wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 19:54:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:cyassl/cyassl

Browse Source
This commit is contained in:
John Safranek
2014-08-19 22:38:42 -07:00
parent 100f0e8a96 72be4a31ef
commit 496228e5b0
9 changed files with 2606 additions and 1238 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1063
README.md Normal file
View File

File diff suppressed because it is too large Load Diff

2577
ctaocrypt/src/aes.c
View File

File diff suppressed because it is too large Load Diff

14
cyassl/internal.h
View File

@@ -153,9 +153,6 @@
typedef byte word24[3]; typedef byte word24[3];
/* used by ssl.c and cyassl_int.c */
void c32to24(word32 in, word24 out);
/* Define or comment out the cipher suites you'd like to be compiled in /* Define or comment out the cipher suites you'd like to be compiled in
make sure to use at least one BUILD_SSL_xxx or BUILD_TLS_xxx is defined make sure to use at least one BUILD_SSL_xxx or BUILD_TLS_xxx is defined
@@ -802,7 +799,6 @@ enum Misc {
COPY = 1 /* should we copy static buffer for write */ COPY = 1 /* should we copy static buffer for write */
}; };
#ifdef SESSION_INDEX #ifdef SESSION_INDEX
/* Shift values for making a session index */ /* Shift values for making a session index */
#define SESSIDX_ROW_SHIFT 4 #define SESSIDX_ROW_SHIFT 4
@@ -1969,6 +1965,10 @@ struct CYASSL {
byte hsInfoOn; /* track handshake info */ byte hsInfoOn; /* track handshake info */
byte toInfoOn; /* track timeout info */ byte toInfoOn; /* track timeout info */
#endif #endif
#ifdef HAVE_FUZZER
CallbackFuzzer fuzzerCb; /* for testing with using fuzzer */
void* fuzzerCtx; /* user defined pointer */
#endif
#ifdef KEEP_PEER_CERT #ifdef KEEP_PEER_CERT
CYASSL_X509 peerCert; /* X509 peer cert */ CYASSL_X509 peerCert; /* X509 peer cert */
#endif #endif
@@ -2212,6 +2212,12 @@ CYASSL_LOCAL void FreeX509(CYASSL_X509*);
CYASSL_LOCAL int CopyDecodedToX509(CYASSL_X509*, DecodedCert*); CYASSL_LOCAL int CopyDecodedToX509(CYASSL_X509*, DecodedCert*);
#endif #endif
/* used by ssl.c and cyassl_int.c */
CYASSL_LOCAL void c32to24(word32 in, word24 out);
CYASSL_LOCAL const char* const* GetCipherNames(void);
CYASSL_LOCAL int GetCipherNamesSize(void);
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */

16
cyassl/ssl.h
View File

@@ -233,6 +233,7 @@ CYASSL_API int CyaSSL_PemCertToDer(const char*, unsigned char*, int);
CYASSL_API CYASSL_CTX* CyaSSL_CTX_new(CYASSL_METHOD*); CYASSL_API CYASSL_CTX* CyaSSL_CTX_new(CYASSL_METHOD*);
CYASSL_API CYASSL* CyaSSL_new(CYASSL_CTX*); CYASSL_API CYASSL* CyaSSL_new(CYASSL_CTX*);
CYASSL_API int CyaSSL_set_fd (CYASSL*, int); CYASSL_API int CyaSSL_set_fd (CYASSL*, int);
CYASSL_API int CyaSSL_get_ciphers(char*, int);
CYASSL_API int CyaSSL_get_fd(const CYASSL*); CYASSL_API int CyaSSL_get_fd(const CYASSL*);
CYASSL_API void CyaSSL_set_using_nonblock(CYASSL*, int); CYASSL_API void CyaSSL_set_using_nonblock(CYASSL*, int);
CYASSL_API int CyaSSL_get_using_nonblock(CYASSL*); CYASSL_API int CyaSSL_get_using_nonblock(CYASSL*);
@@ -930,6 +931,21 @@ CYASSL_API int CyaSSL_set_group_messages(CYASSL*);
typedef int (*CallbackIORecv)(CYASSL *ssl, char *buf, int sz, void *ctx); typedef int (*CallbackIORecv)(CYASSL *ssl, char *buf, int sz, void *ctx);
typedef int (*CallbackIOSend)(CYASSL *ssl, char *buf, int sz, void *ctx); typedef int (*CallbackIOSend)(CYASSL *ssl, char *buf, int sz, void *ctx);
#ifdef HAVE_FUZZER
enum fuzzer_type {
FUZZ_HMAC = 0,
FUZZ_ENCRYPT = 1,
FUZZ_SIGNATURE = 2,
FUZZ_HASH = 3,
FUZZ_HEAD = 4
};
typedef int (*CallbackFuzzer)(CYASSL* ssl, const unsigned char* buf, int sz,
int type, void* fuzzCtx);
CYASSL_API void CyaSSL_SetFuzzerCb(CYASSL* ssl, CallbackFuzzer cbf, void* fCtx);
#endif
CYASSL_API void CyaSSL_SetIORecv(CYASSL_CTX*, CallbackIORecv); CYASSL_API void CyaSSL_SetIORecv(CYASSL_CTX*, CallbackIORecv);
CYASSL_API void CyaSSL_SetIOSend(CYASSL_CTX*, CallbackIOSend); CYASSL_API void CyaSSL_SetIOSend(CYASSL_CTX*, CallbackIOSend);

56
src/internal.c
View File

@@ -1752,6 +1752,10 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
ssl->MacEncryptCtx = NULL; ssl->MacEncryptCtx = NULL;
ssl->DecryptVerifyCtx = NULL; ssl->DecryptVerifyCtx = NULL;
#endif #endif
#ifdef HAVE_FUZZER
ssl->fuzzerCb = NULL;
ssl->fuzzerCtx = NULL;
#endif
#ifdef HAVE_PK_CALLBACKS #ifdef HAVE_PK_CALLBACKS
#ifdef HAVE_ECC #ifdef HAVE_ECC
ssl->EccSignCtx = NULL; ssl->EccSignCtx = NULL;
@@ -2529,6 +2533,10 @@ static int HashOutput(CYASSL* ssl, const byte* output, int sz, int ivSz)
const byte* adj = output + RECORD_HEADER_SZ + ivSz; const byte* adj = output + RECORD_HEADER_SZ + ivSz;
sz -= RECORD_HEADER_SZ; sz -= RECORD_HEADER_SZ;
#ifdef HAVE_FUZZER
if (ssl->fuzzerCb)
ssl->fuzzerCb(ssl, output, sz, FUZZ_HASH, ssl->fuzzerCtx);
#endif
#ifdef CYASSL_DTLS #ifdef CYASSL_DTLS
if (ssl->options.dtls) { if (ssl->options.dtls) {
adj += DTLS_RECORD_EXTRA; adj += DTLS_RECORD_EXTRA;
@@ -2954,6 +2962,11 @@ static int GetRecordHeader(CYASSL* ssl, const byte* input, word32* inOutIdx,
RecordLayerHeader* rh, word16 *size) RecordLayerHeader* rh, word16 *size)
{ {
if (!ssl->options.dtls) { if (!ssl->options.dtls) {
#ifdef HAVE_FUZZER
if (ssl->fuzzerCb)
ssl->fuzzerCb(ssl, input + *inOutIdx, RECORD_HEADER_SZ, FUZZ_HEAD,
ssl->fuzzerCtx);
#endif
XMEMCPY(rh, input + *inOutIdx, RECORD_HEADER_SZ); XMEMCPY(rh, input + *inOutIdx, RECORD_HEADER_SZ);
*inOutIdx += RECORD_HEADER_SZ; *inOutIdx += RECORD_HEADER_SZ;
ato16(rh->length, size); ato16(rh->length, size);
@@ -2969,6 +2982,12 @@ static int GetRecordHeader(CYASSL* ssl, const byte* input, word32* inOutIdx,
*inOutIdx += 4; /* advance past rest of seq */ *inOutIdx += 4; /* advance past rest of seq */
ato16(input + *inOutIdx, size); ato16(input + *inOutIdx, size);
*inOutIdx += LENGTH_SZ; *inOutIdx += LENGTH_SZ;
#ifdef HAVE_FUZZER
if (ssl->fuzzerCb)
ssl->fuzzerCb(ssl, input + *inOutIdx - LENGTH_SZ - 8 - ENUM_LEN -
VERSION_SZ, ENUM_LEN + VERSION_SZ + 8 + LENGTH_SZ,
FUZZ_HEAD, ssl->fuzzerCtx);
#endif
#endif #endif
} }
@@ -5115,6 +5134,11 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word16 sz)
return ENCRYPT_ERROR; return ENCRYPT_ERROR;
} }
#ifdef HAVE_FUZZER
if (ssl->fuzzerCb)
ssl->fuzzerCb(ssl, input, sz, FUZZ_ENCRYPT, ssl->fuzzerCtx);
#endif
switch (ssl->specs.bulk_cipher_algorithm) { switch (ssl->specs.bulk_cipher_algorithm) {
#ifdef BUILD_ARC4 #ifdef BUILD_ARC4
case cyassl_rc4: case cyassl_rc4:
@@ -6392,6 +6416,11 @@ static int SSL_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
byte conLen[ENUM_LEN + LENGTH_SZ]; /* content & length */ byte conLen[ENUM_LEN + LENGTH_SZ]; /* content & length */
const byte* macSecret = CyaSSL_GetMacSecret(ssl, verify); const byte* macSecret = CyaSSL_GetMacSecret(ssl, verify);
#ifdef HAVE_FUZZER
if (ssl->fuzzerCb)
ssl->fuzzerCb(ssl, in, sz, FUZZ_HMAC, ssl->fuzzerCtx);
#endif
XMEMSET(seq, 0, SEQ_SZ); XMEMSET(seq, 0, SEQ_SZ);
conLen[0] = (byte)content; conLen[0] = (byte)content;
c16toa((word16)sz, &conLen[ENUM_LEN]); c16toa((word16)sz, &conLen[ENUM_LEN]);
@@ -7870,7 +7899,6 @@ static const char* const cipher_names[] =
}; };
/* cipher suite number that matches above name table */ /* cipher suite number that matches above name table */
static int cipher_name_idx[] = static int cipher_name_idx[] =
{ {
@@ -8257,6 +8285,20 @@ static int cipher_name_idx[] =
}; };
/* returns the cipher_names array */
const char* const* GetCipherNames(void)
{
return cipher_names;
}
/* returns the size of the cipher_names array */
int GetCipherNamesSize(void)
{
return (int)(sizeof(cipher_names) / sizeof(char*));
}
/* return true if set, else false */ /* return true if set, else false */
/* only supports full name from cipher_name[] delimited by : */ /* only supports full name from cipher_name[] delimited by : */
int SetCipherList(Suites* s, const char* list) int SetCipherList(Suites* s, const char* list)
@@ -10545,6 +10587,12 @@ static void PickHashSigAlgo(CYASSL* ssl,
/* Signtaure length will be written later, when we're sure what it /* Signtaure length will be written later, when we're sure what it
is */ is */
#ifdef HAVE_FUZZER
if (ssl->fuzzerCb)
ssl->fuzzerCb(ssl, output + preSigIdx, preSigSz, FUZZ_SIGNATURE,
ssl->fuzzerCtx);
#endif
/* do signature */ /* do signature */
{ {
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
@@ -10897,6 +10945,12 @@ static void PickHashSigAlgo(CYASSL* ssl,
c16toa((word16)sigSz, output + idx); c16toa((word16)sigSz, output + idx);
idx += LENGTH_SZ; idx += LENGTH_SZ;
#ifdef HAVE_FUZZER
if (ssl->fuzzerCb)
ssl->fuzzerCb(ssl, output + preSigIdx, preSigSz, FUZZ_SIGNATURE,
ssl->fuzzerCtx);
#endif
/* do signature */ /* do signature */
{ {
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS

42
src/ssl.c
View File

@@ -29,7 +29,6 @@
#include <errno.h> #include <errno.h>
#endif #endif
#include <cyassl/ssl.h> #include <cyassl/ssl.h>
#include <cyassl/internal.h> #include <cyassl/internal.h>
#include <cyassl/error-ssl.h> #include <cyassl/error-ssl.h>
@@ -227,6 +226,38 @@ int CyaSSL_set_fd(CYASSL* ssl, int fd)
} }
int CyaSSL_get_ciphers(char* buf, int len)
{
const char* const* ciphers = GetCipherNames();
int totalInc = 0;
int step = 0;
char delim = ':';
int size = GetCipherNamesSize();
int i;
if (buf == NULL || len <= 0)
return BAD_FUNC_ARG;
/* Add each member to the buffer delimitted by a : */
for (i = 0; i < size; i++) {
step = (int)(XSTRLEN(ciphers[i]) + 1); /* delimiter */
totalInc += step;
/* Check to make sure buf is large enough and will not overflow */
if (totalInc < len) {
XSTRNCPY(buf, ciphers[i], XSTRLEN(ciphers[i]));
buf += XSTRLEN(ciphers[i]);
if (i < size - 1)
*buf++ = delim;
}
else
return BUFFER_E;
}
return SSL_SUCCESS;
}
int CyaSSL_get_fd(const CYASSL* ssl) int CyaSSL_get_fd(const CYASSL* ssl)
{ {
CYASSL_ENTER("SSL_get_fd"); CYASSL_ENTER("SSL_get_fd");
@@ -11501,6 +11532,15 @@ const byte* CyaSSL_get_sessionID(const CYASSL_SESSION* session)
#endif /* SESSION_CERTS */ #endif /* SESSION_CERTS */
#ifdef HAVE_FUZZER
void CyaSSL_SetFuzzerCb(CYASSL* ssl, CallbackFuzzer cbf, void* fCtx)
{
if (ssl) {
ssl->fuzzerCb = cbf;
ssl->fuzzerCtx = fCtx;
}
}
#endif
#ifndef NO_CERTS #ifndef NO_CERTS
#ifdef HAVE_PK_CALLBACKS #ifdef HAVE_PK_CALLBACKS

5
src/tls.c
View File

@@ -677,6 +677,11 @@ int TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
if (ssl == NULL) if (ssl == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
#ifdef HAVE_FUZZER
if (ssl->fuzzerCb)
ssl->fuzzerCb(ssl, in, sz, FUZZ_HMAC, ssl->fuzzerCtx);
#endif
CyaSSL_SetTlsHmacInner(ssl, myInner, sz, content, verify); CyaSSL_SetTlsHmacInner(ssl, myInner, sz, content, verify);
ret = HmacSetKey(&hmac, CyaSSL_GetHmacType(ssl), ret = HmacSetKey(&hmac, CyaSSL_GetHmacType(ssl),

8
testsuite/testsuite.c
View File

@@ -161,6 +161,14 @@ int testsuite_test(int argc, char** argv)
if (server_args.return_code != 0) return server_args.return_code; if (server_args.return_code != 0) return server_args.return_code;
} }
/* show ciphers */
{
char ciphers[1024];
XMEMSET(ciphers, 0, sizeof(ciphers));
CyaSSL_get_ciphers(ciphers, sizeof(ciphers)-1);
printf("ciphers = %s\n", ciphers);
}
/* validate output equals input */ /* validate output equals input */
{ {
byte input[SHA256_DIGEST_SIZE]; byte input[SHA256_DIGEST_SIZE];

63
tirtos/packages/ti/net/cyassl/package.bld
View File

@@ -10,34 +10,47 @@ Pkg.makePrologue = "vpath %.c $(subst ;, ,$(XPKGPATH))";
/* CYASSL sources */ /* CYASSL sources */
var cyaSSLObjList = [ var cyaSSLObjList = [
"ctaocrypt/src/aes.c", "ctaocrypt/src/aes.c",
"ctaocrypt/src/arc4.c", "ctaocrypt/src/arc4.c",
"ctaocrypt/src/asn.c", "ctaocrypt/src/asm.c",
"ctaocrypt/src/coding.c", "ctaocrypt/src/asn.c",
"ctaocrypt/src/des3.c", "ctaocrypt/src/blake2b.c",
"ctaocrypt/src/dsa.c", "ctaocrypt/src/camellia.c",
"ctaocrypt/src/error.c", "ctaocrypt/src/chacha.c",
"ctaocrypt/src/hmac.c", "ctaocrypt/src/coding.c",
"ctaocrypt/src/logging.c", "ctaocrypt/src/des3.c",
"ctaocrypt/src/md4.c", "ctaocrypt/src/dh.c",
"ctaocrypt/src/md5.c", "ctaocrypt/src/dsa.c",
"ctaocrypt/src/memory.c", "ctaocrypt/src/ecc.c",
"ctaocrypt/src/wc_port.c", "ctaocrypt/src/error.c",
"ctaocrypt/src/pwdbased.c", "ctaocrypt/src/hc128.c",
"ctaocrypt/src/random.c", "ctaocrypt/src/hmac.c",
"ctaocrypt/src/rsa.c", "ctaocrypt/src/integer.c",
"ctaocrypt/src/sha.c", "ctaocrypt/src/logging.c",
"ctaocrypt/src/sha256.c", "ctaocrypt/src/md4.c",
"ctaocrypt/src/tfm.c", "ctaocrypt/src/md5.c",
"src/internal.c", "ctaocrypt/src/memory.c",
"src/io.c", "ctaocrypt/src/poly1305.c",
"src/keys.c", "ctaocrypt/src/pwdbased.c",
"src/ssl.c", "ctaocrypt/src/rabbit.c",
"src/tls.c", "ctaocrypt/src/random.c",
]; "ctaocrypt/src/rsa.c",
"ctaocrypt/src/sha.c",
"ctaocrypt/src/sha256.c",
"ctaocrypt/src/sha512.c",
"ctaocrypt/src/tfm.c",
"ctaocrypt/src/wc_port.c",
"src/internal.c",
"src/io.c",
"src/keys.c",
"src/ssl.c",
"src/tls.c",
];
for each (var targ in Build.targets) { for each (var targ in Build.targets) {
var libOptions = {incs: cyasslPathInclude}; var libOptions = {incs: cyasslPathInclude};
var lib = Pkg.addLibrary("lib/" + Pkg.name, targ, libOptions); var lib = Pkg.addLibrary("lib/" + Pkg.name, targ, libOptions);
lib.addObjects(cyaSSLObjList); lib.addObjects(cyaSSLObjList);
} }