wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 03:34:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix -Wshadow warnings

Browse Source
This commit is contained in:
Todd A Ouska
2011-05-25 10:25:05 -07:00
parent 7d533569d6
commit 60cc65280b
7 changed files with 277 additions and 277 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ctaocrypt/src/aes.c
View File

@@ -926,7 +926,7 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
if (dir == AES_DECRYPTION) if (dir == AES_DECRYPTION)
{ {
unsigned int i, j; unsigned int j;
rk = aes->key; rk = aes->key;
/* invert the order of the round keys: */ /* invert the order of the round keys: */

60
ctaocrypt/src/asn.c
View File

@@ -588,32 +588,32 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt,
int length, int version, byte* cbcIv) int length, int version, byte* cbcIv)
{ {
byte key[MAX_KEY_SIZE]; byte key[MAX_KEY_SIZE];
int hashType; int typeH;
int derivedLen; int derivedLen;
int decryptionType; int decryptionType;
int ret = 0; int ret = 0;
switch (id) { switch (id) {
case PBE_MD5_DES: case PBE_MD5_DES:
hashType = MD5; typeH = MD5;
derivedLen = 16; /* may need iv for v1.5 */ derivedLen = 16; /* may need iv for v1.5 */
decryptionType = DES_TYPE; decryptionType = DES_TYPE;
break; break;
case PBE_SHA1_DES: case PBE_SHA1_DES:
hashType = SHA; typeH = SHA;
derivedLen = 16; /* may need iv for v1.5 */ derivedLen = 16; /* may need iv for v1.5 */
decryptionType = DES_TYPE; decryptionType = DES_TYPE;
break; break;
case PBE_SHA1_DES3: case PBE_SHA1_DES3:
hashType = SHA; typeH = SHA;
derivedLen = 32; /* may need iv for v1.5 */ derivedLen = 32; /* may need iv for v1.5 */
decryptionType = DES3_TYPE; decryptionType = DES3_TYPE;
break; break;
case PBE_SHA1_RC4_128: case PBE_SHA1_RC4_128:
hashType = SHA; typeH = SHA;
derivedLen = 16; derivedLen = 16;
decryptionType = RC4_TYPE; decryptionType = RC4_TYPE;
break; break;
@@ -624,10 +624,10 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt,
if (version == PKCS5v2) if (version == PKCS5v2)
ret = PBKDF2(key, (byte*)password, passwordSz, salt, saltSz, iterations, ret = PBKDF2(key, (byte*)password, passwordSz, salt, saltSz, iterations,
derivedLen, hashType); derivedLen, typeH);
else if (version == PKCS5) else if (version == PKCS5)
ret = PBKDF1(key, (byte*)password, passwordSz, salt, saltSz, iterations, ret = PBKDF1(key, (byte*)password, passwordSz, salt, saltSz, iterations,
derivedLen, hashType); derivedLen, typeH);
else if (version == PKCS12) { else if (version == PKCS12) {
int i, idx = 0; int i, idx = 0;
byte unicodePasswd[MAX_UNICODE_SZ]; byte unicodePasswd[MAX_UNICODE_SZ];
@@ -644,10 +644,10 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt,
unicodePasswd[idx++] = 0x00; unicodePasswd[idx++] = 0x00;
ret = PKCS12_PBKDF(key, unicodePasswd, idx, salt, saltSz, ret = PKCS12_PBKDF(key, unicodePasswd, idx, salt, saltSz,
iterations, derivedLen, hashType, 1); iterations, derivedLen, typeH, 1);
if (decryptionType != RC4_TYPE) if (decryptionType != RC4_TYPE)
ret += PKCS12_PBKDF(cbcIv, unicodePasswd, idx, salt, saltSz, ret += PKCS12_PBKDF(cbcIv, unicodePasswd, idx, salt, saltSz,
iterations, 8, hashType, 2); iterations, 8, typeH, 2);
} }
if (ret != 0) if (ret != 0)
@@ -1762,7 +1762,7 @@ static int ConfirmSignature(DecodedCert* cert, const byte* key, word32 keySz,
#else #else
byte digest[SHA_DIGEST_SIZE]; /* max size */ byte digest[SHA_DIGEST_SIZE]; /* max size */
#endif #endif
int hashType, digestSz, ret; int typeH, digestSz, ret;
if (cert->signatureOID == MD5wRSA) { if (cert->signatureOID == MD5wRSA) {
Md5 md5; Md5 md5;
@@ -1770,7 +1770,7 @@ static int ConfirmSignature(DecodedCert* cert, const byte* key, word32 keySz,
Md5Update(&md5, cert->source + cert->certBegin, Md5Update(&md5, cert->source + cert->certBegin,
cert->sigIndex - cert->certBegin); cert->sigIndex - cert->certBegin);
Md5Final(&md5, digest); Md5Final(&md5, digest);
hashType = MD5h; typeH = MD5h;
digestSz = MD5_DIGEST_SIZE; digestSz = MD5_DIGEST_SIZE;
} }
else if (cert->signatureOID == SHAwRSA || cert->signatureOID == SHAwDSA || else if (cert->signatureOID == SHAwRSA || cert->signatureOID == SHAwDSA ||
@@ -1780,7 +1780,7 @@ static int ConfirmSignature(DecodedCert* cert, const byte* key, word32 keySz,
ShaUpdate(&sha, cert->source + cert->certBegin, ShaUpdate(&sha, cert->source + cert->certBegin,
cert->sigIndex - cert->certBegin); cert->sigIndex - cert->certBegin);
ShaFinal(&sha, digest); ShaFinal(&sha, digest);
hashType = SHAh; typeH = SHAh;
digestSz = SHA_DIGEST_SIZE; digestSz = SHA_DIGEST_SIZE;
} }
#ifndef NO_SHA256 #ifndef NO_SHA256
@@ -1791,7 +1791,7 @@ static int ConfirmSignature(DecodedCert* cert, const byte* key, word32 keySz,
Sha256Update(&sha256, cert->source + cert->certBegin, Sha256Update(&sha256, cert->source + cert->certBegin,
cert->sigIndex - cert->certBegin); cert->sigIndex - cert->certBegin);
Sha256Final(&sha256, digest); Sha256Final(&sha256, digest);
hashType = SHA256h; typeH = SHA256h;
digestSz = SHA256_DIGEST_SIZE; digestSz = SHA256_DIGEST_SIZE;
} }
#endif #endif
@@ -1827,7 +1827,7 @@ static int ConfirmSignature(DecodedCert* cert, const byte* key, word32 keySz,
} }
else { else {
/* make sure we're right justified */ /* make sure we're right justified */
sigSz = EncodeSignature(encodedSig, digest, digestSz, hashType); sigSz = EncodeSignature(encodedSig, digest, digestSz, typeH);
if (sigSz != verifySz || XMEMCMP(out, encodedSig, sigSz) != 0){ if (sigSz != verifySz || XMEMCMP(out, encodedSig, sigSz) != 0){
CYASSL_MSG("Rsa SSL verify match encode error"); CYASSL_MSG("Rsa SSL verify match encode error");
ret = 0; ret = 0;
@@ -2314,23 +2314,23 @@ int DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
#ifdef CYASSL_KEY_GEN #ifdef CYASSL_KEY_GEN
static mp_int* GetRsaInt(RsaKey* key, int index) static mp_int* GetRsaInt(RsaKey* key, int idx)
{ {
if (index == 0) if (idx == 0)
return &key->n; return &key->n;
if (index == 1) if (idx == 1)
return &key->e; return &key->e;
if (index == 2) if (idx == 2)
return &key->d; return &key->d;
if (index == 3) if (idx == 3)
return &key->p; return &key->p;
if (index == 4) if (idx == 4)
return &key->q; return &key->q;
if (index == 5) if (idx == 5)
return &key->dP; return &key->dP;
if (index == 6) if (idx == 6)
return &key->dQ; return &key->dQ;
if (index == 7) if (idx == 7)
return &key->u; return &key->u;
return NULL; return NULL;
@@ -2662,9 +2662,9 @@ typedef struct EncodedName {
/* Get Which Name from index */ /* Get Which Name from index */
static const char* GetOneName(CertName* name, int index) static const char* GetOneName(CertName* name, int idx)
{ {
switch (index) { switch (idx) {
case 0: case 0:
return name->country; return name->country;
break; break;
@@ -2698,9 +2698,9 @@ static const char* GetOneName(CertName* name, int index)
/* Get ASN Name from index */ /* Get ASN Name from index */
static byte GetNameId(int index) static byte GetNameId(int idx)
{ {
switch (index) { switch (idx) {
case 0: case 0:
return ASN_COUNTRY_NAME; return ASN_COUNTRY_NAME;
break; break;
@@ -2951,17 +2951,17 @@ static int MakeSignature(const byte* buffer, int sz, byte* sig, int sigSz,
{ {
byte digest[SHA_DIGEST_SIZE]; /* max size */ byte digest[SHA_DIGEST_SIZE]; /* max size */
byte encSig[MAX_ENCODED_DIG_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ]; byte encSig[MAX_ENCODED_DIG_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ];
int encSigSz, digestSz, hashType; int encSigSz, digestSz, typeH;
Md5 md5; /* md5 for now */ Md5 md5; /* md5 for now */
InitMd5(&md5); InitMd5(&md5);
Md5Update(&md5, buffer, sz); Md5Update(&md5, buffer, sz);
Md5Final(&md5, digest); Md5Final(&md5, digest);
digestSz = MD5_DIGEST_SIZE; digestSz = MD5_DIGEST_SIZE;
hashType = MD5h; typeH = MD5h;
/* signature */ /* signature */
encSigSz = EncodeSignature(encSig, digest, digestSz, hashType); encSigSz = EncodeSignature(encSig, digest, digestSz, typeH);
return RsaSSL_Sign(encSig, encSigSz, sig, sigSz, key, rng); return RsaSSL_Sign(encSig, encSigSz, sig, sigSz, key, rng);
} }

180
src/cyassl_int.c
View File

@@ -941,21 +941,21 @@ ProtocolVersion MakeDTLSv1(void)
/* add output to md5 and sha handshake hashes, exclude record header */ /* add output to md5 and sha handshake hashes, exclude record header */
static void HashOutput(SSL* ssl, const byte* output, int sz, int ivSz) static void HashOutput(SSL* ssl, const byte* output, int sz, int ivSz)
{ {
const byte* buffer = output + RECORD_HEADER_SZ + ivSz; const byte* adj = output + RECORD_HEADER_SZ + ivSz;
sz -= RECORD_HEADER_SZ; sz -= RECORD_HEADER_SZ;
#ifdef CYASSL_DTLS #ifdef CYASSL_DTLS
if (ssl->options.dtls) { if (ssl->options.dtls) {
buffer += DTLS_RECORD_EXTRA; adj += DTLS_RECORD_EXTRA;
sz -= DTLS_RECORD_EXTRA; sz -= DTLS_RECORD_EXTRA;
} }
#endif #endif
Md5Update(&ssl->hashMd5, buffer, sz); Md5Update(&ssl->hashMd5, adj, sz);
ShaUpdate(&ssl->hashSha, buffer, sz); ShaUpdate(&ssl->hashSha, adj, sz);
#ifndef NO_SHA256 #ifndef NO_SHA256
if (IsAtLeastTLSv1_2(ssl)) if (IsAtLeastTLSv1_2(ssl))
Sha256Update(&ssl->hashSha256, buffer, sz); Sha256Update(&ssl->hashSha256, adj, sz);
#endif #endif
} }
@@ -963,21 +963,21 @@ static void HashOutput(SSL* ssl, const byte* output, int sz, int ivSz)
/* add input to md5 and sha handshake hashes, include handshake header */ /* add input to md5 and sha handshake hashes, include handshake header */
static void HashInput(SSL* ssl, const byte* input, int sz) static void HashInput(SSL* ssl, const byte* input, int sz)
{ {
const byte* buffer = input - HANDSHAKE_HEADER_SZ; const byte* adj = input - HANDSHAKE_HEADER_SZ;
sz += HANDSHAKE_HEADER_SZ; sz += HANDSHAKE_HEADER_SZ;
#ifdef CYASSL_DTLS #ifdef CYASSL_DTLS
if (ssl->options.dtls) { if (ssl->options.dtls) {
buffer -= DTLS_HANDSHAKE_EXTRA; adj -= DTLS_HANDSHAKE_EXTRA;
sz += DTLS_HANDSHAKE_EXTRA; sz += DTLS_HANDSHAKE_EXTRA;
} }
#endif #endif
Md5Update(&ssl->hashMd5, buffer, sz); Md5Update(&ssl->hashMd5, adj, sz);
ShaUpdate(&ssl->hashSha, buffer, sz); ShaUpdate(&ssl->hashSha, adj, sz);
#ifndef NO_SHA256 #ifndef NO_SHA256
if (IsAtLeastTLSv1_2(ssl)) if (IsAtLeastTLSv1_2(ssl))
Sha256Update(&ssl->hashSha256, buffer, sz); Sha256Update(&ssl->hashSha256, adj, sz);
#endif #endif
} }
@@ -2358,7 +2358,7 @@ static INLINE const byte* GetMacSecret(SSL* ssl, int verify)
} }
static void Hmac(SSL* ssl, byte* digest, const byte* buffer, word32 sz, static void Hmac(SSL* ssl, byte* digest, const byte* in, word32 sz,
int content, int verify) int content, int verify)
{ {
byte result[SHA256_DIGEST_SIZE]; /* max possible sizes */ byte result[SHA256_DIGEST_SIZE]; /* max possible sizes */
@@ -2384,8 +2384,8 @@ static void Hmac(SSL* ssl, byte* digest, const byte* buffer, word32 sz,
Md5Update(&md5, PAD1, padSz); Md5Update(&md5, PAD1, padSz);
Md5Update(&md5, seq, SEQ_SZ); Md5Update(&md5, seq, SEQ_SZ);
Md5Update(&md5, conLen, sizeof(conLen)); Md5Update(&md5, conLen, sizeof(conLen));
/* buffer */ /* in buffer */
Md5Update(&md5, buffer, sz); Md5Update(&md5, in, sz);
Md5Final(&md5, result); Md5Final(&md5, result);
/* outer */ /* outer */
Md5Update(&md5, macSecret, digestSz); Md5Update(&md5, macSecret, digestSz);
@@ -2400,8 +2400,8 @@ static void Hmac(SSL* ssl, byte* digest, const byte* buffer, word32 sz,
ShaUpdate(&sha, PAD1, padSz); ShaUpdate(&sha, PAD1, padSz);
ShaUpdate(&sha, seq, SEQ_SZ); ShaUpdate(&sha, seq, SEQ_SZ);
ShaUpdate(&sha, conLen, sizeof(conLen)); ShaUpdate(&sha, conLen, sizeof(conLen));
/* buffer */ /* in buffer */
ShaUpdate(&sha, buffer, sz); ShaUpdate(&sha, in, sz);
ShaFinal(&sha, result); ShaFinal(&sha, result);
/* outer */ /* outer */
ShaUpdate(&sha, macSecret, digestSz); ShaUpdate(&sha, macSecret, digestSz);
@@ -2744,7 +2744,7 @@ int SendCertificateRequest(SSL* ssl)
} }
int SendData(SSL* ssl, const void* buffer, int sz) int SendData(SSL* ssl, const void* data, int sz)
{ {
int sent = 0, /* plainText size */ int sent = 0, /* plainText size */
sendSz, sendSz,
@@ -2779,7 +2779,7 @@ int SendData(SSL* ssl, const void* buffer, int sz)
for (;;) { for (;;) {
int len = min(sz - sent, OUTPUT_RECORD_SIZE); int len = min(sz - sent, OUTPUT_RECORD_SIZE);
byte* out; byte* out;
byte* sendBuffer = (byte*)buffer + sent; /* may switch on comp */ byte* sendBuffer = (byte*)data + sent; /* may switch on comp */
int buffSz = len; /* may switch on comp */ int buffSz = len; /* may switch on comp */
#ifdef HAVE_LIBZ #ifdef HAVE_LIBZ
byte comp[MAX_RECORD_SIZE + MAX_COMP_EXTRA]; byte comp[MAX_RECORD_SIZE + MAX_COMP_EXTRA];
@@ -2946,254 +2946,254 @@ int SendAlert(SSL* ssl, int severity, int type)
void SetErrorString(int error, char* buffer) void SetErrorString(int error, char* str)
{ {
const int max = MAX_ERROR_SZ; /* shorthand */ const int max = MAX_ERROR_SZ; /* shorthand */
#ifdef NO_ERROR_STRINGS #ifdef NO_ERROR_STRINGS
XSTRNCPY(buffer, "no support for error strings built in", max); XSTRNCPY(str, "no support for error strings built in", max);
#else #else
/* pass to CTaoCrypt */ /* pass to CTaoCrypt */
if (error < MAX_CODE_E && error > MIN_CODE_E) { if (error < MAX_CODE_E && error > MIN_CODE_E) {
CTaoCryptErrorString(error, buffer); CTaoCryptErrorString(error, str);
return; return;
} }
switch (error) { switch (error) {
case UNSUPPORTED_SUITE : case UNSUPPORTED_SUITE :
XSTRNCPY(buffer, "unsupported cipher suite", max); XSTRNCPY(str, "unsupported cipher suite", max);
break; break;
case PREFIX_ERROR : case PREFIX_ERROR :
XSTRNCPY(buffer, "bad index to key rounds", max); XSTRNCPY(str, "bad index to key rounds", max);
break; break;
case MEMORY_ERROR : case MEMORY_ERROR :
XSTRNCPY(buffer, "out of memory", max); XSTRNCPY(str, "out of memory", max);
break; break;
case VERIFY_FINISHED_ERROR : case VERIFY_FINISHED_ERROR :
XSTRNCPY(buffer, "verify problem on finished", max); XSTRNCPY(str, "verify problem on finished", max);
break; break;
case VERIFY_MAC_ERROR : case VERIFY_MAC_ERROR :
XSTRNCPY(buffer, "verify mac problem", max); XSTRNCPY(str, "verify mac problem", max);
break; break;
case PARSE_ERROR : case PARSE_ERROR :
XSTRNCPY(buffer, "parse error on header", max); XSTRNCPY(str, "parse error on header", max);
break; break;
case SIDE_ERROR : case SIDE_ERROR :
XSTRNCPY(buffer, "wrong client/server type", max); XSTRNCPY(str, "wrong client/server type", max);
break; break;
case NO_PEER_CERT : case NO_PEER_CERT :
XSTRNCPY(buffer, "peer didn't send cert", max); XSTRNCPY(str, "peer didn't send cert", max);
break; break;
case UNKNOWN_HANDSHAKE_TYPE : case UNKNOWN_HANDSHAKE_TYPE :
XSTRNCPY(buffer, "weird handshake type", max); XSTRNCPY(str, "weird handshake type", max);
break; break;
case SOCKET_ERROR_E : case SOCKET_ERROR_E :
XSTRNCPY(buffer, "error state on socket", max); XSTRNCPY(str, "error state on socket", max);
break; break;
case SOCKET_NODATA : case SOCKET_NODATA :
XSTRNCPY(buffer, "expected data, not there", max); XSTRNCPY(str, "expected data, not there", max);
break; break;
case INCOMPLETE_DATA : case INCOMPLETE_DATA :
XSTRNCPY(buffer, "don't have enough data to complete task", max); XSTRNCPY(str, "don't have enough data to complete task", max);
break; break;
case UNKNOWN_RECORD_TYPE : case UNKNOWN_RECORD_TYPE :
XSTRNCPY(buffer, "unknown type in record hdr", max); XSTRNCPY(str, "unknown type in record hdr", max);
break; break;
case DECRYPT_ERROR : case DECRYPT_ERROR :
XSTRNCPY(buffer, "error during decryption", max); XSTRNCPY(str, "error during decryption", max);
break; break;
case FATAL_ERROR : case FATAL_ERROR :
XSTRNCPY(buffer, "revcd alert fatal error", max); XSTRNCPY(str, "revcd alert fatal error", max);
break; break;
case ENCRYPT_ERROR : case ENCRYPT_ERROR :
XSTRNCPY(buffer, "error during encryption", max); XSTRNCPY(str, "error during encryption", max);
break; break;
case FREAD_ERROR : case FREAD_ERROR :
XSTRNCPY(buffer, "fread problem", max); XSTRNCPY(str, "fread problem", max);
break; break;
case NO_PEER_KEY : case NO_PEER_KEY :
XSTRNCPY(buffer, "need peer's key", max); XSTRNCPY(str, "need peer's key", max);
break; break;
case NO_PRIVATE_KEY : case NO_PRIVATE_KEY :
XSTRNCPY(buffer, "need the private key", max); XSTRNCPY(str, "need the private key", max);
break; break;
case NO_DH_PARAMS : case NO_DH_PARAMS :
XSTRNCPY(buffer, "server missing DH params", max); XSTRNCPY(str, "server missing DH params", max);
break; break;
case RSA_PRIVATE_ERROR : case RSA_PRIVATE_ERROR :
XSTRNCPY(buffer, "error during rsa priv op", max); XSTRNCPY(str, "error during rsa priv op", max);
break; break;
case MATCH_SUITE_ERROR : case MATCH_SUITE_ERROR :
XSTRNCPY(buffer, "can't match cipher suite", max); XSTRNCPY(str, "can't match cipher suite", max);
break; break;
case BUILD_MSG_ERROR : case BUILD_MSG_ERROR :
XSTRNCPY(buffer, "build message failure", max); XSTRNCPY(str, "build message failure", max);
break; break;
case BAD_HELLO : case BAD_HELLO :
XSTRNCPY(buffer, "client hello malformed", max); XSTRNCPY(str, "client hello malformed", max);
break; break;
case DOMAIN_NAME_MISMATCH : case DOMAIN_NAME_MISMATCH :
XSTRNCPY(buffer, "peer subject name mismatch", max); XSTRNCPY(str, "peer subject name mismatch", max);
break; break;
case WANT_READ : case WANT_READ :
XSTRNCPY(buffer, "non-blocking socket wants data to be read", max); XSTRNCPY(str, "non-blocking socket wants data to be read", max);
break; break;
case NOT_READY_ERROR : case NOT_READY_ERROR :
XSTRNCPY(buffer, "handshake layer not ready yet, complete first", max); XSTRNCPY(str, "handshake layer not ready yet, complete first", max);
break; break;
case PMS_VERSION_ERROR : case PMS_VERSION_ERROR :
XSTRNCPY(buffer, "premaster secret version mismatch error", max); XSTRNCPY(str, "premaster secret version mismatch error", max);
break; break;
case VERSION_ERROR : case VERSION_ERROR :
XSTRNCPY(buffer, "record layer version error", max); XSTRNCPY(str, "record layer version error", max);
break; break;
case WANT_WRITE : case WANT_WRITE :
XSTRNCPY(buffer, "non-blocking socket write buffer full", max); XSTRNCPY(str, "non-blocking socket write buffer full", max);
break; break;
case BUFFER_ERROR : case BUFFER_ERROR :
XSTRNCPY(buffer, "malformed buffer input error", max); XSTRNCPY(str, "malformed buffer input error", max);
break; break;
case VERIFY_CERT_ERROR : case VERIFY_CERT_ERROR :
XSTRNCPY(buffer, "verify problem on certificate", max); XSTRNCPY(str, "verify problem on certificate", max);
break; break;
case VERIFY_SIGN_ERROR : case VERIFY_SIGN_ERROR :
XSTRNCPY(buffer, "verify problem based on signature", max); XSTRNCPY(str, "verify problem based on signature", max);
break; break;
case CLIENT_ID_ERROR : case CLIENT_ID_ERROR :
XSTRNCPY(buffer, "psk client identity error", max); XSTRNCPY(str, "psk client identity error", max);
break; break;
case SERVER_HINT_ERROR: case SERVER_HINT_ERROR:
XSTRNCPY(buffer, "psk server hint error", max); XSTRNCPY(str, "psk server hint error", max);
break; break;
case PSK_KEY_ERROR: case PSK_KEY_ERROR:
XSTRNCPY(buffer, "psk key callback error", max); XSTRNCPY(str, "psk key callback error", max);
break; break;
case NTRU_KEY_ERROR: case NTRU_KEY_ERROR:
XSTRNCPY(buffer, "NTRU key error", max); XSTRNCPY(str, "NTRU key error", max);
break; break;
case NTRU_DRBG_ERROR: case NTRU_DRBG_ERROR:
XSTRNCPY(buffer, "NTRU drbg error", max); XSTRNCPY(str, "NTRU drbg error", max);
break; break;
case NTRU_ENCRYPT_ERROR: case NTRU_ENCRYPT_ERROR:
XSTRNCPY(buffer, "NTRU encrypt error", max); XSTRNCPY(str, "NTRU encrypt error", max);
break; break;
case NTRU_DECRYPT_ERROR: case NTRU_DECRYPT_ERROR:
XSTRNCPY(buffer, "NTRU decrypt error", max); XSTRNCPY(str, "NTRU decrypt error", max);
break; break;
case ZLIB_INIT_ERROR: case ZLIB_INIT_ERROR:
XSTRNCPY(buffer, "zlib init error", max); XSTRNCPY(str, "zlib init error", max);
break; break;
case ZLIB_COMPRESS_ERROR: case ZLIB_COMPRESS_ERROR:
XSTRNCPY(buffer, "zlib compress error", max); XSTRNCPY(str, "zlib compress error", max);
break; break;
case ZLIB_DECOMPRESS_ERROR: case ZLIB_DECOMPRESS_ERROR:
XSTRNCPY(buffer, "zlib decompress error", max); XSTRNCPY(str, "zlib decompress error", max);
break; break;
case GETTIME_ERROR: case GETTIME_ERROR:
XSTRNCPY(buffer, "gettimeofday() error", max); XSTRNCPY(str, "gettimeofday() error", max);
break; break;
case GETITIMER_ERROR: case GETITIMER_ERROR:
XSTRNCPY(buffer, "getitimer() error", max); XSTRNCPY(str, "getitimer() error", max);
break; break;
case SIGACT_ERROR: case SIGACT_ERROR:
XSTRNCPY(buffer, "sigaction() error", max); XSTRNCPY(str, "sigaction() error", max);
break; break;
case SETITIMER_ERROR: case SETITIMER_ERROR:
XSTRNCPY(buffer, "setitimer() error", max); XSTRNCPY(str, "setitimer() error", max);
break; break;
case LENGTH_ERROR: case LENGTH_ERROR:
XSTRNCPY(buffer, "record layer length error", max); XSTRNCPY(str, "record layer length error", max);
break; break;
case PEER_KEY_ERROR: case PEER_KEY_ERROR:
XSTRNCPY(buffer, "cant decode peer key", max); XSTRNCPY(str, "cant decode peer key", max);
break; break;
case ZERO_RETURN: case ZERO_RETURN:
XSTRNCPY(buffer, "peer sent close notify alert", max); XSTRNCPY(str, "peer sent close notify alert", max);
break; break;
case ECC_CURVETYPE_ERROR: case ECC_CURVETYPE_ERROR:
XSTRNCPY(buffer, "Bad ECC Curve Type or unsupported", max); XSTRNCPY(str, "Bad ECC Curve Type or unsupported", max);
break; break;
case ECC_CURVE_ERROR: case ECC_CURVE_ERROR:
XSTRNCPY(buffer, "Bad ECC Curve or unsupported", max); XSTRNCPY(str, "Bad ECC Curve or unsupported", max);
break; break;
case ECC_PEERKEY_ERROR: case ECC_PEERKEY_ERROR:
XSTRNCPY(buffer, "Bad ECC Peer Key", max); XSTRNCPY(str, "Bad ECC Peer Key", max);
break; break;
case ECC_MAKEKEY_ERROR: case ECC_MAKEKEY_ERROR:
XSTRNCPY(buffer, "ECC Make Key failure", max); XSTRNCPY(str, "ECC Make Key failure", max);
break; break;
case ECC_EXPORT_ERROR: case ECC_EXPORT_ERROR:
XSTRNCPY(buffer, "ECC Export Key failure", max); XSTRNCPY(str, "ECC Export Key failure", max);
break; break;
case ECC_SHARED_ERROR: case ECC_SHARED_ERROR:
XSTRNCPY(buffer, "ECC DHE shared failure", max); XSTRNCPY(str, "ECC DHE shared failure", max);
break; break;
case BAD_MUTEX_ERROR: case BAD_MUTEX_ERROR:
XSTRNCPY(buffer, "Bad mutex, operation failed", max); XSTRNCPY(str, "Bad mutex, operation failed", max);
break; break;
default : default :
XSTRNCPY(buffer, "unknown error number", max); XSTRNCPY(str, "unknown error number", max);
} }
#endif /* NO_ERROR_STRINGS */ #endif /* NO_ERROR_STRINGS */
@@ -4065,15 +4065,15 @@ int SetCipherList(SSL_CTX* ctx, const char* list)
byte encodedSig[MAX_ENCODED_SIG_SZ]; byte encodedSig[MAX_ENCODED_SIG_SZ];
word32 encSigSz; word32 encSigSz;
byte* digest; byte* digest;
int hashType; int typeH;
int digestSz; int digestSz;
/* sha1 for now */ /* sha1 for now */
digest = &hash[MD5_DIGEST_SIZE]; digest = &hash[MD5_DIGEST_SIZE];
hashType = SHAh; typeH = SHAh;
digestSz = SHA_DIGEST_SIZE; digestSz = SHA_DIGEST_SIZE;
encSigSz = EncodeSignature(encodedSig,digest,digestSz,hashType); encSigSz = EncodeSignature(encodedSig, digest, digestSz, typeH);
if (encSigSz != (word32)ret || XMEMCMP(out, encodedSig, if (encSigSz != (word32)ret || XMEMCMP(out, encodedSig,
encSigSz) != 0) encSigSz) != 0)
@@ -4360,15 +4360,15 @@ int SetCipherList(SSL_CTX* ctx, const char* list)
if (IsAtLeastTLSv1_2(ssl)) { if (IsAtLeastTLSv1_2(ssl)) {
byte* digest; byte* digest;
int hashType; int typeH;
int digestSz; int digestSz;
/* sha1 for now */ /* sha1 for now */
digest = ssl->certHashes.sha; digest = ssl->certHashes.sha;
hashType = SHAh; typeH = SHAh;
digestSz = SHA_DIGEST_SIZE; digestSz = SHA_DIGEST_SIZE;
signSz = EncodeSignature(encodedSig, digest, digestSz,hashType); signSz = EncodeSignature(encodedSig, digest, digestSz, typeH);
signBuffer = encodedSig; signBuffer = encodedSig;
} }
@@ -4905,16 +4905,16 @@ int SetCipherList(SSL_CTX* ctx, const char* list)
byte encodedSig[MAX_ENCODED_SIG_SZ]; byte encodedSig[MAX_ENCODED_SIG_SZ];
if (IsAtLeastTLSv1_2(ssl)) { if (IsAtLeastTLSv1_2(ssl)) {
byte* digest; byte* digest;
int hashType; int typeH;
int digestSz; int digestSz;
/* sha1 for now */ /* sha1 for now */
digest = &hash[MD5_DIGEST_SIZE]; digest = &hash[MD5_DIGEST_SIZE];
hashType = SHAh; typeH = SHAh;
digestSz = SHA_DIGEST_SIZE; digestSz = SHA_DIGEST_SIZE;
signSz = EncodeSignature(encodedSig, digest, digestSz, signSz = EncodeSignature(encodedSig, digest, digestSz,
hashType); typeH);
signBuffer = encodedSig; signBuffer = encodedSig;
} }
ret = RsaSSL_Sign(signBuffer, signSz, output + idx, sigSz, ret = RsaSSL_Sign(signBuffer, signSz, output + idx, sigSz,
@@ -5308,15 +5308,15 @@ int SetCipherList(SSL_CTX* ctx, const char* list)
byte encodedSig[MAX_ENCODED_SIG_SZ]; byte encodedSig[MAX_ENCODED_SIG_SZ];
word32 sigSz; word32 sigSz;
byte* digest; byte* digest;
int hashType; int typeH;
int digestSz; int digestSz;
/* sha1 for now */ /* sha1 for now */
digest = ssl->certHashes.sha; digest = ssl->certHashes.sha;
hashType = SHAh; typeH = SHAh;
digestSz = SHA_DIGEST_SIZE; digestSz = SHA_DIGEST_SIZE;
sigSz = EncodeSignature(encodedSig, digest, digestSz, hashType); sigSz = EncodeSignature(encodedSig, digest, digestSz, typeH);
if (outLen == (int)sigSz && XMEMCMP(out, encodedSig,sigSz) == 0) if (outLen == (int)sigSz && XMEMCMP(out, encodedSig,sigSz) == 0)
ret = 0; ret = 0;

48
src/keys.c
View File

@@ -512,9 +512,9 @@ enum KeyStuff {
/* true or false, zero for error */ /* true or false, zero for error */
static int SetPrefix(byte* sha_input, int index) static int SetPrefix(byte* sha_input, int idx)
{ {
switch (index) { switch (idx) {
case 0: case 0:
XMEMCPY(sha_input, "A", 1); XMEMCPY(sha_input, "A", 1);
break; break;
@@ -544,19 +544,19 @@ static int SetPrefix(byte* sha_input, int index)
} }
static int SetKeys(Ciphers* encrypt, Ciphers* decrypt, Keys* keys, static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
CipherSpecs* specs, byte side) byte side)
{ {
#ifdef BUILD_ARC4 #ifdef BUILD_ARC4
word32 sz = specs->key_size; word32 sz = specs->key_size;
if (specs->bulk_cipher_algorithm == rc4) { if (specs->bulk_cipher_algorithm == rc4) {
if (side == CLIENT_END) { if (side == CLIENT_END) {
Arc4SetKey(&encrypt->arc4, keys->client_write_key, sz); Arc4SetKey(&enc->arc4, keys->client_write_key, sz);
Arc4SetKey(&decrypt->arc4, keys->server_write_key, sz); Arc4SetKey(&dec->arc4, keys->server_write_key, sz);
} }
else { else {
Arc4SetKey(&encrypt->arc4, keys->server_write_key, sz); Arc4SetKey(&enc->arc4, keys->server_write_key, sz);
Arc4SetKey(&decrypt->arc4, keys->client_write_key, sz); Arc4SetKey(&dec->arc4, keys->client_write_key, sz);
} }
} }
#endif #endif
@@ -564,15 +564,15 @@ static int SetKeys(Ciphers* encrypt, Ciphers* decrypt, Keys* keys,
#ifdef BUILD_HC128 #ifdef BUILD_HC128
if (specs->bulk_cipher_algorithm == hc128) { if (specs->bulk_cipher_algorithm == hc128) {
if (side == CLIENT_END) { if (side == CLIENT_END) {
Hc128_SetKey(&encrypt->hc128, keys->client_write_key, Hc128_SetKey(&enc->hc128, keys->client_write_key,
keys->client_write_IV); keys->client_write_IV);
Hc128_SetKey(&decrypt->hc128, keys->server_write_key, Hc128_SetKey(&dec->hc128, keys->server_write_key,
keys->server_write_IV); keys->server_write_IV);
} }
else { else {
Hc128_SetKey(&encrypt->hc128, keys->server_write_key, Hc128_SetKey(&enc->hc128, keys->server_write_key,
keys->server_write_IV); keys->server_write_IV);
Hc128_SetKey(&decrypt->hc128, keys->client_write_key, Hc128_SetKey(&dec->hc128, keys->client_write_key,
keys->client_write_IV); keys->client_write_IV);
} }
} }
@@ -581,15 +581,15 @@ static int SetKeys(Ciphers* encrypt, Ciphers* decrypt, Keys* keys,
#ifdef BUILD_RABBIT #ifdef BUILD_RABBIT
if (specs->bulk_cipher_algorithm == rabbit) { if (specs->bulk_cipher_algorithm == rabbit) {
if (side == CLIENT_END) { if (side == CLIENT_END) {
RabbitSetKey(&encrypt->rabbit, keys->client_write_key, RabbitSetKey(&enc->rabbit, keys->client_write_key,
keys->client_write_IV); keys->client_write_IV);
RabbitSetKey(&decrypt->rabbit, keys->server_write_key, RabbitSetKey(&dec->rabbit, keys->server_write_key,
keys->server_write_IV); keys->server_write_IV);
} }
else { else {
RabbitSetKey(&encrypt->rabbit, keys->server_write_key, RabbitSetKey(&enc->rabbit, keys->server_write_key,
keys->server_write_IV); keys->server_write_IV);
RabbitSetKey(&decrypt->rabbit, keys->client_write_key, RabbitSetKey(&dec->rabbit, keys->client_write_key,
keys->client_write_IV); keys->client_write_IV);
} }
} }
@@ -598,15 +598,15 @@ static int SetKeys(Ciphers* encrypt, Ciphers* decrypt, Keys* keys,
#ifdef BUILD_DES3 #ifdef BUILD_DES3
if (specs->bulk_cipher_algorithm == triple_des) { if (specs->bulk_cipher_algorithm == triple_des) {
if (side == CLIENT_END) { if (side == CLIENT_END) {
Des3_SetKey(&encrypt->des3, keys->client_write_key, Des3_SetKey(&enc->des3, keys->client_write_key,
keys->client_write_IV, DES_ENCRYPTION); keys->client_write_IV, DES_ENCRYPTION);
Des3_SetKey(&decrypt->des3, keys->server_write_key, Des3_SetKey(&dec->des3, keys->server_write_key,
keys->server_write_IV, DES_DECRYPTION); keys->server_write_IV, DES_DECRYPTION);
} }
else { else {
Des3_SetKey(&encrypt->des3, keys->server_write_key, Des3_SetKey(&enc->des3, keys->server_write_key,
keys->server_write_IV, DES_ENCRYPTION); keys->server_write_IV, DES_ENCRYPTION);
Des3_SetKey(&decrypt->des3, keys->client_write_key, Des3_SetKey(&dec->des3, keys->client_write_key,
keys->client_write_IV, DES_DECRYPTION); keys->client_write_IV, DES_DECRYPTION);
} }
} }
@@ -615,18 +615,18 @@ static int SetKeys(Ciphers* encrypt, Ciphers* decrypt, Keys* keys,
#ifdef BUILD_AES #ifdef BUILD_AES
if (specs->bulk_cipher_algorithm == aes) { if (specs->bulk_cipher_algorithm == aes) {
if (side == CLIENT_END) { if (side == CLIENT_END) {
AesSetKey(&encrypt->aes, keys->client_write_key, AesSetKey(&enc->aes, keys->client_write_key,
specs->key_size, keys->client_write_IV, specs->key_size, keys->client_write_IV,
AES_ENCRYPTION); AES_ENCRYPTION);
AesSetKey(&decrypt->aes, keys->server_write_key, AesSetKey(&dec->aes, keys->server_write_key,
specs->key_size, keys->server_write_IV, specs->key_size, keys->server_write_IV,
AES_DECRYPTION); AES_DECRYPTION);
} }
else { else {
AesSetKey(&encrypt->aes, keys->server_write_key, AesSetKey(&enc->aes, keys->server_write_key,
specs->key_size, keys->server_write_IV, specs->key_size, keys->server_write_IV,
AES_ENCRYPTION); AES_ENCRYPTION);
AesSetKey(&decrypt->aes, keys->client_write_key, AesSetKey(&dec->aes, keys->client_write_key,
specs->key_size, keys->client_write_IV, specs->key_size, keys->client_write_IV,
AES_DECRYPTION); AES_DECRYPTION);
} }

72
src/sniffer.c
View File

@@ -197,9 +197,9 @@ static const char* const msgTable[] =
/* *nix version uses table above */ /* *nix version uses table above */
static void GetError(int idx, char* buffer) static void GetError(int idx, char* str)
{ {
XSTRNCPY(buffer, msgTable[idx - 1], MAX_ERROR_LEN); XSTRNCPY(str, msgTable[idx - 1], MAX_ERROR_LEN);
} }
@@ -301,35 +301,35 @@ void ssl_InitSniffer(void)
/* Free Sniffer Server's resources/self */ /* Free Sniffer Server's resources/self */
static void FreeSnifferServer(SnifferServer* server) static void FreeSnifferServer(SnifferServer* srv)
{ {
if (server) if (srv)
SSL_CTX_free(server->ctx); SSL_CTX_free(srv->ctx);
free(server); free(srv);
} }
/* free PacketBuffer's resources/self */ /* free PacketBuffer's resources/self */
static void FreePacketBuffer(PacketBuffer* remove) static void FreePacketBuffer(PacketBuffer* del)
{ {
if (remove) { if (del) {
free(remove->data); free(del->data);
free(remove); free(del);
} }
} }
/* remove PacketBuffer List */ /* remove PacketBuffer List */
static void FreePacketList(PacketBuffer* buffer) static void FreePacketList(PacketBuffer* in)
{ {
if (buffer) { if (in) {
PacketBuffer* remove; PacketBuffer* del;
PacketBuffer* packet = buffer; PacketBuffer* packet = in;
while (packet) { while (packet) {
remove = packet; del = packet;
packet = packet->next; packet = packet->next;
FreePacketBuffer(remove); FreePacketBuffer(del);
} }
} }
} }
@@ -352,7 +352,7 @@ static void FreeSnifferSession(SnifferSession* session)
/* Free overall Sniffer */ /* Free overall Sniffer */
void ssl_FreeSniffer(void) void ssl_FreeSniffer(void)
{ {
SnifferServer* server; SnifferServer* srv;
SnifferServer* removeServer; SnifferServer* removeServer;
SnifferSession* session; SnifferSession* session;
SnifferSession* removeSession; SnifferSession* removeSession;
@@ -361,10 +361,10 @@ void ssl_FreeSniffer(void)
LockMutex(&ServerListMutex); LockMutex(&ServerListMutex);
LockMutex(&SessionMutex); LockMutex(&SessionMutex);
server = ServerList; srv = ServerList;
while (server) { while (srv) {
removeServer = server; removeServer = srv;
server = server->next; srv = srv->next;
FreeSnifferServer(removeServer); FreeSnifferServer(removeServer);
} }
@@ -540,11 +540,11 @@ typedef struct TcpHdr {
static void Trace(int idx) static void Trace(int idx)
{ {
if (TraceOn) { if (TraceOn) {
char buffer[MAX_ERROR_LEN]; char myBuffer[MAX_ERROR_LEN];
GetError(idx, buffer); GetError(idx, myBuffer);
fprintf(TraceFile, "\t%s\n", buffer); fprintf(TraceFile, "\t%s\n", myBuffer);
#ifdef DEBUG_SNIFFER #ifdef DEBUG_SNIFFER
fprintf(stderr, "\t%s\n", buffer); fprintf(stderr, "\t%s\n", myBuffer);
#endif #endif
} }
} }
@@ -561,12 +561,12 @@ static void TraceHeader(void)
/* Show Set Server info for Trace */ /* Show Set Server info for Trace */
static void TraceSetServer(const char* server, int port, const char* keyFile) static void TraceSetServer(const char* srv, int port, const char* keyFile)
{ {
if (TraceOn) { if (TraceOn) {
fprintf(TraceFile, "\tTrying to install a new Sniffer Server with\n"); fprintf(TraceFile, "\tTrying to install a new Sniffer Server with\n");
fprintf(TraceFile, "\tserver: %s, port: %d, keyFile: %s\n", server, fprintf(TraceFile, "\tserver: %s, port: %d, keyFile: %s\n", srv, port,
port, keyFile); keyFile);
} }
} }
@@ -851,10 +851,10 @@ static SnifferSession* GetSnifferSession(IpInfo* ipInfo, TcpInfo* tcpInfo)
/* Sets the private key for a specific server and port */ /* Sets the private key for a specific server and port */
/* returns 0 on success, -1 on error */ /* returns 0 on success, -1 on error */
int ssl_SetPrivateKey(const char* serverAddress, int port, const char* keyFile, int ssl_SetPrivateKey(const char* serverAddress, int port, const char* keyFile,
int keyType, const char* password, char* error) int typeKey, const char* password, char* error)
{ {
int ret; int ret;
int type = (keyType == FILETYPE_PEM) ? SSL_FILETYPE_PEM : int type = (typeKey == FILETYPE_PEM) ? SSL_FILETYPE_PEM :
SSL_FILETYPE_ASN1; SSL_FILETYPE_ASN1;
SnifferServer* sniffer; SnifferServer* sniffer;
@@ -1952,7 +1952,7 @@ static int HaveMoreInput(SnifferSession* session, const byte** sslFrame,
word32* length = (session->flags.side == SERVER_END) ? word32* length = (session->flags.side == SERVER_END) ?
&session->sslServer->buffers.inputBuffer.length : &session->sslServer->buffers.inputBuffer.length :
&session->sslClient->buffers.inputBuffer.length; &session->sslClient->buffers.inputBuffer.length;
byte* buffer = (session->flags.side == SERVER_END) ? byte* myBuffer = (session->flags.side == SERVER_END) ?
session->sslServer->buffers.inputBuffer.buffer : session->sslServer->buffers.inputBuffer.buffer :
session->sslClient->buffers.inputBuffer.buffer; session->sslClient->buffers.inputBuffer.buffer;
@@ -1961,15 +1961,15 @@ static int HaveMoreInput(SnifferSession* session, const byte** sslFrame,
word32 packetLen = (*front)->end - (*front)->begin + 1; word32 packetLen = (*front)->end - (*front)->begin + 1;
if (packetLen <= room) { if (packetLen <= room) {
PacketBuffer* remove = *front; PacketBuffer* del = *front;
XMEMCPY(&buffer[*length], (*front)->data, packetLen); XMEMCPY(&myBuffer[*length], (*front)->data, packetLen);
*length += packetLen; *length += packetLen;
*expected += packetLen; *expected += packetLen;
/* remove used packet */ /* remove used packet */
*front = (*front)->next; *front = (*front)->next;
FreePacketBuffer(remove); FreePacketBuffer(del);
moreInput = 1; moreInput = 1;
} }
@@ -1977,9 +1977,9 @@ static int HaveMoreInput(SnifferSession* session, const byte** sslFrame,
break; break;
} }
if (moreInput) { if (moreInput) {
*sslFrame = buffer; *sslFrame = myBuffer;
*sslBytes = *length; *sslBytes = *length;
*end = buffer + *length; *end = myBuffer + *length;
} }
return moreInput; return moreInput;
} }

184
src/ssl.c
View File

@@ -198,7 +198,7 @@ int CyaSSL_SetTmpDH(SSL* ssl, unsigned char* p,int pSz,unsigned char* g,int gSz)
} }
int SSL_write(SSL* ssl, const void* buffer, int sz) int SSL_write(SSL* ssl, const void* data, int sz)
{ {
int ret; int ret;
@@ -208,7 +208,7 @@ int SSL_write(SSL* ssl, const void* buffer, int sz)
errno = 0; errno = 0;
#endif #endif
ret = SendData(ssl, buffer, sz); ret = SendData(ssl, data, sz);
CYASSL_LEAVE("SSL_write()", ret); CYASSL_LEAVE("SSL_write()", ret);
@@ -219,7 +219,7 @@ int SSL_write(SSL* ssl, const void* buffer, int sz)
} }
int SSL_read(SSL* ssl, void* buffer, int sz) int SSL_read(SSL* ssl, void* data, int sz)
{ {
int ret; int ret;
@@ -229,7 +229,7 @@ int SSL_read(SSL* ssl, void* buffer, int sz)
errno = 0; errno = 0;
#endif #endif
ret = ReceiveData(ssl, (byte*)buffer, min(sz, OUTPUT_RECORD_SIZE)); ret = ReceiveData(ssl, (byte*)data, min(sz, OUTPUT_RECORD_SIZE));
CYASSL_LEAVE("SSL_read()", ret); CYASSL_LEAVE("SSL_read()", ret);
@@ -305,14 +305,14 @@ int SSL_want_write(SSL* ssl)
} }
char* ERR_error_string(unsigned long errNumber, char* buffer) char* ERR_error_string(unsigned long errNumber, char* data)
{ {
static const char* msg = "Please supply a buffer for error string"; static const char* msg = "Please supply a buffer for error string";
CYASSL_ENTER("ERR_error_string"); CYASSL_ENTER("ERR_error_string");
if (buffer) { if (data) {
SetErrorString(errNumber, buffer); SetErrorString(errNumber, data);
return buffer; return data;
} }
return (char*)msg; return (char*)msg;
@@ -330,11 +330,11 @@ void ERR_error_string_n(unsigned long e, char* buf, unsigned long len)
void ERR_print_errors_fp(FILE* fp, int err) void ERR_print_errors_fp(FILE* fp, int err)
{ {
char buffer[MAX_ERROR_SZ + 1]; char data[MAX_ERROR_SZ + 1];
CYASSL_ENTER("ERR_print_errors_fp"); CYASSL_ENTER("ERR_print_errors_fp");
SetErrorString(err, buffer); SetErrorString(err, data);
fprintf(fp, "%s", buffer); fprintf(fp, "%s", data);
} }
#endif #endif
@@ -786,29 +786,29 @@ int AddCA(SSL_CTX* ctx, buffer der)
} }
if (XSTRNCMP(info.name, "DES-CBC", 7) == 0) { if (XSTRNCMP(info.name, "DES-CBC", 7) == 0) {
Des des; Des enc;
Des_SetKey(&des, key, info.iv, DES_DECRYPTION); Des_SetKey(&enc, key, info.iv, DES_DECRYPTION);
Des_CbcDecrypt(&des, der.buffer, der.buffer, der.length); Des_CbcDecrypt(&enc, der.buffer, der.buffer, der.length);
} }
else if (XSTRNCMP(info.name, "DES-EDE3-CBC", 13) == 0) { else if (XSTRNCMP(info.name, "DES-EDE3-CBC", 13) == 0) {
Des3 des; Des3 enc;
Des3_SetKey(&des, key, info.iv, DES_DECRYPTION); Des3_SetKey(&enc, key, info.iv, DES_DECRYPTION);
Des3_CbcDecrypt(&des, der.buffer, der.buffer, der.length); Des3_CbcDecrypt(&enc, der.buffer, der.buffer, der.length);
} }
else if (XSTRNCMP(info.name, "AES-128-CBC", 13) == 0) { else if (XSTRNCMP(info.name, "AES-128-CBC", 13) == 0) {
Aes aes; Aes enc;
AesSetKey(&aes, key, AES_128_KEY_SIZE, info.iv, AES_DECRYPTION); AesSetKey(&enc, key, AES_128_KEY_SIZE, info.iv, AES_DECRYPTION);
AesCbcDecrypt(&aes, der.buffer, der.buffer, der.length); AesCbcDecrypt(&enc, der.buffer, der.buffer, der.length);
} }
else if (XSTRNCMP(info.name, "AES-192-CBC", 13) == 0) { else if (XSTRNCMP(info.name, "AES-192-CBC", 13) == 0) {
Aes aes; Aes enc;
AesSetKey(&aes, key, AES_192_KEY_SIZE, info.iv, AES_DECRYPTION); AesSetKey(&enc, key, AES_192_KEY_SIZE, info.iv, AES_DECRYPTION);
AesCbcDecrypt(&aes, der.buffer, der.buffer, der.length); AesCbcDecrypt(&enc, der.buffer, der.buffer, der.length);
} }
else if (XSTRNCMP(info.name, "AES-256-CBC", 13) == 0) { else if (XSTRNCMP(info.name, "AES-256-CBC", 13) == 0) {
Aes aes; Aes enc;
AesSetKey(&aes, key, AES_256_KEY_SIZE, info.iv, AES_DECRYPTION); AesSetKey(&enc, key, AES_256_KEY_SIZE, info.iv, AES_DECRYPTION);
AesCbcDecrypt(&aes, der.buffer, der.buffer, der.length); AesCbcDecrypt(&enc, der.buffer, der.buffer, der.length);
} }
else { else {
XFREE(der.buffer, ctx->heap, dynamicType); XFREE(der.buffer, ctx->heap, dynamicType);
@@ -952,7 +952,7 @@ static int ProcessFile(SSL_CTX* ctx, const char* fname, int format, int type,
SSL* ssl, int userChain) SSL* ssl, int userChain)
{ {
byte staticBuffer[FILE_BUFFER_SIZE]; byte staticBuffer[FILE_BUFFER_SIZE];
byte* buffer = staticBuffer; byte* myBuffer = staticBuffer;
int dynamic = 0; int dynamic = 0;
int ret; int ret;
long sz = 0; long sz = 0;
@@ -965,26 +965,26 @@ static int ProcessFile(SSL_CTX* ctx, const char* fname, int format, int type,
if (sz > (long)sizeof(staticBuffer)) { if (sz > (long)sizeof(staticBuffer)) {
CYASSL_MSG("Getting dynamic buffer"); CYASSL_MSG("Getting dynamic buffer");
buffer = (byte*) XMALLOC(sz, ctx->heap, DYNAMIC_TYPE_FILE); myBuffer = (byte*) XMALLOC(sz, ctx->heap, DYNAMIC_TYPE_FILE);
if (buffer == NULL) { if (myBuffer == NULL) {
XFCLOSE(file); XFCLOSE(file);
return SSL_BAD_FILE; return SSL_BAD_FILE;
} }
dynamic = 1; dynamic = 1;
} }
if ( (ret = XFREAD(buffer, sz, 1, file)) < 0) if ( (ret = XFREAD(myBuffer, sz, 1, file)) < 0)
ret = SSL_BAD_FILE; ret = SSL_BAD_FILE;
else { else {
if (type == CA_TYPE && format == SSL_FILETYPE_PEM) if (type == CA_TYPE && format == SSL_FILETYPE_PEM)
ret = ProcessChainBuffer(ctx, buffer, sz, format, type, ssl); ret = ProcessChainBuffer(ctx, myBuffer, sz, format, type, ssl);
else else
ret = ProcessBuffer(ctx, buffer, sz, format, type, ssl, NULL, ret = ProcessBuffer(ctx, myBuffer, sz, format, type, ssl, NULL,
userChain); userChain);
} }
XFCLOSE(file); XFCLOSE(file);
if (dynamic) XFREE(buffer, ctx->heap, DYNAMIC_TYPE_FILE); if (dynamic) XFREE(myBuffer, ctx->heap, DYNAMIC_TYPE_FILE);
return ret; return ret;
} }
@@ -1934,7 +1934,7 @@ int CyaSSL_set_compression(SSL* ssl)
int CyaSSL_writev(SSL* ssl, const struct iovec* iov, int iovcnt) int CyaSSL_writev(SSL* ssl, const struct iovec* iov, int iovcnt)
{ {
byte tmp[OUTPUT_RECORD_SIZE]; byte tmp[OUTPUT_RECORD_SIZE];
byte* buffer = tmp; byte* myBuffer = tmp;
int send = 0; int send = 0;
int newBuffer = 0; int newBuffer = 0;
int idx = 0; int idx = 0;
@@ -1951,18 +1951,18 @@ int CyaSSL_set_compression(SSL* ssl)
DYNAMIC_TYPE_WRITEV); DYNAMIC_TYPE_WRITEV);
if (!tmp2) if (!tmp2)
return MEMORY_ERROR; return MEMORY_ERROR;
buffer = tmp2; myBuffer = tmp2;
newBuffer = 1; newBuffer = 1;
} }
for (i = 0; i < iovcnt; i++) { for (i = 0; i < iovcnt; i++) {
XMEMCPY(&buffer[idx], iov[i].iov_base, iov[i].iov_len); XMEMCPY(&myBuffer[idx], iov[i].iov_base, iov[i].iov_len);
idx += iov[i].iov_len; idx += iov[i].iov_len;
} }
ret = SSL_write(ssl, buffer, send); ret = SSL_write(ssl, myBuffer, send);
if (newBuffer) XFREE(buffer, ssl->heap, DYNAMIC_TYPE_WRITEV); if (newBuffer) XFREE(myBuffer, ssl->heap, DYNAMIC_TYPE_WRITEV);
return ret; return ret;
} }
@@ -2231,63 +2231,63 @@ int CyaSSL_set_compression(SSL* ssl)
/* used to be defined on NO_FILESYSTEM only, but are generally useful */ /* used to be defined on NO_FILESYSTEM only, but are generally useful */
/* CyaSSL extension allows DER files to be loaded from buffers as well */ /* CyaSSL extension allows DER files to be loaded from buffers as well */
int CyaSSL_CTX_load_verify_buffer(SSL_CTX* ctx, const unsigned char* buffer, int CyaSSL_CTX_load_verify_buffer(SSL_CTX* ctx, const unsigned char* in,
long sz, int format) long sz, int format)
{ {
CYASSL_ENTER("CyaSSL_CTX_load_verify_buffer"); CYASSL_ENTER("CyaSSL_CTX_load_verify_buffer");
if (format == SSL_FILETYPE_PEM) if (format == SSL_FILETYPE_PEM)
return ProcessChainBuffer(ctx, buffer, sz, format, CA_TYPE, NULL); return ProcessChainBuffer(ctx, in, sz, format, CA_TYPE, NULL);
else else
return ProcessBuffer(ctx, buffer, sz, format, CA_TYPE, NULL,NULL,0); return ProcessBuffer(ctx, in, sz, format, CA_TYPE, NULL,NULL,0);
} }
int CyaSSL_CTX_use_certificate_buffer(SSL_CTX* ctx, int CyaSSL_CTX_use_certificate_buffer(SSL_CTX* ctx,
const unsigned char* buffer,long sz,int format) const unsigned char* in, long sz, int format)
{ {
CYASSL_ENTER("CyaSSL_CTX_use_certificate_buffer"); CYASSL_ENTER("CyaSSL_CTX_use_certificate_buffer");
return ProcessBuffer(ctx, buffer, sz, format, CERT_TYPE, NULL, NULL, 0); return ProcessBuffer(ctx, in, sz, format, CERT_TYPE, NULL, NULL, 0);
} }
int CyaSSL_CTX_use_PrivateKey_buffer(SSL_CTX* ctx, int CyaSSL_CTX_use_PrivateKey_buffer(SSL_CTX* ctx,
const unsigned char* buffer,long sz,int format) const unsigned char* in, long sz, int format)
{ {
CYASSL_ENTER("CyaSSL_CTX_use_PrivateKey_buffer"); CYASSL_ENTER("CyaSSL_CTX_use_PrivateKey_buffer");
return ProcessBuffer(ctx, buffer,sz,format,PRIVATEKEY_TYPE,NULL,NULL,0); return ProcessBuffer(ctx, in, sz, format, PRIVATEKEY_TYPE, NULL,NULL,0);
} }
int CyaSSL_CTX_use_certificate_chain_buffer(SSL_CTX* ctx, int CyaSSL_CTX_use_certificate_chain_buffer(SSL_CTX* ctx,
const unsigned char* buffer, long sz) const unsigned char* in, long sz)
{ {
CYASSL_ENTER("CyaSSL_CTX_use_certificate_chain_buffer"); CYASSL_ENTER("CyaSSL_CTX_use_certificate_chain_buffer");
return ProcessBuffer(ctx, buffer, sz, SSL_FILETYPE_PEM, CERT_TYPE, NULL, return ProcessBuffer(ctx, in, sz, SSL_FILETYPE_PEM, CERT_TYPE, NULL,
NULL, 1); NULL, 1);
} }
int CyaSSL_use_certificate_buffer(SSL* ssl, int CyaSSL_use_certificate_buffer(SSL* ssl,
const unsigned char* buffer,long sz,int format) const unsigned char* in, long sz, int format)
{ {
CYASSL_ENTER("CyaSSL_use_certificate_buffer"); CYASSL_ENTER("CyaSSL_use_certificate_buffer");
return ProcessBuffer(ssl->ctx, buffer, sz, format,CERT_TYPE,ssl,NULL,0); return ProcessBuffer(ssl->ctx, in, sz, format,CERT_TYPE,ssl,NULL,0);
} }
int CyaSSL_use_PrivateKey_buffer(SSL* ssl, int CyaSSL_use_PrivateKey_buffer(SSL* ssl,
const unsigned char* buffer,long sz,int format) const unsigned char* in, long sz, int format)
{ {
CYASSL_ENTER("CyaSSL_use_PrivateKey_buffer"); CYASSL_ENTER("CyaSSL_use_PrivateKey_buffer");
return ProcessBuffer(ssl->ctx, buffer, sz, format, PRIVATEKEY_TYPE, return ProcessBuffer(ssl->ctx, in, sz, format, PRIVATEKEY_TYPE,
ssl, NULL, 0); ssl, NULL, 0);
} }
int CyaSSL_use_certificate_chain_buffer(SSL* ssl, int CyaSSL_use_certificate_chain_buffer(SSL* ssl,
const unsigned char* buffer, long sz) const unsigned char* in, long sz)
{ {
CYASSL_ENTER("CyaSSL_use_certificate_chain_buffer"); CYASSL_ENTER("CyaSSL_use_certificate_chain_buffer");
return ProcessBuffer(ssl->ctx, buffer, sz, SSL_FILETYPE_PEM, CERT_TYPE, return ProcessBuffer(ssl->ctx, in, sz, SSL_FILETYPE_PEM, CERT_TYPE,
ssl, NULL, 1); ssl, NULL, 1);
} }
@@ -2468,28 +2468,28 @@ int CyaSSL_set_compression(SSL* ssl)
} }
/* copy name into buffer, at most sz bytes, if buffer is null will /* copy name into in buffer, at most sz bytes, if buffer is null will
malloc buffer, call responsible for freeing */ malloc buffer, call responsible for freeing */
char* X509_NAME_oneline(X509_NAME* name, char* buffer, int sz) char* X509_NAME_oneline(X509_NAME* name, char* in, int sz)
{ {
int copySz = min(sz, name->sz); int copySz = min(sz, name->sz);
CYASSL_ENTER("X509_NAME_oneline"); CYASSL_ENTER("X509_NAME_oneline");
if (!name->sz) return buffer; if (!name->sz) return in;
if (!buffer) { if (!in) {
buffer = (char*)XMALLOC(name->sz, 0, DYNAMIC_TYPE_OPENSSL); in = (char*)XMALLOC(name->sz, 0, DYNAMIC_TYPE_OPENSSL);
if (!buffer) return buffer; if (!in ) return in;
copySz = name->sz; copySz = name->sz;
} }
if (copySz == 0) if (copySz == 0)
return buffer; return in;
XMEMCPY(buffer, name->name, copySz - 1); XMEMCPY(in, name->name, copySz - 1);
buffer[copySz - 1] = 0; in[copySz - 1] = 0;
return buffer; return in;
} }
@@ -2545,14 +2545,14 @@ int CyaSSL_set_compression(SSL* ssl)
} }
BIO* BIO_new_socket(int sfd, int close) BIO* BIO_new_socket(int sfd, int closeF)
{ {
BIO* bio = (BIO*) XMALLOC(sizeof(BIO), 0, DYNAMIC_TYPE_OPENSSL); BIO* bio = (BIO*) XMALLOC(sizeof(BIO), 0, DYNAMIC_TYPE_OPENSSL);
CYASSL_ENTER("BIO_new_socket"); CYASSL_ENTER("BIO_new_socket");
if (bio) { if (bio) {
bio->type = BIO_SOCKET; bio->type = BIO_SOCKET;
bio->close = close; bio->close = closeF;
bio->eof = 0; bio->eof = 0;
bio->ssl = 0; bio->ssl = 0;
bio->fd = sfd; bio->fd = sfd;
@@ -2573,11 +2573,11 @@ int CyaSSL_set_compression(SSL* ssl)
} }
long BIO_set_ssl(BIO* b, SSL* ssl, int close) long BIO_set_ssl(BIO* b, SSL* ssl, int closeF)
{ {
CYASSL_ENTER("BIO_set_ssl"); CYASSL_ENTER("BIO_set_ssl");
b->ssl = ssl; b->ssl = ssl;
b->close = close; b->close = closeF;
/* add to ssl for bio free if SSL_free called before/instead of free_all? */ /* add to ssl for bio free if SSL_free called before/instead of free_all? */
return 0; return 0;
@@ -3078,14 +3078,14 @@ int CyaSSL_set_compression(SSL* ssl)
long length, DES_key_schedule* schedule, DES_cblock* ivec, long length, DES_key_schedule* schedule, DES_cblock* ivec,
int enc) int enc)
{ {
Des des; Des myDes;
CYASSL_ENTER("DES_cbc_encrypt"); CYASSL_ENTER("DES_cbc_encrypt");
Des_SetKey(&des, (const byte*)schedule, (const byte*)ivec, !enc); Des_SetKey(&myDes, (const byte*)schedule, (const byte*)ivec, !enc);
if (enc) if (enc)
Des_CbcEncrypt(&des, output, input, length); Des_CbcEncrypt(&myDes, output, input, length);
else else
Des_CbcDecrypt(&des, output, input, length); Des_CbcDecrypt(&myDes, output, input, length);
} }
@@ -3094,14 +3094,14 @@ int CyaSSL_set_compression(SSL* ssl)
long length, DES_key_schedule* schedule, DES_cblock* ivec, long length, DES_key_schedule* schedule, DES_cblock* ivec,
int enc) int enc)
{ {
Des des; Des myDes;
CYASSL_ENTER("DES_ncbc_encrypt"); CYASSL_ENTER("DES_ncbc_encrypt");
Des_SetKey(&des, (const byte*)schedule, (const byte*)ivec, !enc); Des_SetKey(&myDes, (const byte*)schedule, (const byte*)ivec, !enc);
if (enc) if (enc)
Des_CbcEncrypt(&des, output, input, length); Des_CbcEncrypt(&myDes, output, input, length);
else else
Des_CbcDecrypt(&des, output, input, length); Des_CbcDecrypt(&myDes, output, input, length);
XMEMCPY(ivec, output + length - sizeof(DES_cblock), sizeof(DES_cblock)); XMEMCPY(ivec, output + length - sizeof(DES_cblock), sizeof(DES_cblock));
} }
@@ -3350,10 +3350,10 @@ int CyaSSL_set_compression(SSL* ssl)
} }
char* SSL_CIPHER_description(SSL_CIPHER* cipher, char* buffer, int len) char* SSL_CIPHER_description(SSL_CIPHER* cipher, char* in, int len)
{ {
(void)cipher; (void)cipher;
(void)buffer; (void)in;
(void)len; (void)len;
return 0; return 0;
} }
@@ -3692,9 +3692,9 @@ int CyaSSL_set_compression(SSL* ssl)
} }
int X509_cmp_current_time(const ASN1_TIME* time) int X509_cmp_current_time(const ASN1_TIME* asnTime)
{ {
(void)time; (void)asnTime;
return 0; return 0;
} }
@@ -3731,10 +3731,10 @@ int CyaSSL_set_compression(SSL* ssl)
int ASN1_TIME_print(BIO* bio, const ASN1_TIME* time) int ASN1_TIME_print(BIO* bio, const ASN1_TIME* asnTime)
{ {
(void)bio; (void)bio;
(void)time; (void)asnTime;
return 0; return 0;
} }
@@ -3806,16 +3806,16 @@ int CyaSSL_set_compression(SSL* ssl)
} }
char* SSL_alert_type_string_long(int alert) char* SSL_alert_type_string_long(int alertID)
{ {
(void)alert; (void)alertID;
return 0; return 0;
} }
char* SSL_alert_desc_string_long(int alert) char* SSL_alert_desc_string_long(int alertID)
{ {
(void)alert; (void)alertID;
return 0; return 0;
} }
@@ -3928,16 +3928,16 @@ int CyaSSL_set_compression(SSL* ssl)
} }
void DES_set_key_unchecked(const_DES_cblock* des, DES_key_schedule* key) void DES_set_key_unchecked(const_DES_cblock* myDes, DES_key_schedule* key)
{ {
(void)des; (void)myDes;
(void)key; (void)key;
} }
void DES_set_odd_parity(DES_cblock* des) void DES_set_odd_parity(DES_cblock* myDes)
{ {
(void)des; (void)myDes;
} }
@@ -4068,13 +4068,13 @@ int CyaSSL_set_compression(SSL* ssl)
/* write X509 serial number in unsigned binary to buffer /* write X509 serial number in unsigned binary to buffer
buffer needs to be at least EXTERNAL_SERIAL_SIZE (32) for all cases buffer needs to be at least EXTERNAL_SERIAL_SIZE (32) for all cases
return 0 on success */ return 0 on success */
int CyaSSL_X509_get_serial_number(X509* x509, byte* buffer, int* inOutSz) int CyaSSL_X509_get_serial_number(X509* x509, byte* in, int* inOutSz)
{ {
CYASSL_ENTER("CyaSSL_X509_get_serial_number"); CYASSL_ENTER("CyaSSL_X509_get_serial_number");
if (x509 == NULL || buffer == NULL || *inOutSz < x509->serialSz) if (x509 == NULL || in == NULL || *inOutSz < x509->serialSz)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
XMEMCPY(buffer, x509->serial, x509->serialSz); XMEMCPY(in, x509->serial, x509->serialSz);
*inOutSz = x509->serialSz; *inOutSz = x509->serialSz;
return 0; return 0;

4
src/tls.c
View File

@@ -299,7 +299,7 @@ static INLINE const byte* GetMacSecret(SSL* ssl, int verify)
/* TLS type HMAC */ /* TLS type HMAC */
void TLS_hmac(SSL* ssl, byte* digest, const byte* buffer, word32 sz, void TLS_hmac(SSL* ssl, byte* digest, const byte* in, word32 sz,
int content, int verify) int content, int verify)
{ {
Hmac hmac; Hmac hmac;
@@ -329,7 +329,7 @@ void TLS_hmac(SSL* ssl, byte* digest, const byte* buffer, word32 sz,
inner[ENUM_LEN + ENUM_LEN] = ssl->version.minor; /* version */ inner[ENUM_LEN + ENUM_LEN] = ssl->version.minor; /* version */
XMEMCPY(&inner[ENUM_LEN + VERSION_SZ], length, LENGTH_SZ); /* length */ XMEMCPY(&inner[ENUM_LEN + VERSION_SZ], length, LENGTH_SZ); /* length */
HmacUpdate(&hmac, inner, sizeof(inner)); HmacUpdate(&hmac, inner, sizeof(inner));
HmacUpdate(&hmac, buffer, sz); /* content */ HmacUpdate(&hmac, in, sz); /* content */
HmacFinal(&hmac, digest); HmacFinal(&hmac, digest);
} }