 = (fp_digit)t; \
t = ((fp_word)sc1) + ((fp_word)sc1) + c1 + (t >> DIGIT_BIT); c1 = t; \ t = ((fp_word)sc1) + ((fp_word)sc1) + c1 + (t >> DIGIT_BIT); \
c2 = c2 + ((fp_word)sc2) + ((fp_word)sc2) + (t >> DIGIT_BIT); \ c1 = (fp_digit)t; \
c2 = c2 + (fp_digit)(((fp_word)sc2) + ((fp_word)sc2) + (t >> DIGIT_BIT)); \
} while (0); } while (0);
#endif #endif

935
ctaocrypt/src/asn.c
View File

File diff suppressed because it is too large Load Diff

154
ctaocrypt/src/coding.c
View File

@@ -147,16 +147,101 @@ const byte base64Encode[] = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',
}; };
/* porting assistance from yaSSL by Raphael HUCK */ /* make sure *i (idx) won't exceed max, store and possibly escape to out,
int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen) * raw means use e w/o decode, 0 on success */
static int CEscape(int escaped, byte e, byte* out, word32* i, word32 max,
int raw)
{ {
int doEscape = 0;
word32 needed = 1;
word32 idx = *i;
byte basic;
byte plus = 0;
byte equals = 0;
byte newline = 0;
if (raw)
basic = e;
else
basic = base64Encode[e];
/* check whether to escape */
if (escaped) {
switch ((char)basic) {
case '+' :
plus = 1;
doEscape = 1;
needed += 2;
break;
case '=' :
equals = 1;
doEscape = 1;
needed += 2;
break;
case '\n' :
newline = 1;
doEscape = 1;
needed += 2;
break;
default:
/* do nothing */
break;
}
}
/* check size */
if ( (idx+needed) > max) {
CYASSL_MSG("Escape buffer max too small");
return BUFFER_E;
}
/* store it */
if (doEscape == 0) {
out[idx++] = basic;
}
else {
out[idx++] = '%'; /* start escape */
if (plus) {
out[idx++] = '2';
out[idx++] = 'B';
}
else if (equals) {
out[idx++] = '3';
out[idx++] = 'D';
}
else if (newline) {
out[idx++] = '0';
out[idx++] = 'A';
}
}
*i = idx;
return 0;
}
/* internal worker, handles both escaped and normal line endings */
static int DoBase64_Encode(const byte* in, word32 inLen, byte* out,
word32* outLen, int escaped)
{
int ret = 0;
word32 i = 0, word32 i = 0,
j = 0, j = 0,
n = 0; /* new line counter */ n = 0; /* new line counter */
word32 outSz = (inLen + 3 - 1) / 3 * 4; word32 outSz = (inLen + 3 - 1) / 3 * 4;
outSz += (outSz + PEM_LINE_SZ - 1) / PEM_LINE_SZ; /* new lines */ word32 addSz = (outSz + PEM_LINE_SZ - 1) / PEM_LINE_SZ; /* new lines */
if (escaped)
addSz *= 3; /* instead of just \n, we're doing %0A triplet */
outSz += addSz;
/* if escaped we can't predetermine size for one pass encoding, but
* make sure we have enough if no escapes are in input */
if (outSz > *outLen) return BAD_FUNC_ARG; if (outSz > *outLen) return BAD_FUNC_ARG;
while (inLen > 2) { while (inLen > 2) {
@@ -171,19 +256,25 @@ int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
byte e4 = b3 & 0x3F; byte e4 = b3 & 0x3F;
/* store */ /* store */
out[i++] = base64Encode[e1]; ret = CEscape(escaped, e1, out, &i, *outLen, 0);
out[i++] = base64Encode[e2]; if (ret != 0) break;
out[i++] = base64Encode[e3]; ret = CEscape(escaped, e2, out, &i, *outLen, 0);
out[i++] = base64Encode[e4]; if (ret != 0) break;
ret = CEscape(escaped, e3, out, &i, *outLen, 0);
if (ret != 0) break;
ret = CEscape(escaped, e4, out, &i, *outLen, 0);
if (ret != 0) break;
inLen -= 3; inLen -= 3;
if ((++n % (PEM_LINE_SZ / 4)) == 0 && inLen) if ((++n % (PEM_LINE_SZ / 4)) == 0 && inLen) {
out[i++] = '\n'; ret = CEscape(escaped, '\n', out, &i, *outLen, 1);
if (ret != 0) break;
}
} }
/* last integral */ /* last integral */
if (inLen) { if (inLen && ret == 0) {
int twoBytes = (inLen == 2); int twoBytes = (inLen == 2);
byte b1 = in[j++]; byte b1 = in[j++];
@@ -193,18 +284,43 @@ int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
byte e2 = ((b1 & 0x3) << 4) | (b2 >> 4); byte e2 = ((b1 & 0x3) << 4) | (b2 >> 4);
byte e3 = (b2 & 0xF) << 2; byte e3 = (b2 & 0xF) << 2;
out[i++] = base64Encode[e1]; ret = CEscape(escaped, e1, out, &i, *outLen, 0);
out[i++] = base64Encode[e2]; if (ret == 0)
out[i++] = (twoBytes) ? base64Encode[e3] : PAD; ret = CEscape(escaped, e2, out, &i, *outLen, 0);
out[i++] = PAD; if (ret == 0) {
/* third */
if (twoBytes)
ret = CEscape(escaped, e3, out, &i, *outLen, 0);
else
ret = CEscape(escaped, '=', out, &i, *outLen, 1);
}
/* fourth always pad */
if (ret == 0)
ret = CEscape(escaped, '=', out, &i, *outLen, 1);
} }
out[i++] = '\n'; if (ret == 0)
if (i != outSz) ret = CEscape(escaped, '\n', out, &i, *outLen, 1);
return ASN_INPUT_E;
*outLen = outSz;
return 0; if (i != outSz && escaped == 0 && ret == 0)
return ASN_INPUT_E;
*outLen = i;
return ret;
}
/* Base64 Encode, PEM style, with \n line endings */
int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
{
return DoBase64_Encode(in, inLen, out, outLen, 0);
}
/* Base64 Encode, with %0A esacped line endings instead of \n */
int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out, word32* outLen)
{
return DoBase64_Encode(in, inLen, out, outLen, 1);
} }

335
ctaocrypt/src/ecc.c
View File

@@ -1998,7 +1998,6 @@ int ecc_import_x963(const byte* in, word32 inLen, ecc_key* key)
{ {
int x, err; int x, err;
if (in == NULL || key == NULL) if (in == NULL || key == NULL)
return ECC_BAD_ARG_E; return ECC_BAD_ARG_E;
@@ -2144,17 +2143,22 @@ int ecc_sig_size(ecc_key* key)
/** Our FP cache */ /** Our FP cache */
static struct { typedef struct {
ecc_point* g; /* cached COPY of base point */ ecc_point* g; /* cached COPY of base point */
ecc_point* LUT[1U<<FP_LUT]; /* fixed point lookup */ ecc_point* LUT[1U<<FP_LUT]; /* fixed point lookup */
mp_int mu; /* copy of the montgomery constant */ mp_int mu; /* copy of the montgomery constant */
int lru_count; /* amount of times this entry has been used */ int lru_count; /* amount of times this entry has been used */
int lock; /* flag to indicate cache eviction */ int lock; /* flag to indicate cache eviction */
/* permitted (0) or not (1) */ /* permitted (0) or not (1) */
} fp_cache[FP_ENTRIES]; } fp_cache_t;
static volatile int initMutex = 0; /* prevent multiple mutex inits */ /* if HAVE_THREAD_LS this cache is per thread, no locking needed */
static CyaSSL_Mutex ecc_fp_lock; static THREAD_LS_T fp_cache_t fp_cache[FP_ENTRIES];
#ifndef HAVE_THREAD_LS
static volatile int initMutex = 0; /* prevent multiple mutex inits */
static CyaSSL_Mutex ecc_fp_lock;
#endif /* HAVE_THREAD_LS */
/* simple table to help direct the generation of the LUT */ /* simple table to help direct the generation of the LUT */
static const struct { static const struct {
@@ -3263,21 +3267,22 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
ecc_point* B, mp_int* kB, ecc_point* B, mp_int* kB,
ecc_point* C, mp_int* modulus) ecc_point* C, mp_int* modulus)
{ {
int idx1, idx2, err = MP_OKAY, mpInit = 0; int idx1 = -1, idx2 = -1, err = MP_OKAY, mpInit = 0;
mp_digit mp; mp_digit mp;
mp_int mu; mp_int mu;
if (initMutex == 0) {
InitMutex(&ecc_fp_lock);
initMutex = 1;
}
err = mp_init(&mu); err = mp_init(&mu);
if (err != MP_OKAY) if (err != MP_OKAY)
return err; return err;
#ifndef HAVE_THREAD_LS
if (initMutex == 0) {
InitMutex(&ecc_fp_lock);
initMutex = 1;
}
if (LockMutex(&ecc_fp_lock) != 0) if (LockMutex(&ecc_fp_lock) != 0)
return BAD_MUTEX_E; return BAD_MUTEX_E;
#endif /* HAVE_THREAD_LS */
/* find point */ /* find point */
idx1 = find_base(A); idx1 = find_base(A);
@@ -3362,7 +3367,9 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
} }
} }
#ifndef HAVE_THREAD_LS
UnLockMutex(&ecc_fp_lock); UnLockMutex(&ecc_fp_lock);
#endif /* HAVE_THREAD_LS */
mp_clear(&mu); mp_clear(&mu);
return err; return err;
@@ -3389,6 +3396,7 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
if (mp_init(&mu) != MP_OKAY) if (mp_init(&mu) != MP_OKAY)
return MP_INIT_E; return MP_INIT_E;
#ifndef HAVE_THREAD_LS
if (initMutex == 0) { if (initMutex == 0) {
InitMutex(&ecc_fp_lock); InitMutex(&ecc_fp_lock);
initMutex = 1; initMutex = 1;
@@ -3396,6 +3404,7 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
if (LockMutex(&ecc_fp_lock) != 0) if (LockMutex(&ecc_fp_lock) != 0)
return BAD_MUTEX_E; return BAD_MUTEX_E;
#endif /* HAVE_THREAD_LS */
/* find point */ /* find point */
idx = find_base(G); idx = find_base(G);
@@ -3445,7 +3454,9 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
} }
} }
#ifndef HAVE_THREAD_LS
UnLockMutex(&ecc_fp_lock); UnLockMutex(&ecc_fp_lock);
#endif /* HAVE_THREAD_LS */
mp_clear(&mu); mp_clear(&mu);
return err; return err;
@@ -3474,18 +3485,23 @@ static void ecc_fp_free_cache(void)
/** Free the Fixed Point cache */ /** Free the Fixed Point cache */
void ecc_fp_free(void) void ecc_fp_free(void)
{ {
#ifndef HAVE_THREAD_LS
if (initMutex == 0) { if (initMutex == 0) {
InitMutex(&ecc_fp_lock); InitMutex(&ecc_fp_lock);
initMutex = 1; initMutex = 1;
} }
if (LockMutex(&ecc_fp_lock) == 0) { if (LockMutex(&ecc_fp_lock) == 0) {
ecc_fp_free_cache(); #endif /* HAVE_THREAD_LS */
UnLockMutex(&ecc_fp_lock);
ecc_fp_free_cache();
#ifndef HAVE_THREAD_LS
UnLockMutex(&ecc_fp_lock);
FreeMutex(&ecc_fp_lock); FreeMutex(&ecc_fp_lock);
initMutex = 0; initMutex = 0;
} }
#endif /* HAVE_THREAD_LS */
} }
@@ -3493,33 +3509,189 @@ void ecc_fp_free(void)
#ifdef HAVE_ECC_ENCRYPT #ifdef HAVE_ECC_ENCRYPT
/* init and set defaults, just holders */
void ecc_encrypt_init_options(ecEncOptions* options)
{
if (options) {
XMEMSET(options, 0, sizeof(ecEncOptions));
options->encAlgo = ecAES_128_CBC; enum ecCliState {
options->kdfAlgo = ecHKDF_SHA256; ecCLI_INIT = 1,
options->macAlgo = ecHMAC_SHA256; ecCLI_SALT_GET = 2,
ecCLI_SALT_SET = 3,
ecCLI_SENT_REQ = 4,
ecCLI_RECV_RESP = 5,
ecCLI_BAD_STATE = 99
};
enum ecSrvState {
ecSRV_INIT = 1,
ecSRV_SALT_GET = 2,
ecSRV_SALT_SET = 3,
ecSRV_RECV_REQ = 4,
ecSRV_SENT_RESP = 5,
ecSRV_BAD_STATE = 99
};
struct ecEncCtx {
byte* kdfSalt; /* optional salt for kdf */
byte* kdfInfo; /* optional info for kdf */
byte* macSalt; /* optional salt for mac */
word32 kdfSaltSz; /* size of kdfSalt */
word32 kdfInfoSz; /* size of kdfInfo */
word32 macSaltSz; /* size of macSalt */
byte clientSalt[EXCHANGE_SALT_SZ]; /* for msg exchange */
byte serverSalt[EXCHANGE_SALT_SZ]; /* for msg exchange */
byte encAlgo; /* which encryption type */
byte kdfAlgo; /* which key derivation function type */
byte macAlgo; /* which mac function type */
byte protocol; /* are we REQ_RESP client or server ? */
byte cliSt; /* protocol state, for sanity checks */
byte srvSt; /* protocol state, for sanity checks */
};
const byte* ecc_ctx_get_own_salt(ecEncCtx* ctx)
{
if (ctx == NULL || ctx->protocol == 0)
return NULL;
if (ctx->protocol == REQ_RESP_CLIENT) {
if (ctx->cliSt == ecCLI_INIT) {
ctx->cliSt = ecCLI_SALT_GET;
return ctx->clientSalt;
} }
else {
ctx->cliSt = ecCLI_BAD_STATE;
return NULL;
}
}
else if (ctx->protocol == REQ_RESP_SERVER) {
if (ctx->srvSt == ecSRV_INIT) {
ctx->srvSt = ecSRV_SALT_GET;
return ctx->serverSalt;
}
else {
ctx->srvSt = ecSRV_BAD_STATE;
return NULL;
}
}
return NULL;
}
static const char* exchange_info = "Secure Message Exchange";
int ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt)
{
byte tmp[EXCHANGE_SALT_SZ/2];
int halfSz = EXCHANGE_SALT_SZ/2;
if (ctx == NULL || ctx->protocol == 0 || salt == NULL)
return BAD_FUNC_ARG;
if (ctx->protocol == REQ_RESP_CLIENT) {
XMEMCPY(ctx->serverSalt, salt, EXCHANGE_SALT_SZ);
if (ctx->cliSt == ecCLI_SALT_GET)
ctx->cliSt = ecCLI_SALT_SET;
else {
ctx->cliSt = ecCLI_BAD_STATE;
return BAD_ENC_STATE_E;
}
}
else {
XMEMCPY(ctx->clientSalt, salt, EXCHANGE_SALT_SZ);
if (ctx->srvSt == ecSRV_SALT_GET)
ctx->srvSt = ecSRV_SALT_SET;
else {
ctx->srvSt = ecSRV_BAD_STATE;
return BAD_ENC_STATE_E;
}
}
/* mix half and half */
/* tmp stores 2nd half of client before overwrite */
XMEMCPY(tmp, ctx->clientSalt + halfSz, halfSz);
XMEMCPY(ctx->clientSalt + halfSz, ctx->serverSalt, halfSz);
XMEMCPY(ctx->serverSalt, tmp, halfSz);
ctx->kdfSalt = ctx->clientSalt;
ctx->kdfSaltSz = EXCHANGE_SALT_SZ;
ctx->macSalt = ctx->serverSalt;
ctx->macSaltSz = EXCHANGE_SALT_SZ;
ctx->kdfInfo = (byte*)exchange_info;
ctx->kdfInfoSz = EXCHANGE_INFO_SZ;
return 0;
}
static int ecc_ctx_set_salt(ecEncCtx* ctx, int flags, RNG* rng)
{
byte* saltBuffer = NULL;
if (ctx == NULL || rng == NULL || flags == 0)
return BAD_FUNC_ARG;
saltBuffer = (flags == REQ_RESP_CLIENT) ? ctx->clientSalt : ctx->serverSalt;
RNG_GenerateBlock(rng, saltBuffer, EXCHANGE_SALT_SZ);
return 0;
}
static void ecc_ctx_init(ecEncCtx* ctx, int flags)
{
if (ctx) {
XMEMSET(ctx, 0, sizeof(ecEncCtx));
ctx->encAlgo = ecAES_128_CBC;
ctx->kdfAlgo = ecHKDF_SHA256;
ctx->macAlgo = ecHMAC_SHA256;
ctx->protocol = (byte)flags;
if (flags == REQ_RESP_CLIENT)
ctx->cliSt = ecCLI_INIT;
if (flags == REQ_RESP_SERVER)
ctx->srvSt = ecSRV_INIT;
}
}
/* alloc/init and set defaults, return new Context */
ecEncCtx* ecc_ctx_new(int flags, RNG* rng)
{
int ret = 0;
ecEncCtx* ctx = (ecEncCtx*)XMALLOC(sizeof(ecEncCtx), 0, DYNAMIC_TYPE_ECC);
ecc_ctx_init(ctx, flags);
if (ctx && flags)
ret = ecc_ctx_set_salt(ctx, flags, rng);
if (ret != 0) {
ecc_ctx_free(ctx);
ctx = NULL;
}
return ctx;
} }
/* free any resources, clear any keys */ /* free any resources, clear any keys */
void ecc_encrypt_free_options(ecEncOptions* options) void ecc_ctx_free(ecEncCtx* ctx)
{ {
if (options) { if (ctx) {
XMEMSET(options, 0, sizeof(ecEncOptions)); XMEMSET(ctx, 0, sizeof(ecEncCtx));
XFREE(ctx, 0, DYNAMIC_TYPE_ECC);
} }
} }
static int ecc_get_key_sizes(ecEncOptions* options, int* encKeySz, int* ivSz, static int ecc_get_key_sizes(ecEncCtx* ctx, int* encKeySz, int* ivSz,
int* keysLen, word32* digestSz, word32* blockSz) int* keysLen, word32* digestSz, word32* blockSz)
{ {
if (options) { if (ctx) {
switch (options->encAlgo) { switch (ctx->encAlgo) {
case ecAES_128_CBC: case ecAES_128_CBC:
*encKeySz = KEY_SIZE_128; *encKeySz = KEY_SIZE_128;
*ivSz = IV_SIZE_64; *ivSz = IV_SIZE_64;
@@ -3529,7 +3701,7 @@ static int ecc_get_key_sizes(ecEncOptions* options, int* encKeySz, int* ivSz,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
switch (options->macAlgo) { switch (ctx->macAlgo) {
case ecHMAC_SHA256: case ecHMAC_SHA256:
*digestSz = SHA256_DIGEST_SIZE; *digestSz = SHA256_DIGEST_SIZE;
break; break;
@@ -3546,22 +3718,23 @@ static int ecc_get_key_sizes(ecEncOptions* options, int* encKeySz, int* ivSz,
/* ecc encrypt with shared secret run through kdf /* ecc encrypt with shared secret run through kdf
options holds non default algos and inputs ctx holds non default algos and inputs
msgSz should be the right size for encAlgo, i.e., already padded msgSz should be the right size for encAlgo, i.e., already padded
return 0 on success */ return 0 on success */
int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncOptions* opts) word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx)
{ {
int ret; int ret;
word32 blockSz; word32 blockSz;
word32 digestSz; word32 digestSz;
ecEncOptions options; ecEncCtx localCtx;
byte sharedSecret[ECC_MAXSIZE]; /* 521 max size */ byte sharedSecret[ECC_MAXSIZE]; /* 521 max size */
byte keys[ECC_BUFSIZE]; /* max size */ byte keys[ECC_BUFSIZE]; /* max size */
word32 sharedSz = sizeof(sharedSecret); word32 sharedSz = sizeof(sharedSecret);
int keysLen; int keysLen;
int encKeySz; int encKeySz;
int ivSz; int ivSz;
int offset = 0; /* keys offset if doing msg exchange */
byte* encKey; byte* encKey;
byte* encIv; byte* encIv;
byte* macKey; byte* macKey;
@@ -3570,19 +3743,37 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
outSz == NULL) outSz == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
if (opts) if (ctx == NULL) { /* use defaults */
options = *opts; ecc_ctx_init(&localCtx, 0);
else { ctx = &localCtx;
ecc_encrypt_init_options(&options); /* defaults */
} }
ret = ecc_get_key_sizes(&options, &encKeySz, &ivSz, &keysLen, &digestSz, ret = ecc_get_key_sizes(ctx, &encKeySz, &ivSz, &keysLen, &digestSz,
&blockSz); &blockSz);
if (ret != 0) if (ret != 0)
return ret; return ret;
if (ctx->protocol == REQ_RESP_SERVER) {
offset = keysLen;
keysLen *= 2;
if (ctx->srvSt != ecSRV_RECV_REQ)
return BAD_ENC_STATE_E;
ctx->srvSt = ecSRV_BAD_STATE; /* we're done no more ops allowed */
}
else if (ctx->protocol == REQ_RESP_CLIENT) {
if (ctx->cliSt != ecCLI_SALT_SET)
return BAD_ENC_STATE_E;
ctx->cliSt = ecCLI_SENT_REQ; /* only do this once */
}
if (keysLen > (int)sizeof(keys))
return BUFFER_E;
if ( (msgSz%blockSz) != 0) if ( (msgSz%blockSz) != 0)
return BAD_FUNC_ARG; return BAD_PADDING_E;
if (*outSz < (msgSz + digestSz)) if (*outSz < (msgSz + digestSz))
return BUFFER_E; return BUFFER_E;
@@ -3591,11 +3782,11 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
if (ret != 0) if (ret != 0)
return ret; return ret;
switch (options.kdfAlgo) { switch (ctx->kdfAlgo) {
case ecHKDF_SHA256 : case ecHKDF_SHA256 :
ret = HKDF(SHA256, sharedSecret, sharedSz, options.kdfSalt, ret = HKDF(SHA256, sharedSecret, sharedSz, ctx->kdfSalt,
options.kdfSaltSz, options.kdfInfo, ctx->kdfSaltSz, ctx->kdfInfo,
options.kdfInfoSz, keys, keysLen); ctx->kdfInfoSz, keys, keysLen);
if (ret != 0) if (ret != 0)
return ret; return ret;
break; break;
@@ -3604,11 +3795,11 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
encKey = keys; encKey = keys + offset;
encIv = encKey + encKeySz; encIv = encKey + encKeySz;
macKey = encKey + encKeySz + ivSz; macKey = encKey + encKeySz + ivSz;
switch (options.encAlgo) { switch (ctx->encAlgo) {
case ecAES_128_CBC: case ecAES_128_CBC:
{ {
Aes aes; Aes aes;
@@ -3625,7 +3816,7 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
switch (options.macAlgo) { switch (ctx->macAlgo) {
case ecHMAC_SHA256: case ecHMAC_SHA256:
{ {
Hmac hmac; Hmac hmac;
@@ -3633,7 +3824,7 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
if (ret != 0) if (ret != 0)
return ret; return ret;
HmacUpdate(&hmac, out, msgSz); HmacUpdate(&hmac, out, msgSz);
HmacUpdate(&hmac, options.macSalt, options.macSaltSz); HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz);
HmacFinal(&hmac, out+msgSz); HmacFinal(&hmac, out+msgSz);
} }
break; break;
@@ -3648,19 +3839,23 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
} }
/* ecc decrypt with shared secret run through kdf
ctx holds non default algos and inputs
return 0 on success */
int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncOptions* opts) word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx)
{ {
int ret; int ret;
word32 blockSz; word32 blockSz;
word32 digestSz; word32 digestSz;
ecEncOptions options; ecEncCtx localCtx;
byte sharedSecret[ECC_MAXSIZE]; /* 521 max size */ byte sharedSecret[ECC_MAXSIZE]; /* 521 max size */
byte keys[ECC_BUFSIZE]; /* max size */ byte keys[ECC_BUFSIZE]; /* max size */
word32 sharedSz = sizeof(sharedSecret); word32 sharedSz = sizeof(sharedSecret);
int keysLen; int keysLen;
int encKeySz; int encKeySz;
int ivSz; int ivSz;
int offset = 0; /* in case using msg exchange */
byte* encKey; byte* encKey;
byte* encIv; byte* encIv;
byte* macKey; byte* macKey;
@@ -3669,19 +3864,37 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
outSz == NULL) outSz == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
if (opts) if (ctx == NULL) { /* use defaults */
options = *opts; ecc_ctx_init(&localCtx, 0);
else { ctx = &localCtx;
ecc_encrypt_init_options(&options); /* defaults */
} }
ret = ecc_get_key_sizes(&options, &encKeySz, &ivSz, &keysLen, &digestSz, ret = ecc_get_key_sizes(ctx, &encKeySz, &ivSz, &keysLen, &digestSz,
&blockSz); &blockSz);
if (ret != 0) if (ret != 0)
return ret; return ret;
if (ctx->protocol == REQ_RESP_CLIENT) {
offset = keysLen;
keysLen *= 2;
if (ctx->cliSt != ecCLI_SENT_REQ)
return BAD_ENC_STATE_E;
ctx->cliSt = ecSRV_BAD_STATE; /* we're done no more ops allowed */
}
else if (ctx->protocol == REQ_RESP_SERVER) {
if (ctx->srvSt != ecSRV_SALT_SET)
return BAD_ENC_STATE_E;
ctx->srvSt = ecSRV_RECV_REQ; /* only do this once */
}
if (keysLen > (int)sizeof(keys))
return BUFFER_E;
if ( ((msgSz-digestSz) % blockSz) != 0) if ( ((msgSz-digestSz) % blockSz) != 0)
return BAD_FUNC_ARG; return BAD_PADDING_E;
if (*outSz < (msgSz - digestSz)) if (*outSz < (msgSz - digestSz))
return BUFFER_E; return BUFFER_E;
@@ -3690,11 +3903,11 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
if (ret != 0) if (ret != 0)
return ret; return ret;
switch (options.kdfAlgo) { switch (ctx->kdfAlgo) {
case ecHKDF_SHA256 : case ecHKDF_SHA256 :
ret = HKDF(SHA256, sharedSecret, sharedSz, options.kdfSalt, ret = HKDF(SHA256, sharedSecret, sharedSz, ctx->kdfSalt,
options.kdfSaltSz, options.kdfInfo, ctx->kdfSaltSz, ctx->kdfInfo,
options.kdfInfoSz, keys, keysLen); ctx->kdfInfoSz, keys, keysLen);
if (ret != 0) if (ret != 0)
return ret; return ret;
break; break;
@@ -3703,11 +3916,11 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
encKey = keys; encKey = keys + offset;
encIv = encKey + encKeySz; encIv = encKey + encKeySz;
macKey = encKey + encKeySz + ivSz; macKey = encKey + encKeySz + ivSz;
switch (options.macAlgo) { switch (ctx->macAlgo) {
case ecHMAC_SHA256: case ecHMAC_SHA256:
{ {
byte verify[SHA256_DIGEST_SIZE]; byte verify[SHA256_DIGEST_SIZE];
@@ -3716,7 +3929,7 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
if (ret != 0) if (ret != 0)
return ret; return ret;
HmacUpdate(&hmac, msg, msgSz-digestSz); HmacUpdate(&hmac, msg, msgSz-digestSz);
HmacUpdate(&hmac, options.macSalt, options.macSaltSz); HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz);
HmacFinal(&hmac, verify); HmacFinal(&hmac, verify);
if (memcmp(verify, msg + msgSz - digestSz, digestSz) != 0) { if (memcmp(verify, msg + msgSz - digestSz, digestSz) != 0) {
@@ -3729,7 +3942,7 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
switch (options.encAlgo) { switch (ctx->encAlgo) {
case ecAES_128_CBC: case ecAES_128_CBC:
{ {
Aes aes; Aes aes;

20
ctaocrypt/src/error.c
View File

@@ -323,6 +323,26 @@ void CTaoCryptErrorString(int error, char* buffer)
XSTRNCPY(buffer, "ASN OCSP sig error, confirm failure", max); XSTRNCPY(buffer, "ASN OCSP sig error, confirm failure", max);
break; break;
case BAD_ENC_STATE_E:
XSTRNCPY(buffer, "Bad ecc encrypt state operation", max);
break;
case BAD_PADDING_E:
XSTRNCPY(buffer, "Bad padding, message wrong length", max);
break;
case REQ_ATTRIBUTE_E:
XSTRNCPY(buffer, "Setting cert request attributes error", max);
break;
case PKCS7_OID_E:
XSTRNCPY(buffer, "PKCS#7 error: mismatched OID value", max);
break;
case PKCS7_RECIP_E:
XSTRNCPY(buffer, "PKCS#7 error: no matching recipient found", max);
break;
default: default:
XSTRNCPY(buffer, "unknown error number", max); XSTRNCPY(buffer, "unknown error number", max);

4
ctaocrypt/src/fp_sqr_comba_12.i
View File

@@ -24,7 +24,9 @@
void fp_sqr_comba12(fp_int *A, fp_int *B) void fp_sqr_comba12(fp_int *A, fp_int *B)
{ {
fp_digit *a, b[24], c0, c1, c2, sc0, sc1, sc2; fp_digit *a, b[24], c0, c1, c2, sc0, sc1, sc2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp; a = A->dp;
COMBA_START; COMBA_START;

3
ctaocrypt/src/fp_sqr_comba_17.i
View File

@@ -24,6 +24,9 @@
void fp_sqr_comba17(fp_int *A, fp_int *B) void fp_sqr_comba17(fp_int *A, fp_int *B)
{ {
fp_digit *a, b[34], c0, c1, c2, sc0, sc1, sc2; fp_digit *a, b[34], c0, c1, c2, sc0, sc1, sc2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp; a = A->dp;
COMBA_START; COMBA_START;

3
ctaocrypt/src/fp_sqr_comba_3.i
View File

@@ -24,6 +24,9 @@
void fp_sqr_comba3(fp_int *A, fp_int *B) void fp_sqr_comba3(fp_int *A, fp_int *B)
{ {
fp_digit *a, b[6], c0, c1, c2; fp_digit *a, b[6], c0, c1, c2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp; a = A->dp;
COMBA_START; COMBA_START;

3
ctaocrypt/src/fp_sqr_comba_4.i
View File

@@ -24,6 +24,9 @@
void fp_sqr_comba4(fp_int *A, fp_int *B) void fp_sqr_comba4(fp_int *A, fp_int *B)
{ {
fp_digit *a, b[8], c0, c1, c2; fp_digit *a, b[8], c0, c1, c2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp; a = A->dp;
COMBA_START; COMBA_START;

3
ctaocrypt/src/fp_sqr_comba_6.i
View File

@@ -24,6 +24,9 @@
void fp_sqr_comba6(fp_int *A, fp_int *B) void fp_sqr_comba6(fp_int *A, fp_int *B)
{ {
fp_digit *a, b[12], c0, c1, c2, sc0, sc1, sc2; fp_digit *a, b[12], c0, c1, c2, sc0, sc1, sc2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp; a = A->dp;
COMBA_START; COMBA_START;

3
ctaocrypt/src/fp_sqr_comba_7.i
View File

@@ -24,6 +24,9 @@
void fp_sqr_comba7(fp_int *A, fp_int *B) void fp_sqr_comba7(fp_int *A, fp_int *B)
{ {
fp_digit *a, b[14], c0, c1, c2, sc0, sc1, sc2; fp_digit *a, b[14], c0, c1, c2, sc0, sc1, sc2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp; a = A->dp;
COMBA_START; COMBA_START;

3
ctaocrypt/src/fp_sqr_comba_8.i
View File

@@ -24,6 +24,9 @@
void fp_sqr_comba8(fp_int *A, fp_int *B) void fp_sqr_comba8(fp_int *A, fp_int *B)
{ {
fp_digit *a, b[16], c0, c1, c2, sc0, sc1, sc2; fp_digit *a, b[16], c0, c1, c2, sc0, sc1, sc2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp; a = A->dp;
COMBA_START; COMBA_START;

3
ctaocrypt/src/fp_sqr_comba_9.i
View File

@@ -24,6 +24,9 @@
void fp_sqr_comba9(fp_int *A, fp_int *B) void fp_sqr_comba9(fp_int *A, fp_int *B)
{ {
fp_digit *a, b[18], c0, c1, c2, sc0, sc1, sc2; fp_digit *a, b[18], c0, c1, c2, sc0, sc1, sc2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp; a = A->dp;
COMBA_START; COMBA_START;

2
ctaocrypt/src/integer.c
View File

@@ -3765,7 +3765,7 @@ int mp_sqrmod (mp_int * a, mp_int * b, mp_int * c)
#endif #endif
#if defined(HAVE_ECC) || !defined(NO_PWDBASED) || defined(CYASSL_SNIFFER) #if defined(HAVE_ECC) || !defined(NO_PWDBASED) || defined(CYASSL_SNIFFER) || defined(CYASSL_HAVE_WOLFSCEP)
/* single digit addition */ /* single digit addition */
int mp_add_d (mp_int* a, mp_digit b, mp_int* c) int mp_add_d (mp_int* a, mp_digit b, mp_int* c)

30
ctaocrypt/src/md5.c
View File

@@ -26,7 +26,13 @@
#include <cyassl/ctaocrypt/settings.h> #include <cyassl/ctaocrypt/settings.h>
#ifndef NO_MD5 #if !defined(NO_MD5)
#ifdef CYASSL_PIC32MZ_HASH
#define InitMd5 InitMd5_sw
#define Md5Update Md5Update_sw
#define Md5Final Md5Final_sw
#endif
#include <cyassl/ctaocrypt/md5.h> #include <cyassl/ctaocrypt/md5.h>
@@ -36,6 +42,13 @@
#include <ctaocrypt/src/misc.c> #include <ctaocrypt/src/misc.c>
#endif #endif
#ifdef FREESCALE_MMCAU
#include "cau_api.h"
#define XTRANSFORM(S,B) cau_md5_hash_n((B), 1, (unsigned char*)(S)->digest)
#else
#define XTRANSFORM(S,B) Transform((S))
#endif
#ifdef STM32F2_HASH #ifdef STM32F2_HASH
/* /*
@@ -174,6 +187,7 @@ void InitMd5(Md5* md5)
md5->hiLen = 0; md5->hiLen = 0;
} }
#ifndef FREESCALE_MMCAU
static void Transform(Md5* md5) static void Transform(Md5* md5)
{ {
@@ -266,6 +280,8 @@ static void Transform(Md5* md5)
md5->digest[3] += d; md5->digest[3] += d;
} }
#endif /* FREESCALE_MMCAU */
static INLINE void AddLength(Md5* md5, word32 len) static INLINE void AddLength(Md5* md5, word32 len)
{ {
@@ -289,10 +305,10 @@ void Md5Update(Md5* md5, const byte* data, word32 len)
len -= add; len -= add;
if (md5->buffLen == MD5_BLOCK_SIZE) { if (md5->buffLen == MD5_BLOCK_SIZE) {
#ifdef BIG_ENDIAN_ORDER #if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseBytes(local, local, MD5_BLOCK_SIZE); ByteReverseBytes(local, local, MD5_BLOCK_SIZE);
#endif #endif
Transform(md5); XTRANSFORM(md5, local);
AddLength(md5, MD5_BLOCK_SIZE); AddLength(md5, MD5_BLOCK_SIZE);
md5->buffLen = 0; md5->buffLen = 0;
} }
@@ -313,10 +329,10 @@ void Md5Final(Md5* md5, byte* hash)
XMEMSET(&local[md5->buffLen], 0, MD5_BLOCK_SIZE - md5->buffLen); XMEMSET(&local[md5->buffLen], 0, MD5_BLOCK_SIZE - md5->buffLen);
md5->buffLen += MD5_BLOCK_SIZE - md5->buffLen; md5->buffLen += MD5_BLOCK_SIZE - md5->buffLen;
#ifdef BIG_ENDIAN_ORDER #if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseBytes(local, local, MD5_BLOCK_SIZE); ByteReverseBytes(local, local, MD5_BLOCK_SIZE);
#endif #endif
Transform(md5); XTRANSFORM(md5, local);
md5->buffLen = 0; md5->buffLen = 0;
} }
XMEMSET(&local[md5->buffLen], 0, MD5_PAD_SIZE - md5->buffLen); XMEMSET(&local[md5->buffLen], 0, MD5_PAD_SIZE - md5->buffLen);
@@ -327,14 +343,14 @@ void Md5Final(Md5* md5, byte* hash)
md5->loLen = md5->loLen << 3; md5->loLen = md5->loLen << 3;
/* store lengths */ /* store lengths */
#ifdef BIG_ENDIAN_ORDER #if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseBytes(local, local, MD5_BLOCK_SIZE); ByteReverseBytes(local, local, MD5_BLOCK_SIZE);
#endif #endif
/* ! length ordering dependent on digest endian type ! */ /* ! length ordering dependent on digest endian type ! */
XMEMCPY(&local[MD5_PAD_SIZE], &md5->loLen, sizeof(word32)); XMEMCPY(&local[MD5_PAD_SIZE], &md5->loLen, sizeof(word32));
XMEMCPY(&local[MD5_PAD_SIZE + sizeof(word32)], &md5->hiLen, sizeof(word32)); XMEMCPY(&local[MD5_PAD_SIZE + sizeof(word32)], &md5->hiLen, sizeof(word32));
Transform(md5); XTRANSFORM(md5, local);
#ifdef BIG_ENDIAN_ORDER #ifdef BIG_ENDIAN_ORDER
ByteReverseWords(md5->digest, md5->digest, MD5_DIGEST_SIZE); ByteReverseWords(md5->digest, md5->digest, MD5_DIGEST_SIZE);
#endif #endif

1348
ctaocrypt/src/pkcs7.c Normal file
View File

File diff suppressed because it is too large Load Diff

16
ctaocrypt/src/pwdbased.c
View File

@@ -27,6 +27,22 @@
#ifndef NO_PWDBASED #ifndef NO_PWDBASED
#ifdef CYASSL_PIC32MZ_HASH
#define InitMd5 InitMd5_sw
#define Md5Update Md5Update_sw
#define Md5Final Md5Final_sw
#define InitSha InitSha_sw
#define ShaUpdate ShaUpdate_sw
#define ShaFinal ShaFinal_sw
#define InitSha256 InitSha256_sw
#define Sha256Update Sha256Update_sw
#define Sha256Final Sha256Final_sw
#endif
#include <cyassl/ctaocrypt/pwdbased.h> #include <cyassl/ctaocrypt/pwdbased.h>
#include <cyassl/ctaocrypt/hmac.h> #include <cyassl/ctaocrypt/hmac.h>
#include <cyassl/ctaocrypt/integer.h> #include <cyassl/ctaocrypt/integer.h>

38
ctaocrypt/src/random.c
View File

@@ -460,15 +460,14 @@ int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
#elif defined(MICROCHIP_PIC32) #elif defined(MICROCHIP_PIC32)
#ifdef MICROCHIP_MPLAB_HARMONY #ifdef MICROCHIP_MPLAB_HARMONY
#define PIC32_SEED_COUNT _CP0_GET_COUNT #define PIC32_SEED_COUNT _CP0_GET_COUNT
#else #else
#if !defined(CYASSL_MICROCHIP_PIC32MZ) #if !defined(CYASSL_MICROCHIP_PIC32MZ)
#include <peripheral/timer.h> #include <peripheral/timer.h>
#endif #endif
#define PIC32_SEED_COUNT ReadCoreTimer #define PIC32_SEED_COUNT ReadCoreTimer
#endif #endif
#ifdef CYASSL_MIC32MZ_RNG #ifdef CYASSL_MIC32MZ_RNG
#include "xc.h" #include "xc.h"
int GenerateSeed(OS_Seed* os, byte* output, word32 sz) int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
@@ -479,16 +478,17 @@ int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
word32 size = sz ; word32 size = sz ;
byte* op = output ; byte* op = output ;
/* This part has to be replaced with better random seed */
RNGNUMGEN1 = ReadCoreTimer(); RNGNUMGEN1 = ReadCoreTimer();
RNGPOLY1 = 0x01020304; RNGPOLY1 = ReadCoreTimer();
RNGPOLY2 = 0x05060709; RNGPOLY2 = ReadCoreTimer();
RNGNUMGEN2 = ReadCoreTimer(); RNGNUMGEN2 = ReadCoreTimer();
#ifdef DEBUG_CYASSL #ifdef DEBUG_CYASSL
printf("GenerateSeed::Seed=%08x, %08x\n", RNGNUMGEN1, RNGNUMGEN2) ; printf("GenerateSeed::Seed=%08x, %08x\n", RNGNUMGEN1, RNGNUMGEN2) ;
#endif #endif
RNGCONbits.PLEN = 0x40; RNGCONbits.PLEN = 0x40;
RNGCONbits.PRNGEN = 1; RNGCONbits.PRNGEN = 1;
for(i=0; i<3; i++) { /* wait for RNGNUMGEN ready */ for(i=0; i<5; i++) { /* wait for RNGNUMGEN ready */
volatile int x ; volatile int x ;
x = RNGNUMGEN1 ; x = RNGNUMGEN1 ;
x = RNGNUMGEN2 ; x = RNGNUMGEN2 ;
@@ -503,23 +503,12 @@ int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
if(size==0)break ; if(size==0)break ;
} }
} while(size) ; } while(size) ;
#ifdef DEBUG_CYASSL
printf("\nReturn=") ;
for(i=0; i<sz; i++) {
printf("%02x", output[(i/4)*4 + (3-(i%4))]) ;
if((i+1)%4==0)putchar(',') ;
}
putchar('\n') ;
#endif
return 0; return 0;
} }
#else /* CYASSL_MIC32MZ_RNG */
#else /* uses the core timer, in nanoseconds to seed srand */
int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
int GenerateSeed(OS_Seed* os, byte* output, word32 sz) {
{
int i; int i;
srand(PIC32_SEED_COUNT() * 25); srand(PIC32_SEED_COUNT() * 25);
@@ -530,9 +519,8 @@ int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
} }
return 0; return 0;
} }
#endif #endif /* CYASSL_MIC32MZ_RNG */
#elif defined(CYASSL_SAFERTOS) || defined(CYASSL_LEANPSK) #elif defined(CYASSL_SAFERTOS) || defined(CYASSL_LEANPSK)
#warning "write a real random seed!!!!, just for testing now" #warning "write a real random seed!!!!, just for testing now"

26
ctaocrypt/src/sha512.c
View File

@@ -146,13 +146,24 @@ static void Transform(Sha512* sha512)
/* Copy digest to working vars */ /* Copy digest to working vars */
XMEMCPY(T, sha512->digest, sizeof(T)); XMEMCPY(T, sha512->digest, sizeof(T));
/* 64 operations, partially loop unrolled */ #ifdef USE_SLOW_SHA2
/* over twice as small, but 50% slower */
/* 80 operations, not unrolled */
for (j = 0; j < 80; j += 16) {
int m;
for (m = 0; m < 16; m++) { /* braces needed here for macros {} */
R(m);
}
}
#else
/* 80 operations, partially loop unrolled */
for (j = 0; j < 80; j += 16) { for (j = 0; j < 80; j += 16) {
R( 0); R( 1); R( 2); R( 3); R( 0); R( 1); R( 2); R( 3);
R( 4); R( 5); R( 6); R( 7); R( 4); R( 5); R( 6); R( 7);
R( 8); R( 9); R(10); R(11); R( 8); R( 9); R(10); R(11);
R(12); R(13); R(14); R(15); R(12); R(13); R(14); R(15);
} }
#endif /* USE_SLOW_SHA2 */
/* Add the working vars back into digest */ /* Add the working vars back into digest */
@@ -280,13 +291,24 @@ static void Transform384(Sha384* sha384)
/* Copy digest to working vars */ /* Copy digest to working vars */
XMEMCPY(T, sha384->digest, sizeof(T)); XMEMCPY(T, sha384->digest, sizeof(T));
/* 64 operations, partially loop unrolled */ #ifdef USE_SLOW_SHA2
/* over twice as small, but 50% slower */
/* 80 operations, not unrolled */
for (j = 0; j < 80; j += 16) {
int m;
for (m = 0; m < 16; m++) { /* braces needed for macros {} */
R2(m);
}
}
#else
/* 80 operations, partially loop unrolled */
for (j = 0; j < 80; j += 16) { for (j = 0; j < 80; j += 16) {
R2( 0); R2( 1); R2( 2); R2( 3); R2( 0); R2( 1); R2( 2); R2( 3);
R2( 4); R2( 5); R2( 6); R2( 7); R2( 4); R2( 5); R2( 6); R2( 7);
R2( 8); R2( 9); R2(10); R2(11); R2( 8); R2( 9); R2(10); R2(11);
R2(12); R2(13); R2(14); R2(15); R2(12); R2(13); R2(14); R2(15);
} }
#endif /* USE_SLOW_SHA2 */
/* Add the working vars back into digest */ /* Add the working vars back into digest */

577
ctaocrypt/test/test.c
View File

@@ -61,6 +61,9 @@
#ifdef HAVE_LIBZ #ifdef HAVE_LIBZ
#include <cyassl/ctaocrypt/compress.h> #include <cyassl/ctaocrypt/compress.h>
#endif #endif
#ifdef HAVE_PKCS7
#include <cyassl/ctaocrypt/pkcs7.h>
#endif
#ifdef _MSC_VER #ifdef _MSC_VER
/* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
@@ -174,6 +177,10 @@ int pbkdf2_test(void);
#ifdef HAVE_LIBZ #ifdef HAVE_LIBZ
int compress_test(void); int compress_test(void);
#endif #endif
#ifdef HAVE_PKCS7
int pkcs7enveloped_test(void);
int pkcs7signed_test(void);
#endif
@@ -458,6 +465,18 @@ void ctaocrypt_test(void* args)
printf( "COMPRESS test passed!\n"); printf( "COMPRESS test passed!\n");
#endif #endif
#ifdef HAVE_PKCS7
if ( (ret = pkcs7enveloped_test()) != 0)
err_sys("PKCS7enveloped test failed!\n", ret);
else
printf( "PKCS7enveloped test passed!\n");
if ( (ret = pkcs7signed_test()) != 0)
err_sys("PKCS7signed test failed!\n", ret);
else
printf( "PKCS7signed test passed!\n");
#endif
((func_args*)args)->return_code = ret; ((func_args*)args)->return_code = ret;
} }
@@ -1897,6 +1916,12 @@ int aes_test(void)
0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee 0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee
}; };
const byte oddCipher[] =
{
0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0,
0xc2
};
AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
/* Ctr only uses encrypt, even on key setup */ /* Ctr only uses encrypt, even on key setup */
AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
@@ -1909,6 +1934,30 @@ int aes_test(void)
if (memcmp(cipher, ctrCipher, AES_BLOCK_SIZE*4)) if (memcmp(cipher, ctrCipher, AES_BLOCK_SIZE*4))
return -67; return -67;
/* let's try with just 9 bytes, non block size test */
AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
/* Ctr only uses encrypt, even on key setup */
AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
AesCtrEncrypt(&enc, cipher, ctrPlain, 9);
AesCtrEncrypt(&dec, plain, cipher, 9);
if (memcmp(plain, ctrPlain, 9))
return -68;
if (memcmp(cipher, ctrCipher, 9))
return -69;
/* and an additional 9 bytes to reuse tmp left buffer */
AesCtrEncrypt(&enc, cipher, ctrPlain, 9);
AesCtrEncrypt(&dec, plain, cipher, 9);
if (memcmp(plain, ctrPlain, 9))
return -70;
if (memcmp(cipher, oddCipher, 9))
return -71;
} }
#endif /* CYASSL_AES_COUNTER */ #endif /* CYASSL_AES_COUNTER */
@@ -2033,8 +2082,10 @@ int aesgcm_test(void)
result = AesGcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv), result = AesGcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv),
t2, sizeof(t2), a, sizeof(a)); t2, sizeof(t2), a, sizeof(a));
if (result != 0) if (result != 0)
return -70; return -70;
if (memcmp(p, p2, sizeof(p2))) if (memcmp(p, p2, sizeof(p2)))
return -71; return -71;
@@ -2487,17 +2538,27 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out)
#ifdef CYASSL_CERT_GEN #ifdef CYASSL_CERT_GEN
static const char* caKeyFile = "a:\\certs\\ca-key.der"; static const char* caKeyFile = "a:\\certs\\ca-key.der";
static const char* caCertFile = "a:\\certs\\ca-cert.pem"; static const char* caCertFile = "a:\\certs\\ca-cert.pem";
#ifdef HAVE_ECC
static const char* eccCaKeyFile = "a:\\certs\\ecc-key.der";
static const char* eccCaCertFile = "a:\\certs\\server-ecc.pem";
#endif
#endif #endif
#elif defined(CYASSL_MKD_SHELL) #elif defined(CYASSL_MKD_SHELL)
static char* clientKey = "certs/client-key.der"; static char* clientKey = "certs/client-key.der";
static char* clientCert = "certs/client-cert.der"; static char* clientCert = "certs/client-cert.der";
void set_clientKey(char *key) { clientKey = key ; } /* set by shell command */ void set_clientKey(char *key) { clientKey = key ; }
void set_clientCert(char *cert) { clientCert = cert ; } /* set by shell command */ void set_clientCert(char *cert) { clientCert = cert ; }
#ifdef CYASSL_CERT_GEN #ifdef CYASSL_CERT_GEN
static char* caKeyFile = "certs/ca-key.der"; static char* caKeyFile = "certs/ca-key.der";
static char* caCertFile = "certs/ca-cert.pem"; static char* caCertFile = "certs/ca-cert.pem";
void set_caKeyFile (char * key) { caKeyFile = key ; } /* set by shell command */ void set_caKeyFile (char * key) { caKeyFile = key ; }
void set_caCertFile(char * cert) { caCertFile = cert ; } /* set by shell command */ void set_caCertFile(char * cert) { caCertFile = cert ; }
#ifdef HAVE_ECC
static const char* eccCaKeyFile = "certs/ecc-key.der";
static const char* eccCaCertFile = "certs/server-ecc.pem";
void set_eccCaKeyFile (char * key) { eccCaKeyFile = key ; }
void set_eccCaCertFile(char * cert) { eccCaCertFile = cert ; }
#endif
#endif #endif
#else #else
static const char* clientKey = "./certs/client-key.der"; static const char* clientKey = "./certs/client-key.der";
@@ -2505,6 +2566,10 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out)
#ifdef CYASSL_CERT_GEN #ifdef CYASSL_CERT_GEN
static const char* caKeyFile = "./certs/ca-key.der"; static const char* caKeyFile = "./certs/ca-key.der";
static const char* caCertFile = "./certs/ca-cert.pem"; static const char* caCertFile = "./certs/ca-cert.pem";
#ifdef HAVE_ECC
static const char* eccCaKeyFile = "./certs/ecc-key.der";
static const char* eccCaCertFile = "./certs/server-ecc.pem";
#endif
#endif #endif
#endif #endif
#endif #endif
@@ -2784,11 +2849,12 @@ int rsa_test(void)
if (ret < 0) if (ret < 0)
return -405; return -405;
certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, &rng); certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, NULL, &rng);
if (certSz < 0) if (certSz < 0)
return -407; return -407;
certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng); certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
&caKey, NULL, &rng);
if (certSz < 0) if (certSz < 0)
return -408; return -408;
@@ -2820,6 +2886,95 @@ int rsa_test(void)
free(derCert); free(derCert);
FreeRsaKey(&caKey); FreeRsaKey(&caKey);
} }
#ifdef HAVE_ECC
/* ECC CA style */
{
ecc_key caKey;
Cert myCert;
byte* derCert;
byte* pem;
FILE* derFile;
FILE* pemFile;
int certSz;
int pemSz;
size_t bytes3;
word32 idx3 = 0;
FILE* file3 ;
#ifdef CYASSL_TEST_CERT
DecodedCert decode;
#endif
derCert = (byte*)malloc(FOURK_BUF);
if (derCert == NULL)
return -5311;
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
return -5312;
file3 = fopen(eccCaKeyFile, "rb");
if (!file3)
return -5412;
bytes3 = fread(tmp, 1, FOURK_BUF, file3);
fclose(file3);
ecc_init(&caKey);
ret = EccPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3);
if (ret != 0) return -5413;
InitCert(&myCert);
myCert.sigType = CTC_SHA256wECDSA;
strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
strncpy(myCert.subject.org, "wolfSSL", CTC_NAME_SIZE);
strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
strncpy(myCert.subject.commonName, "www.wolfssl.com", CTC_NAME_SIZE);
strncpy(myCert.subject.email, "info@wolfssl.com", CTC_NAME_SIZE);
ret = SetIssuer(&myCert, eccCaCertFile);
if (ret < 0)
return -5405;
certSz = MakeCert(&myCert, derCert, FOURK_BUF, NULL, &caKey, &rng);
if (certSz < 0)
return -5407;
certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
NULL, &caKey, &rng);
if (certSz < 0)
return -5408;
#ifdef CYASSL_TEST_CERT
InitDecodedCert(&decode, derCert, certSz, 0);
ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
if (ret != 0)
return -5409;
FreeDecodedCert(&decode);
#endif
derFile = fopen("./certecc.der", "wb");
if (!derFile)
return -5410;
ret = (int)fwrite(derCert, certSz, 1, derFile);
fclose(derFile);
pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
if (pemSz < 0)
return -5411;
pemFile = fopen("./certecc.pem", "wb");
if (!pemFile)
return -5412;
ret = (int)fwrite(pem, pemSz, 1, pemFile);
fclose(pemFile);
free(pem);
free(derCert);
ecc_free(&caKey);
}
#endif /* HAVE_ECC */
#ifdef HAVE_NTRU #ifdef HAVE_NTRU
{ {
RsaKey caKey; RsaKey caKey;
@@ -2900,7 +3055,8 @@ int rsa_test(void)
if (certSz < 0) if (certSz < 0)
return -456; return -456;
certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng); certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
&caKey, NULL, &rng);
if (certSz < 0) if (certSz < 0)
return -457; return -457;
@@ -2938,6 +3094,66 @@ int rsa_test(void)
FreeRsaKey(&caKey); FreeRsaKey(&caKey);
} }
#endif /* HAVE_NTRU */ #endif /* HAVE_NTRU */
#ifdef CYASSL_CERT_REQ
{
Cert req;
byte* der;
byte* pem;
int derSz;
int pemSz;
FILE* reqFile;
der = (byte*)malloc(FOURK_BUF);
if (der == NULL)
return -463;
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
return -464;
InitCert(&req);
req.version = 0;
req.isCA = 1;
strncpy(req.challengePw, "yassl123", CTC_NAME_SIZE);
strncpy(req.subject.country, "US", CTC_NAME_SIZE);
strncpy(req.subject.state, "OR", CTC_NAME_SIZE);
strncpy(req.subject.locality, "Portland", CTC_NAME_SIZE);
strncpy(req.subject.org, "yaSSL", CTC_NAME_SIZE);
strncpy(req.subject.unit, "Development", CTC_NAME_SIZE);
strncpy(req.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
strncpy(req.subject.email, "info@yassl.com", CTC_NAME_SIZE);
req.sigType = CTC_SHA256wRSA;
derSz = MakeCertReq(&req, der, FOURK_BUF, &key, NULL);
if (derSz < 0)
return -465;
derSz = SignCert(req.bodySz, req.sigType, der, FOURK_BUF,
&key, NULL, &rng);
if (derSz < 0)
return -466;
pemSz = DerToPem(der, derSz, pem, FOURK_BUF, CERTREQ_TYPE);
if (pemSz < 0)
return -467;
reqFile = fopen("./certreq.der", "wb");
if (!reqFile)
return -468;
ret = (int)fwrite(der, derSz, 1, reqFile);
fclose(reqFile);
reqFile = fopen("./certreq.pem", "wb");
if (!reqFile)
return -469;
ret = (int)fwrite(pem, pemSz, 1, reqFile);
fclose(reqFile);
free(pem);
free(der);
}
#endif /* CYASSL_CERT_REQ */
#endif /* CYASSL_CERT_GEN */ #endif /* CYASSL_CERT_GEN */
FreeRsaKey(&key); FreeRsaKey(&key);
@@ -3628,12 +3844,12 @@ int ecc_encrypt_test(void)
for (i = 0; i < 48; i++) for (i = 0; i < 48; i++)
msg[i] = i; msg[i] = i;
/* send encrypted msg to B */ /* encrypt msg to B */
ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz, NULL); ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz, NULL);
if (ret != 0) if (ret != 0)
return -3003; return -3003;
/* decrypted msg to B */ /* decrypt msg from A */
ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, NULL); ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, NULL);
if (ret != 0) if (ret != 0)
return -3004; return -3004;
@@ -3641,6 +3857,84 @@ int ecc_encrypt_test(void)
if (memcmp(plain, msg, sizeof(msg)) != 0) if (memcmp(plain, msg, sizeof(msg)) != 0)
return -3005; return -3005;
{ /* let's verify message exchange works, A is client, B is server */
ecEncCtx* cliCtx = ecc_ctx_new(REQ_RESP_CLIENT, &rng);
ecEncCtx* srvCtx = ecc_ctx_new(REQ_RESP_SERVER, &rng);
byte cliSalt[EXCHANGE_SALT_SZ];
byte srvSalt[EXCHANGE_SALT_SZ];
const byte* tmpSalt;
if (cliCtx == NULL || srvCtx == NULL)
return -3006;
/* get salt to send to peer */
tmpSalt = ecc_ctx_get_own_salt(cliCtx);
if (tmpSalt == NULL)
return -3007;
memcpy(cliSalt, tmpSalt, EXCHANGE_SALT_SZ);
tmpSalt = ecc_ctx_get_own_salt(srvCtx);
if (tmpSalt == NULL)
return -3007;
memcpy(srvSalt, tmpSalt, EXCHANGE_SALT_SZ);
/* in actual use, we'd get the peer's salt over the transport */
ret = ecc_ctx_set_peer_salt(cliCtx, srvSalt);
ret += ecc_ctx_set_peer_salt(srvCtx, cliSalt);
if (ret != 0)
return -3008;
/* get encrypted msg (request) to send to B */
outSz = sizeof(out);
ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz,cliCtx);
if (ret != 0)
return -3009;
/* B decrypts msg (request) from A */
plainSz = sizeof(plain);
ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, srvCtx);
if (ret != 0)
return -3010;
if (memcmp(plain, msg, sizeof(msg)) != 0)
return -3011;
{
/* msg2 (response) from B to A */
byte msg2[48];
byte plain2[48];
byte out2[80];
word32 outSz2 = sizeof(out2);
word32 plainSz2 = sizeof(plain2);
for (i = 0; i < 48; i++)
msg2[i] = i+48;
/* get encrypted msg (response) to send to B */
ret = ecc_encrypt(&userB, &userA, msg2, sizeof(msg2), out2,
&outSz2, srvCtx);
if (ret != 0)
return -3012;
/* A decrypts msg (response) from B */
ret = ecc_decrypt(&userA, &userB, out2, outSz2, plain2, &plainSz2,
cliCtx);
if (ret != 0)
return -3013;
if (memcmp(plain2, msg2, sizeof(msg2)) != 0)
return -3014;
}
/* cleanup */
ecc_ctx_free(srvCtx);
ecc_ctx_free(cliCtx);
}
/* cleanup */
ecc_free(&userB); ecc_free(&userB);
ecc_free(&userA); ecc_free(&userA);
@@ -3766,4 +4060,269 @@ int compress_test(void)
#endif /* HAVE_LIBZ */ #endif /* HAVE_LIBZ */
#ifdef HAVE_PKCS7
int pkcs7enveloped_test(void)
{
int ret = 0;
int cipher = DES3b;
int envelopedSz, decodedSz;
PKCS7 pkcs7;
byte* cert;
byte* privKey;
byte enveloped[2048];
byte decoded[2048];
size_t certSz;
size_t privKeySz;
FILE* certFile;
FILE* keyFile;
FILE* pkcs7File;
const char* pkcs7OutFile = "pkcs7envelopedData.der";
const byte data[] = { /* Hello World */
0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
0x72,0x6c,0x64
};
/* read client cert and key in DER format */
cert = (byte*)malloc(FOURK_BUF);
if (cert == NULL)
return -201;
privKey = (byte*)malloc(FOURK_BUF);
if (privKey == NULL)
return -202;
certFile = fopen(clientCert, "rb");
if (!certFile)
err_sys("can't open ./certs/client-cert.der, "
"Please run from CyaSSL home dir", -42);
certSz = fread(cert, 1, FOURK_BUF, certFile);
fclose(certFile);
keyFile = fopen(clientKey, "rb");
if (!keyFile)
err_sys("can't open ./certs/client-key.der, "
"Please run from CyaSSL home dir", -43);
privKeySz = fread(privKey, 1, FOURK_BUF, keyFile);
fclose(keyFile);
PKCS7_InitWithCert(&pkcs7, cert, (word32)certSz);
pkcs7.content = (byte*)data;
pkcs7.contentSz = (word32)sizeof(data);
pkcs7.contentOID = DATA;
pkcs7.encryptOID = cipher;
pkcs7.privateKey = privKey;
pkcs7.privateKeySz = (word32)privKeySz;
/* encode envelopedData */
envelopedSz = PKCS7_EncodeEnvelopedData(&pkcs7, enveloped,
sizeof(enveloped));
if (envelopedSz <= 0)
return -203;
/* decode envelopedData */
decodedSz = PKCS7_DecodeEnvelopedData(&pkcs7, enveloped, envelopedSz,
decoded, sizeof(decoded));
if (decodedSz <= 0)
return -204;
/* test decode result */
if (memcmp(decoded, data, sizeof(data)) != 0) {
return -205;
}
/* output pkcs7 envelopedData for external testing */
pkcs7File = fopen(pkcs7OutFile, "wb");
if (!pkcs7File)
return -206;
ret = (int)fwrite(enveloped, envelopedSz, 1, pkcs7File);
fclose(pkcs7File);
free(cert);
free(privKey);
PKCS7_Free(&pkcs7);
if (ret > 0)
return 0;
return ret;
}
int pkcs7signed_test(void)
{
int ret = 0;
FILE* file;
byte* certDer;
byte* keyDer;
byte* out;
char data[] = "Hello World";
word32 dataSz, outSz, certDerSz, keyDerSz;
PKCS7 msg;
RNG rng;
byte transIdOid[] =
{ 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
0x09, 0x07 };
byte messageTypeOid[] =
{ 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
0x09, 0x02 };
byte senderNonceOid[] =
{ 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
0x09, 0x05 };
byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1];
byte messageType[] = { 0x13, 2, '1', '9' };
byte senderNonce[PKCS7_NONCE_SZ + 2];
PKCS7Attrib attribs[] =
{
{ transIdOid, sizeof(transIdOid),
transId, sizeof(transId) - 1 }, /* take off the null */
{ messageTypeOid, sizeof(messageTypeOid),
messageType, sizeof(messageType) },
{ senderNonceOid, sizeof(senderNonceOid),
senderNonce, sizeof(senderNonce) }
};
dataSz = (word32) strlen(data);
outSz = FOURK_BUF;
certDer = (byte*)malloc(FOURK_BUF);
keyDer = (byte*)malloc(FOURK_BUF);
out = (byte*)malloc(FOURK_BUF);
if (certDer == NULL)
return -207;
if (keyDer == NULL)
return -208;
if (out == NULL)
return -209;
/* read in DER cert of recipient, into cert of size certSz */
file = fopen(clientCert, "rb");
if (!file) {
free(certDer);
free(keyDer);
free(out);
err_sys("can't open ./certs/client-cert.der, "
"Please run from CyaSSL home dir", -44);
}
certDerSz = (word32)fread(certDer, 1, FOURK_BUF, file);
fclose(file);
file = fopen(clientKey, "rb");
if (!file) {
free(certDer);
free(keyDer);
free(out);
err_sys("can't open ./certs/client-key.der, "
"Please run from CyaSSL home dir", -45);
}
keyDerSz = (word32)fread(keyDer, 1, FOURK_BUF, file);
fclose(file);
ret = InitRng(&rng);
senderNonce[0] = 0x04;
senderNonce[1] = PKCS7_NONCE_SZ;
RNG_GenerateBlock(&rng, &senderNonce[2], PKCS7_NONCE_SZ);
PKCS7_InitWithCert(&msg, certDer, certDerSz);
msg.privateKey = keyDer;
msg.privateKeySz = keyDerSz;
msg.content = (byte*)data;
msg.contentSz = dataSz;
msg.hashOID = SHAh;
msg.encryptOID = RSAk;
msg.signedAttribs = attribs;
msg.signedAttribsSz = sizeof(attribs)/sizeof(PKCS7Attrib);
msg.rng = &rng;
{
Sha sha;
byte digest[SHA_DIGEST_SIZE];
int i,j;
transId[0] = 0x13;
transId[1] = SHA_DIGEST_SIZE * 2;
InitSha(&sha);
ShaUpdate(&sha, msg.publicKey, msg.publicKeySz);
ShaFinal(&sha, digest);
for (i = 0, j = 2; i < SHA_DIGEST_SIZE; i++, j += 2) {
snprintf((char*)&transId[j], 3, "%02x", digest[i]);
}
}
ret = PKCS7_EncodeSignedData(&msg, out, outSz);
if (ret < 0) {
free(certDer);
free(keyDer);
free(out);
PKCS7_Free(&msg);
return -210;
}
else
outSz = ret;
/* write PKCS#7 to output file for more testing */
file = fopen("./pkcs7signedData.der", "wb");
if (!file) {
free(certDer);
free(keyDer);
free(out);
PKCS7_Free(&msg);
return -211;
}
ret = (int)fwrite(out, 1, outSz, file);
fclose(file);
PKCS7_Free(&msg);
PKCS7_InitWithCert(&msg, NULL, 0);
ret = PKCS7_VerifySignedData(&msg, out, outSz);
if (ret < 0) {
free(certDer);
free(keyDer);
free(out);
PKCS7_Free(&msg);
return -212;
}
if (msg.singleCert == NULL || msg.singleCertSz == 0) {
free(certDer);
free(keyDer);
free(out);
PKCS7_Free(&msg);
return -213;
}
file = fopen("./pkcs7cert.der", "wb");
if (!file) {
free(certDer);
free(keyDer);
free(out);
PKCS7_Free(&msg);
return -214;
}
ret = (int)fwrite(msg.singleCert, 1, msg.singleCertSz, file);
fclose(file);
free(certDer);
free(keyDer);
free(out);
PKCS7_Free(&msg);
if (ret > 0)
return 0;
return ret;
}
#endif /* HAVE_PKCS7 */
#endif /* NO_CRYPT_TEST */ #endif /* NO_CRYPT_TEST */

20
cyassl-ntru.vcproj
View File

@@ -166,10 +166,22 @@
RelativePath=".\ctaocrypt\src\asn.c" RelativePath=".\ctaocrypt\src\asn.c"
> >
</File> </File>
<File
RelativePath=".\ctaocrypt\src\blake2b.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\camellia.c"
>
</File>
<File <File
RelativePath=".\ctaocrypt\src\coding.c" RelativePath=".\ctaocrypt\src\coding.c"
> >
</File> </File>
<File
RelativePath=".\src\crl.c"
>
</File>
<File <File
RelativePath=".\ctaocrypt\src\des3.c" RelativePath=".\ctaocrypt\src\des3.c"
> >
@@ -182,6 +194,10 @@
RelativePath=".\ctaocrypt\src\dsa.c" RelativePath=".\ctaocrypt\src\dsa.c"
> >
</File> </File>
<File
RelativePath=".\ctaocrypt\src\ecc.c"
>
</File>
<File <File
RelativePath=".\ctaocrypt\src\error.c" RelativePath=".\ctaocrypt\src\error.c"
> >
@@ -230,6 +246,10 @@
RelativePath=".\ctaocrypt\src\misc.c" RelativePath=".\ctaocrypt\src\misc.c"
> >
</File> </File>
<File
RelativePath=".\src\ocsp.c"
>
</File>
<File <File
RelativePath=".\ctaocrypt\src\port.c" RelativePath=".\ctaocrypt\src\port.c"
> >

20
cyassl.vcproj
View File

@@ -162,10 +162,22 @@
RelativePath=".\ctaocrypt\src\asn.c" RelativePath=".\ctaocrypt\src\asn.c"
> >
</File> </File>
<File
RelativePath=".\ctaocrypt\src\blake2b.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\camellia.c"
>
</File>
<File <File
RelativePath=".\ctaocrypt\src\coding.c" RelativePath=".\ctaocrypt\src\coding.c"
> >
</File> </File>
<File
RelativePath=".\src\crl.c"
>
</File>
<File <File
RelativePath=".\ctaocrypt\src\des3.c" RelativePath=".\ctaocrypt\src\des3.c"
> >
@@ -178,6 +190,10 @@
RelativePath=".\ctaocrypt\src\dsa.c" RelativePath=".\ctaocrypt\src\dsa.c"
> >
</File> </File>
<File
RelativePath=".\ctaocrypt\src\ecc.c"
>
</File>
<File <File
RelativePath=".\ctaocrypt\src\error.c" RelativePath=".\ctaocrypt\src\error.c"
> >
@@ -222,6 +238,10 @@
RelativePath=".\ctaocrypt\src\memory.c" RelativePath=".\ctaocrypt\src\memory.c"
> >
</File> </File>
<File
RelativePath=".\src\ocsp.c"
>
</File>
<File <File
RelativePath=".\ctaocrypt\src\port.c" RelativePath=".\ctaocrypt\src\port.c"
> >

8
cyassl/ctaocrypt/aes.h
View File

@@ -92,6 +92,14 @@ typedef struct Aes {
word32 magic; /* using cavium magic */ word32 magic; /* using cavium magic */
word64 contextHandle; /* nitrox context memory handle */ word64 contextHandle; /* nitrox context memory handle */
#endif #endif
#ifdef CYASSL_AES_COUNTER
word32 left; /* unsued bytes left from last call */
#endif
#ifdef CYASSL_PIC32MZ_CRYPT
word32 key_ce[AES_BLOCK_SIZE*2/sizeof(word32)] ;
word32 iv_ce [AES_BLOCK_SIZE /sizeof(word32)] ;
int keylen ;
#endif
} Aes; } Aes;

98
cyassl/ctaocrypt/asn.h
View File

@@ -59,6 +59,7 @@ enum ASN_Tags {
ASN_TAG_NULL = 0x05, ASN_TAG_NULL = 0x05,
ASN_OBJECT_ID = 0x06, ASN_OBJECT_ID = 0x06,
ASN_ENUMERATED = 0x0a, ASN_ENUMERATED = 0x0a,
ASN_UTF8STRING = 0x0c,
ASN_SEQUENCE = 0x10, ASN_SEQUENCE = 0x10,
ASN_SET = 0x11, ASN_SET = 0x11,
ASN_UTC_TIME = 0x17, ASN_UTC_TIME = 0x17,
@@ -125,6 +126,9 @@ enum Misc_ASN {
MAX_ALGO_SZ = 20, MAX_ALGO_SZ = 20,
MAX_SEQ_SZ = 5, /* enum(seq | con) + length(4) */ MAX_SEQ_SZ = 5, /* enum(seq | con) + length(4) */
MAX_SET_SZ = 5, /* enum(set | con) + length(4) */ MAX_SET_SZ = 5, /* enum(set | con) + length(4) */
MAX_OCTET_STR_SZ = 5, /* enum(set | con) + length(4) */
MAX_EXP_SZ = 5, /* enum(contextspec|con|exp) + length(4) */
MAX_PRSTR_SZ = 5, /* enum(prstr) + length(4) */
MAX_VERSION_SZ = 5, /* enum + id + version(byte) + (header(2))*/ MAX_VERSION_SZ = 5, /* enum + id + version(byte) + (header(2))*/
MAX_ENCODED_DIG_SZ = 73, /* sha512 + enum(bit or octet) + legnth(4) */ MAX_ENCODED_DIG_SZ = 73, /* sha512 + enum(bit or octet) + legnth(4) */
MAX_RSA_INT_SZ = 517, /* RSA raw sz 4096 for bits + tag + len(4) */ MAX_RSA_INT_SZ = 517, /* RSA raw sz 4096 for bits + tag + len(4) */
@@ -135,6 +139,11 @@ enum Misc_ASN {
MAX_CA_SZ = 32, /* Max encoded CA basic constraint length */ MAX_CA_SZ = 32, /* Max encoded CA basic constraint length */
MAX_SN_SZ = 35, /* Max encoded serial number (INT) length */ MAX_SN_SZ = 35, /* Max encoded serial number (INT) length */
#ifdef CYASSL_CERT_GEN #ifdef CYASSL_CERT_GEN
#ifdef CYASSL_CERT_REQ
/* Max encoded cert req attributes length */
MAX_ATTRIB_SZ = MAX_SEQ_SZ * 3 + (11 + MAX_SEQ_SZ) * 2 +
MAX_PRSTR_SZ + CTC_NAME_SIZE, /* 11 is the OID size */
#endif
#ifdef CYASSL_ALT_NAMES #ifdef CYASSL_ALT_NAMES
MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + CTC_MAX_ALT_SIZE, MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + CTC_MAX_ALT_SIZE,
#else #else
@@ -153,7 +162,9 @@ enum Misc_ASN {
enum Oid_Types { enum Oid_Types {
hashType = 0, hashType = 0,
sigType = 1, sigType = 1,
keyType = 2 keyType = 2,
curveType = 3,
blkType = 4
}; };
@@ -167,6 +178,12 @@ enum Hash_Sum {
}; };
enum Block_Sum {
DESb = 69,
DES3b = 652
};
enum Key_Sum { enum Key_Sum {
DSAk = 515, DSAk = 515,
RSAk = 645, RSAk = 645,
@@ -198,7 +215,8 @@ enum Extensions_Sum {
CA_ISSUER_OID = 117, CA_ISSUER_OID = 117,
AUTH_KEY_OID = 149, AUTH_KEY_OID = 149,
SUBJ_KEY_OID = 128, SUBJ_KEY_OID = 128,
CERT_POLICY_OID = 146 CERT_POLICY_OID = 146,
KEY_USAGE_OID = 129 /* 2.5.29.15 */
}; };
enum CertificatePolicy_Sum { enum CertificatePolicy_Sum {
@@ -209,6 +227,11 @@ enum SepHardwareName_Sum {
HW_NAME_OID = 79 /* 1.3.6.1.5.5.7.8.4 from RFC 4108*/ HW_NAME_OID = 79 /* 1.3.6.1.5.5.7.8.4 from RFC 4108*/
}; };
enum AuthInfo_Sum {
AIA_OCSP_OID = 116, /* 1.3.6.1.5.5.7.48.1 */
AIA_CA_ISSUER_OID = 117 /* 1.3.6.1.5.5.7.48.2 */
};
enum VerifyType { enum VerifyType {
NO_VERIFY = 0, NO_VERIFY = 0,
@@ -216,6 +239,18 @@ enum VerifyType {
}; };
/* Key usage extension bits */
#define KEYUSE_DIGITAL_SIG 0x0100
#define KEYUSE_CONTENT_COMMIT 0x0080
#define KEYUSE_KEY_ENCIPHER 0x0040
#define KEYUSE_DATA_ENCIPHER 0x0020
#define KEYUSE_KEY_AGREE 0x0010
#define KEYUSE_KEY_CERT_SIGN 0x0008
#define KEYUSE_CRL_SIGN 0x0004
#define KEYUSE_ENCIPHER_ONLY 0x0002
#define KEYUSE_DECIPHER_ONLY 0x0001
typedef struct DNS_entry DNS_entry; typedef struct DNS_entry DNS_entry;
struct DNS_entry { struct DNS_entry {
@@ -297,10 +332,34 @@ struct DecodedCert {
byte extAuthKeyId[SHA_SIZE]; /* Authority Key ID */ byte extAuthKeyId[SHA_SIZE]; /* Authority Key ID */
byte extAuthKeyIdSet; /* Set when the AKID was read from cert */ byte extAuthKeyIdSet; /* Set when the AKID was read from cert */
byte isCA; /* CA basic constraint true */ byte isCA; /* CA basic constraint true */
#ifdef OPENSSL_EXTRA
byte extBasicConstSet;
byte extBasicConstCrit;
byte extBasicConstPlSet;
word32 pathLength; /* CA basic constraint path length, opt */
byte extSubjAltNameSet;
byte extSubjAltNameCrit;
byte extAuthKeyIdCrit;
byte extSubjKeyIdCrit;
byte extKeyUsageSet;
byte extKeyUsageCrit;
word16 extKeyUsage; /* Key usage bitfield */
byte* extAuthKeyIdSrc;
word32 extAuthKeyIdSz;
byte* extSubjKeyIdSrc;
word32 extSubjKeyIdSz;
#endif
#ifdef HAVE_ECC
word32 pkCurveOID; /* Public Key's curve OID */
#endif /* HAVE_ECC */
byte* beforeDate; byte* beforeDate;
int beforeDateLen; int beforeDateLen;
byte* afterDate; byte* afterDate;
int afterDateLen; int afterDateLen;
#ifdef HAVE_PKCS7
byte* issuerRaw; /* pointer to issuer inside source */
int issuerRawLen;
#endif
#if defined(CYASSL_CERT_GEN) #if defined(CYASSL_CERT_GEN)
/* easy access to subject info for other sign */ /* easy access to subject info for other sign */
char* subjectSN; char* subjectSN;
@@ -329,6 +388,10 @@ struct DecodedCert {
byte* hwType; byte* hwType;
int hwSerialNumSz; int hwSerialNumSz;
byte* hwSerialNum; byte* hwSerialNum;
#ifdef OPENSSL_EXTRA
byte extCertPolicySet;
byte extCertPolicyCrit;
#endif /* OPENSSL_EXTRA */
#endif /* CYASSL_SEP */ #endif /* CYASSL_SEP */
}; };
@@ -385,15 +448,37 @@ CYASSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*, int);
CYASSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType); CYASSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType);
/* ASN.1 helper functions */
CYASSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len,
word32 maxIdx);
CYASSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len,
word32 maxIdx);
CYASSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len,
word32 maxIdx);
CYASSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx,
int* version);
CYASSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
word32 maxIdx);
CYASSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid,
word32 maxIdx);
CYASSL_LOCAL word32 SetLength(word32 length, byte* output);
CYASSL_LOCAL word32 SetSequence(word32 len, byte* output);
CYASSL_LOCAL word32 SetOctetString(word32 len, byte* output);
CYASSL_LOCAL word32 SetImplicit(byte tag, byte number, word32 len,byte* output);
CYASSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output);
CYASSL_LOCAL word32 SetSet(word32 len, byte* output);
CYASSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz);
CYASSL_LOCAL int SetMyVersion(word32 version, byte* output, int header);
CYASSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output);
CYASSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,
int maxIdx);
#ifdef HAVE_ECC #ifdef HAVE_ECC
/* ASN sig helpers */ /* ASN sig helpers */
CYASSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, CYASSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r,
mp_int* s); mp_int* s);
CYASSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, CYASSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen,
mp_int* r, mp_int* s); mp_int* r, mp_int* s);
/* private key helpers */
CYASSL_API int EccPrivateKeyDecode(const byte* input,word32* inOutIdx,
ecc_key*,word32);
#endif #endif
#ifdef CYASSL_CERT_GEN #ifdef CYASSL_CERT_GEN
@@ -403,7 +488,8 @@ enum cert_enums {
JOINT_LEN = 2, JOINT_LEN = 2,
EMAIL_JOINT_LEN = 9, EMAIL_JOINT_LEN = 9,
RSA_KEY = 10, RSA_KEY = 10,
NTRU_KEY = 11 NTRU_KEY = 11,
ECC_KEY = 12
}; };

27
cyassl/ctaocrypt/asn_public.h
View File

@@ -24,6 +24,7 @@
#define CTAO_CRYPT_ASN_PUBLIC_H #define CTAO_CRYPT_ASN_PUBLIC_H
#include <cyassl/ctaocrypt/types.h> #include <cyassl/ctaocrypt/types.h>
#include <cyassl/ctaocrypt/ecc.h>
#ifdef CYASSL_CERT_GEN #ifdef CYASSL_CERT_GEN
#include <cyassl/ctaocrypt/rsa.h> #include <cyassl/ctaocrypt/rsa.h>
#endif #endif
@@ -41,7 +42,8 @@ enum CertType {
DH_PARAM_TYPE, DH_PARAM_TYPE,
CRL_TYPE, CRL_TYPE,
CA_TYPE, CA_TYPE,
ECC_PRIVATEKEY_TYPE ECC_PRIVATEKEY_TYPE,
CERTREQ_TYPE
}; };
@@ -63,6 +65,10 @@ enum Ctc_SigType {
#ifdef CYASSL_CERT_GEN #ifdef CYASSL_CERT_GEN
#ifndef HAVE_ECC
typedef struct ecc_key ecc_key;
#endif
enum Ctc_Misc { enum Ctc_Misc {
CTC_NAME_SIZE = 64, CTC_NAME_SIZE = 64,
CTC_DATE_SIZE = 32, CTC_DATE_SIZE = 32,
@@ -103,6 +109,9 @@ typedef struct Cert {
byte afterDate[CTC_DATE_SIZE]; /* after date copy */ byte afterDate[CTC_DATE_SIZE]; /* after date copy */
int afterDateSz; /* size of copy */ int afterDateSz; /* size of copy */
#endif #endif
#ifdef CYASSL_CERT_REQ
char challengePw[CTC_NAME_SIZE];
#endif
} Cert; } Cert;
@@ -120,8 +129,14 @@ typedef struct Cert {
keyType = RSA_KEY (default) keyType = RSA_KEY (default)
*/ */
CYASSL_API void InitCert(Cert*); CYASSL_API void InitCert(Cert*);
CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
CYASSL_API int SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); ecc_key*, RNG*);
#ifdef CYASSL_CERT_REQ
CYASSL_API int MakeCertReq(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
ecc_key*);
#endif
CYASSL_API int SignCert(int requestSz, int sigType, byte* derBuffer,
word32 derSz, RsaKey*, ecc_key*, RNG*);
CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
RNG*); RNG*);
CYASSL_API int SetIssuer(Cert*, const char*); CYASSL_API int SetIssuer(Cert*, const char*);
@@ -147,6 +162,12 @@ CYASSL_API int SetDatesBuffer(Cert*, const byte*, int);
word32 outputSz, int type); word32 outputSz, int type);
#endif #endif
#ifdef HAVE_ECC
/* private key helpers */
CYASSL_API int EccPrivateKeyDecode(const byte* input,word32* inOutIdx,
ecc_key*,word32);
#endif
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */

3
cyassl/ctaocrypt/coding.h
View File

@@ -39,6 +39,9 @@ CYASSL_LOCAL int Base64_Decode(const byte* in, word32 inLen, byte* out,
CYASSL_API CYASSL_API
int Base64_Encode(const byte* in, word32 inLen, byte* out, int Base64_Encode(const byte* in, word32 inLen, byte* out,
word32* outLen); word32* outLen);
CYASSL_API
int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out,
word32* outLen);
CYASSL_LOCAL CYASSL_LOCAL
int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen); int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen);
#endif #endif

18
cyassl/ctaocrypt/des3.h
View File

@@ -45,6 +45,12 @@ enum {
DES_DECRYPTION = 1 DES_DECRYPTION = 1
}; };
#define DES_IVLEN 8
#define DES_KEYLEN 8
#define DES3_IVLEN 8
#define DES3_KEYLEN 24
#ifdef STM32F2_CRYPTO #ifdef STM32F2_CRYPTO
enum { enum {
DES_CBC = 0, DES_CBC = 0,
@@ -55,14 +61,24 @@ enum {
/* DES encryption and decryption */ /* DES encryption and decryption */
typedef struct Des { typedef struct Des {
word32 key[DES_KS_SIZE];
word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */ word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */ word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */
#ifdef HAVE_COLDFIRE_SEC
byte keylen ; /* for Coldfire SEC */
byte ivlen ; /* for Coldfire SEC */
byte iv[DES3_IVLEN]; /* for Coldfire SEC */
#endif
word32 key[DES_KS_SIZE];
} Des; } Des;
/* DES3 encryption and decryption */ /* DES3 encryption and decryption */
typedef struct Des3 { typedef struct Des3 {
#ifdef HAVE_COLDFIRE_SEC
byte keylen ; /* for Coldfire SEC */
byte ivlen ; /* for Coldfire SEC */
byte iv[DES3_IVLEN]; /* for Coldfire SEC */
#endif
word32 key[3][DES_KS_SIZE]; word32 key[3][DES_KS_SIZE];
word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */ word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */ word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */

40
cyassl/ctaocrypt/ecc.h
View File

@@ -49,7 +49,7 @@ typedef struct {
int size; /* The size of the curve in octets */ int size; /* The size of the curve in octets */
const char* name; /* name of this curve */ const char* name; /* name of this curve */
const char* prime; /* prime that defines the field, curve is in (hex) */ const char* prime; /* prime that defines the field, curve is in (hex) */
const char* B; /* fields B param (hex) */ const char* Bf; /* fields B param (hex) */
const char* order; /* order of the curve (hex) */ const char* order; /* order of the curve (hex) */
const char* Gx; /* x coordinate of the base point on curve (hex) */ const char* Gx; /* x coordinate of the base point on curve (hex) */
const char* Gy; /* y coordinate of the base point on curve (hex) */ const char* Gy; /* y coordinate of the base point on curve (hex) */
@@ -119,6 +119,7 @@ CYASSL_API
int ecc_sig_size(ecc_key* key); int ecc_sig_size(ecc_key* key);
#ifdef HAVE_ECC_ENCRYPT
/* ecc encrypt */ /* ecc encrypt */
enum ecEncAlgo { enum ecEncAlgo {
@@ -139,32 +140,37 @@ enum ecMacAlgo {
enum { enum {
KEY_SIZE_128 = 16, KEY_SIZE_128 = 16,
KEY_SIZE_256 = 32, KEY_SIZE_256 = 32,
IV_SIZE_64 = 8 IV_SIZE_64 = 8,
EXCHANGE_SALT_SZ = 16,
EXCHANGE_INFO_SZ = 23
}; };
typedef struct ecEncOptions { enum ecFlags {
byte encAlgo; /* which encryption type */ REQ_RESP_CLIENT = 1,
byte kdfAlgo; /* which key derivation function type */ REQ_RESP_SERVER = 2
byte macAlgo; /* which mac function type */ };
byte* kdfSalt; /* optional salt for kdf */
byte* kdfInfo; /* optional info for kdf */
byte* macSalt; /* optional salt for mac */ typedef struct ecEncCtx ecEncCtx;
word32 kdfSaltSz; /* size of kdfSalt */
word32 kdfInfoSz; /* size of kdfInfo */
word32 macSaltSz; /* size of macSalt */
} ecEncOptions;
CYASSL_API CYASSL_API
void ecc_encrypt_init_options(ecEncOptions*); /* init and set to defaults */ ecEncCtx* ecc_ctx_new(int flags, RNG* rng);
CYASSL_API CYASSL_API
void ecc_encrypt_free_options(ecEncOptions*); /* release/clear options */ void ecc_ctx_free(ecEncCtx*);
CYASSL_API
const byte* ecc_ctx_get_own_salt(ecEncCtx*);
CYASSL_API
int ecc_ctx_set_peer_salt(ecEncCtx*, const byte* salt);
CYASSL_API CYASSL_API
int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncOptions* options); word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
CYASSL_API CYASSL_API
int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncOptions* options); word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
#endif /* HAVE_ECC_ENCRYPT */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */

8
cyassl/ctaocrypt/error.h
View File

@@ -114,6 +114,14 @@ enum {
ASN_CRL_NO_SIGNER_E = -190, /* ASN CRL no signer to confirm failure */ ASN_CRL_NO_SIGNER_E = -190, /* ASN CRL no signer to confirm failure */
ASN_OCSP_CONFIRM_E = -191, /* ASN OCSP signature confirm failure */ ASN_OCSP_CONFIRM_E = -191, /* ASN OCSP signature confirm failure */
BAD_ENC_STATE_E = -192, /* Bad ecc enc state operation */
BAD_PADDING_E = -193, /* Bad padding, msg not correct length */
REQ_ATTRIBUTE_E = -194, /* setting cert request attributes error */
PKCS7_OID_E = -195, /* PKCS#7, mismatched OID error */
PKCS7_RECIP_E = -196, /* PKCS#7, recipient error */
MIN_CODE_E = -200 /* errors -101 - -199 */ MIN_CODE_E = -200 /* errors -101 - -199 */
}; };

1
cyassl/ctaocrypt/include.am
View File

@@ -21,6 +21,7 @@ nobase_include_HEADERS+= \
cyassl/ctaocrypt/md4.h \ cyassl/ctaocrypt/md4.h \
cyassl/ctaocrypt/md5.h \ cyassl/ctaocrypt/md5.h \
cyassl/ctaocrypt/misc.h \ cyassl/ctaocrypt/misc.h \
cyassl/ctaocrypt/pkcs7.h \
cyassl/ctaocrypt/port.h \ cyassl/ctaocrypt/port.h \
cyassl/ctaocrypt/pwdbased.h \ cyassl/ctaocrypt/pwdbased.h \
cyassl/ctaocrypt/rabbit.h \ cyassl/ctaocrypt/rabbit.h \

5
cyassl/ctaocrypt/integer.h
View File

@@ -286,6 +286,7 @@ int mp_2expt (mp_int * a, int b);
int mp_reduce_2k_setup(mp_int *a, mp_digit *d); int mp_reduce_2k_setup(mp_int *a, mp_digit *d);
int mp_add_d (mp_int* a, mp_digit b, mp_int* c); int mp_add_d (mp_int* a, mp_digit b, mp_int* c);
int mp_set_int (mp_int * a, unsigned long b); int mp_set_int (mp_int * a, unsigned long b);
int mp_sub_d (mp_int * a, mp_digit b, mp_int * c);
/* end support added functions */ /* end support added functions */
/* added */ /* added */
@@ -305,10 +306,6 @@ int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e,
int mp_lcm (mp_int * a, mp_int * b, mp_int * c); int mp_lcm (mp_int * a, mp_int * b, mp_int * c);
#endif #endif
#if defined(HAVE_ECC) || !defined(NO_PWDBASED) || defined(CYASSL_SNIFFER)
int mp_sub_d (mp_int * a, mp_digit b, mp_int * c);
#endif
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

12
cyassl/ctaocrypt/md5.h
View File

@@ -42,22 +42,28 @@ enum {
MD5_PAD_SIZE = 56 MD5_PAD_SIZE = 56
}; };
#ifdef CYASSL_PIC32MZ_HASH
#include "port/pic32/pic32mz-crypt.h"
#endif
/* MD5 digest */ /* MD5 digest */
typedef struct Md5 { typedef struct Md5 {
word32 buffLen; /* in bytes */ word32 buffLen; /* in bytes */
word32 loLen; /* length in bytes */ word32 loLen; /* length in bytes */
word32 hiLen; /* length in bytes */ word32 hiLen; /* length in bytes */
word32 digest[MD5_DIGEST_SIZE / sizeof(word32)];
word32 buffer[MD5_BLOCK_SIZE / sizeof(word32)]; word32 buffer[MD5_BLOCK_SIZE / sizeof(word32)];
#ifndef CYASSL_PIC32MZ_HASH
word32 digest[MD5_DIGEST_SIZE / sizeof(word32)];
#else
word32 digest[PIC32_HASH_SIZE / sizeof(word32)];
pic32mz_desc desc ; /* Crypt Engine descripter */
#endif
} Md5; } Md5;
CYASSL_API void InitMd5(Md5*); CYASSL_API void InitMd5(Md5*);
CYASSL_API void Md5Update(Md5*, const byte*, word32); CYASSL_API void Md5Update(Md5*, const byte*, word32);
CYASSL_API void Md5Final(Md5*, byte*); CYASSL_API void Md5Final(Md5*, byte*);
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif

123
cyassl/ctaocrypt/pkcs7.h Normal file
View File

@@ -0,0 +1,123 @@
/* pkcs7.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifdef HAVE_PKCS7
#ifndef CTAO_CRYPT_PKCS7_H
#define CTAO_CRYPT_PKCS7_H
#include <cyassl/ctaocrypt/types.h>
#include <cyassl/ctaocrypt/asn.h>
#include <cyassl/ctaocrypt/asn_public.h>
#include <cyassl/ctaocrypt/random.h>
#include <cyassl/ctaocrypt/des3.h>
#ifdef __cplusplus
extern "C" {
#endif
/* PKCS#7 content types, ref RFC 2315 (Section 14) */
enum PKCS7_TYPES {
PKCS7_MSG = 650, /* 1.2.840.113549.1.7 */
DATA = 651, /* 1.2.840.113549.1.7.1 */
SIGNED_DATA = 652, /* 1.2.840.113549.1.7.2 */
ENVELOPED_DATA = 653, /* 1.2.840.113549.1.7.3 */
SIGNED_AND_ENVELOPED_DATA = 654, /* 1.2.840.113549.1.7.4 */
DIGESTED_DATA = 655, /* 1.2.840.113549.1.7.5 */
ENCRYPTED_DATA = 656 /* 1.2.840.113549.1.7.6 */
};
enum Pkcs7_Misc {
PKCS7_NONCE_SZ = 16,
MAX_ENCRYPTED_KEY_SZ = 512, /* max enc. key size, RSA <= 4096 */
MAX_CONTENT_KEY_LEN = DES3_KEYLEN, /* highest current cipher is 3DES */
MAX_RECIP_SZ = MAX_VERSION_SZ +
MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ +
MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ
};
typedef struct PKCS7Attrib {
byte* oid;
word32 oidSz;
byte* value;
word32 valueSz;
} PKCS7Attrib;
typedef struct PKCS7 {
byte* content; /* inner content, not owner */
word32 contentSz; /* content size */
int contentOID; /* PKCS#7 content type OID sum */
RNG* rng;
int hashOID;
int encryptOID; /* key encryption algorithm OID */
byte* singleCert; /* recipient cert, DER, not owner */
word32 singleCertSz; /* size of recipient cert buffer, bytes */
byte issuerHash[SHA_SIZE]; /* hash of all alt Names */
byte* issuer; /* issuer name of singleCert */
word32 issuerSz; /* length of issuer name */
byte issuerSn[MAX_SN_SZ]; /* singleCert's serial number */
word32 issuerSnSz; /* length of serial number */
byte publicKey[512];
word32 publicKeySz;
byte* privateKey; /* private key, DER, not owner */
word32 privateKeySz; /* size of private key buffer, bytes */
PKCS7Attrib* signedAttribs;
word32 signedAttribsSz;
} PKCS7;
CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output);
CYASSL_LOCAL int GetContentType(const byte* input, word32* inOutIdx,
word32* oid, word32 maxIdx);
CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz,
int keyEncAlgo, int blockKeySz,
RNG* rng, byte* contentKeyPlain,
byte* contentKeyEnc,
int* keyEncSz, byte* out, word32 outSz);
CYASSL_API int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz);
CYASSL_API void PKCS7_Free(PKCS7* pkcs7);
CYASSL_API int PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz);
CYASSL_API int PKCS7_EncodeSignedData(PKCS7* pkcs7,
byte* output, word32 outputSz);
CYASSL_API int PKCS7_VerifySignedData(PKCS7* pkcs7,
byte* pkiMsg, word32 pkiMsgSz);
CYASSL_API int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7,
byte* output, word32 outputSz);
CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
word32 pkiMsgSz, byte* output,
word32 outputSz);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* CTAO_CRYPT_PKCS7_H */
#endif /* HAVE_PKCS7 */

72
cyassl/ctaocrypt/settings.h
View File

@@ -43,7 +43,7 @@
/* #define MBED */ /* #define MBED */
/* Uncomment next line if using Microchip PIC32 ethernet starter kit */ /* Uncomment next line if using Microchip PIC32 ethernet starter kit */
/* #define MICROCHIP_PIC32 */ #define MICROCHIP_PIC32
/* Uncomment next line if using Microchip TCP/IP stack, version 5 */ /* Uncomment next line if using Microchip TCP/IP stack, version 5 */
/* #define MICROCHIP_TCPIP_V5 */ /* #define MICROCHIP_TCPIP_V5 */
@@ -51,6 +51,9 @@
/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */ /* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */
/* #define MICROCHIP_TCPIP */ /* #define MICROCHIP_TCPIP */
/* Uncomment next line if using PIC32MZ Crypto Engine */
#define CYASSL_MICROCHIP_PIC32MZ
/* Uncomment next line if using FreeRTOS */ /* Uncomment next line if using FreeRTOS */
/* #define FREERTOS */ /* #define FREERTOS */
@@ -78,6 +81,9 @@
/* Uncomment next line if using Comverge settings */ /* Uncomment next line if using Comverge settings */
/* #define COMVERGE */ /* #define COMVERGE */
/* Uncomment next line if using QL SEP settings */
/* #define CYASSL_QL */
#include <cyassl/ctaocrypt/visibility.h> #include <cyassl/ctaocrypt/visibility.h>
@@ -112,6 +118,7 @@
#endif #endif
#ifdef MICROCHIP_PIC32 #ifdef MICROCHIP_PIC32
/* #define CYASSL_MICROCHIP_PIC32MZ */
#define SIZEOF_LONG_LONG 8 #define SIZEOF_LONG_LONG 8
#define SINGLE_THREADED #define SINGLE_THREADED
#define CYASSL_USER_IO #define CYASSL_USER_IO
@@ -122,6 +129,18 @@
#define TFM_TIMING_RESISTANT #define TFM_TIMING_RESISTANT
#endif #endif
#ifdef CYASSL_MICROCHIP_PIC32MZ
#define CYASSL_PIC32MZ_CE
#define CYASSL_PIC32MZ_CRYPT
#define HAVE_AES_ENGINE
#define CYASSL_PIC32MZ_RNG
/* #define CYASSL_PIC32MZ_HASH */
#define CYASSL_AES_COUNTER
#define HAVE_AESGCM
#define NO_BIG_INT
#endif
#ifdef MICROCHIP_TCPIP_V5 #ifdef MICROCHIP_TCPIP_V5
/* include timer functions */ /* include timer functions */
#include "TCPIP Stack/TCPIP.h" #include "TCPIP Stack/TCPIP.h"
@@ -149,10 +168,26 @@
#endif /* MBED */ #endif /* MBED */
#ifdef CYASSL_TYTO #ifdef CYASSL_TYTO
#include "rand.h"
#define FREERTOS #define FREERTOS
#define NO_FILESYSTEM #define NO_FILESYSTEM
#define CYASSL_USER_IO #define CYASSL_USER_IO
#define NO_DEV_RANDOM #define NO_DEV_RANDOM
#define HAVE_ECC
#define HAVE_ECC_ENCRYPT
#define ECC_SHAMIR
#define HAVE_HKDF
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#define FP_MAX_BITS 512
#define NO_OLD_TLS
#define NO_MD4
#define NO_RABBIT
#define NO_HC128
#define NO_RSA
#define NO_DSA
#define NO_PWDBASED
#define NO_PSK
#endif #endif
#ifdef FREERTOS_WINSIM #ifdef FREERTOS_WINSIM
@@ -313,8 +348,8 @@
#include "mutex.h" #include "mutex.h"
#endif #endif
#define XMALLOC(s, h, type) (void *)_mem_alloc_system((s)) #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s))
#define XFREE(p, h, type) _mem_free(p) #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));}
/* Note: MQX has no realloc, using fastmath above */ /* Note: MQX has no realloc, using fastmath above */
#endif #endif
@@ -524,6 +559,37 @@
#endif /* MICRIUM */ #endif /* MICRIUM */
#ifdef CYASSL_QL
#ifndef CYASSL_SEP
#define CYASSL_SEP
#endif
#ifndef OPENSSL_EXTRA
#define OPENSSL_EXTRA
#endif
#ifndef SESSION_CERTS
#define SESSION_CERTS
#endif
#ifndef HAVE_AESCCM
#define HAVE_AESCCM
#endif
#ifndef ATOMIC_USER
#define ATOMIC_USER
#endif
#ifndef CYASSL_DER_LOAD
#define CYASSL_DER_LOAD
#endif
#ifndef KEEP_PEER_CERT
#define KEEP_PEER_CERT
#endif
#ifndef HAVE_ECC
#define HAVE_ECC
#endif
#ifndef SESSION_INDEX
#define SESSION_INDEX
#endif
#endif /* CYASSL_QL */
#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \ #if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \
!defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY) !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY)
#define USE_CYASSL_MEMORY #define USE_CYASSL_MEMORY

10
cyassl/ctaocrypt/sha.h
View File

@@ -43,14 +43,22 @@ enum {
SHA_PAD_SIZE = 56 SHA_PAD_SIZE = 56
}; };
#ifdef CYASSL_PIC32MZ_HASH
#include "port/pic32/pic32mz-crypt.h"
#endif
/* Sha digest */ /* Sha digest */
typedef struct Sha { typedef struct Sha {
word32 buffLen; /* in bytes */ word32 buffLen; /* in bytes */
word32 loLen; /* length in bytes */ word32 loLen; /* length in bytes */
word32 hiLen; /* length in bytes */ word32 hiLen; /* length in bytes */
word32 digest[SHA_DIGEST_SIZE / sizeof(word32)];
word32 buffer[SHA_BLOCK_SIZE / sizeof(word32)]; word32 buffer[SHA_BLOCK_SIZE / sizeof(word32)];
#ifndef CYASSL_PIC32MZ_HASH
word32 digest[SHA_DIGEST_SIZE / sizeof(word32)];
#else
word32 digest[PIC32_HASH_SIZE / sizeof(word32)];
pic32mz_desc desc ; /* Crypt Engine descripter */
#endif
} Sha; } Sha;

7
cyassl/ctaocrypt/sha256.h
View File

@@ -34,6 +34,10 @@
extern "C" { extern "C" {
#endif #endif
#ifdef CYASSL_PIC32MZ_HASH
#include "port/pic32/pic32mz-crypt.h"
#endif
/* in bytes */ /* in bytes */
enum { enum {
@@ -51,6 +55,9 @@ typedef struct Sha256 {
word32 hiLen; /* length in bytes */ word32 hiLen; /* length in bytes */
word32 digest[SHA256_DIGEST_SIZE / sizeof(word32)]; word32 digest[SHA256_DIGEST_SIZE / sizeof(word32)];
word32 buffer[SHA256_BLOCK_SIZE / sizeof(word32)]; word32 buffer[SHA256_BLOCK_SIZE / sizeof(word32)];
#ifdef CYASSL_PIC32MZ_HASH
pic32mz_desc desc ; /* Crypt Engine descripter */
#endif
} Sha256; } Sha256;

68
cyassl/ctaocrypt/tfm.h
View File

@@ -510,104 +510,104 @@ void s_fp_add(fp_int *a, fp_int *b, fp_int *c);
void s_fp_sub(fp_int *a, fp_int *b, fp_int *c); void s_fp_sub(fp_int *a, fp_int *b, fp_int *c);
void fp_reverse(unsigned char *s, int len); void fp_reverse(unsigned char *s, int len);
void fp_mul_comba(fp_int *A, fp_int *B, fp_int *C); void fp_mul_comba(fp_int *a, fp_int *b, fp_int *c);
#ifdef TFM_SMALL_SET #ifdef TFM_SMALL_SET
void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C); void fp_mul_comba_small(fp_int *a, fp_int *b, fp_int *c);
#endif #endif
#ifdef TFM_MUL3 #ifdef TFM_MUL3
void fp_mul_comba3(fp_int *A, fp_int *B, fp_int *C); void fp_mul_comba3(fp_int *a, fp_int *b, fp_int *c);
#endif #endif
#ifdef TFM_MUL4 #ifdef TFM_MUL4
void fp_mul_comba4(fp_int *A, fp_int *B, fp_int *C); void fp_mul_comba4(fp_int *a, fp_int *b, fp_int *c);
#endif #endif
#ifdef TFM_MUL6 #ifdef TFM_MUL6
void fp_mul_comba6(fp_int *A, fp_int *B, fp_int *C); void fp_mul_comba6(fp_int *a, fp_int *b, fp_int *c);
#endif #endif
#ifdef TFM_MUL7 #ifdef TFM_MUL7
void fp_mul_comba7(fp_int *A, fp_int *B, fp_int *C); void fp_mul_comba7(fp_int *a, fp_int *b, fp_int *c);
#endif #endif
#ifdef TFM_MUL8 #ifdef TFM_MUL8
void fp_mul_comba8(fp_int *A, fp_int *B, fp_int *C); void fp_mul_comba8(fp_int *a, fp_int *b, fp_int *c);
#endif #endif
#ifdef TFM_MUL9 #ifdef TFM_MUL9
void fp_mul_comba9(fp_int *A, fp_int *B, fp_int *C); void fp_mul_comba9(fp_int *a, fp_int *b, fp_int *c);
#endif #endif
#ifdef TFM_MUL12 #ifdef TFM_MUL12
void fp_mul_comba12(fp_int *A, fp_int *B, fp_int *C); void fp_mul_comba12(fp_int *a, fp_int *b, fp_int *c);
#endif #endif
#ifdef TFM_MUL17 #ifdef TFM_MUL17
void fp_mul_comba17(fp_int *A, fp_int *B, fp_int *C); void fp_mul_comba17(fp_int *a, fp_int *b, fp_int *c);
#endif #endif
#ifdef TFM_MUL20 #ifdef TFM_MUL20
void fp_mul_comba20(fp_int *A, fp_int *B, fp_int *C); void fp_mul_comba20(fp_int *a, fp_int *b, fp_int *c);
#endif #endif
#ifdef TFM_MUL24 #ifdef TFM_MUL24
void fp_mul_comba24(fp_int *A, fp_int *B, fp_int *C); void fp_mul_comba24(fp_int *a, fp_int *b, fp_int *c);
#endif #endif
#ifdef TFM_MUL28 #ifdef TFM_MUL28
void fp_mul_comba28(fp_int *A, fp_int *B, fp_int *C); void fp_mul_comba28(fp_int *a, fp_int *b, fp_int *c);
#endif #endif
#ifdef TFM_MUL32 #ifdef TFM_MUL32
void fp_mul_comba32(fp_int *A, fp_int *B, fp_int *C); void fp_mul_comba32(fp_int *a, fp_int *b, fp_int *c);
#endif #endif
#ifdef TFM_MUL48 #ifdef TFM_MUL48
void fp_mul_comba48(fp_int *A, fp_int *B, fp_int *C); void fp_mul_comba48(fp_int *a, fp_int *b, fp_int *c);
#endif #endif
#ifdef TFM_MUL64 #ifdef TFM_MUL64
void fp_mul_comba64(fp_int *A, fp_int *B, fp_int *C); void fp_mul_comba64(fp_int *a, fp_int *b, fp_int *c);
#endif #endif
void fp_sqr_comba(fp_int *A, fp_int *B); void fp_sqr_comba(fp_int *a, fp_int *b);
#ifdef TFM_SMALL_SET #ifdef TFM_SMALL_SET
void fp_sqr_comba_small(fp_int *A, fp_int *B); void fp_sqr_comba_small(fp_int *a, fp_int *b);
#endif #endif
#ifdef TFM_SQR3 #ifdef TFM_SQR3
void fp_sqr_comba3(fp_int *A, fp_int *B); void fp_sqr_comba3(fp_int *a, fp_int *b);
#endif #endif
#ifdef TFM_SQR4 #ifdef TFM_SQR4
void fp_sqr_comba4(fp_int *A, fp_int *B); void fp_sqr_comba4(fp_int *a, fp_int *b);
#endif #endif
#ifdef TFM_SQR6 #ifdef TFM_SQR6
void fp_sqr_comba6(fp_int *A, fp_int *B); void fp_sqr_comba6(fp_int *a, fp_int *b);
#endif #endif
#ifdef TFM_SQR7 #ifdef TFM_SQR7
void fp_sqr_comba7(fp_int *A, fp_int *B); void fp_sqr_comba7(fp_int *a, fp_int *b);
#endif #endif
#ifdef TFM_SQR8 #ifdef TFM_SQR8
void fp_sqr_comba8(fp_int *A, fp_int *B); void fp_sqr_comba8(fp_int *a, fp_int *b);
#endif #endif
#ifdef TFM_SQR9 #ifdef TFM_SQR9
void fp_sqr_comba9(fp_int *A, fp_int *B); void fp_sqr_comba9(fp_int *a, fp_int *b);
#endif #endif
#ifdef TFM_SQR12 #ifdef TFM_SQR12
void fp_sqr_comba12(fp_int *A, fp_int *B); void fp_sqr_comba12(fp_int *a, fp_int *b);
#endif #endif
#ifdef TFM_SQR17 #ifdef TFM_SQR17
void fp_sqr_comba17(fp_int *A, fp_int *B); void fp_sqr_comba17(fp_int *a, fp_int *b);
#endif #endif
#ifdef TFM_SQR20 #ifdef TFM_SQR20
void fp_sqr_comba20(fp_int *A, fp_int *B); void fp_sqr_comba20(fp_int *a, fp_int *b);
#endif #endif
#ifdef TFM_SQR24 #ifdef TFM_SQR24
void fp_sqr_comba24(fp_int *A, fp_int *B); void fp_sqr_comba24(fp_int *a, fp_int *b);
#endif #endif
#ifdef TFM_SQR28 #ifdef TFM_SQR28
void fp_sqr_comba28(fp_int *A, fp_int *B); void fp_sqr_comba28(fp_int *a, fp_int *b);
#endif #endif
#ifdef TFM_SQR32 #ifdef TFM_SQR32
void fp_sqr_comba32(fp_int *A, fp_int *B); void fp_sqr_comba32(fp_int *a, fp_int *b);
#endif #endif
#ifdef TFM_SQR48 #ifdef TFM_SQR48
void fp_sqr_comba48(fp_int *A, fp_int *B); void fp_sqr_comba48(fp_int *a, fp_int *b);
#endif #endif
#ifdef TFM_SQR64 #ifdef TFM_SQR64
void fp_sqr_comba64(fp_int *A, fp_int *B); void fp_sqr_comba64(fp_int *a, fp_int *b);
#endif #endif
/*extern const char *fp_s_rmap;*/ /*extern const char *fp_s_rmap;*/
@@ -642,7 +642,7 @@ int mp_mul (mp_int * a, mp_int * b, mp_int * c);
int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d); int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
int mp_mod(mp_int *a, mp_int *b, mp_int *c); int mp_mod(mp_int *a, mp_int *b, mp_int *c);
int mp_invmod(mp_int *a, mp_int *b, mp_int *c); int mp_invmod(mp_int *a, mp_int *b, mp_int *c);
int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y); int mp_exptmod (mp_int * g, mp_int * x, mp_int * p, mp_int * y);
int mp_cmp(mp_int *a, mp_int *b); int mp_cmp(mp_int *a, mp_int *b);
int mp_cmp_d(mp_int *a, mp_digit b); int mp_cmp_d(mp_int *a, mp_digit b);
@@ -663,7 +663,7 @@ void mp_rshb(mp_int *a, int x);
#ifdef HAVE_ECC #ifdef HAVE_ECC
int mp_read_radix(mp_int* a, const char* str, int radix); int mp_read_radix(mp_int* a, const char* str, int radix);
int mp_set(fp_int *a, fp_digit b); int mp_set(fp_int *a, fp_digit b);
int mp_sqr(fp_int *A, fp_int *B); int mp_sqr(fp_int *a, fp_int *b);
int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp); int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp);
int mp_montgomery_setup(fp_int *a, fp_digit *rho); int mp_montgomery_setup(fp_int *a, fp_digit *rho);
int mp_div_2(fp_int * a, fp_int * b); int mp_div_2(fp_int * a, fp_int * b);

20
cyassl/ctaocrypt/types.h
View File

@@ -139,6 +139,18 @@ enum {
#endif #endif
/* set up thread local storage if available */
#ifdef HAVE_THREAD_LS
#if defined(_MSC_VER)
#define THREAD_LS_T __declspec(thread)
#else
#define THREAD_LS_T __thread
#endif
#else
#define THREAD_LS_T
#endif
/* Micrium will use Visual Studio for compilation but not the Win32 API */ /* Micrium will use Visual Studio for compilation but not the Win32 API */
#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \ #if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \
&& !defined(EBSNET) && !defined(EBSNET)
@@ -205,6 +217,11 @@ enum {
#define XISALPHA(c) isalpha((c)) #define XISALPHA(c) isalpha((c))
#endif #endif
/* needed by CyaSSL_check_domain_name() */ /* needed by CyaSSL_check_domain_name() */
#ifdef __CYGWIN__
/* Cygwin uses a macro version of tolower() by default, use the
* function version. */
#undef tolower
#endif
#define XTOLOWER(c) tolower((c)) #define XTOLOWER(c) tolower((c))
#endif #endif
@@ -253,7 +270,8 @@ enum {
DYNAMIC_TYPE_CAVIUM_TMP = 40, DYNAMIC_TYPE_CAVIUM_TMP = 40,
DYNAMIC_TYPE_CAVIUM_RSA = 41, DYNAMIC_TYPE_CAVIUM_RSA = 41,
DYNAMIC_TYPE_X509 = 42, DYNAMIC_TYPE_X509 = 42,
DYNAMIC_TYPE_TLSX = 43 DYNAMIC_TYPE_TLSX = 43,
DYNAMIC_TYPE_OCSP = 44
}; };
/* max error buffer string size */ /* max error buffer string size */

5
cyassl/include.am
View File

@@ -9,7 +9,6 @@ EXTRA_DIST+= cyassl/sniffer_error.rc
nobase_include_HEADERS+= \ nobase_include_HEADERS+= \
cyassl/error.h \ cyassl/error.h \
cyassl/internal.h \
cyassl/ssl.h \ cyassl/ssl.h \
cyassl/sniffer_error.h \ cyassl/sniffer_error.h \
cyassl/sniffer.h \ cyassl/sniffer.h \
@@ -20,3 +19,7 @@ nobase_include_HEADERS+= \
cyassl/options.h \ cyassl/options.h \
cyassl/ocsp.h \ cyassl/ocsp.h \
cyassl/crl.h cyassl/crl.h
noinst_HEADERS+= \
cyassl/internal.h

120
cyassl/internal.h
View File

@@ -483,7 +483,6 @@ enum {
TLS_RSA_WITH_AES_256_CBC_B2B256 = 0xF9, TLS_RSA_WITH_AES_256_CBC_B2B256 = 0xF9,
TLS_RSA_WITH_HC_128_B2B256 = 0xFA, /* eSTREAM too */ TLS_RSA_WITH_HC_128_B2B256 = 0xFA, /* eSTREAM too */
/* CyaSSL extension - NTRU */ /* CyaSSL extension - NTRU */
TLS_NTRU_RSA_WITH_RC4_128_SHA = 0xe5, TLS_NTRU_RSA_WITH_RC4_128_SHA = 0xe5,
TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA = 0xe6, TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA = 0xe6,
@@ -533,8 +532,10 @@ enum {
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x45, TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x45,
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x88, TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x88,
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xbe, TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xbe,
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc4 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc4,
/* Renegotiation Indication Extension Special Suite */
TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0xff
}; };
@@ -608,6 +609,7 @@ enum Misc {
CERT_HEADER_SZ = 3, /* always 3 bytes */ CERT_HEADER_SZ = 3, /* always 3 bytes */
REQ_HEADER_SZ = 2, /* cert request header sz */ REQ_HEADER_SZ = 2, /* cert request header sz */
HINT_LEN_SZ = 2, /* length of hint size field */ HINT_LEN_SZ = 2, /* length of hint size field */
TRUNCATED_HMAC_SZ = 10, /* length of hmac w/ truncated hmac extension */
HELLO_EXT_TYPE_SZ = 2, /* length of a hello extension type */ HELLO_EXT_TYPE_SZ = 2, /* length of a hello extension type */
HELLO_EXT_SZ = 8, /* total length of the lazy hello extensions */ HELLO_EXT_SZ = 8, /* total length of the lazy hello extensions */
HELLO_EXT_LEN = 6, /* length of the lazy hello extensions */ HELLO_EXT_LEN = 6, /* length of the lazy hello extensions */
@@ -989,16 +991,15 @@ struct OCSP_Entry {
}; };
#ifndef HAVE_OCSP
typedef struct CYASSL_OCSP CYASSL_OCSP;
#endif
/* CyaSSL OCSP controller */ /* CyaSSL OCSP controller */
struct CYASSL_OCSP { struct CYASSL_OCSP {
byte enabled; CYASSL_CERT_MANAGER* cm; /* pointer back to cert manager */
byte useOverrideUrl; OCSP_Entry* ocspList; /* OCSP response list */
byte useNonce; CyaSSL_Mutex ocspLock; /* OCSP list lock */
char overrideUrl[80];
OCSP_Entry* ocspList;
void* IOCB_OcspCtx;
CallbackIOOcsp CBIOOcsp;
CallbackIOOcspRespFree CBIOOcspRespFree;
}; };
#ifndef MAX_DATE_SIZE #ifndef MAX_DATE_SIZE
@@ -1076,6 +1077,14 @@ struct CYASSL_CERT_MANAGER {
byte crlEnabled; /* is CRL on ? */ byte crlEnabled; /* is CRL on ? */
byte crlCheckAll; /* always leaf, but all ? */ byte crlCheckAll; /* always leaf, but all ? */
CbMissingCRL cbMissingCRL; /* notify through cb of missing crl */ CbMissingCRL cbMissingCRL; /* notify through cb of missing crl */
CYASSL_OCSP* ocsp; /* OCSP checker */
byte ocspEnabled; /* is OCSP on ? */
byte ocspSendNonce; /* send the OCSP nonce ? */
byte ocspUseOverrideURL; /* ignore cert's responder, override */
char* ocspOverrideURL; /* use this responder */
void* ocspIOCtx; /* I/O callback CTX */
CbOCSPIO ocspIOCb; /* I/O callback for OCSP lookup */
CbOCSPRespFree ocspRespFreeCb; /* Frees OCSP Response from IO Cb */
}; };
CYASSL_LOCAL int CM_SaveCertCache(CYASSL_CERT_MANAGER*, const char*); CYASSL_LOCAL int CM_SaveCertCache(CYASSL_CERT_MANAGER*, const char*);
@@ -1101,11 +1110,8 @@ typedef struct CYASSL_DTLS_CTX {
typedef enum { typedef enum {
SERVER_NAME_INDICATION = 0, SERVER_NAME_INDICATION = 0,
MAX_FRAGMENT_LENGTH = 1, MAX_FRAGMENT_LENGTH = 1,
/*CLIENT_CERTIFICATE_URL = 2,
TRUSTED_CA_KEYS = 3,*/
TRUNCATED_HMAC = 4, TRUNCATED_HMAC = 4,
/*STATUS_REQUEST = 5, ELLIPTIC_CURVES = 10
SIGNATURE_ALGORITHMS = 13,*/
} TLSX_Type; } TLSX_Type;
typedef struct TLSX { typedef struct TLSX {
@@ -1153,6 +1159,8 @@ CYASSL_LOCAL void TLSX_SNI_SetOptions(TLSX* extensions, byte type,
CYASSL_LOCAL byte TLSX_SNI_Status(TLSX* extensions, byte type); CYASSL_LOCAL byte TLSX_SNI_Status(TLSX* extensions, byte type);
CYASSL_LOCAL word16 TLSX_SNI_GetRequest(TLSX* extensions, byte type, CYASSL_LOCAL word16 TLSX_SNI_GetRequest(TLSX* extensions, byte type,
void** data); void** data);
CYASSL_LOCAL int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz,
byte type, byte* sni, word32* inOutSz);
#endif #endif
#endif /* HAVE_SNI */ #endif /* HAVE_SNI */
@@ -1166,12 +1174,27 @@ CYASSL_LOCAL int TLSX_UseMaxFragment(TLSX** extensions, byte mfl);
#ifdef HAVE_TRUNCATED_HMAC #ifdef HAVE_TRUNCATED_HMAC
#define TRUNCATED_HMAC_SIZE 10
CYASSL_LOCAL int TLSX_UseTruncatedHMAC(TLSX** extensions); CYASSL_LOCAL int TLSX_UseTruncatedHMAC(TLSX** extensions);
#endif /* HAVE_TRUNCATED_HMAC */ #endif /* HAVE_TRUNCATED_HMAC */
#ifdef HAVE_SUPPORTED_CURVES
typedef struct EllipticCurve {
word16 name; /* CurveNames */
struct EllipticCurve* next; /* List Behavior */
} EllipticCurve;
CYASSL_LOCAL int TLSX_UseSupportedCurve(TLSX** extensions, word16 name);
#ifndef NO_CYASSL_SERVER
CYASSL_LOCAL int TLSX_ValidateEllipticCurves(CYASSL* ssl, byte first,
byte second);
#endif
#endif /* HAVE_SUPPORTED_CURVES */
#endif /* HAVE_TLS_EXTENSIONS */ #endif /* HAVE_TLS_EXTENSIONS */
/* CyaSSL context type */ /* CyaSSL context type */
@@ -1213,6 +1236,7 @@ struct CYASSL_CTX {
word32 timeout; /* session timeout */ word32 timeout; /* session timeout */
#ifdef HAVE_ECC #ifdef HAVE_ECC
word16 eccTempKeySz; /* in octets 20 - 66 */ word16 eccTempKeySz; /* in octets 20 - 66 */
word32 pkCurveOID; /* curve Ecc_Sum */
#endif #endif
#ifndef NO_PSK #ifndef NO_PSK
byte havePSK; /* psk key set by user */ byte havePSK; /* psk key set by user */
@@ -1360,6 +1384,30 @@ enum ClientCertificateType {
enum CipherType { stream, block, aead }; enum CipherType { stream, block, aead };
#ifdef CYASSL_DTLS
#ifdef WORD64_AVAILABLE
typedef word64 DtlsSeq;
#else
typedef word32 DtlsSeq;
#endif
#define DTLS_SEQ_BITS (sizeof(DtlsSeq) * CHAR_BIT)
typedef struct DtlsState {
DtlsSeq window; /* Sliding window for current epoch */
word16 nextEpoch; /* Expected epoch in next record */
word32 nextSeq; /* Expected sequence in next record */
word16 curEpoch; /* Received epoch in current record */
word32 curSeq; /* Received sequence in current record */
DtlsSeq prevWindow; /* Sliding window for old epoch */
word32 prevSeq; /* Next sequence in allowed old epoch */
} DtlsState;
#endif /* CYASSL_DTLS */
/* keys and secrets */ /* keys and secrets */
typedef struct Keys { typedef struct Keys {
byte client_write_MAC_secret[MAX_DIGEST_SIZE]; /* max sizes */ byte client_write_MAC_secret[MAX_DIGEST_SIZE]; /* max sizes */
@@ -1378,15 +1426,13 @@ typedef struct Keys {
word32 sequence_number; word32 sequence_number;
#ifdef CYASSL_DTLS #ifdef CYASSL_DTLS
word32 dtls_sequence_number; DtlsState dtls_state; /* Peer's state */
word32 dtls_peer_sequence_number;
word32 dtls_expected_peer_sequence_number;
word16 dtls_handshake_number;
word16 dtls_peer_handshake_number; word16 dtls_peer_handshake_number;
word16 dtls_expected_peer_handshake_number; word16 dtls_expected_peer_handshake_number;
word16 dtls_epoch;
word16 dtls_peer_epoch; word16 dtls_epoch; /* Current tx epoch */
word16 dtls_expected_peer_epoch; word32 dtls_sequence_number; /* Current tx sequence */
word16 dtls_handshake_number; /* Current tx handshake seq */
#endif #endif
word32 encryptSz; /* last size of encrypted data */ word32 encryptSz; /* last size of encrypted data */
@@ -1661,6 +1707,10 @@ struct CYASSL_X509 {
byte hwType[EXTERNAL_SERIAL_SIZE]; byte hwType[EXTERNAL_SERIAL_SIZE];
int hwSerialNumSz; int hwSerialNumSz;
byte hwSerialNum[EXTERNAL_SERIAL_SIZE]; byte hwSerialNum[EXTERNAL_SERIAL_SIZE];
#ifdef OPENSSL_EXTRA
byte certPolicySet;
byte certPolicyCrit;
#endif /* OPENSSL_EXTRA */
#endif #endif
int notBeforeSz; int notBeforeSz;
byte notBefore[MAX_DATE_SZ]; byte notBefore[MAX_DATE_SZ];
@@ -1670,10 +1720,33 @@ struct CYASSL_X509 {
buffer sig; buffer sig;
int pubKeyOID; int pubKeyOID;
buffer pubKey; buffer pubKey;
#ifdef HAVE_ECC
word32 pkCurveOID;
#endif /* HAVE_ECC */
buffer derCert; /* may need */ buffer derCert; /* may need */
DNS_entry* altNames; /* alt names list */ DNS_entry* altNames; /* alt names list */
DNS_entry* altNamesNext; /* hint for retrieval */ DNS_entry* altNamesNext; /* hint for retrieval */
byte dynamicMemory; /* dynamic memory flag */ byte dynamicMemory; /* dynamic memory flag */
byte isCa;
#ifdef OPENSSL_EXTRA
word32 pathLength;
word16 keyUsage;
byte basicConstSet;
byte basicConstCrit;
byte basicConstPlSet;
byte subjAltNameSet;
byte subjAltNameCrit;
byte authKeyIdSet;
byte authKeyIdCrit;
byte* authKeyId;
word32 authKeyIdSz;
byte subjKeyIdSet;
byte subjKeyIdCrit;
byte* subjKeyId;
word32 subjKeyIdSz;
byte keyUsageSet;
byte keyUsageCrit;
#endif /* OPENSSL_EXTRA */
}; };
@@ -1783,6 +1856,7 @@ struct CYASSL {
ecc_key* eccTempKey; /* private ECDHE key */ ecc_key* eccTempKey; /* private ECDHE key */
ecc_key* eccDsaKey; /* private ECDSA key */ ecc_key* eccDsaKey; /* private ECDSA key */
word16 eccTempKeySz; /* in octets 20 - 66 */ word16 eccTempKeySz; /* in octets 20 - 66 */
word32 pkCurveOID; /* curve Ecc_Sum */
byte peerEccKeyPresent; byte peerEccKeyPresent;
byte peerEccDsaKeyPresent; byte peerEccDsaKeyPresent;
byte eccTempKeyPresent; byte eccTempKeyPresent;

8
cyassl/ocsp.h
View File

@@ -36,12 +36,10 @@
typedef struct CYASSL_OCSP CYASSL_OCSP; typedef struct CYASSL_OCSP CYASSL_OCSP;
CYASSL_LOCAL int CyaSSL_OCSP_Init(CYASSL_OCSP*); CYASSL_LOCAL int InitOCSP(CYASSL_OCSP*, CYASSL_CERT_MANAGER*);
CYASSL_LOCAL void CyaSSL_OCSP_Cleanup(CYASSL_OCSP*); CYASSL_LOCAL void FreeOCSP(CYASSL_OCSP*, int dynamic);
CYASSL_LOCAL int CyaSSL_OCSP_set_override_url(CYASSL_OCSP*, const char*);
CYASSL_LOCAL int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP*, DecodedCert*);
CYASSL_LOCAL int CheckCertOCSP(CYASSL_OCSP*, DecodedCert*);
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */

88
cyassl/ssl.h
View File

@@ -99,6 +99,9 @@ typedef struct CYASSL_EVP_PKEY {
union { union {
char* ptr; char* ptr;
} pkey; } pkey;
#ifdef HAVE_ECC
int pkey_curve;
#endif
} CYASSL_EVP_PKEY; } CYASSL_EVP_PKEY;
typedef struct CYASSL_MD4_CTX { typedef struct CYASSL_MD4_CTX {
@@ -413,6 +416,16 @@ CYASSL_API int CyaSSL_X509_STORE_CTX_get_error_depth(CYASSL_X509_STORE_CTX*);
CYASSL_API char* CyaSSL_X509_NAME_oneline(CYASSL_X509_NAME*, char*, int); CYASSL_API char* CyaSSL_X509_NAME_oneline(CYASSL_X509_NAME*, char*, int);
CYASSL_API CYASSL_X509_NAME* CyaSSL_X509_get_issuer_name(CYASSL_X509*); CYASSL_API CYASSL_X509_NAME* CyaSSL_X509_get_issuer_name(CYASSL_X509*);
CYASSL_API CYASSL_X509_NAME* CyaSSL_X509_get_subject_name(CYASSL_X509*); CYASSL_API CYASSL_X509_NAME* CyaSSL_X509_get_subject_name(CYASSL_X509*);
CYASSL_API int CyaSSL_X509_ext_isSet_by_NID(CYASSL_X509*, int);
CYASSL_API int CyaSSL_X509_ext_get_critical_by_NID(CYASSL_X509*, int);
CYASSL_API int CyaSSL_X509_get_isCA(CYASSL_X509*);
CYASSL_API int CyaSSL_X509_get_isSet_pathLength(CYASSL_X509*);
CYASSL_API unsigned int CyaSSL_X509_get_pathLength(CYASSL_X509*);
CYASSL_API unsigned int CyaSSL_X509_get_keyUsage(CYASSL_X509*);
CYASSL_API unsigned char* CyaSSL_X509_get_authorityKeyID(
CYASSL_X509*, unsigned char*, int*);
CYASSL_API unsigned char* CyaSSL_X509_get_subjectKeyID(
CYASSL_X509*, unsigned char*, int*);
CYASSL_API int CyaSSL_X509_NAME_entry_count(CYASSL_X509_NAME*); CYASSL_API int CyaSSL_X509_NAME_entry_count(CYASSL_X509_NAME*);
CYASSL_API int CyaSSL_X509_NAME_get_text_by_NID( CYASSL_API int CyaSSL_X509_NAME_get_text_by_NID(
CYASSL_X509_NAME*, int, char*, int); CYASSL_X509_NAME*, int, char*, int);
@@ -530,6 +543,9 @@ enum {
OCSP_RESPONSE = 8, OCSP_RESPONSE = 8,
OCSP_BASICRESP = 16, OCSP_BASICRESP = 16,
CYASSL_OCSP_URL_OVERRIDE = 1,
CYASSL_OCSP_NO_NONCE = 2,
CYASSL_CRL_CHECKALL = 1, CYASSL_CRL_CHECKALL = 1,
ASN1_GENERALIZEDTIME = 4, ASN1_GENERALIZEDTIME = 4,
@@ -810,9 +826,9 @@ CYASSL_API CYASSL_X509*
#ifndef NO_FILESYSTEM #ifndef NO_FILESYSTEM
CYASSL_API CYASSL_X509* CYASSL_API CYASSL_X509*
CyaSSL_X509_d2i_fp(CYASSL_X509** x509, FILE* file); CyaSSL_X509_d2i_fp(CYASSL_X509** x509, FILE* file);
#endif
CYASSL_API CYASSL_X509* CYASSL_API CYASSL_X509*
CyaSSL_X509_load_certificate_file(const char* fname, int format); CyaSSL_X509_load_certificate_file(const char* fname, int format);
#endif
#ifdef CYASSL_SEP #ifdef CYASSL_SEP
CYASSL_API unsigned char* CYASSL_API unsigned char*
@@ -930,15 +946,6 @@ CYASSL_API void CyaSSL_CTX_SetGenCookie(CYASSL_CTX*, CallbackGenCookie);
CYASSL_API void CyaSSL_SetCookieCtx(CYASSL* ssl, void *ctx); CYASSL_API void CyaSSL_SetCookieCtx(CYASSL* ssl, void *ctx);
CYASSL_API void* CyaSSL_GetCookieCtx(CYASSL* ssl); CYASSL_API void* CyaSSL_GetCookieCtx(CYASSL* ssl);
typedef int (*CallbackIOOcsp)(void*, const char*, int,
unsigned char*, int, unsigned char**);
typedef void (*CallbackIOOcspRespFree)(void*,unsigned char*);
#ifdef HAVE_OCSP
CYASSL_API void CyaSSL_SetIOOcsp(CYASSL_CTX *ocsp, CallbackIOOcsp cb);
CYASSL_API void CyaSSL_SetIOOcspRespFree(CYASSL_CTX *ocsp,
CallbackIOOcspRespFree cb);
CYASSL_API void CyaSSL_SetIOOcspCtx(CYASSL_CTX *ocsp, void *octx);
#endif
/* I/O Callback default errors */ /* I/O Callback default errors */
enum IOerrors { enum IOerrors {
@@ -966,9 +973,14 @@ CYASSL_API int CyaSSL_GetObjectSize(void); /* object size based on build */
CYASSL_API int CyaSSL_SetVersion(CYASSL* ssl, int version); CYASSL_API int CyaSSL_SetVersion(CYASSL* ssl, int version);
CYASSL_API int CyaSSL_KeyPemToDer(const unsigned char*, int sz, unsigned char*, CYASSL_API int CyaSSL_KeyPemToDer(const unsigned char*, int sz, unsigned char*,
int, const char*); int, const char*);
CYASSL_API int CyaSSL_CertPemToDer(const unsigned char*, int sz, unsigned char*,
int, int);
typedef void (*CallbackCACache)(unsigned char* der, int sz, int type); typedef void (*CallbackCACache)(unsigned char* der, int sz, int type);
typedef void (*CbMissingCRL)(const char* url); typedef void (*CbMissingCRL)(const char* url);
typedef int (*CbOCSPIO)(void*, const char*, int,
unsigned char*, int, unsigned char**);
typedef void (*CbOCSPRespFree)(void*,unsigned char*);
/* User Atomic Record Layer CallBacks */ /* User Atomic Record Layer CallBacks */
typedef int (*CallbackMacEncrypt)(CYASSL* ssl, unsigned char* macOut, typedef int (*CallbackMacEncrypt)(CYASSL* ssl, unsigned char* macOut,
@@ -994,6 +1006,7 @@ CYASSL_API const unsigned char* CyaSSL_GetClientWriteIV(CYASSL*);
CYASSL_API const unsigned char* CyaSSL_GetServerWriteKey(CYASSL*); CYASSL_API const unsigned char* CyaSSL_GetServerWriteKey(CYASSL*);
CYASSL_API const unsigned char* CyaSSL_GetServerWriteIV(CYASSL*); CYASSL_API const unsigned char* CyaSSL_GetServerWriteIV(CYASSL*);
CYASSL_API int CyaSSL_GetKeySize(CYASSL*); CYASSL_API int CyaSSL_GetKeySize(CYASSL*);
CYASSL_API int CyaSSL_GetIVSize(CYASSL*);
CYASSL_API int CyaSSL_GetSide(CYASSL*); CYASSL_API int CyaSSL_GetSide(CYASSL*);
CYASSL_API int CyaSSL_IsTLSv1_1(CYASSL*); CYASSL_API int CyaSSL_IsTLSv1_1(CYASSL*);
CYASSL_API int CyaSSL_GetBulkCipher(CYASSL*); CYASSL_API int CyaSSL_GetBulkCipher(CYASSL*);
@@ -1113,16 +1126,34 @@ CYASSL_API void* CyaSSL_GetRsaDecCtx(CYASSL* ssl);
int, int); int, int);
CYASSL_API int CyaSSL_CertManagerSetCRL_Cb(CYASSL_CERT_MANAGER*, CYASSL_API int CyaSSL_CertManagerSetCRL_Cb(CYASSL_CERT_MANAGER*,
CbMissingCRL); CbMissingCRL);
CYASSL_API int CyaSSL_CertManagerCheckOCSP(CYASSL_CERT_MANAGER*,
unsigned char*, int sz);
CYASSL_API int CyaSSL_CertManagerEnableOCSP(CYASSL_CERT_MANAGER*,
int options);
CYASSL_API int CyaSSL_CertManagerDisableOCSP(CYASSL_CERT_MANAGER*);
CYASSL_API int CyaSSL_CertManagerSetOCSPOverrideURL(CYASSL_CERT_MANAGER*,
const char*);
CYASSL_API int CyaSSL_CertManagerSetOCSP_Cb(CYASSL_CERT_MANAGER*,
CbOCSPIO, CbOCSPRespFree, void*);
CYASSL_API int CyaSSL_EnableCRL(CYASSL* ssl, int options); CYASSL_API int CyaSSL_EnableCRL(CYASSL* ssl, int options);
CYASSL_API int CyaSSL_DisableCRL(CYASSL* ssl); CYASSL_API int CyaSSL_DisableCRL(CYASSL* ssl);
CYASSL_API int CyaSSL_LoadCRL(CYASSL*, const char*, int, int); CYASSL_API int CyaSSL_LoadCRL(CYASSL*, const char*, int, int);
CYASSL_API int CyaSSL_SetCRL_Cb(CYASSL*, CbMissingCRL); CYASSL_API int CyaSSL_SetCRL_Cb(CYASSL*, CbMissingCRL);
CYASSL_API int CyaSSL_EnableOCSP(CYASSL*, int options);
CYASSL_API int CyaSSL_DisableOCSP(CYASSL*);
CYASSL_API int CyaSSL_SetOCSP_OverrideURL(CYASSL*, const char*);
CYASSL_API int CyaSSL_SetOCSP_Cb(CYASSL*, CbOCSPIO, CbOCSPRespFree, void*);
CYASSL_API int CyaSSL_CTX_EnableCRL(CYASSL_CTX* ctx, int options); CYASSL_API int CyaSSL_CTX_EnableCRL(CYASSL_CTX* ctx, int options);
CYASSL_API int CyaSSL_CTX_DisableCRL(CYASSL_CTX* ctx); CYASSL_API int CyaSSL_CTX_DisableCRL(CYASSL_CTX* ctx);
CYASSL_API int CyaSSL_CTX_LoadCRL(CYASSL_CTX*, const char*, int, int); CYASSL_API int CyaSSL_CTX_LoadCRL(CYASSL_CTX*, const char*, int, int);
CYASSL_API int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX*, CbMissingCRL); CYASSL_API int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX*, CbMissingCRL);
CYASSL_API int CyaSSL_CTX_EnableOCSP(CYASSL_CTX*, int options);
CYASSL_API int CyaSSL_CTX_DisableOCSP(CYASSL_CTX*);
CYASSL_API int CyaSSL_CTX_SetOCSP_OverrideURL(CYASSL_CTX*, const char*);
CYASSL_API int CyaSSL_CTX_SetOCSP_Cb(CYASSL_CTX*,
CbOCSPIO, CbOCSPRespFree, void*);
#endif /* !NO_CERTS */ #endif /* !NO_CERTS */
/* end of handshake frees temporary arrays, if user needs for get_keys or /* end of handshake frees temporary arrays, if user needs for get_keys or
@@ -1174,6 +1205,10 @@ CYASSL_API unsigned char CyaSSL_SNI_Status(CYASSL* ssl, unsigned char type);
CYASSL_API unsigned short CyaSSL_SNI_GetRequest(CYASSL *ssl, unsigned char type, CYASSL_API unsigned short CyaSSL_SNI_GetRequest(CYASSL *ssl, unsigned char type,
void** data); void** data);
CYASSL_API int CyaSSL_SNI_GetFromBuffer(
const unsigned char* clientHello, unsigned int helloSz,
unsigned char type, unsigned char* sni, unsigned int* inOutSz);
#endif /* NO_CYASSL_SERVER */ #endif /* NO_CYASSL_SERVER */
#endif /* HAVE_SNI */ #endif /* HAVE_SNI */
@@ -1196,6 +1231,7 @@ CYASSL_API int CyaSSL_CTX_UseMaxFragment(CYASSL_CTX* ctx, unsigned char mfl);
#endif /* NO_CYASSL_CLIENT */ #endif /* NO_CYASSL_CLIENT */
#endif /* HAVE_MAX_FRAGMENT */ #endif /* HAVE_MAX_FRAGMENT */
/* Truncated HMAC */
#ifdef HAVE_TRUNCATED_HMAC #ifdef HAVE_TRUNCATED_HMAC
#ifndef NO_CYASSL_CLIENT #ifndef NO_CYASSL_CLIENT
@@ -1205,6 +1241,27 @@ CYASSL_API int CyaSSL_CTX_UseTruncatedHMAC(CYASSL_CTX* ctx);
#endif /* NO_CYASSL_CLIENT */ #endif /* NO_CYASSL_CLIENT */
#endif /* HAVE_TRUNCATED_HMAC */ #endif /* HAVE_TRUNCATED_HMAC */
/* Elliptic Curves */
#ifdef HAVE_SUPPORTED_CURVES
enum {
CYASSL_ECC_SECP160R1 = 0x10,
CYASSL_ECC_SECP192R1 = 0x13,
CYASSL_ECC_SECP224R1 = 0x15,
CYASSL_ECC_SECP256R1 = 0x17,
CYASSL_ECC_SECP384R1 = 0x18,
CYASSL_ECC_SECP521R1 = 0x19
};
#ifndef NO_CYASSL_CLIENT
CYASSL_API int CyaSSL_UseSupportedCurve(CYASSL* ssl, unsigned short name);
CYASSL_API int CyaSSL_CTX_UseSupportedCurve(CYASSL_CTX* ctx,
unsigned short name);
#endif /* NO_CYASSL_CLIENT */
#endif /* HAVE_SUPPORTED_CURVES */
#define CYASSL_CRL_MONITOR 0x01 /* monitor this dir flag */ #define CYASSL_CRL_MONITOR 0x01 /* monitor this dir flag */
#define CYASSL_CRL_START_MON 0x02 /* start monitoring flag */ #define CYASSL_CRL_START_MON 0x02 /* start monitoring flag */
@@ -1227,14 +1284,9 @@ CYASSL_API int CyaSSL_accept_ex(CYASSL*, HandShakeCallBack, TimeoutCallBack,
#endif /* CYASSL_CALLBACKS */ #endif /* CYASSL_CALLBACKS */
CYASSL_API int CyaSSL_CTX_OCSP_set_options(CYASSL_CTX*, int); #ifdef CYASSL_HAVE_WOLFSCEP
CYASSL_API int CyaSSL_CTX_OCSP_set_override_url(CYASSL_CTX*, const char*); CYASSL_API void CyaSSL_wolfSCEP(void);
#endif /* CYASSL_HAVE_WOLFSCEP */
/* OCSP Options */
#define CYASSL_OCSP_ENABLE 0x0001 /* Enable OCSP lookups */
#define CYASSL_OCSP_URL_OVERRIDE 0x0002 /* Use the override URL instead of URL
* in certificate */
#define CYASSL_OCSP_NO_NONCE 0x0004 /* Disables the request nonce. */
#ifdef __cplusplus #ifdef __cplusplus

4
cyassl/version.h
View File

@@ -26,8 +26,8 @@
extern "C" { extern "C" {
#endif #endif
#define LIBCYASSL_VERSION_STRING "2.8.3" #define LIBCYASSL_VERSION_STRING "2.9.0"
#define LIBCYASSL_VERSION_HEX 0x02008003 #define LIBCYASSL_VERSION_HEX 0x02009000
#ifdef __cplusplus #ifdef __cplusplus
} }

22
examples/client/client.c
View File

@@ -505,10 +505,13 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args)
#ifdef HAVE_OCSP #ifdef HAVE_OCSP
if (useOcsp) { if (useOcsp) {
CyaSSL_CTX_OCSP_set_options(ctx, if (ocspUrl != NULL) {
CYASSL_OCSP_ENABLE | CYASSL_OCSP_NO_NONCE); CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
if (ocspUrl != NULL) CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE
CyaSSL_CTX_OCSP_set_override_url(ctx, ocspUrl); | CYASSL_OCSP_URL_OVERRIDE);
}
else
CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE);
} }
#endif #endif
@@ -547,17 +550,18 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args)
#ifdef HAVE_SNI #ifdef HAVE_SNI
if (sniHostName) if (sniHostName)
if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))) if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))
!= SSL_SUCCESS)
err_sys("UseSNI failed"); err_sys("UseSNI failed");
#endif #endif
#ifdef HAVE_MAX_FRAGMENT #ifdef HAVE_MAX_FRAGMENT
if (maxFragment) if (maxFragment)
if (CyaSSL_CTX_UseMaxFragment(ctx, maxFragment)) if (CyaSSL_CTX_UseMaxFragment(ctx, maxFragment) != SSL_SUCCESS)
err_sys("UseMaxFragment failed"); err_sys("UseMaxFragment failed");
#endif #endif
#ifdef HAVE_TRUNCATED_HMAC #ifdef HAVE_TRUNCATED_HMAC
if (truncatedHMAC) if (truncatedHMAC)
if (CyaSSL_CTX_UseTruncatedHMAC(ctx)) if (CyaSSL_CTX_UseTruncatedHMAC(ctx) != SSL_SUCCESS)
err_sys("UseTruncatedHMAC failed"); err_sys("UseTruncatedHMAC failed");
#endif #endif
@@ -803,8 +807,10 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args)
#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) && !defined(STACK_TRAP) #if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) && !defined(STACK_TRAP)
CyaSSL_Debugging_ON(); CyaSSL_Debugging_ON();
#endif #endif
if (CurrentDir("client") || CurrentDir("build")) if (CurrentDir("client"))
ChangeDirBack(2); ChangeDirBack(2);
else if (CurrentDir("Debug") || CurrentDir("Release"))
ChangeDirBack(3);
#ifdef HAVE_STACK_SIZE #ifdef HAVE_STACK_SIZE
StackSizeCheck(&args, client_test); StackSizeCheck(&args, client_test);

4
examples/echoclient/echoclient.c
View File

@@ -255,8 +255,10 @@ void echoclient_test(void* args)
CyaSSL_Debugging_ON(); CyaSSL_Debugging_ON();
#endif #endif
if (CurrentDir("echoclient") || CurrentDir("build")) if (CurrentDir("echoclient"))
ChangeDirBack(2); ChangeDirBack(2);
else if (CurrentDir("Debug") || CurrentDir("Release"))
ChangeDirBack(3);
echoclient_test(&args); echoclient_test(&args);
CyaSSL_Cleanup(); CyaSSL_Cleanup();

4
examples/echoserver/echoserver.c
View File

@@ -339,8 +339,10 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) #if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
CyaSSL_Debugging_ON(); CyaSSL_Debugging_ON();
#endif #endif
if (CurrentDir("echoserver") || CurrentDir("build")) if (CurrentDir("echoserver"))
ChangeDirBack(2); ChangeDirBack(2);
else if (CurrentDir("Debug") || CurrentDir("Release"))
ChangeDirBack(3);
echoserver_test(&args); echoserver_test(&args);
CyaSSL_Cleanup(); CyaSSL_Cleanup();

25
examples/server/server.c
View File

@@ -374,6 +374,10 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
if (fewerPackets) if (fewerPackets)
CyaSSL_CTX_set_group_messages(ctx); CyaSSL_CTX_set_group_messages(ctx);
#ifdef OPENSSL_EXTRA
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
if (!usePsk) { if (!usePsk) {
if (SSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM) if (SSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM)
@@ -428,10 +432,6 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
} }
#endif #endif
#ifdef OPENSSL_EXTRA
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) #if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
/* don't use EDH, can't sniff tmp keys */ /* don't use EDH, can't sniff tmp keys */
if (cipherList == NULL) { if (cipherList == NULL) {
@@ -443,7 +443,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
#ifdef HAVE_SNI #ifdef HAVE_SNI
if (sniHostName) if (sniHostName)
if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName, if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName,
XSTRLEN(sniHostName))) XSTRLEN(sniHostName)) != SSL_SUCCESS)
err_sys("UseSNI failed"); err_sys("UseSNI failed");
#endif #endif
@@ -459,10 +459,13 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
#endif #endif
#ifdef HAVE_OCSP #ifdef HAVE_OCSP
if (useOcsp) { if (useOcsp) {
CyaSSL_CTX_OCSP_set_options(ctx, if (ocspUrl != NULL) {
CYASSL_OCSP_ENABLE | CYASSL_OCSP_NO_NONCE); CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
if (ocspUrl != NULL) CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE
CyaSSL_CTX_OCSP_set_override_url(ctx, ocspUrl); | CYASSL_OCSP_URL_OVERRIDE);
}
else
CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE);
} }
#endif #endif
#ifdef HAVE_PK_CALLBACKS #ifdef HAVE_PK_CALLBACKS
@@ -556,8 +559,10 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) #if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
CyaSSL_Debugging_ON(); CyaSSL_Debugging_ON();
#endif #endif
if (CurrentDir("server") || CurrentDir("build")) if (CurrentDir("server"))
ChangeDirBack(2); ChangeDirBack(2);
else if (CurrentDir("Debug") || CurrentDir("Release"))
ChangeDirBack(3);
#ifdef HAVE_STACK_SIZE #ifdef HAVE_STACK_SIZE
StackSizeCheck(&args, server_test); StackSizeCheck(&args, server_test);

1
m4/ax_debug.m4
View File

@@ -52,7 +52,6 @@ AC_DEFUN([AX_DEBUG],
[Add debug code/turns off optimizations (yes|no) @<:@default=no@:>@])], [Add debug code/turns off optimizations (yes|no) @<:@default=no@:>@])],
[ax_enable_debug=yes [ax_enable_debug=yes
AC_DEFINE([DEBUG],[1],[Define to 1 to enable debugging code.]) AC_DEFINE([DEBUG],[1],[Define to 1 to enable debugging code.])
AX_CHECK_LIBRARY([MCHECK],[mcheck.h],[mcheck],[AX_APPEND_LINK_FLAGS([-lmcheck])])
AX_ADD_AM_MACRO([--debug],[AM_YFLAGS]) AX_ADD_AM_MACRO([--debug],[AM_YFLAGS])
AX_ADD_AM_MACRO([-D_GLIBCXX_DEBUG],[AM_CPPFLAGS])], AX_ADD_AM_MACRO([-D_GLIBCXX_DEBUG],[AM_CPPFLAGS])],
[ax_enable_debug=no [ax_enable_debug=no

76
m4/ax_tls.m4 Normal file
View File

@@ -0,0 +1,76 @@
# ===========================================================================
# http://www.gnu.org/software/autoconf-archive/ax_tls.html
# ===========================================================================
#
# SYNOPSIS
#
# AX_TLS([action-if-found], [action-if-not-found])
#
# DESCRIPTION
#
# Provides a test for the compiler support of thread local storage (TLS)
# extensions. Defines TLS if it is found. Currently knows about GCC/ICC
# and MSVC. I think SunPro uses the same as GCC, and Borland apparently
# supports either.
#
# LICENSE
#
# Copyright (c) 2008 Alan Woodland <ajw05@aber.ac.uk>
# Copyright (c) 2010 Diego Elio Petteno` <flameeyes@gmail.com>
#
# This program is free software: you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation, either version 3 of the License, or (at your
# option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
# Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program. If not, see <http://www.gnu.org/licenses/>.
#
# As a special exception, the respective Autoconf Macro's copyright owner
# gives unlimited permission to copy, distribute and modify the configure
# scripts that are the output of Autoconf when processing the Macro. You
# need not follow the terms of the GNU General Public License when using
# or distributing such scripts, even though portions of the text of the
# Macro appear in them. The GNU General Public License (GPL) does govern
# all other use of the material that constitutes the Autoconf Macro.
#
# This special exception to the GPL applies to versions of the Autoconf
# Macro released by the Autoconf Archive. When you make and distribute a
# modified version of the Autoconf Macro, you may extend this special
# exception to the GPL to apply to your modified version as well.
#serial 10
AC_DEFUN([AX_TLS], [
AC_MSG_CHECKING(for thread local storage (TLS) class)
AC_CACHE_VAL(ac_cv_tls, [
ax_tls_keywords="__thread __declspec(thread) none"
for ax_tls_keyword in $ax_tls_keywords; do
AS_CASE([$ax_tls_keyword],
[none], [ac_cv_tls=none ; break],
[AC_TRY_COMPILE(
[#include <stdlib.h>
static void
foo(void) {
static ] $ax_tls_keyword [ int bar;
exit(1);
}],
[],
[ac_cv_tls=$ax_tls_keyword ; break],
ac_cv_tls=none
)])
done
])
AC_MSG_RESULT($ac_cv_tls)
AS_IF([test "$ac_cv_tls" != "none"],
AC_DEFINE_UNQUOTED([TLS], $ac_cv_tls, [If the compiler supports a TLS storage class define it to that here])
m4_ifnblank([$1], [$1]),
m4_ifnblank([$2], [$2])
)
])

22
mcapi/ctaocrypt_mcapi.X/nbproject/configurations.xml
View File

@@ -167,28 +167,6 @@
<property key="save-temps" value="false"/> <property key="save-temps" value="false"/>
<property key="wpo-lto" value="false"/> <property key="wpo-lto" value="false"/>
</C32Global> </C32Global>
<PKOBSKDEPlatformTool>
<property key="AutoSelectMemRanges" value="auto"/>
<property key="SecureSegment.SegmentProgramming" value="FullChipProgramming"/>
<property key="ToolFirmwareFilePath"
value="Press to browse for a specific firmware version"/>
<property key="ToolFirmwareOption.UseLatestFirmware" value="true"/>
<property key="memories.configurationmemory" value="false"/>
<property key="memories.eeprom" value="false"/>
<property key="memories.id" value="false"/>
<property key="memories.programmemory" value="true"/>
<property key="memories.programmemory.end" value="0x1d07ffff"/>
<property key="memories.programmemory.start" value="0x1d000000"/>
<property key="poweroptions.powerenable" value="false"/>
<property key="programoptions.eraseb4program" value="true"/>
<property key="programoptions.preserveeeprom" value="false"/>
<property key="programoptions.preserveprogramrange" value="false"/>
<property key="programoptions.preserveprogramrange.end" value="0x1d0001ff"/>
<property key="programoptions.preserveprogramrange.start" value="0x1d000000"/>
<property key="programoptions.usehighvoltageonmclr" value="false"/>
<property key="programoptions.uselvpprogramming" value="false"/>
<property key="voltagevalue" value="3.25"/>
</PKOBSKDEPlatformTool>
<SKDEPIC32PlatformTool> <SKDEPIC32PlatformTool>
<property key="whatToProgram" value="all"/> <property key="whatToProgram" value="all"/>
</SKDEPIC32PlatformTool> </SKDEPIC32PlatformTool>

51
mcapi/ctaocrypt_test.X/main.c
View File

@@ -1,51 +0,0 @@
/* main.c
*
* Copyright (C) 2006-2013 wolfSSL Inc. All rights reserved.
*
* This file is part of CyaSSL.
*
* Contact licensing@yassl.com with any questions or comments.
*
* http://www.yassl.com
*/
#define PIC32_STARTER_KIT
#include <stdio.h>
#include <stdlib.h>
#include <p32xxxx.h>
#include <plib.h>
#include <sys/appio.h>
/* func_args from test.h, so don't have to pull in other junk */
typedef struct func_args {
int argc;
char** argv;
int return_code;
} func_args;
/*
* Main driver for CTaoCrypt tests.
*/
int main(int argc, char** argv) {
SYSTEMConfigPerformance(80000000);
DBINIT();
printf("CTaoCrypt Test:\n");
func_args args;
args.argc = argc;
args.argv = argv;
ctaocrypt_test(&args);
if (args.return_code == 0) {
printf("All tests passed!\n");
}
return 0;
}

164
mcapi/ctaocrypt_test.X/nbproject/Makefile-default.mk Normal file
View File

@@ -0,0 +1,164 @@
#
# Generated Makefile - do not edit!
#
# Edit the Makefile in the project folder instead (../Makefile). Each target
# has a -pre and a -post target defined where you can add customized code.
#
# This makefile implements configuration specific macros and targets.
# Include project Makefile
ifeq "${IGNORE_LOCAL}" "TRUE"
# do not include local makefile. User is passing all local related variables already
else
include Makefile
# Include makefile containing local settings
ifeq "$(wildcard nbproject/Makefile-local-default.mk)" "nbproject/Makefile-local-default.mk"
include nbproject/Makefile-local-default.mk
endif
endif
# Environment
MKDIR=gnumkdir -p
RM=rm -f
MV=mv
CP=cp
# Macros
CND_CONF=default
ifeq ($(TYPE_IMAGE), DEBUG_RUN)
IMAGE_TYPE=debug
OUTPUT_SUFFIX=elf
DEBUGGABLE_SUFFIX=elf
FINAL_IMAGE=dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX}
else
IMAGE_TYPE=production
OUTPUT_SUFFIX=hex
DEBUGGABLE_SUFFIX=elf
FINAL_IMAGE=dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX}
endif
# Object Directory
OBJECTDIR=build/${CND_CONF}/${IMAGE_TYPE}
# Distribution Directory
DISTDIR=dist/${CND_CONF}/${IMAGE_TYPE}
# Source Files Quoted if spaced
SOURCEFILES_QUOTED_IF_SPACED=../../ctaocrypt/test/test.c ../../mplabx/test_main.c
# Object Files Quoted if spaced
OBJECTFILES_QUOTED_IF_SPACED=${OBJECTDIR}/_ext/1679622190/test.o ${OBJECTDIR}/_ext/1042050482/test_main.o
POSSIBLE_DEPFILES=${OBJECTDIR}/_ext/1679622190/test.o.d ${OBJECTDIR}/_ext/1042050482/test_main.o.d
# Object Files
OBJECTFILES=${OBJECTDIR}/_ext/1679622190/test.o ${OBJECTDIR}/_ext/1042050482/test_main.o
# Source Files
SOURCEFILES=../../ctaocrypt/test/test.c ../../mplabx/test_main.c
CFLAGS=
ASFLAGS=
LDLIBSOPTIONS=
############# Tool locations ##########################################
# If you copy a project from one host to another, the path where the #
# compiler is installed may be different. #
# If you open this project with MPLAB X in the new host, this #
# makefile will be regenerated and the paths will be corrected. #
#######################################################################
# fixDeps replaces a bunch of sed/cat/printf statements that slow down the build
FIXDEPS=fixDeps
.build-conf: ${BUILD_SUBPROJECTS}
${MAKE} ${MAKE_OPTIONS} -f nbproject/Makefile-default.mk dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX}
MP_PROCESSOR_OPTION=32MX795F512L
MP_LINKER_FILE_OPTION=
# ------------------------------------------------------------------------------------
# Rules for buildStep: assemble
ifeq ($(TYPE_IMAGE), DEBUG_RUN)
else
endif
# ------------------------------------------------------------------------------------
# Rules for buildStep: assembleWithPreprocess
ifeq ($(TYPE_IMAGE), DEBUG_RUN)
else
endif
# ------------------------------------------------------------------------------------
# Rules for buildStep: compile
ifeq ($(TYPE_IMAGE), DEBUG_RUN)
${OBJECTDIR}/_ext/1679622190/test.o: ../../ctaocrypt/test/test.c nbproject/Makefile-${CND_CONF}.mk
@${MKDIR} ${OBJECTDIR}/_ext/1679622190
@${RM} ${OBJECTDIR}/_ext/1679622190/test.o.d
@${RM} ${OBJECTDIR}/_ext/1679622190/test.o
@${FIXDEPS} "${OBJECTDIR}/_ext/1679622190/test.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DNO_MAIN_DRIVER -DUSE_CERT_BUFFERS_1024 -DCYASSL_SHA384 -DCYASSL_SHA512 -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -I"../../" -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1679622190/test.o.d" -o ${OBJECTDIR}/_ext/1679622190/test.o ../../ctaocrypt/test/test.c
${OBJECTDIR}/_ext/1042050482/test_main.o: ../../mplabx/test_main.c nbproject/Makefile-${CND_CONF}.mk
@${MKDIR} ${OBJECTDIR}/_ext/1042050482
@${RM} ${OBJECTDIR}/_ext/1042050482/test_main.o.d
@${RM} ${OBJECTDIR}/_ext/1042050482/test_main.o
@${FIXDEPS} "${OBJECTDIR}/_ext/1042050482/test_main.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DNO_MAIN_DRIVER -DUSE_CERT_BUFFERS_1024 -DCYASSL_SHA384 -DCYASSL_SHA512 -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -I"../../" -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1042050482/test_main.o.d" -o ${OBJECTDIR}/_ext/1042050482/test_main.o ../../mplabx/test_main.c
else
${OBJECTDIR}/_ext/1679622190/test.o: ../../ctaocrypt/test/test.c nbproject/Makefile-${CND_CONF}.mk
@${MKDIR} ${OBJECTDIR}/_ext/1679622190
@${RM} ${OBJECTDIR}/_ext/1679622190/test.o.d
@${RM} ${OBJECTDIR}/_ext/1679622190/test.o
@${FIXDEPS} "${OBJECTDIR}/_ext/1679622190/test.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DNO_MAIN_DRIVER -DUSE_CERT_BUFFERS_1024 -DCYASSL_SHA384 -DCYASSL_SHA512 -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -I"../../" -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1679622190/test.o.d" -o ${OBJECTDIR}/_ext/1679622190/test.o ../../ctaocrypt/test/test.c
${OBJECTDIR}/_ext/1042050482/test_main.o: ../../mplabx/test_main.c nbproject/Makefile-${CND_CONF}.mk
@${MKDIR} ${OBJECTDIR}/_ext/1042050482
@${RM} ${OBJECTDIR}/_ext/1042050482/test_main.o.d
@${RM} ${OBJECTDIR}/_ext/1042050482/test_main.o
@${FIXDEPS} "${OBJECTDIR}/_ext/1042050482/test_main.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DNO_MAIN_DRIVER -DUSE_CERT_BUFFERS_1024 -DCYASSL_SHA384 -DCYASSL_SHA512 -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -I"../../" -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1042050482/test_main.o.d" -o ${OBJECTDIR}/_ext/1042050482/test_main.o ../../mplabx/test_main.c
endif
# ------------------------------------------------------------------------------------
# Rules for buildStep: compileCPP
ifeq ($(TYPE_IMAGE), DEBUG_RUN)
else
endif
# ------------------------------------------------------------------------------------
# Rules for buildStep: link
ifeq ($(TYPE_IMAGE), DEBUG_RUN)
dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX}: ${OBJECTFILES} nbproject/Makefile-${CND_CONF}.mk ../cyassl.X/dist/default/debug/cyassl.X.a ../zlib.X/dist/default/debug/zlib.X.a
@${MKDIR} dist/${CND_CONF}/${IMAGE_TYPE}
${MP_CC} $(MP_EXTRA_LD_PRE) -mdebugger -D__MPLAB_DEBUGGER_PK3=1 -mprocessor=$(MP_PROCESSOR_OPTION) -Os -o dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} ${OBJECTFILES_QUOTED_IF_SPACED} ..\cyassl.X\dist\default\debug\cyassl.X.a ..\zlib.X\dist\default\debug\zlib.X.a -mreserve=data@0x0:0x1FC -mreserve=boot@0x1FC02000:0x1FC02FEF -mreserve=boot@0x1FC02000:0x1FC024FF -Wl,--defsym=__MPLAB_BUILD=1$(MP_EXTRA_LD_POST)$(MP_LINKER_FILE_OPTION),--defsym=__MPLAB_DEBUG=1,--defsym=__DEBUG=1,--defsym=__MPLAB_DEBUGGER_PK3=1,--defsym=_min_heap_size=32768,--defsym=_min_stack_size=1024,--gc-sections
else
dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX}: ${OBJECTFILES} nbproject/Makefile-${CND_CONF}.mk ../cyassl.X/dist/default/production/cyassl.X.a ../zlib.X/dist/default/production/zlib.X.a
@${MKDIR} dist/${CND_CONF}/${IMAGE_TYPE}
${MP_CC} $(MP_EXTRA_LD_PRE) -mprocessor=$(MP_PROCESSOR_OPTION) -Os -o dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${DEBUGGABLE_SUFFIX} ${OBJECTFILES_QUOTED_IF_SPACED} ..\cyassl.X\dist\default\production\cyassl.X.a ..\zlib.X\dist\default\production\zlib.X.a -Wl,--defsym=__MPLAB_BUILD=1$(MP_EXTRA_LD_POST)$(MP_LINKER_FILE_OPTION),--defsym=_min_heap_size=32768,--defsym=_min_stack_size=1024,--gc-sections
${MP_CC_DIR}\\xc32-bin2hex dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${DEBUGGABLE_SUFFIX}
endif
# Subprojects
.build-subprojects:
cd /D ../cyassl.X && ${MAKE} -f Makefile CONF=default
cd /D ../zlib.X && ${MAKE} -f Makefile CONF=default
# Subprojects
.clean-subprojects:
cd /D ../cyassl.X && rm -rf "build/default" "dist/default"
cd /D ../zlib.X && rm -rf "build/default" "dist/default"
# Clean Targets
.clean-conf: ${CLEAN_SUBPROJECTS}
${RM} -r build/default
${RM} -r dist/default
# Enable dependency checking
.dep.inc: .depcheck-impl
DEPFILES=$(shell mplabwildcard ${POSSIBLE_DEPFILES})
ifneq (${DEPFILES},)
include ${DEPFILES}
endif

8
mcapi/ctaocrypt_test.X/nbproject/Makefile-genesis.properties Normal file
View File

@@ -0,0 +1,8 @@
#
#Mon Feb 24 10:53:41 JST 2014
default.com-microchip-mplab-nbide-toolchainXC32-XC32LanguageToolchain.md5=cd6a1e93a26f632c22d91cbbe4deaf2c
default.languagetoolchain.dir=C\:\\Program Files (x86)\\Microchip\\xc32\\v1.30-TC9\\bin
com-microchip-mplab-nbide-embedded-makeproject-MakeProject.md5=43bd1633f14a944b6e95abd1333fdfc3
default.languagetoolchain.version=1.30
host.platform=windows
conf.ids=default

69
mcapi/ctaocrypt_test.X/nbproject/Makefile-impl.mk Normal file
View File

@@ -0,0 +1,69 @@
#
# Generated Makefile - do not edit!
#
# Edit the Makefile in the project folder instead (../Makefile). Each target
# has a pre- and a post- target defined where you can add customization code.
#
# This makefile implements macros and targets common to all configurations.
#
# NOCDDL
# Building and Cleaning subprojects are done by default, but can be controlled with the SUB
# macro. If SUB=no, subprojects will not be built or cleaned. The following macro
# statements set BUILD_SUB-CONF and CLEAN_SUB-CONF to .build-reqprojects-conf
# and .clean-reqprojects-conf unless SUB has the value 'no'
SUB_no=NO
SUBPROJECTS=${SUB_${SUB}}
BUILD_SUBPROJECTS_=.build-subprojects
BUILD_SUBPROJECTS_NO=
BUILD_SUBPROJECTS=${BUILD_SUBPROJECTS_${SUBPROJECTS}}
CLEAN_SUBPROJECTS_=.clean-subprojects
CLEAN_SUBPROJECTS_NO=
CLEAN_SUBPROJECTS=${CLEAN_SUBPROJECTS_${SUBPROJECTS}}
# Project Name
PROJECTNAME=ctaocrypt_test.X
# Active Configuration
DEFAULTCONF=default
CONF=${DEFAULTCONF}
# All Configurations
ALLCONFS=default
# build
.build-impl: .build-pre
${MAKE} -f nbproject/Makefile-${CONF}.mk SUBPROJECTS=${SUBPROJECTS} .build-conf
# clean
.clean-impl: .clean-pre
${MAKE} -f nbproject/Makefile-${CONF}.mk SUBPROJECTS=${SUBPROJECTS} .clean-conf
# clobber
.clobber-impl: .clobber-pre .depcheck-impl
${MAKE} SUBPROJECTS=${SUBPROJECTS} CONF=default clean
# all
.all-impl: .all-pre .depcheck-impl
${MAKE} SUBPROJECTS=${SUBPROJECTS} CONF=default build
# dependency checking support
.depcheck-impl:
# @echo "# This code depends on make tool being used" >.dep.inc
# @if [ -n "${MAKE_VERSION}" ]; then \
# echo "DEPFILES=\$$(wildcard \$$(addsuffix .d, \$${OBJECTFILES}))" >>.dep.inc; \
# echo "ifneq (\$${DEPFILES},)" >>.dep.inc; \
# echo "include \$${DEPFILES}" >>.dep.inc; \
# echo "endif" >>.dep.inc; \
# else \
# echo ".KEEP_STATE:" >>.dep.inc; \
# echo ".KEEP_STATE_FILE:.make.state.\$${CONF}" >>.dep.inc; \
# fi

37
mcapi/ctaocrypt_test.X/nbproject/Makefile-local-default.mk Normal file
View File

@@ -0,0 +1,37 @@
#
# Generated Makefile - do not edit!
#
#
# This file contains information about the location of compilers and other tools.
# If you commmit this file into your revision control server, you will be able to
# to checkout the project and build it from the command line with make. However,
# if more than one person works on the same project, then this file might show
# conflicts since different users are bound to have compilers in different places.
# In that case you might choose to not commit this file and let MPLAB X recreate this file
# for each user. The disadvantage of not commiting this file is that you must run MPLAB X at
# least once so the file gets created and the project can be built. Finally, you can also
# avoid using this file at all if you are only building from the command line with make.
# You can invoke make with the values of the macros:
# $ makeMP_CC="/opt/microchip/mplabc30/v3.30c/bin/pic30-gcc" ...
#
SHELL=cmd.exe
PATH_TO_IDE_BIN=C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/
# Adding MPLAB X bin directory to path.
PATH:=C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/:$(PATH)
# Path to java used to run MPLAB X when this makefile was created
MP_JAVA_PATH="C:\Program Files (x86)\Microchip\MPLABX-v1.95.RC3\sys\java\jre1.7.0_25-windows-x64\java-windows/bin/"
OS_CURRENT="$(shell uname -s)"
MP_CC="C:\Program Files (x86)\Microchip\xc32\v1.30-TC9\bin\xc32-gcc.exe"
MP_CPPC="C:\Program Files (x86)\Microchip\xc32\v1.30-TC9\bin\xc32-g++.exe"
# MP_BC is not defined
MP_AS="C:\Program Files (x86)\Microchip\xc32\v1.30-TC9\bin\xc32-as.exe"
MP_LD="C:\Program Files (x86)\Microchip\xc32\v1.30-TC9\bin\xc32-ld.exe"
MP_AR="C:\Program Files (x86)\Microchip\xc32\v1.30-TC9\bin\xc32-ar.exe"
DEP_GEN=${MP_JAVA_PATH}java -jar "C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/extractobjectdependencies.jar"
MP_CC_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30-TC9\bin"
MP_CPPC_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30-TC9\bin"
# MP_BC_DIR is not defined
MP_AS_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30-TC9\bin"
MP_LD_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30-TC9\bin"
MP_AR_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30-TC9\bin"
# MP_BC_DIR is not defined

13
mcapi/ctaocrypt_test.X/nbproject/Makefile-variables.mk Normal file
View File

@@ -0,0 +1,13 @@
#
# Generated - do not edit!
#
# NOCDDL
#
CND_BASEDIR=`pwd`
# default configuration
CND_ARTIFACT_DIR_default=dist/default/production
CND_ARTIFACT_NAME_default=ctaocrypt_test.X.production.hex
CND_ARTIFACT_PATH_default=dist/default/production/ctaocrypt_test.X.production.hex
CND_PACKAGE_DIR_default=${CND_DISTDIR}/default/package
CND_PACKAGE_NAME_default=ctaocrypttest.x.tar
CND_PACKAGE_PATH_default=${CND_DISTDIR}/default/package/ctaocrypttest.x.tar

73
mcapi/ctaocrypt_test.X/nbproject/Package-default.bash Normal file
View File

@@ -0,0 +1,73 @@
#!/bin/bash -x
#
# Generated - do not edit!
#
# Macros
TOP=`pwd`
CND_CONF=default
CND_DISTDIR=dist
TMPDIR=build/${CND_CONF}/${IMAGE_TYPE}/tmp-packaging
TMPDIRNAME=tmp-packaging
OUTPUT_PATH=dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX}
OUTPUT_BASENAME=ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX}
PACKAGE_TOP_DIR=ctaocrypttest.x/
# Functions
function checkReturnCode
{
rc=$?
if [ $rc != 0 ]
then
exit $rc
fi
}
function makeDirectory
# $1 directory path
# $2 permission (optional)
{
mkdir -p "$1"
checkReturnCode
if [ "$2" != "" ]
then
chmod $2 "$1"
checkReturnCode
fi
}
function copyFileToTmpDir
# $1 from-file path
# $2 to-file path
# $3 permission
{
cp "$1" "$2"
checkReturnCode
if [ "$3" != "" ]
then
chmod $3 "$2"
checkReturnCode
fi
}
# Setup
cd "${TOP}"
mkdir -p ${CND_DISTDIR}/${CND_CONF}/package
rm -rf ${TMPDIR}
mkdir -p ${TMPDIR}
# Copy files and create directories and links
cd "${TOP}"
makeDirectory ${TMPDIR}/ctaocrypttest.x/bin
copyFileToTmpDir "${OUTPUT_PATH}" "${TMPDIR}/${PACKAGE_TOP_DIR}bin/${OUTPUT_BASENAME}" 0755
# Generate tar file
cd "${TOP}"
rm -f ${CND_DISTDIR}/${CND_CONF}/package/ctaocrypttest.x.tar
cd ${TMPDIR}
tar -vcf ../../../../${CND_DISTDIR}/${CND_CONF}/package/ctaocrypttest.x.tar *
checkReturnCode
# Cleanup
cd "${TOP}"
rm -rf ${TMPDIR}

22
mcapi/ctaocrypt_test.X/nbproject/configurations.xml
View File

@@ -184,28 +184,6 @@
<property key="save-temps" value="false"/> <property key="save-temps" value="false"/>
<property key="wpo-lto" value="false"/> <property key="wpo-lto" value="false"/>
</C32Global> </C32Global>
<PKOBSKDEPlatformTool>
<property key="AutoSelectMemRanges" value="auto"/>
<property key="SecureSegment.SegmentProgramming" value="FullChipProgramming"/>
<property key="ToolFirmwareFilePath"
value="Press to browse for a specific firmware version"/>
<property key="ToolFirmwareOption.UseLatestFirmware" value="true"/>
<property key="memories.configurationmemory" value="false"/>
<property key="memories.eeprom" value="false"/>
<property key="memories.id" value="false"/>
<property key="memories.programmemory" value="true"/>
<property key="memories.programmemory.end" value="0x1d07ffff"/>
<property key="memories.programmemory.start" value="0x1d000000"/>
<property key="poweroptions.powerenable" value="false"/>
<property key="programoptions.eraseb4program" value="true"/>
<property key="programoptions.preserveeeprom" value="false"/>
<property key="programoptions.preserveprogramrange" value="false"/>
<property key="programoptions.preserveprogramrange.end" value="0x1d0001ff"/>
<property key="programoptions.preserveprogramrange.start" value="0x1d000000"/>
<property key="programoptions.usehighvoltageonmclr" value="false"/>
<property key="programoptions.uselvpprogramming" value="false"/>
<property key="voltagevalue" value="3.25"/>
</PKOBSKDEPlatformTool>
<SKDEPIC32PlatformTool> <SKDEPIC32PlatformTool>
<property key="whatToProgram" value="all"/> <property key="whatToProgram" value="all"/>
</SKDEPIC32PlatformTool> </SKDEPIC32PlatformTool>

3
mcapi/ctaocrypt_test.X/nbproject/include.am
View File

@@ -3,8 +3,7 @@
# #
EXTRA_DIST += \ EXTRA_DIST += \
mcapi/ctaocrypt_test.X/Makefile \ mcapi/ctaocrypt_test.X/Makefile
mcapi/ctaocrypt_test.X/main.c
EXTRA_DIST += \ EXTRA_DIST += \
mcapi/ctaocrypt_test.X/nbproject/configurations.xml \ mcapi/ctaocrypt_test.X/nbproject/configurations.xml \

6
mcapi/ctaocrypt_test.X/nbproject/private/private.xml Normal file
View File

@@ -0,0 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?><project-private xmlns="http://www.netbeans.org/ns/project-private/1">
<open-files xmlns="http://www.netbeans.org/ns/projectui-open-files/1">
<file>file:/C:/ROOT/CyaSSL-Release/PIC32MZ-HWCrypt/ctaocrypt/test/test.c</file>
<file>file:/C:/ROOT/CyaSSL-Release/PIC32MZ-HWCrypt/mplabx/test_main.c</file>
</open-files>
</project-private>

Some files were not shown because too many files have changed in this diff Show More