From 0ef44329ef30de2a7ea40f51a9748d797ec660e9 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 11 Nov 2013 17:00:35 -0800 Subject: [PATCH 001/135] add thread local storage to ecc fp cache, no locking required but cache is per thread, higher conncurrent performance but more memory needed --- configure.ac | 2 ++ ctaocrypt/src/ecc.c | 39 +++++++++++++++------ cyassl/ctaocrypt/types.h | 12 +++++++ m4/ax_tls.m4 | 76 ++++++++++++++++++++++++++++++++++++++++ 4 files changed, 118 insertions(+), 11 deletions(-) create mode 100644 m4/ax_tls.m4 diff --git a/configure.ac b/configure.ac index 55169de1b..6fda6da9f 100644 --- a/configure.ac +++ b/configure.ac @@ -103,6 +103,8 @@ OPTIMIZE_FAST_CFLAGS="-O2 -fomit-frame-pointer" OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET -DTFM_HUGE_SET" DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_CYASSL" +# Thread local storage +AX_TLS([AM_CFLAGS="$AM_CFLAGS -DHAVE_THREAD_LS"]) # DEBUG AX_DEBUG diff --git a/ctaocrypt/src/ecc.c b/ctaocrypt/src/ecc.c index 0a87e00cb..c0d4d4334 100644 --- a/ctaocrypt/src/ecc.c +++ b/ctaocrypt/src/ecc.c @@ -2144,17 +2144,22 @@ int ecc_sig_size(ecc_key* key) /** Our FP cache */ -static struct { +typedef struct { ecc_point* g; /* cached COPY of base point */ ecc_point* LUT[1U< +# Copyright (c) 2010 Diego Elio Petteno` +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General +# Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . +# +# As a special exception, the respective Autoconf Macro's copyright owner +# gives unlimited permission to copy, distribute and modify the configure +# scripts that are the output of Autoconf when processing the Macro. You +# need not follow the terms of the GNU General Public License when using +# or distributing such scripts, even though portions of the text of the +# Macro appear in them. The GNU General Public License (GPL) does govern +# all other use of the material that constitutes the Autoconf Macro. +# +# This special exception to the GPL applies to versions of the Autoconf +# Macro released by the Autoconf Archive. When you make and distribute a +# modified version of the Autoconf Macro, you may extend this special +# exception to the GPL to apply to your modified version as well. + +#serial 10 + +AC_DEFUN([AX_TLS], [ + AC_MSG_CHECKING(for thread local storage (TLS) class) + AC_CACHE_VAL(ac_cv_tls, [ + ax_tls_keywords="__thread __declspec(thread) none" + for ax_tls_keyword in $ax_tls_keywords; do + AS_CASE([$ax_tls_keyword], + [none], [ac_cv_tls=none ; break], + [AC_TRY_COMPILE( + [#include + static void + foo(void) { + static ] $ax_tls_keyword [ int bar; + exit(1); + }], + [], + [ac_cv_tls=$ax_tls_keyword ; break], + ac_cv_tls=none + )]) + done + ]) + AC_MSG_RESULT($ac_cv_tls) + + AS_IF([test "$ac_cv_tls" != "none"], + AC_DEFINE_UNQUOTED([TLS], $ac_cv_tls, [If the compiler supports a TLS storage class define it to that here]) + m4_ifnblank([$1], [$1]), + m4_ifnblank([$2], [$2]) + ) +]) From cf4230b0733870af022868d21a7cbe7e893bd17f Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 13 Nov 2013 17:53:11 -0800 Subject: [PATCH 002/135] add ecc encrypt secure message exchange, hide ecEncCtx --- ctaocrypt/src/ecc.c | 295 ++++++++++++++++++++++++++++++++------- ctaocrypt/src/error.c | 8 ++ ctaocrypt/test/test.c | 82 ++++++++++- cyassl/ctaocrypt/ecc.h | 42 +++--- cyassl/ctaocrypt/error.h | 3 + 5 files changed, 361 insertions(+), 69 deletions(-) diff --git a/ctaocrypt/src/ecc.c b/ctaocrypt/src/ecc.c index c0d4d4334..7acad6870 100644 --- a/ctaocrypt/src/ecc.c +++ b/ctaocrypt/src/ecc.c @@ -3510,33 +3510,189 @@ void ecc_fp_free(void) #ifdef HAVE_ECC_ENCRYPT -/* init and set defaults, just holders */ -void ecc_encrypt_init_options(ecEncOptions* options) -{ - if (options) { - XMEMSET(options, 0, sizeof(ecEncOptions)); - options->encAlgo = ecAES_128_CBC; - options->kdfAlgo = ecHKDF_SHA256; - options->macAlgo = ecHMAC_SHA256; +enum ecCliState { + ecCLI_INIT = 1, + ecCLI_SALT_GET = 2, + ecCLI_SALT_SET = 3, + ecCLI_SENT_REQ = 4, + ecCLI_RECV_RESP = 5, + ecCLI_BAD_STATE = 99 +}; + +enum ecSrvState { + ecSRV_INIT = 1, + ecSRV_SALT_GET = 2, + ecSRV_SALT_SET = 3, + ecSRV_RECV_REQ = 4, + ecSRV_SENT_RESP = 5, + ecSRV_BAD_STATE = 99 +}; + + +struct ecEncCtx { + byte* kdfSalt; /* optional salt for kdf */ + byte* kdfInfo; /* optional info for kdf */ + byte* macSalt; /* optional salt for mac */ + word32 kdfSaltSz; /* size of kdfSalt */ + word32 kdfInfoSz; /* size of kdfInfo */ + word32 macSaltSz; /* size of macSalt */ + byte clientSalt[EXCHANGE_SALT_SZ]; /* for msg exchange */ + byte serverSalt[EXCHANGE_SALT_SZ]; /* for msg exchange */ + byte encAlgo; /* which encryption type */ + byte kdfAlgo; /* which key derivation function type */ + byte macAlgo; /* which mac function type */ + byte protocol; /* are we REQ_RESP client or server ? */ + byte cliSt; /* protocol state, for sanity checks */ + byte srvSt; /* protocol state, for sanity checks */ +}; + + +const byte* ecc_ctx_get_own_salt(ecEncCtx* ctx) +{ + if (ctx == NULL || ctx->protocol == 0) + return NULL; + + if (ctx->protocol == REQ_RESP_CLIENT) { + if (ctx->cliSt == ecCLI_INIT) { + ctx->cliSt = ecCLI_SALT_GET; + return ctx->clientSalt; + } + else { + ctx->cliSt = ecCLI_BAD_STATE; + return NULL; + } } + else if (ctx->protocol == REQ_RESP_SERVER) { + if (ctx->srvSt == ecSRV_INIT) { + ctx->srvSt = ecSRV_SALT_GET; + return ctx->serverSalt; + } + else { + ctx->srvSt = ecSRV_BAD_STATE; + return NULL; + } + } + + return NULL; +} + + +static const char* exchange_info = "Secure Message Exchange"; + +int ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt) +{ + byte tmp[EXCHANGE_SALT_SZ/2]; + int halfSz = EXCHANGE_SALT_SZ/2; + + if (ctx == NULL || ctx->protocol == 0 || salt == NULL) + return BAD_FUNC_ARG; + + if (ctx->protocol == REQ_RESP_CLIENT) { + XMEMCPY(ctx->serverSalt, salt, EXCHANGE_SALT_SZ); + if (ctx->cliSt == ecCLI_SALT_GET) + ctx->cliSt = ecCLI_SALT_SET; + else { + ctx->cliSt = ecCLI_BAD_STATE; + return BAD_ENC_STATE_E; + } + } + else { + XMEMCPY(ctx->clientSalt, salt, EXCHANGE_SALT_SZ); + if (ctx->srvSt == ecSRV_SALT_GET) + ctx->srvSt = ecSRV_SALT_SET; + else { + ctx->srvSt = ecSRV_BAD_STATE; + return BAD_ENC_STATE_E; + } + } + + /* mix half and half */ + /* tmp stores 2nd half of client before overwrite */ + XMEMCPY(tmp, ctx->clientSalt + halfSz, halfSz); + XMEMCPY(ctx->clientSalt + halfSz, ctx->serverSalt, halfSz); + XMEMCPY(ctx->serverSalt, tmp, halfSz); + + ctx->kdfSalt = ctx->clientSalt; + ctx->kdfSaltSz = EXCHANGE_SALT_SZ; + + ctx->macSalt = ctx->serverSalt; + ctx->macSaltSz = EXCHANGE_SALT_SZ; + + ctx->kdfInfo = (byte*)exchange_info; + ctx->kdfInfoSz = EXCHANGE_INFO_SZ; + + return 0; +} + + +static int ecc_ctx_set_salt(ecEncCtx* ctx, int flags, RNG* rng) +{ + byte* saltBuffer = NULL; + + if (ctx == NULL || rng == NULL || flags == 0) + return BAD_FUNC_ARG; + + saltBuffer = (flags == REQ_RESP_CLIENT) ? ctx->clientSalt : ctx->serverSalt; + RNG_GenerateBlock(rng, saltBuffer, EXCHANGE_SALT_SZ); + + return 0; +} + + +static void ecc_ctx_init(ecEncCtx* ctx, int flags) +{ + if (ctx) { + XMEMSET(ctx, 0, sizeof(ecEncCtx)); + + ctx->encAlgo = ecAES_128_CBC; + ctx->kdfAlgo = ecHKDF_SHA256; + ctx->macAlgo = ecHMAC_SHA256; + ctx->protocol = (byte)flags; + + if (flags == REQ_RESP_CLIENT) + ctx->cliSt = ecCLI_INIT; + if (flags == REQ_RESP_SERVER) + ctx->srvSt = ecSRV_INIT; + } +} + + +/* alloc/init and set defaults, return new Context */ +ecEncCtx* ecc_ctx_new(int flags, RNG* rng) +{ + int ret = 0; + ecEncCtx* ctx = (ecEncCtx*)XMALLOC(sizeof(ecEncCtx), 0, DYNAMIC_TYPE_ECC); + + ecc_ctx_init(ctx, flags); + + if (ctx && flags) + ret = ecc_ctx_set_salt(ctx, flags, rng); + + if (ret != 0) { + ecc_ctx_free(ctx); + ctx = NULL; + } + + return ctx; } /* free any resources, clear any keys */ -void ecc_encrypt_free_options(ecEncOptions* options) +void ecc_ctx_free(ecEncCtx* ctx) { - if (options) { - XMEMSET(options, 0, sizeof(ecEncOptions)); + if (ctx) { + XMEMSET(ctx, 0, sizeof(ecEncCtx)); + XFREE(ctx, 0, DYNAMIC_TYPE_ECC); } } -static int ecc_get_key_sizes(ecEncOptions* options, int* encKeySz, int* ivSz, +static int ecc_get_key_sizes(ecEncCtx* ctx, int* encKeySz, int* ivSz, int* keysLen, word32* digestSz, word32* blockSz) { - if (options) { - switch (options->encAlgo) { + if (ctx) { + switch (ctx->encAlgo) { case ecAES_128_CBC: *encKeySz = KEY_SIZE_128; *ivSz = IV_SIZE_64; @@ -3546,7 +3702,7 @@ static int ecc_get_key_sizes(ecEncOptions* options, int* encKeySz, int* ivSz, return BAD_FUNC_ARG; } - switch (options->macAlgo) { + switch (ctx->macAlgo) { case ecHMAC_SHA256: *digestSz = SHA256_DIGEST_SIZE; break; @@ -3563,22 +3719,23 @@ static int ecc_get_key_sizes(ecEncOptions* options, int* encKeySz, int* ivSz, /* ecc encrypt with shared secret run through kdf - options holds non default algos and inputs + ctx holds non default algos and inputs msgSz should be the right size for encAlgo, i.e., already padded return 0 on success */ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, - word32 msgSz, byte* out, word32* outSz, ecEncOptions* opts) + word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx) { int ret; word32 blockSz; word32 digestSz; - ecEncOptions options; + ecEncCtx localCtx; byte sharedSecret[ECC_MAXSIZE]; /* 521 max size */ byte keys[ECC_BUFSIZE]; /* max size */ word32 sharedSz = sizeof(sharedSecret); int keysLen; int encKeySz; int ivSz; + int offset; /* keys offset if doing msg exchange */ byte* encKey; byte* encIv; byte* macKey; @@ -3587,19 +3744,37 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, outSz == NULL) return BAD_FUNC_ARG; - if (opts) - options = *opts; - else { - ecc_encrypt_init_options(&options); /* defaults */ + if (ctx == NULL) { /* use defaults */ + ecc_ctx_init(&localCtx, 0); + ctx = &localCtx; } - ret = ecc_get_key_sizes(&options, &encKeySz, &ivSz, &keysLen, &digestSz, + ret = ecc_get_key_sizes(ctx, &encKeySz, &ivSz, &keysLen, &digestSz, &blockSz); if (ret != 0) return ret; + + if (ctx->protocol == REQ_RESP_SERVER) { + offset = keysLen; + keysLen *= 2; + + if (ctx->srvSt != ecSRV_RECV_REQ) + return BAD_ENC_STATE_E; + + ctx->srvSt = ecSRV_BAD_STATE; /* we're done no more ops allowed */ + } + else if (ctx->protocol == REQ_RESP_CLIENT) { + if (ctx->cliSt != ecCLI_SALT_SET) + return BAD_ENC_STATE_E; + + ctx->cliSt = ecCLI_SENT_REQ; /* only do this once */ + } + + if (keysLen > (int)sizeof(keys)) + return BUFFER_E; if ( (msgSz%blockSz) != 0) - return BAD_FUNC_ARG; + return BAD_PADDING_E; if (*outSz < (msgSz + digestSz)) return BUFFER_E; @@ -3608,11 +3783,11 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, if (ret != 0) return ret; - switch (options.kdfAlgo) { + switch (ctx->kdfAlgo) { case ecHKDF_SHA256 : - ret = HKDF(SHA256, sharedSecret, sharedSz, options.kdfSalt, - options.kdfSaltSz, options.kdfInfo, - options.kdfInfoSz, keys, keysLen); + ret = HKDF(SHA256, sharedSecret, sharedSz, ctx->kdfSalt, + ctx->kdfSaltSz, ctx->kdfInfo, + ctx->kdfInfoSz, keys, keysLen); if (ret != 0) return ret; break; @@ -3621,11 +3796,11 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, return BAD_FUNC_ARG; } - encKey = keys; + encKey = keys + offset; encIv = encKey + encKeySz; macKey = encKey + encKeySz + ivSz; - switch (options.encAlgo) { + switch (ctx->encAlgo) { case ecAES_128_CBC: { Aes aes; @@ -3642,7 +3817,7 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, return BAD_FUNC_ARG; } - switch (options.macAlgo) { + switch (ctx->macAlgo) { case ecHMAC_SHA256: { Hmac hmac; @@ -3650,7 +3825,7 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, if (ret != 0) return ret; HmacUpdate(&hmac, out, msgSz); - HmacUpdate(&hmac, options.macSalt, options.macSaltSz); + HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz); HmacFinal(&hmac, out+msgSz); } break; @@ -3665,19 +3840,23 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, } +/* ecc decrypt with shared secret run through kdf + ctx holds non default algos and inputs + return 0 on success */ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, - word32 msgSz, byte* out, word32* outSz, ecEncOptions* opts) + word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx) { int ret; word32 blockSz; word32 digestSz; - ecEncOptions options; + ecEncCtx localCtx; byte sharedSecret[ECC_MAXSIZE]; /* 521 max size */ byte keys[ECC_BUFSIZE]; /* max size */ word32 sharedSz = sizeof(sharedSecret); int keysLen; int encKeySz; int ivSz; + int offset; /* in case using msg exchange */ byte* encKey; byte* encIv; byte* macKey; @@ -3686,19 +3865,37 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, outSz == NULL) return BAD_FUNC_ARG; - if (opts) - options = *opts; - else { - ecc_encrypt_init_options(&options); /* defaults */ + if (ctx == NULL) { /* use defaults */ + ecc_ctx_init(&localCtx, 0); + ctx = &localCtx; } - - ret = ecc_get_key_sizes(&options, &encKeySz, &ivSz, &keysLen, &digestSz, + + ret = ecc_get_key_sizes(ctx, &encKeySz, &ivSz, &keysLen, &digestSz, &blockSz); if (ret != 0) return ret; + if (ctx->protocol == REQ_RESP_CLIENT) { + offset = keysLen; + keysLen *= 2; + + if (ctx->cliSt != ecCLI_SENT_REQ) + return BAD_ENC_STATE_E; + + ctx->cliSt = ecSRV_BAD_STATE; /* we're done no more ops allowed */ + } + else if (ctx->protocol == REQ_RESP_SERVER) { + if (ctx->srvSt != ecSRV_SALT_SET) + return BAD_ENC_STATE_E; + + ctx->srvSt = ecSRV_RECV_REQ; /* only do this once */ + } + + if (keysLen > (int)sizeof(keys)) + return BUFFER_E; + if ( ((msgSz-digestSz) % blockSz) != 0) - return BAD_FUNC_ARG; + return BAD_PADDING_E; if (*outSz < (msgSz - digestSz)) return BUFFER_E; @@ -3707,11 +3904,11 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, if (ret != 0) return ret; - switch (options.kdfAlgo) { + switch (ctx->kdfAlgo) { case ecHKDF_SHA256 : - ret = HKDF(SHA256, sharedSecret, sharedSz, options.kdfSalt, - options.kdfSaltSz, options.kdfInfo, - options.kdfInfoSz, keys, keysLen); + ret = HKDF(SHA256, sharedSecret, sharedSz, ctx->kdfSalt, + ctx->kdfSaltSz, ctx->kdfInfo, + ctx->kdfInfoSz, keys, keysLen); if (ret != 0) return ret; break; @@ -3720,11 +3917,11 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, return BAD_FUNC_ARG; } - encKey = keys; + encKey = keys + offset; encIv = encKey + encKeySz; macKey = encKey + encKeySz + ivSz; - switch (options.macAlgo) { + switch (ctx->macAlgo) { case ecHMAC_SHA256: { byte verify[SHA256_DIGEST_SIZE]; @@ -3733,7 +3930,7 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, if (ret != 0) return ret; HmacUpdate(&hmac, msg, msgSz-digestSz); - HmacUpdate(&hmac, options.macSalt, options.macSaltSz); + HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz); HmacFinal(&hmac, verify); if (memcmp(verify, msg + msgSz - digestSz, digestSz) != 0) { @@ -3746,7 +3943,7 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, return BAD_FUNC_ARG; } - switch (options.encAlgo) { + switch (ctx->encAlgo) { case ecAES_128_CBC: { Aes aes; diff --git a/ctaocrypt/src/error.c b/ctaocrypt/src/error.c index e6b4eaf3b..07bba8358 100644 --- a/ctaocrypt/src/error.c +++ b/ctaocrypt/src/error.c @@ -323,6 +323,14 @@ void CTaoCryptErrorString(int error, char* buffer) XSTRNCPY(buffer, "ASN OCSP sig error, confirm failure", max); break; + case BAD_ENC_STATE_E: + XSTRNCPY(buffer, "Bad ecc encrypt state operation", max); + break; + + case BAD_PADDING_E: + XSTRNCPY(buffer, "Bad padding, message wrong length", max); + break; + default: XSTRNCPY(buffer, "unknown error number", max); diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index 5ba050838..c62b4daeb 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -3628,12 +3628,12 @@ int ecc_encrypt_test(void) for (i = 0; i < 48; i++) msg[i] = i; - /* send encrypted msg to B */ + /* encrypt msg to B */ ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz, NULL); if (ret != 0) return -3003; - /* decrypted msg to B */ + /* decrypt msg from A */ ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, NULL); if (ret != 0) return -3004; @@ -3641,6 +3641,84 @@ int ecc_encrypt_test(void) if (memcmp(plain, msg, sizeof(msg)) != 0) return -3005; + + { /* let's verify message exchange works, A is client, B is server */ + ecEncCtx* cliCtx = ecc_ctx_new(REQ_RESP_CLIENT, &rng); + ecEncCtx* srvCtx = ecc_ctx_new(REQ_RESP_SERVER, &rng); + + byte cliSalt[EXCHANGE_SALT_SZ]; + byte srvSalt[EXCHANGE_SALT_SZ]; + const byte* tmpSalt; + + if (cliCtx == NULL || srvCtx == NULL) + return -3006; + + /* get salt to send to peer */ + tmpSalt = ecc_ctx_get_own_salt(cliCtx); + if (tmpSalt == NULL) + return -3007; + memcpy(cliSalt, tmpSalt, EXCHANGE_SALT_SZ); + + tmpSalt = ecc_ctx_get_own_salt(srvCtx); + if (tmpSalt == NULL) + return -3007; + memcpy(srvSalt, tmpSalt, EXCHANGE_SALT_SZ); + + /* in actual use, we'd get the peer's salt over the transport */ + ret = ecc_ctx_set_peer_salt(cliCtx, srvSalt); + ret += ecc_ctx_set_peer_salt(srvCtx, cliSalt); + + if (ret != 0) + return -3008; + + /* get encrypted msg (request) to send to B */ + outSz = sizeof(out); + ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz,cliCtx); + if (ret != 0) + return -3009; + + /* B decrypts msg (request) from A */ + plainSz = sizeof(plain); + ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, srvCtx); + if (ret != 0) + return -3010; + + if (memcmp(plain, msg, sizeof(msg)) != 0) + return -3011; + + { + /* msg2 (response) from B to A */ + byte msg2[48]; + byte plain2[48]; + byte out2[80]; + word32 outSz2 = sizeof(out2); + word32 plainSz2 = sizeof(plain2); + + for (i = 0; i < 48; i++) + msg2[i] = i+48; + + /* get encrypted msg (response) to send to B */ + ret = ecc_encrypt(&userB, &userA, msg2, sizeof(msg2), out2, + &outSz2, srvCtx); + if (ret != 0) + return -3012; + + /* A decrypts msg (response) from B */ + ret = ecc_decrypt(&userA, &userB, out2, outSz2, plain2, &plainSz2, + cliCtx); + if (ret != 0) + return -3013; + + if (memcmp(plain2, msg2, sizeof(msg2)) != 0) + return -3014; + } + + /* cleanup */ + ecc_ctx_free(srvCtx); + ecc_ctx_free(cliCtx); + } + + /* cleanup */ ecc_free(&userB); ecc_free(&userA); diff --git a/cyassl/ctaocrypt/ecc.h b/cyassl/ctaocrypt/ecc.h index 683429fec..40eab7572 100644 --- a/cyassl/ctaocrypt/ecc.h +++ b/cyassl/ctaocrypt/ecc.h @@ -119,6 +119,7 @@ CYASSL_API int ecc_sig_size(ecc_key* key); +#ifdef HAVE_ECC_ENCRYPT /* ecc encrypt */ enum ecEncAlgo { @@ -137,34 +138,39 @@ enum ecMacAlgo { }; enum { - KEY_SIZE_128 = 16, - KEY_SIZE_256 = 32, - IV_SIZE_64 = 8 + KEY_SIZE_128 = 16, + KEY_SIZE_256 = 32, + IV_SIZE_64 = 8, + EXCHANGE_SALT_SZ = 16, + EXCHANGE_INFO_SZ = 23 }; -typedef struct ecEncOptions { - byte encAlgo; /* which encryption type */ - byte kdfAlgo; /* which key derivation function type */ - byte macAlgo; /* which mac function type */ - byte* kdfSalt; /* optional salt for kdf */ - byte* kdfInfo; /* optional info for kdf */ - byte* macSalt; /* optional salt for mac */ - word32 kdfSaltSz; /* size of kdfSalt */ - word32 kdfInfoSz; /* size of kdfInfo */ - word32 macSaltSz; /* size of macSalt */ -} ecEncOptions; +enum ecFlags { + REQ_RESP_CLIENT = 1, + REQ_RESP_SERVER = 2 +}; + + +typedef struct ecEncCtx ecEncCtx; CYASSL_API -void ecc_encrypt_init_options(ecEncOptions*); /* init and set to defaults */ +ecEncCtx* ecc_ctx_new(int flags, RNG* rng); CYASSL_API -void ecc_encrypt_free_options(ecEncOptions*); /* release/clear options */ +void ecc_ctx_free(ecEncCtx*); + +CYASSL_API +const byte* ecc_ctx_get_own_salt(ecEncCtx*); +CYASSL_API +int ecc_ctx_set_peer_salt(ecEncCtx*, const byte* salt); CYASSL_API int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, - word32 msgSz, byte* out, word32* outSz, ecEncOptions* options); + word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx); CYASSL_API int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, - word32 msgSz, byte* out, word32* outSz, ecEncOptions* options); + word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx); + +#endif /* HAVE_ECC_ENCRYPT */ #ifdef __cplusplus } /* extern "C" */ diff --git a/cyassl/ctaocrypt/error.h b/cyassl/ctaocrypt/error.h index 7bb7960c3..2d6cbfae4 100644 --- a/cyassl/ctaocrypt/error.h +++ b/cyassl/ctaocrypt/error.h @@ -114,6 +114,9 @@ enum { ASN_CRL_NO_SIGNER_E = -190, /* ASN CRL no signer to confirm failure */ ASN_OCSP_CONFIRM_E = -191, /* ASN OCSP signature confirm failure */ + BAD_ENC_STATE_E = -192, /* Bad ecc enc state operation */ + BAD_PADDING_E = -193, /* Bad padding, msg not correct length */ + MIN_CODE_E = -200 /* errors -101 - -199 */ }; From 7a1fb428d1ed5b6e51a4019f16caa70f6faab1c4 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Thu, 14 Nov 2013 11:10:29 -0700 Subject: [PATCH 003/135] fix ecc_set_type member name conflict --- cyassl/ctaocrypt/ecc.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cyassl/ctaocrypt/ecc.h b/cyassl/ctaocrypt/ecc.h index 40eab7572..2434a6844 100644 --- a/cyassl/ctaocrypt/ecc.h +++ b/cyassl/ctaocrypt/ecc.h @@ -49,7 +49,7 @@ typedef struct { int size; /* The size of the curve in octets */ const char* name; /* name of this curve */ const char* prime; /* prime that defines the field, curve is in (hex) */ - const char* B; /* fields B param (hex) */ + const char* Bf; /* fields B param (hex) */ const char* order; /* order of the curve (hex) */ const char* Gx; /* x coordinate of the base point on curve (hex) */ const char* Gy; /* y coordinate of the base point on curve (hex) */ From a7bcca84c3bb714c6810dbe641ca45368d3e1334 Mon Sep 17 00:00:00 2001 From: toddouska Date: Thu, 14 Nov 2013 15:00:22 -0800 Subject: [PATCH 004/135] add ecdsa cert signing --- .gitignore | 2 + ctaocrypt/src/asn.c | 95 ++++++++++++++++++++++------ ctaocrypt/test/test.c | 114 ++++++++++++++++++++++++++++++++-- cyassl/ctaocrypt/asn.h | 3 - cyassl/ctaocrypt/asn_public.h | 14 ++++- src/ssl.c | 87 +++++++++++++------------- 6 files changed, 243 insertions(+), 72 deletions(-) diff --git a/.gitignore b/.gitignore index e4c4d2d48..9ef608923 100644 --- a/.gitignore +++ b/.gitignore @@ -46,6 +46,8 @@ testsuite/*.pem testsuite/*.raw cert.der cert.pem +certecc.der +certecc.pem othercert.der othercert.pem key.der diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index 65ff0a660..13f0b0c87 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -2241,7 +2241,7 @@ static word32 SetAlgoID(int algoOID, byte* output, int type) static const byte md2AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x02, 0x05, 0x00}; - /* sigTypes */ + /* RSA sigTypes */ #ifndef NO_RSA static const byte md5wRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x04, 0x05, 0x00}; @@ -2255,12 +2255,29 @@ static word32 SetAlgoID(int algoOID, byte* output, int type) 0x0d, 0x01, 0x01, 0x0d, 0x05, 0x00}; #endif /* NO_RSA */ - /* keyTypes */ + /* ECDSA sigTypes */ + #ifdef HAVE_ECC + static const byte shawECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d, + 0x04, 0x01, 0x05, 0x00}; + static const byte sha256wECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE,0x3d, + 0x04, 0x03, 0x02, 0x05, 0x00}; + static const byte sha384wECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE,0x3d, + 0x04, 0x03, 0x03, 0x05, 0x00}; + static const byte sha512wECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE,0x3d, + 0x04, 0x03, 0x04, 0x05, 0x00}; + #endif /* HAVE_ECC */ + + /* RSA keyType */ #ifndef NO_RSA static const byte RSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00}; #endif /* NO_RSA */ + #ifdef HAVE_ECC + static const byte ECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d, + 0x04, 0x02, 0x05, 0x00}; + #endif /* HAVE_ECC */ + int algoSz = 0; word32 idSz, seqSz; const byte* algoName = 0; @@ -2332,6 +2349,27 @@ static word32 SetAlgoID(int algoOID, byte* output, int type) algoName = sha512wRSA_AlgoID; break; #endif /* NO_RSA */ + #ifdef HAVE_ECC + case CTC_SHAwECDSA: + algoSz = sizeof(shawECDSA_AlgoID); + algoName = shawECDSA_AlgoID; + break; + + case CTC_SHA256wECDSA: + algoSz = sizeof(sha256wECDSA_AlgoID); + algoName = sha256wECDSA_AlgoID; + break; + + case CTC_SHA384wECDSA: + algoSz = sizeof(sha384wECDSA_AlgoID); + algoName = sha384wECDSA_AlgoID; + break; + + case CTC_SHA512wECDSA: + algoSz = sizeof(sha512wECDSA_AlgoID); + algoName = sha512wECDSA_AlgoID; + break; + #endif /* HAVE_ECC */ default: CYASSL_MSG("Unknown Signature Algo"); return 0; @@ -2345,6 +2383,12 @@ static word32 SetAlgoID(int algoOID, byte* output, int type) algoName = RSA_AlgoID; break; #endif /* NO_RSA */ + #ifdef HAVE_ECC + case ECDSAk: + algoSz = sizeof(ECDSA_AlgoID); + algoName = ECDSA_AlgoID; + break; + #endif /* HAVE_ECC */ default: CYASSL_MSG("Unknown Key Algo"); return 0; @@ -3995,13 +4039,8 @@ static int SetName(byte* output, CertName* name) } /* encode info from cert into DER enocder format */ -static int EncodeCert( -Cert* cert, -DerCert* der, -RsaKey* rsaKey, -RNG* rng, - const byte* ntruKey, -word16 ntruSz) +static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, RNG* rng, + const byte* ntruKey, word16 ntruSz) { (void)ntruKey; (void)ntruSz; @@ -4153,12 +4192,15 @@ static int WriteCertBody(DerCert* der, byte* buffer) /* Make RSA signature from buffer (sz), write to sig (sigSz) */ static int MakeSignature(const byte* buffer, int sz, byte* sig, int sigSz, - RsaKey* key, RNG* rng, int sigAlgoType) + RsaKey* rsaKey, ecc_key* eccKey, RNG* rng, + int sigAlgoType) { byte digest[SHA256_DIGEST_SIZE]; /* max size */ byte encSig[MAX_ENCODED_DIG_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ]; int encSigSz, digestSz, typeH; + (void)eccKey; + if (sigAlgoType == CTC_MD5wRSA) { Md5 md5; InitMd5(&md5); @@ -4167,7 +4209,7 @@ static int MakeSignature(const byte* buffer, int sz, byte* sig, int sigSz, digestSz = MD5_DIGEST_SIZE; typeH = MD5h; } - else if (sigAlgoType == CTC_SHAwRSA) { + else if (sigAlgoType == CTC_SHAwRSA || sigAlgoType == CTC_SHAwECDSA) { Sha sha; InitSha(&sha); ShaUpdate(&sha, buffer, sz); @@ -4175,7 +4217,7 @@ static int MakeSignature(const byte* buffer, int sz, byte* sig, int sigSz, digestSz = SHA_DIGEST_SIZE; typeH = SHAh; } - else if (sigAlgoType == CTC_SHA256wRSA) { + else if (sigAlgoType == CTC_SHA256wRSA || sigAlgoType == CTC_SHA256wECDSA) { Sha256 sha256; InitSha256(&sha256); Sha256Update(&sha256, buffer, sz); @@ -4186,9 +4228,23 @@ static int MakeSignature(const byte* buffer, int sz, byte* sig, int sigSz, else return ALGO_ID_E; - /* signature */ - encSigSz = EncodeSignature(encSig, digest, digestSz, typeH); - return RsaSSL_Sign(encSig, encSigSz, sig, sigSz, key, rng); + if (rsaKey) { + /* signature */ + encSigSz = EncodeSignature(encSig, digest, digestSz, typeH); + return RsaSSL_Sign(encSig, encSigSz, sig, sigSz, rsaKey, rng); + } +#ifdef HAVE_ECC + else if (eccKey) { + word32 outSz = sigSz; + int ret = ecc_sign_hash(digest, digestSz, sig, &outSz, rng, eccKey); + + if (ret != 0) + return ret; + return outSz; + } +#endif /* HAVE_ECC */ + + return ALGO_ID_E; } @@ -4257,7 +4313,8 @@ int MakeNtruCert(Cert* cert, byte* derBuffer, word32 derSz, #endif /* HAVE_NTRU */ -int SignCert(Cert* cert, byte* buffer, word32 buffSz, RsaKey* key, RNG* rng) +int SignCert(Cert* cert, byte* buffer, word32 buffSz, RsaKey* rsaKey, + ecc_key* eccKey, RNG* rng) { byte sig[MAX_ENCODED_SIG_SZ]; int sigSz; @@ -4266,8 +4323,8 @@ int SignCert(Cert* cert, byte* buffer, word32 buffSz, RsaKey* key, RNG* rng) if (bodySz < 0) return bodySz; - sigSz = MakeSignature(buffer, bodySz, sig, sizeof(sig), key, rng, - cert->sigType); + sigSz = MakeSignature(buffer, bodySz, sig, sizeof(sig), rsaKey, eccKey, + rng, cert->sigType); if (sigSz < 0) return sigSz; @@ -4285,7 +4342,7 @@ int MakeSelfCert(Cert* cert, byte* buffer, word32 buffSz, RsaKey* key, RNG* rng) if (ret < 0) return ret; - return SignCert(cert, buffer, buffSz, key, rng); + return SignCert(cert, buffer, buffSz, key, NULL, rng); } diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index c62b4daeb..928b63d21 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -2487,17 +2487,27 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out) #ifdef CYASSL_CERT_GEN static const char* caKeyFile = "a:\\certs\\ca-key.der"; static const char* caCertFile = "a:\\certs\\ca-cert.pem"; + #ifdef HAVE_ECC + static const char* eccCaKeyFile = "a:\\certs\\ecc-key.der"; + static const char* eccCaCertFile = "a:\\certs\\server-ecc.pem"; + #endif #endif #elif defined(CYASSL_MKD_SHELL) static char* clientKey = "certs/client-key.der"; static char* clientCert = "certs/client-cert.der"; - void set_clientKey(char *key) { clientKey = key ; } /* set by shell command */ - void set_clientCert(char *cert) { clientCert = cert ; } /* set by shell command */ + void set_clientKey(char *key) { clientKey = key ; } + void set_clientCert(char *cert) { clientCert = cert ; } #ifdef CYASSL_CERT_GEN static char* caKeyFile = "certs/ca-key.der"; static char* caCertFile = "certs/ca-cert.pem"; - void set_caKeyFile (char * key) { caKeyFile = key ; } /* set by shell command */ - void set_caCertFile(char * cert) { caCertFile = cert ; } /* set by shell command */ + void set_caKeyFile (char * key) { caKeyFile = key ; } + void set_caCertFile(char * cert) { caCertFile = cert ; } + #ifdef HAVE_ECC + static const char* eccCaKeyFile = "certs/ecc-key.der"; + static const char* eccCaCertFile = "certs/server-ecc.pem"; + void set_eccCaKeyFile (char * key) { eccCaKeyFile = key ; } + void set_eccCaCertFile(char * cert) { eccCaCertFile = cert ; } + #endif #endif #else static const char* clientKey = "./certs/client-key.der"; @@ -2505,6 +2515,10 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out) #ifdef CYASSL_CERT_GEN static const char* caKeyFile = "./certs/ca-key.der"; static const char* caCertFile = "./certs/ca-cert.pem"; + #ifdef HAVE_ECC + static const char* eccCaKeyFile = "./certs/ecc-key.der"; + static const char* eccCaCertFile = "./certs/server-ecc.pem"; + #endif #endif #endif #endif @@ -2788,7 +2802,7 @@ int rsa_test(void) if (certSz < 0) return -407; - certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng); + certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, NULL, &rng); if (certSz < 0) return -408; @@ -2820,6 +2834,94 @@ int rsa_test(void) free(derCert); FreeRsaKey(&caKey); } +#ifdef HAVE_ECC + /* ECC CA style */ + { + ecc_key caKey; + Cert myCert; + byte* derCert; + byte* pem; + FILE* derFile; + FILE* pemFile; + int certSz; + int pemSz; + size_t bytes3; + word32 idx3 = 0; + FILE* file3 ; +#ifdef CYASSL_TEST_CERT + DecodedCert decode; +#endif + + derCert = (byte*)malloc(FOURK_BUF); + if (derCert == NULL) + return -5311; + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) + return -5312; + + file3 = fopen(eccCaKeyFile, "rb"); + + if (!file3) + return -5412; + + bytes3 = fread(tmp, 1, FOURK_BUF, file3); + fclose(file3); + + ecc_init(&caKey); + ret = EccPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3); + if (ret != 0) return -5413; + + InitCert(&myCert); + myCert.sigType = CTC_SHA256wECDSA; + + strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); + strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); + strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); + strncpy(myCert.subject.org, "wolfSSL", CTC_NAME_SIZE); + strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); + strncpy(myCert.subject.commonName, "www.wolfssl.com", CTC_NAME_SIZE); + strncpy(myCert.subject.email, "info@wolfssl.com", CTC_NAME_SIZE); + + ret = SetIssuer(&myCert, eccCaCertFile); + if (ret < 0) + return -5405; + + certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, &rng); + if (certSz < 0) + return -5407; + + certSz = SignCert(&myCert, derCert, FOURK_BUF, NULL, &caKey, &rng); + if (certSz < 0) + return -5408; + +#ifdef CYASSL_TEST_CERT + InitDecodedCert(&decode, derCert, certSz, 0); + ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); + if (ret != 0) + return -5409; + FreeDecodedCert(&decode); +#endif + + derFile = fopen("./certecc.der", "wb"); + if (!derFile) + return -5410; + ret = (int)fwrite(derCert, certSz, 1, derFile); + fclose(derFile); + + pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); + if (pemSz < 0) + return -5411; + + pemFile = fopen("./certecc.pem", "wb"); + if (!pemFile) + return -5412; + ret = (int)fwrite(pem, pemSz, 1, pemFile); + fclose(pemFile); + free(pem); + free(derCert); + ecc_free(&caKey); + } +#endif /* HAVE_ECC */ #ifdef HAVE_NTRU { RsaKey caKey; @@ -2900,7 +3002,7 @@ int rsa_test(void) if (certSz < 0) return -456; - certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng); + certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, NULL, &rng); if (certSz < 0) return -457; diff --git a/cyassl/ctaocrypt/asn.h b/cyassl/ctaocrypt/asn.h index 70dbfbe09..737f594f1 100644 --- a/cyassl/ctaocrypt/asn.h +++ b/cyassl/ctaocrypt/asn.h @@ -391,9 +391,6 @@ CYASSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType); mp_int* s); CYASSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, mp_int* r, mp_int* s); - /* private key helpers */ - CYASSL_API int EccPrivateKeyDecode(const byte* input,word32* inOutIdx, - ecc_key*,word32); #endif #ifdef CYASSL_CERT_GEN diff --git a/cyassl/ctaocrypt/asn_public.h b/cyassl/ctaocrypt/asn_public.h index f824fbb36..a9d5fb7a9 100644 --- a/cyassl/ctaocrypt/asn_public.h +++ b/cyassl/ctaocrypt/asn_public.h @@ -24,6 +24,7 @@ #define CTAO_CRYPT_ASN_PUBLIC_H #include +#include #ifdef CYASSL_CERT_GEN #include #endif @@ -63,6 +64,10 @@ enum Ctc_SigType { #ifdef CYASSL_CERT_GEN +#ifndef HAVE_ECC + typedef struct ecc_key ecc_key; +#endif + enum Ctc_Misc { CTC_NAME_SIZE = 64, CTC_DATE_SIZE = 32, @@ -121,7 +126,8 @@ typedef struct Cert { */ CYASSL_API void InitCert(Cert*); CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); -CYASSL_API int SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); +CYASSL_API int SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, + ecc_key*, RNG*); CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); CYASSL_API int SetIssuer(Cert*, const char*); @@ -147,6 +153,12 @@ CYASSL_API int SetDatesBuffer(Cert*, const byte*, int); word32 outputSz, int type); #endif +#ifdef HAVE_ECC + /* private key helpers */ + CYASSL_API int EccPrivateKeyDecode(const byte* input,word32* inOutIdx, + ecc_key*,word32); +#endif + #ifdef __cplusplus } /* extern "C" */ diff --git a/src/ssl.c b/src/ssl.c index f17449376..7da7f2224 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1045,6 +1045,50 @@ int CyaSSL_CertManagerUnloadCAs(CYASSL_CERT_MANAGER* cm) } +/* Return bytes written to buff or < 0 for error */ +int CyaSSL_KeyPemToDer(const unsigned char* pem, int pemSz, unsigned char* buff, + int buffSz, const char* pass) +{ + EncryptedInfo info; + int eccKey = 0; + int ret; + buffer der; + + (void)pass; + + CYASSL_ENTER("CyaSSL_KeyPemToDer"); + + if (pem == NULL || buff == NULL || buffSz <= 0) { + CYASSL_MSG("Bad pem der args"); + return BAD_FUNC_ARG; + } + + info.set = 0; + info.ctx = NULL; + info.consumed = 0; + der.buffer = NULL; + + ret = PemToDer(pem, pemSz, PRIVATEKEY_TYPE, &der, NULL, &info, &eccKey); + if (ret < 0) { + CYASSL_MSG("Bad Pem To Der"); + } + else { + if (der.length <= (word32)buffSz) { + XMEMCPY(buff, der.buffer, der.length); + ret = der.length; + } + else { + CYASSL_MSG("Bad der length"); + ret = BAD_FUNC_ARG; + } + } + + XFREE(der.buffer, NULL, DYNAMIC_TYPE_KEY); + + return ret; +} + + #endif /* !NO_CERTS */ @@ -10430,49 +10474,6 @@ static int initGlobalRNG = 0; -/* Return bytes written to buff or < 0 for error */ -int CyaSSL_KeyPemToDer(const unsigned char* pem, int pemSz, unsigned char* buff, - int buffSz, const char* pass) -{ - EncryptedInfo info; - int eccKey = 0; - int ret; - buffer der; - - (void)pass; - - CYASSL_ENTER("CyaSSL_KeyPemToDer"); - - if (pem == NULL || buff == NULL || buffSz <= 0) { - CYASSL_MSG("Bad pem der args"); - return BAD_FUNC_ARG; - } - - info.set = 0; - info.ctx = NULL; - info.consumed = 0; - der.buffer = NULL; - - ret = PemToDer(pem, pemSz, PRIVATEKEY_TYPE, &der, NULL, &info, &eccKey); - if (ret < 0) { - CYASSL_MSG("Bad Pem To Der"); - } - else { - if (der.length <= (word32)buffSz) { - XMEMCPY(buff, der.buffer, der.length); - ret = der.length; - } - else { - CYASSL_MSG("Bad der length"); - ret = BAD_FUNC_ARG; - } - } - - XFREE(der.buffer, NULL, DYNAMIC_TYPE_KEY); - - return ret; -} - /* Load RSA from Der, SSL_SUCCESS on success < 0 on error */ int CyaSSL_RSA_LoadDer(CYASSL_RSA* rsa, const unsigned char* der, int derSz) From d91e8ab38eab3f304776838a2d1a04645feb6f0e Mon Sep 17 00:00:00 2001 From: toddouska Date: Thu, 14 Nov 2013 20:34:39 -0800 Subject: [PATCH 005/135] add cert gen for ecc certs --- ctaocrypt/src/asn.c | 214 +++++++++++++++++++++++++++++----- ctaocrypt/src/ecc.c | 1 - ctaocrypt/test/test.c | 4 +- cyassl/ctaocrypt/asn.h | 10 +- cyassl/ctaocrypt/asn_public.h | 3 +- 5 files changed, 196 insertions(+), 36 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index 13f0b0c87..cabd8d816 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -1434,7 +1434,7 @@ static int GetKey(DecodedCert* cert) if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0) return ASN_PARSE_E; - + if (GetAlgoId(cert->source, &cert->srcIdx, &cert->keyOID, cert->maxIdx) < 0) return ASN_PARSE_E; @@ -2128,10 +2128,14 @@ int DecodeToKey(DecodedCert* cert, int verify) if ( (ret = GetCertHeader(cert)) < 0) return ret; + CYASSL_MSG("Got Cert Header"); + if ( (ret = GetAlgoId(cert->source, &cert->srcIdx, &cert->signatureOID, cert->maxIdx)) < 0) return ret; + CYASSL_MSG("Got Algo ID"); + if ( (ret = GetName(cert, ISSUER)) < 0) return ret; @@ -2141,9 +2145,13 @@ int DecodeToKey(DecodedCert* cert, int verify) if ( (ret = GetName(cert, SUBJECT)) < 0) return ret; + CYASSL_MSG("Got Subject Name"); + if ( (ret = GetKey(cert)) < 0) return ret; + CYASSL_MSG("Got Key"); + if (badDate != 0) return badDate; @@ -2223,7 +2231,80 @@ static word32 SetSequence(word32 len, byte* output) } -static word32 SetAlgoID(int algoOID, byte* output, int type) +#if defined(HAVE_ECC) && defined(CYASSL_CERT_GEN) + +static word32 SetCurve(ecc_key* key, byte* output) +{ + + /* curve types */ + static const byte ECC_192v1_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d, + 0x03, 0x01, 0x01}; + static const byte ECC_256v1_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d, + 0x03, 0x01, 0x07}; + static const byte ECC_160r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00, + 0x02}; + static const byte ECC_224r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00, + 0x21}; + static const byte ECC_384r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00, + 0x22}; + static const byte ECC_521r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00, + 0x23}; + + int oidSz = 0; + int idx = 0; + int lenSz = 0; + const byte* oid = 0; + + output[0] = ASN_OBJECT_ID; + idx++; + + switch (key->dp->size) { + case 20: + oidSz = sizeof(ECC_160r1_AlgoID); + oid = ECC_160r1_AlgoID; + break; + + case 24: + oidSz = sizeof(ECC_192v1_AlgoID); + oid = ECC_192v1_AlgoID; + break; + + case 28: + oidSz = sizeof(ECC_224r1_AlgoID); + oid = ECC_224r1_AlgoID; + break; + + case 32: + oidSz = sizeof(ECC_256v1_AlgoID); + oid = ECC_256v1_AlgoID; + break; + + case 48: + oidSz = sizeof(ECC_384r1_AlgoID); + oid = ECC_384r1_AlgoID; + break; + + case 66: + oidSz = sizeof(ECC_521r1_AlgoID); + oid = ECC_521r1_AlgoID; + break; + + default: + return ASN_UNKNOWN_OID_E; + } + lenSz = SetLength(oidSz, output+idx); + idx += lenSz; + + XMEMCPY(output+idx, oid, oidSz); + idx += oidSz; + + return idx; +} + +#endif /* HAVE_ECC && CYASSL_CERT_GEN */ + + +static word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz) { /* adding TAG_NULL and 0 to end */ @@ -2274,11 +2355,14 @@ static word32 SetAlgoID(int algoOID, byte* output, int type) #endif /* NO_RSA */ #ifdef HAVE_ECC - static const byte ECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d, - 0x04, 0x02, 0x05, 0x00}; + /* ECC keyType */ + /* no tags, so set tagSz smaller later */ + static const byte ECC_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d, + 0x02, 0x01}; #endif /* HAVE_ECC */ int algoSz = 0; + int tagSz = 2; /* tag null and terminator */ word32 idSz, seqSz; const byte* algoName = 0; byte ID_Length[MAX_LENGTH_SZ]; @@ -2385,8 +2469,9 @@ static word32 SetAlgoID(int algoOID, byte* output, int type) #endif /* NO_RSA */ #ifdef HAVE_ECC case ECDSAk: - algoSz = sizeof(ECDSA_AlgoID); - algoName = ECDSA_AlgoID; + algoSz = sizeof(ECC_AlgoID); + algoName = ECC_AlgoID; + tagSz = 0; break; #endif /* HAVE_ECC */ default: @@ -2399,8 +2484,9 @@ static word32 SetAlgoID(int algoOID, byte* output, int type) return 0; } - idSz = SetLength(algoSz - 2, ID_Length); /* don't include TAG_NULL/0 */ - seqSz = SetSequence(idSz + algoSz + 1, seqArray); + idSz = SetLength(algoSz - tagSz, ID_Length); /* don't include tags */ + seqSz = SetSequence(idSz + algoSz + 1 + curveSz, seqArray); + /* +1 for object id, curveID of curveSz follows for ecc */ seqArray[seqSz++] = ASN_OBJECT_ID; XMEMCPY(output, seqArray, seqSz); @@ -2420,7 +2506,7 @@ word32 EncodeSignature(byte* out, const byte* digest, word32 digSz, int hashOID) word32 encDigSz, algoSz, seqSz; encDigSz = SetDigest(digest, digSz, digArray); - algoSz = SetAlgoID(hashOID, algoArray, hashType); + algoSz = SetAlgoID(hashOID, algoArray, hashType, 0); seqSz = SetSequence(encDigSz + algoSz, seqArray); XMEMCPY(out, seqArray, seqSz); @@ -3195,6 +3281,8 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) return ret; } + CYASSL_MSG("Parsed Past Key"); + if (cert->srcIdx != cert->sigIndex) { if (cert->srcIdx < cert->sigIndex) { /* save extensions */ @@ -3626,8 +3714,59 @@ static int SetSerial(const byte* serial, byte* output) } +#ifdef HAVE_ECC + +/* Write a public ECC key to output */ +static int SetEccPublicKey(byte* output, ecc_key* key) +{ + byte algo[MAX_ALGO_SZ]; + byte curve[MAX_ALGO_SZ]; + byte len[MAX_LENGTH_SZ + 1]; /* trailing 0 */ + byte pub[ECC_BUFSIZE]; + int algoSz; + int curveSz; + int lenSz; + int idx; + word32 pubSz = sizeof(pub); + + int ret = ecc_export_x963(key, pub, &pubSz); + if (ret != 0) return ret; + + /* headers */ + curveSz = SetCurve(key, curve); + if (curveSz <= 0) return curveSz; + + algoSz = SetAlgoID(ECDSAk, algo, keyType, curveSz); + lenSz = SetLength(pubSz + 1, len); + len[lenSz++] = 0; /* trailing 0 */ + + /* write */ + idx = SetSequence(pubSz + curveSz + lenSz + 1 + algoSz, output); + /* 1 is for ASN_BIT_STRING */ + /* algo */ + XMEMCPY(output + idx, algo, algoSz); + idx += algoSz; + /* curve */ + XMEMCPY(output + idx, curve, curveSz); + idx += curveSz; + /* bit string */ + output[idx++] = ASN_BIT_STRING; + /* length */ + XMEMCPY(output + idx, len, lenSz); + idx += lenSz; + /* pub */ + XMEMCPY(output + idx, pub, pubSz); + idx += pubSz; + + return idx; +} + + +#endif /* HAVE_ECC */ + + /* Write a public RSA key to output */ -static int SetPublicKey(byte* output, RsaKey* key) +static int SetRsaPublicKey(byte* output, RsaKey* key) { byte n[MAX_RSA_INT_SZ]; byte e[MAX_RSA_E_SZ]; @@ -3673,7 +3812,7 @@ static int SetPublicKey(byte* output, RsaKey* key) return BUFFER_E; /* headers */ - algoSz = SetAlgoID(RSAk, algo, keyType); + algoSz = SetAlgoID(RSAk, algo, keyType, 0); seqSz = SetSequence(nSz + eSz, seq); lenSz = SetLength(seqSz + nSz + eSz + 1, len); len[lenSz++] = 0; /* trailing 0 */ @@ -4039,9 +4178,10 @@ static int SetName(byte* output, CertName* name) } /* encode info from cert into DER enocder format */ -static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, RNG* rng, - const byte* ntruKey, word16 ntruSz) +static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey, + RNG* rng, const byte* ntruKey, word16 ntruSz) { + (void)eccKey; (void)ntruKey; (void)ntruSz; @@ -4057,18 +4197,31 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, RNG* rng, der->serialSz = SetSerial(cert->serial, der->serial); /* signature algo */ - der->sigAlgoSz = SetAlgoID(cert->sigType, der->sigAlgo, sigType); + der->sigAlgoSz = SetAlgoID(cert->sigType, der->sigAlgo, sigType, 0); if (der->sigAlgoSz == 0) return ALGO_ID_E; /* public key */ if (cert->keyType == RSA_KEY) { - der->publicKeySz = SetPublicKey(der->publicKey, rsaKey); - if (der->publicKeySz == 0) + if (rsaKey == NULL) + return PUBLIC_KEY_E; + der->publicKeySz = SetRsaPublicKey(der->publicKey, rsaKey); + if (der->publicKeySz <= 0) return PUBLIC_KEY_E; } - else { + +#ifdef HAVE_ECC + if (cert->keyType == ECC_KEY) { + if (eccKey == NULL) + return PUBLIC_KEY_E; + der->publicKeySz = SetEccPublicKey(der->publicKey, eccKey); + if (der->publicKeySz <= 0) + return PUBLIC_KEY_E; + } +#endif /* HAVE_ECC */ + #ifdef HAVE_NTRU + if (cert->keyType == NTRU_KEY) { word32 rc; word16 encodedSz; @@ -4085,8 +4238,8 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, RNG* rng, return PUBLIC_KEY_E; der->publicKeySz = encodedSz; -#endif } +#endif /* HAVE_NTRU */ der->validitySz = 0; #ifdef CYASSL_ALT_NAMES @@ -4257,7 +4410,7 @@ static int AddSignature(byte* buffer, int bodySz, const byte* sig, int sigSz, int idx = bodySz, seqSz; /* algo */ - idx += SetAlgoID(sigAlgoType, buffer + idx, sigType); + idx += SetAlgoID(sigAlgoType, buffer + idx, sigType, 0); /* bit string */ buffer[idx++] = ASN_BIT_STRING; /* length */ @@ -4278,13 +4431,17 @@ static int AddSignature(byte* buffer, int bodySz, const byte* sig, int sigSz, /* Make an x509 Certificate v3 any key type from cert input, write to buffer */ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz, - RsaKey* rsaKey, RNG* rng, const byte* ntruKey, word16 ntruSz) + RsaKey* rsaKey, ecc_key* eccKey, RNG* rng, + const byte* ntruKey, word16 ntruSz) { DerCert der; int ret; - cert->keyType = rsaKey ? RSA_KEY : NTRU_KEY; - ret = EncodeCert(cert, &der, rsaKey, rng, ntruKey, ntruSz); + if (eccKey) + cert->keyType = ECC_KEY; + else + cert->keyType = rsaKey ? RSA_KEY : NTRU_KEY; + ret = EncodeCert(cert, &der, rsaKey, eccKey, rng, ntruKey, ntruSz); if (ret != 0) return ret; @@ -4295,10 +4452,11 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz, } -/* Make an x509 Certificate v3 RSA from cert input, write to buffer */ -int MakeCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey,RNG* rng) +/* Make an x509 Certificate v3 RSA or ECC from cert input, write to buffer */ +int MakeCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey, + ecc_key* eccKey, RNG* rng) { - return MakeAnyCert(cert, derBuffer, derSz, rsaKey, rng, NULL, 0); + return MakeAnyCert(cert, derBuffer, derSz, rsaKey, eccKey, rng, NULL, 0); } @@ -4307,7 +4465,7 @@ int MakeCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey,RNG* rng) int MakeNtruCert(Cert* cert, byte* derBuffer, word32 derSz, const byte* ntruKey, word16 keySz, RNG* rng) { - return MakeAnyCert(cert, derBuffer, derSz, NULL, rng, ntruKey, keySz); + return MakeAnyCert(cert, derBuffer, derSz, NULL, NULL, rng, ntruKey, keySz); } #endif /* HAVE_NTRU */ @@ -4337,7 +4495,7 @@ int SignCert(Cert* cert, byte* buffer, word32 buffSz, RsaKey* rsaKey, int MakeSelfCert(Cert* cert, byte* buffer, word32 buffSz, RsaKey* key, RNG* rng) { - int ret = MakeCert(cert, buffer, buffSz, key, rng); + int ret = MakeCert(cert, buffer, buffSz, key, NULL, rng); if (ret < 0) return ret; @@ -5367,7 +5525,7 @@ int EncodeOcspRequest(OcspRequest* req) CYASSL_ENTER("EncodeOcspRequest"); - algoSz = SetAlgoID(SHAh, algoArray, hashType); + algoSz = SetAlgoID(SHAh, algoArray, hashType, 0); req->issuerHash = req->cert->issuerHash; issuerSz = SetDigest(req->cert->issuerHash, SHA_SIZE, issuerArray); diff --git a/ctaocrypt/src/ecc.c b/ctaocrypt/src/ecc.c index 7acad6870..af190750c 100644 --- a/ctaocrypt/src/ecc.c +++ b/ctaocrypt/src/ecc.c @@ -1997,7 +1997,6 @@ int ecc_export_x963(ecc_key* key, byte* out, word32* outLen) int ecc_import_x963(const byte* in, word32 inLen, ecc_key* key) { int x, err; - if (in == NULL || key == NULL) return ECC_BAD_ARG_E; diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index 928b63d21..8d26487eb 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -2798,7 +2798,7 @@ int rsa_test(void) if (ret < 0) return -405; - certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, &rng); + certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, NULL, &rng); if (certSz < 0) return -407; @@ -2886,7 +2886,7 @@ int rsa_test(void) if (ret < 0) return -5405; - certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, &rng); + certSz = MakeCert(&myCert, derCert, FOURK_BUF, NULL, &caKey, &rng); if (certSz < 0) return -5407; diff --git a/cyassl/ctaocrypt/asn.h b/cyassl/ctaocrypt/asn.h index 737f594f1..ae758aab7 100644 --- a/cyassl/ctaocrypt/asn.h +++ b/cyassl/ctaocrypt/asn.h @@ -151,9 +151,10 @@ enum Misc_ASN { enum Oid_Types { - hashType = 0, - sigType = 1, - keyType = 2 + hashType = 0, + sigType = 1, + keyType = 2, + curveType = 3 }; @@ -400,7 +401,8 @@ enum cert_enums { JOINT_LEN = 2, EMAIL_JOINT_LEN = 9, RSA_KEY = 10, - NTRU_KEY = 11 + NTRU_KEY = 11, + ECC_KEY = 12 }; diff --git a/cyassl/ctaocrypt/asn_public.h b/cyassl/ctaocrypt/asn_public.h index a9d5fb7a9..6fdc0117d 100644 --- a/cyassl/ctaocrypt/asn_public.h +++ b/cyassl/ctaocrypt/asn_public.h @@ -125,7 +125,8 @@ typedef struct Cert { keyType = RSA_KEY (default) */ CYASSL_API void InitCert(Cert*); -CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); +CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, + ecc_key*, RNG*); CYASSL_API int SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, ecc_key*, RNG*); CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, From 321d215e5704d3144d047ad674c32cb96f9c278a Mon Sep 17 00:00:00 2001 From: John Safranek Date: Sat, 16 Nov 2013 21:53:57 -0800 Subject: [PATCH 006/135] Added ecc, blake, crl, ocsp to the VS project --- cyassl-ntru.vcproj | 20 ++++++++++++++++++++ cyassl.vcproj | 20 ++++++++++++++++++++ 2 files changed, 40 insertions(+) diff --git a/cyassl-ntru.vcproj b/cyassl-ntru.vcproj index 57720a52d..0813acdc7 100755 --- a/cyassl-ntru.vcproj +++ b/cyassl-ntru.vcproj @@ -166,10 +166,22 @@ RelativePath=".\ctaocrypt\src\asn.c" > + + + + + + @@ -182,6 +194,10 @@ RelativePath=".\ctaocrypt\src\dsa.c" > + + @@ -230,6 +246,10 @@ RelativePath=".\ctaocrypt\src\misc.c" > + + diff --git a/cyassl.vcproj b/cyassl.vcproj index 958f3ab61..82f919d25 100755 --- a/cyassl.vcproj +++ b/cyassl.vcproj @@ -162,10 +162,22 @@ RelativePath=".\ctaocrypt\src\asn.c" > + + + + + + @@ -178,6 +190,10 @@ RelativePath=".\ctaocrypt\src\dsa.c" > + + @@ -222,6 +238,10 @@ RelativePath=".\ctaocrypt\src\memory.c" > + + From e92860bda7d3e854aa61a0786fc6666368c587c8 Mon Sep 17 00:00:00 2001 From: toddouska Date: Tue, 19 Nov 2013 11:17:23 -0800 Subject: [PATCH 007/135] ecc enc/dec offset init fix --- ctaocrypt/src/ecc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ctaocrypt/src/ecc.c b/ctaocrypt/src/ecc.c index af190750c..0310f8a76 100644 --- a/ctaocrypt/src/ecc.c +++ b/ctaocrypt/src/ecc.c @@ -3734,7 +3734,7 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, int keysLen; int encKeySz; int ivSz; - int offset; /* keys offset if doing msg exchange */ + int offset = 0; /* keys offset if doing msg exchange */ byte* encKey; byte* encIv; byte* macKey; @@ -3855,7 +3855,7 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, int keysLen; int encKeySz; int ivSz; - int offset; /* in case using msg exchange */ + int offset = 0; /* in case using msg exchange */ byte* encKey; byte* encIv; byte* macKey; From c0007ad6b3b4b43f78eb2d258a2ed220216c6924 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Tue, 19 Nov 2013 14:34:05 -0700 Subject: [PATCH 008/135] move Coldfire SEC specific DES/3DES header sections into define --- cyassl/ctaocrypt/des3.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/cyassl/ctaocrypt/des3.h b/cyassl/ctaocrypt/des3.h index 3d249c7ab..fe931960e 100644 --- a/cyassl/ctaocrypt/des3.h +++ b/cyassl/ctaocrypt/des3.h @@ -63,18 +63,22 @@ enum { typedef struct Des { word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */ word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */ +#ifdef HAVE_COLDFIRE_SEC byte keylen ; /* for Coldfire SEC */ byte ivlen ; /* for Coldfire SEC */ byte iv[DES3_IVLEN]; /* for Coldfire SEC */ +#endif word32 key[DES_KS_SIZE]; } Des; /* DES3 encryption and decryption */ typedef struct Des3 { +#ifdef HAVE_COLDFIRE_SEC byte keylen ; /* for Coldfire SEC */ byte ivlen ; /* for Coldfire SEC */ byte iv[DES3_IVLEN]; /* for Coldfire SEC */ +#endif word32 key[3][DES_KS_SIZE]; word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */ word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */ From 0fd6aed9b6abf2dc018b44430d8752ad0548bedc Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 19 Nov 2013 14:44:55 -0800 Subject: [PATCH 009/135] Save more decoded data from certificate for later use with X.509 functions. --- ctaocrypt/src/asn.c | 118 +++++++++++++++++++++++-- cyassl/ctaocrypt/asn.h | 37 +++++++- cyassl/ctaocrypt/settings.h | 34 ++++++++ cyassl/internal.h | 25 ++++++ cyassl/ssl.h | 13 +++ src/internal.c | 52 +++++++++++ src/ssl.c | 167 ++++++++++++++++++++++++++++++++++++ 7 files changed, 439 insertions(+), 7 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index cabd8d816..ff9b62c0d 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -1303,6 +1303,20 @@ void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap) #ifdef OPENSSL_EXTRA XMEMSET(&cert->issuerName, 0, sizeof(DecodedName)); XMEMSET(&cert->subjectName, 0, sizeof(DecodedName)); + cert->extBasicConstSet = 0; + cert->extBasicConstCrit = 0; + cert->extBasicConstPlSet = 0; + cert->pathLength = 0; + cert->extSubjAltNameSet = 0; + cert->extSubjAltNameCrit = 0; + cert->extAuthKeyIdCrit = 0; + cert->extSubjKeyIdCrit = 0; + cert->extKeyUsageSet = 0; + cert->extKeyUsageCrit = 0; + cert->extKeyUsage = 0; + #ifdef HAVE_ECC + cert->pkCurveOID = 0; + #endif /* HAVE_ECC */ #endif /* OPENSSL_EXTRA */ #ifdef CYASSL_SEP cert->deviceTypeSz = 0; @@ -1311,6 +1325,10 @@ void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap) cert->hwType = NULL; cert->hwSerialNumSz = 0; cert->hwSerialNum = NULL; + #ifdef OPENSSL_EXTRA + cert->extCertPolicySet = 0; + cert->extCertPolicyCrit = 0; + #endif /* OPENSSL_EXTRA */ #endif /* CYASSL_SEP */ } @@ -1509,6 +1527,9 @@ static int GetKey(DecodedCert* cert) oid += cert->source[cert->srcIdx++]; if (CheckCurve(oid) < 0) return ECC_CURVE_OID_E; + #ifdef OPENSSL_EXTRA + cert->pkCurveOID = oid; + #endif /* OPENSSL_EXTRA */ /* key header */ b = cert->source[cert->srcIdx++]; @@ -2882,8 +2903,28 @@ static void DecodeBasicCaConstraint(byte* input, int sz, DecodedCert* cert) return; } - if (input[idx]) + if (input[idx++]) cert->isCA = 1; + + #ifdef OPENSSL_EXTRA + /* If there isn't any more data, return. */ + if (idx >= (word32)sz) + return; + + /* Anything left should be the optional pathlength */ + if (input[idx++] != ASN_INTEGER) { + CYASSL_MSG("\tfail: pathlen not INTEGER"); + return; + } + + if (input[idx++] != 1) { + CYASSL_MSG("\tfail: pathlen too long"); + return; + } + + cert->pathLength = input[idx]; + cert->extBasicConstPlSet = 1; + #endif /* OPENSSL_EXTRA */ } @@ -3045,7 +3086,6 @@ static void DecodeAuthKeyId(byte* input, int sz, DecodedCert* cert) ShaUpdate(&sha, input + idx, length); ShaFinal(&sha, cert->extAuthKeyId); } - cert->extAuthKeyIdSet = 1; return; } @@ -3077,12 +3117,44 @@ static void DecodeSubjKeyId(byte* input, int sz, DecodedCert* cert) ShaUpdate(&sha, input + idx, length); ShaFinal(&sha, cert->extSubjKeyId); } - cert->extSubjKeyIdSet = 1; return; } +#ifdef OPENSSL_EXTRA + static void DecodeKeyUsage(byte* input, int sz, DecodedCert* cert) + { + word32 idx = 0; + int length; + byte unusedBits; + CYASSL_ENTER("DecodeKeyUsage"); + + if (input[idx++] != ASN_BIT_STRING) { + CYASSL_MSG("\tfail: key usage expected bit string"); + return; + } + + if (GetLength(input, &idx, &length, sz) < 0) { + CYASSL_MSG("\tfail: key usage bad length"); + return; + } + + unusedBits = input[idx++]; + length--; + + if (length == 2) { + cert->extKeyUsage = (input[idx] << 8) | input[idx+1]; + cert->extKeyUsage >>= unusedBits; + } + else if (length == 1) + cert->extKeyUsage = (input[idx] << 1); + + return; + } +#endif /* OPENSSL_EXTRA */ + + #ifdef CYASSL_SEP static void DecodeCertPolicy(byte* input, int sz, DecodedCert* cert) { @@ -3138,6 +3210,7 @@ static void DecodeCertExtensions(DecodedCert* cert) byte* input = cert->extensions; int length; word32 oid; + byte critical; CYASSL_ENTER("DecodeCertExtensions"); @@ -3162,9 +3235,16 @@ static void DecodeCertExtensions(DecodedCert* cert) } /* check for critical flag */ + critical = 0; if (input[idx] == ASN_BOOLEAN) { - CYASSL_MSG("\tfound optional critical flag, moving past"); - idx += (ASN_BOOL_SIZE + 1); + int boolLength = 0; + idx++; + if (GetLength(input, &idx, &boolLength, sz) < 0) { + CYASSL_MSG("\tfail: critical boolean length"); + return; + } + if (input[idx++]) + critical = 1; } /* process the extension based on the OID */ @@ -3180,6 +3260,10 @@ static void DecodeCertExtensions(DecodedCert* cert) switch (oid) { case BASIC_CA_OID: + #ifdef OPENSSL_EXTRA + cert->extBasicConstSet = 1; + cert->extBasicConstCrit = critical; + #endif DecodeBasicCaConstraint(&input[idx], length, cert); break; @@ -3192,23 +3276,47 @@ static void DecodeCertExtensions(DecodedCert* cert) break; case ALT_NAMES_OID: + #ifdef OPENSSL_EXTRA + cert->extSubjAltNameSet = 1; + cert->extSubjAltNameCrit = critical; + #endif DecodeAltNames(&input[idx], length, cert); break; case AUTH_KEY_OID: + cert->extAuthKeyIdSet = 1; + #ifdef OPENSSL_EXTRA + cert->extAuthKeyIdCrit = critical; + #endif DecodeAuthKeyId(&input[idx], length, cert); break; case SUBJ_KEY_OID: + cert->extSubjKeyIdSet = 1; + #ifdef OPENSSL_EXTRA + cert->extSubjKeyIdCrit = critical; + #endif DecodeSubjKeyId(&input[idx], length, cert); break; #ifdef CYASSL_SEP case CERT_POLICY_OID: + #ifdef OPENSSL_EXTRA + cert->extCertPolicySet = 1; + cert->extCertPolicyCrit = critical; + #endif DecodeCertPolicy(&input[idx], length, cert); break; #endif + #ifdef OPENSSL_EXTRA + case KEY_USAGE_OID: + cert->extKeyUsageSet = 1; + cert->extKeyUsageCrit = critical; + DecodeKeyUsage(&input[idx], length, cert); + break; + #endif + default: CYASSL_MSG("\tExtension type not handled, skipping"); break; diff --git a/cyassl/ctaocrypt/asn.h b/cyassl/ctaocrypt/asn.h index ae758aab7..d4621c025 100644 --- a/cyassl/ctaocrypt/asn.h +++ b/cyassl/ctaocrypt/asn.h @@ -199,7 +199,8 @@ enum Extensions_Sum { CA_ISSUER_OID = 117, AUTH_KEY_OID = 149, SUBJ_KEY_OID = 128, - CERT_POLICY_OID = 146 + CERT_POLICY_OID = 146, + KEY_USAGE_OID = 129 /* 2.5.29.15 */ }; enum CertificatePolicy_Sum { @@ -217,6 +218,18 @@ enum VerifyType { }; +/* Key usage extension bits */ +#define KEYUSE_DIGITAL_SIG 0x0100 +#define KEYUSE_CONTENT_COMMIT 0x0080 +#define KEYUSE_KEY_ENCIPHER 0x0040 +#define KEYUSE_DATA_ENCIPHER 0x0020 +#define KEYUSE_KEY_AGREE 0x0010 +#define KEYUSE_KEY_CERT_SIGN 0x0008 +#define KEYUSE_CRL_SIGN 0x0004 +#define KEYUSE_ENCIPHER_ONLY 0x0002 +#define KEYUSE_DECIPHER_ONLY 0x0001 + + typedef struct DNS_entry DNS_entry; struct DNS_entry { @@ -297,7 +310,23 @@ struct DecodedCert { byte extSubjKeyIdSet; /* Set when the SKID was read from cert */ byte extAuthKeyId[SHA_SIZE]; /* Authority Key ID */ byte extAuthKeyIdSet; /* Set when the AKID was read from cert */ - byte isCA; /* CA basic constraint true */ + byte isCA; /* CA basic constraint true */ +#ifdef OPENSSL_EXTRA + byte extBasicConstSet; + byte extBasicConstCrit; + byte extBasicConstPlSet; + word32 pathLength; /* CA basic constraint path length, opt */ + byte extSubjAltNameSet; + byte extSubjAltNameCrit; + byte extAuthKeyIdCrit; + byte extSubjKeyIdCrit; + byte extKeyUsageSet; + byte extKeyUsageCrit; + word16 extKeyUsage; /* Key usage bitfield */ + #ifdef HAVE_ECC + word32 pkCurveOID; /* Public Key's curve OID */ + #endif /* HAVE_ECC */ +#endif byte* beforeDate; int beforeDateLen; byte* afterDate; @@ -330,6 +359,10 @@ struct DecodedCert { byte* hwType; int hwSerialNumSz; byte* hwSerialNum; + #ifdef OPENSSL_EXTRA + byte extCertPolicySet; + byte extCertPolicyCrit; + #endif /* OPENSSL_EXTRA */ #endif /* CYASSL_SEP */ }; diff --git a/cyassl/ctaocrypt/settings.h b/cyassl/ctaocrypt/settings.h index d61c5484a..6f5a3d70a 100644 --- a/cyassl/ctaocrypt/settings.h +++ b/cyassl/ctaocrypt/settings.h @@ -78,6 +78,9 @@ /* Uncomment next line if using Comverge settings */ /* #define COMVERGE */ +/* Uncomment next line if using QL SEP settings */ +/* #define CYASSL_QL */ + #include @@ -524,6 +527,37 @@ #endif /* MICRIUM */ +#ifdef CYASSL_QL + #ifndef CYASSL_SEP + #define CYASSL_SEP + #endif + #ifndef OPENSSL_EXTRA + #define OPENSSL_EXTRA + #endif + #ifndef SESSION_CERTS + #define SESSION_CERTS + #endif + #ifndef HAVE_AESCCM + #define HAVE_AESCCM + #endif + #ifndef ATOMIC_USER + #define ATOMIC_USER + #endif + #ifndef CYASSL_DER_LOAD + #define CYASSL_DER_LOAD + #endif + #ifndef KEEP_PEER_CERT + #define KEEP_PEER_CERT + #endif + #ifndef HAVE_ECC + #define HAVE_ECC + #endif + #ifndef SESSION_INDEX + #define SESSION_INDEX + #endif +#endif /* CYASSL_QL */ + + #if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \ !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY) #define USE_CYASSL_MEMORY diff --git a/cyassl/internal.h b/cyassl/internal.h index 32b8964bf..527a3f380 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -1661,6 +1661,10 @@ struct CYASSL_X509 { byte hwType[EXTERNAL_SERIAL_SIZE]; int hwSerialNumSz; byte hwSerialNum[EXTERNAL_SERIAL_SIZE]; + #ifdef OPENSSL_EXTRA + byte certPolicySet; + byte certPolicyCrit; + #endif /* OPENSSL_EXTRA */ #endif int notBeforeSz; byte notBefore[MAX_DATE_SZ]; @@ -1670,10 +1674,31 @@ struct CYASSL_X509 { buffer sig; int pubKeyOID; buffer pubKey; + #ifdef HAVE_ECC + word32 pkCurveOID; + #endif /* HAVE_ECC */ buffer derCert; /* may need */ DNS_entry* altNames; /* alt names list */ DNS_entry* altNamesNext; /* hint for retrieval */ byte dynamicMemory; /* dynamic memory flag */ + byte isCa; +#ifdef OPENSSL_EXTRA + word32 pathLength; + word16 keyUsage; + byte basicConstSet; + byte basicConstCrit; + byte basicConstPlSet; + byte subjAltNameSet; + byte subjAltNameCrit; + byte authKeyIdSet; + byte authKeyIdCrit; + byte authKeyId[SHA_SIZE]; + byte subjKeyIdSet; + byte subjKeyIdCrit; + byte subjKeyId[SHA_SIZE]; + byte keyUsageSet; + byte keyUsageCrit; +#endif /* OPENSSL_EXTRA */ }; diff --git a/cyassl/ssl.h b/cyassl/ssl.h index bd5f25c38..6e2e0a889 100644 --- a/cyassl/ssl.h +++ b/cyassl/ssl.h @@ -99,6 +99,9 @@ typedef struct CYASSL_EVP_PKEY { union { char* ptr; } pkey; + #ifdef HAVE_ECC + int pkey_curve; + #endif } CYASSL_EVP_PKEY; typedef struct CYASSL_MD4_CTX { @@ -413,6 +416,16 @@ CYASSL_API int CyaSSL_X509_STORE_CTX_get_error_depth(CYASSL_X509_STORE_CTX*); CYASSL_API char* CyaSSL_X509_NAME_oneline(CYASSL_X509_NAME*, char*, int); CYASSL_API CYASSL_X509_NAME* CyaSSL_X509_get_issuer_name(CYASSL_X509*); CYASSL_API CYASSL_X509_NAME* CyaSSL_X509_get_subject_name(CYASSL_X509*); +CYASSL_API int CyaSSL_X509_ext_isSet_by_NID(CYASSL_X509*, int); +CYASSL_API int CyaSSL_X509_ext_get_critical_by_NID(CYASSL_X509*, int); +CYASSL_API int CyaSSL_X509_get_isCA(CYASSL_X509*); +CYASSL_API int CyaSSL_X509_get_isSet_pathLength(CYASSL_X509*); +CYASSL_API unsigned int CyaSSL_X509_get_pathLength(CYASSL_X509*); +CYASSL_API unsigned int CyaSSL_X509_get_keyUsage(CYASSL_X509*); +CYASSL_API unsigned char* CyaSSL_X509_get_authorityKeyID( + CYASSL_X509*, unsigned char*, int*); +CYASSL_API unsigned char* CyaSSL_X509_get_subjectKeyID( + CYASSL_X509*, unsigned char*, int*); CYASSL_API int CyaSSL_X509_NAME_entry_count(CYASSL_X509_NAME*); CYASSL_API int CyaSSL_X509_NAME_get_text_by_NID( CYASSL_X509_NAME*, int, char*, int); diff --git a/src/internal.c b/src/internal.c index 53e0645ec..21cb6b743 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1271,6 +1271,31 @@ void InitX509(CYASSL_X509* x509, int dynamicFlag) x509->altNames = NULL; x509->altNamesNext = NULL; x509->dynamicMemory = (byte)dynamicFlag; + x509->isCa = 0; +#ifdef OPENSSL_EXTRA + x509->pathLength = 0; + x509->basicConstSet = 0; + x509->basicConstCrit = 0; + x509->basicConstPlSet = 0; + x509->subjAltNameSet = 0; + x509->subjAltNameCrit = 0; + x509->authKeyIdSet = 0; + x509->authKeyIdCrit = 0; + XMEMSET(x509->authKeyId, 0, SHA_SIZE); + x509->subjKeyIdSet = 0; + x509->subjKeyIdCrit = 0; + XMEMSET(x509->subjKeyId, 0, SHA_SIZE); + x509->keyUsageSet = 0; + x509->keyUsageCrit = 0; + x509->keyUsage = 0; + #ifdef HAVE_ECC + x509->pkCurveOID = 0; + #endif /* HAVE_ECC */ + #ifdef CYASSL_SEP + x509->certPolicySet = 0; + x509->certPolicyCrit = 0; + #endif /* CYASSL_SEP */ +#endif /* OPENSSL_EXTRA */ } @@ -3156,6 +3181,33 @@ int CopyDecodedToX509(CYASSL_X509* x509, DecodedCert* dCert) dCert->altNames = NULL; /* takes ownership */ x509->altNamesNext = x509->altNames; /* index hint */ + x509->isCa = dCert->isCA; +#ifdef OPENSSL_EXTRA + x509->pathLength = dCert->pathLength; + x509->keyUsage = dCert->extKeyUsage; + + x509->basicConstSet = dCert->extBasicConstSet; + x509->basicConstCrit = dCert->extBasicConstCrit; + x509->basicConstPlSet = dCert->extBasicConstPlSet; + x509->subjAltNameSet = dCert->extSubjAltNameSet; + x509->subjAltNameCrit = dCert->extSubjAltNameCrit; + x509->authKeyIdSet = dCert->extAuthKeyIdSet; + x509->authKeyIdCrit = dCert->extAuthKeyIdCrit; + XMEMCPY(x509->authKeyId, dCert->extAuthKeyId, SHA_SIZE); + x509->subjKeyIdSet = dCert->extSubjKeyIdSet; + x509->subjKeyIdCrit = dCert->extSubjKeyIdCrit; + XMEMCPY(x509->subjKeyId, dCert->extSubjKeyId, SHA_SIZE); + x509->keyUsageSet = dCert->extKeyUsageSet; + x509->keyUsageCrit = dCert->extKeyUsageCrit; + #ifdef HAVE_ECC + x509->pkCurveOID = dCert->pkCurveOID; + #endif /* HAVE_ECC */ + #ifdef CYASSL_SEP + x509->certPolicySet = dCert->extCertPolicySet; + x509->certPolicyCrit = dCert->extCertPolicyCrit; + #endif /* CYASSL_SEP */ +#endif /* OPENSSL_EXTRA */ + return ret; } diff --git a/src/ssl.c b/src/ssl.c index 7da7f2224..8ae90d350 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -7092,6 +7092,170 @@ int CyaSSL_set_compression(CYASSL* ssl) } +#ifdef OPENSSL_EXTRA + int CyaSSL_X509_ext_isSet_by_NID(CYASSL_X509* x509, int nid) + { + int isSet = 0; + + CYASSL_ENTER("CyaSSL_X509_ext_isSet_by_NID"); + + if (x509 != NULL) { + switch (nid) { + case BASIC_CA_OID: isSet = x509->basicConstSet; break; + case ALT_NAMES_OID: isSet = x509->subjAltNameSet; break; + case AUTH_KEY_OID: isSet = x509->authKeyIdSet; break; + case SUBJ_KEY_OID: isSet = x509->subjKeyIdSet; break; + case KEY_USAGE_OID: isSet = x509->keyUsageSet; break; + #ifdef CYASSL_SEP + case CERT_POLICY_OID: isSet = x509->certPolicySet; break; + #endif /* CYASSL_SEP */ + } + } + + CYASSL_LEAVE("CyaSSL_X509_ext_isSet_by_NID", isSet); + + return isSet; + } + + + int CyaSSL_X509_ext_get_critical_by_NID(CYASSL_X509* x509, int nid) + { + int crit = 0; + + CYASSL_ENTER("CyaSSL_X509_ext_get_critical_by_NID"); + + if (x509 != NULL) { + switch (nid) { + case BASIC_CA_OID: crit = x509->basicConstCrit; break; + case ALT_NAMES_OID: crit = x509->subjAltNameCrit; break; + case AUTH_KEY_OID: crit = x509->authKeyIdCrit; break; + case SUBJ_KEY_OID: crit = x509->subjKeyIdCrit; break; + case KEY_USAGE_OID: crit = x509->keyUsageCrit; break; + #ifdef CYASSL_SEP + case CERT_POLICY_OID: crit = x509->certPolicyCrit; break; + #endif /* CYASSL_SEP */ + } + } + + CYASSL_LEAVE("CyaSSL_X509_ext_get_critical_by_NID", crit); + + return crit; + } +#endif + + + int CyaSSL_X509_get_isCA(CYASSL_X509* x509) + { + int isCA = 0; + + CYASSL_ENTER("CyaSSL_X509_get_isCA"); + + if (x509 != NULL) + isCA = x509->isCa; + + CYASSL_LEAVE("CyaSSL_X509_get_isCA", isCA); + + return isCA; + } + + +#ifdef OPENSSL_EXTRA + int CyaSSL_X509_get_isSet_pathLength(CYASSL_X509* x509) + { + int isSet = 0; + + CYASSL_ENTER("CyaSSL_X509_get_isSet_pathLength"); + + if (x509 != NULL) + isSet = x509->basicConstPlSet; + + CYASSL_LEAVE("CyaSSL_X509_get_isSet_pathLength", isSet); + + return isSet; + } + + + word32 CyaSSL_X509_get_pathLength(CYASSL_X509* x509) + { + word32 pathLength = 0; + + CYASSL_ENTER("CyaSSL_X509_get_pathLength"); + + if (x509 != NULL) + pathLength = x509->pathLength; + + CYASSL_LEAVE("CyaSSL_X509_get_pathLength", pathLength); + + return pathLength; + } + + + unsigned int CyaSSL_X509_get_keyUsage(CYASSL_X509* x509) + { + word16 usage = 0; + + CYASSL_ENTER("CyaSSL_X509_get_keyUsage"); + + if (x509 != NULL) + usage = x509->keyUsage; + + CYASSL_LEAVE("CyaSSL_X509_get_keyUsage", usage); + + return usage; + } + + + byte* CyaSSL_X509_get_authorityKeyID( + CYASSL_X509* x509, byte* dst, int* dstLen) + { + byte *id = NULL; + int copySz = min(dstLen != NULL ? *dstLen : 0, SHA_SIZE); + + CYASSL_ENTER("CyaSSL_X509_get_authorityKeyID"); + + if (x509 != NULL) { + if (x509->authKeyIdSet) + id = x509->authKeyId; + + if (dst != NULL && dstLen != NULL && id != NULL && copySz > 0) { + XMEMCPY(dst, id, copySz); + id = dst; + *dstLen = copySz; + } + } + + CYASSL_LEAVE("CyaSSL_X509_get_authorityKeyID", copySz); + + return id; + } + + + byte* CyaSSL_X509_get_subjectKeyID( + CYASSL_X509* x509, byte* dst, int* dstLen) + { + byte *id = NULL; + int copySz = min(dstLen != NULL ? *dstLen : 0, SHA_SIZE); + + CYASSL_ENTER("CyaSSL_X509_get_subjectKeyID"); + + if (x509 != NULL) { + if (x509->subjKeyIdSet) + id = x509->subjKeyId; + + if (dst != NULL && dstLen != NULL && id != NULL && copySz > 0) { + XMEMCPY(dst, id, copySz); + id = dst; + *dstLen = copySz; + } + } + + CYASSL_LEAVE("CyaSSL_X509_get_subjectKeyID", copySz); + + return id; + } +#endif + + /* copy name into in buffer, at most sz bytes, if buffer is null will malloc buffer, call responsible for freeing */ char* CyaSSL_X509_NAME_oneline(CYASSL_X509_NAME* name, char* in, int sz) @@ -8373,6 +8537,9 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) XMEMCPY(key->pkey.ptr, x509->pubKey.buffer, x509->pubKey.length); key->pkey_sz = x509->pubKey.length; + #ifdef HAVE_ECC + key->pkey_curve = (int)x509->pkCurveOID; + #endif /* HAVE_ECC */ } } return key; From 4377996d87eccf125d71f13bda9064953dc6e6d9 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 19 Nov 2013 16:20:18 -0800 Subject: [PATCH 010/135] Saved original SKID and AKID from certificate for later use with X.509 functions. --- ctaocrypt/src/asn.c | 15 ++++++++++++++- cyassl/ctaocrypt/asn.h | 4 ++++ cyassl/internal.h | 6 ++++-- src/internal.c | 32 ++++++++++++++++++++++++++++---- src/ssl.c | 14 ++++++++++---- 5 files changed, 60 insertions(+), 11 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index ff9b62c0d..5f276af4f 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -1314,6 +1314,10 @@ void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap) cert->extKeyUsageSet = 0; cert->extKeyUsageCrit = 0; cert->extKeyUsage = 0; + cert->extAuthKeyIdSrc = NULL; + cert->extAuthKeyIdSz = 0; + cert->extSubjKeyIdSrc = NULL; + cert->extSubjKeyIdSz = 0; #ifdef HAVE_ECC cert->pkCurveOID = 0; #endif /* HAVE_ECC */ @@ -3077,6 +3081,11 @@ static void DecodeAuthKeyId(byte* input, int sz, DecodedCert* cert) return; } + #ifdef OPENSSL_EXTRA + cert->extAuthKeyIdSrc = &input[idx]; + cert->extAuthKeyIdSz = length; + #endif /* OPENSSL_EXTRA */ + if (length == SHA_SIZE) { XMEMCPY(cert->extAuthKeyId, input + idx, length); } @@ -3108,6 +3117,11 @@ static void DecodeSubjKeyId(byte* input, int sz, DecodedCert* cert) return; } + #ifdef OPENSSL_EXTRA + cert->extSubjKeyIdSrc = &input[idx]; + cert->extSubjKeyIdSz = length; + #endif /* OPENSSL_EXTRA */ + if (length == SIGNER_DIGEST_SIZE) { XMEMCPY(cert->extSubjKeyId, input + idx, length); } @@ -3420,7 +3434,6 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) InitSha(&sha); ShaUpdate(&sha, cert->publicKey, cert->pubKeySize); ShaFinal(&sha, cert->extSubjKeyId); - cert->extSubjKeyIdSet = 1; } #endif diff --git a/cyassl/ctaocrypt/asn.h b/cyassl/ctaocrypt/asn.h index d4621c025..4fa7e2b63 100644 --- a/cyassl/ctaocrypt/asn.h +++ b/cyassl/ctaocrypt/asn.h @@ -323,6 +323,10 @@ struct DecodedCert { byte extKeyUsageSet; byte extKeyUsageCrit; word16 extKeyUsage; /* Key usage bitfield */ + byte* extAuthKeyIdSrc; + word32 extAuthKeyIdSz; + byte* extSubjKeyIdSrc; + word32 extSubjKeyIdSz; #ifdef HAVE_ECC word32 pkCurveOID; /* Public Key's curve OID */ #endif /* HAVE_ECC */ diff --git a/cyassl/internal.h b/cyassl/internal.h index 527a3f380..53e60c309 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -1692,10 +1692,12 @@ struct CYASSL_X509 { byte subjAltNameCrit; byte authKeyIdSet; byte authKeyIdCrit; - byte authKeyId[SHA_SIZE]; + byte* authKeyId; + word32 authKeyIdSz; byte subjKeyIdSet; byte subjKeyIdCrit; - byte subjKeyId[SHA_SIZE]; + byte* subjKeyId; + word32 subjKeyIdSz; byte keyUsageSet; byte keyUsageCrit; #endif /* OPENSSL_EXTRA */ diff --git a/src/internal.c b/src/internal.c index 21cb6b743..741cedfd7 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1281,10 +1281,12 @@ void InitX509(CYASSL_X509* x509, int dynamicFlag) x509->subjAltNameCrit = 0; x509->authKeyIdSet = 0; x509->authKeyIdCrit = 0; - XMEMSET(x509->authKeyId, 0, SHA_SIZE); + x509->authKeyId = NULL; + x509->authKeyIdSz = 0; x509->subjKeyIdSet = 0; x509->subjKeyIdCrit = 0; - XMEMSET(x509->subjKeyId, 0, SHA_SIZE); + x509->subjKeyId = NULL; + x509->subjKeyIdSz = 0; x509->keyUsageSet = 0; x509->keyUsageCrit = 0; x509->keyUsage = 0; @@ -1311,6 +1313,10 @@ void FreeX509(CYASSL_X509* x509) XFREE(x509->pubKey.buffer, NULL, DYNAMIC_TYPE_PUBLIC_KEY); XFREE(x509->derCert.buffer, NULL, DYNAMIC_TYPE_SUBJECT_CN); XFREE(x509->sig.buffer, NULL, 0); + #ifdef OPENSSL_EXTRA + XFREE(x509->authKeyId, NULL, 0); + XFREE(x509->subjKeyId, NULL, 0); + #endif /* OPENSSL_EXTRA */ if (x509->altNames) FreeAltNames(x509->altNames, NULL); if (x509->dynamicMemory) @@ -3193,10 +3199,28 @@ int CopyDecodedToX509(CYASSL_X509* x509, DecodedCert* dCert) x509->subjAltNameCrit = dCert->extSubjAltNameCrit; x509->authKeyIdSet = dCert->extAuthKeyIdSet; x509->authKeyIdCrit = dCert->extAuthKeyIdCrit; - XMEMCPY(x509->authKeyId, dCert->extAuthKeyId, SHA_SIZE); + if (dCert->extAuthKeyIdSrc != NULL && dCert->extAuthKeyIdSz != 0) { + x509->authKeyId = (byte*)XMALLOC(dCert->extAuthKeyIdSz, NULL, 0); + if (x509->authKeyId != NULL) { + XMEMCPY(x509->authKeyId, + dCert->extAuthKeyIdSrc, dCert->extAuthKeyIdSz); + x509->authKeyIdSz = dCert->extAuthKeyIdSz; + } + else + ret = MEMORY_E; + } x509->subjKeyIdSet = dCert->extSubjKeyIdSet; x509->subjKeyIdCrit = dCert->extSubjKeyIdCrit; - XMEMCPY(x509->subjKeyId, dCert->extSubjKeyId, SHA_SIZE); + if (dCert->extSubjKeyIdSrc != NULL && dCert->extSubjKeyIdSz != 0) { + x509->subjKeyId = (byte*)XMALLOC(dCert->extSubjKeyIdSz, NULL, 0); + if (x509->subjKeyId != NULL) { + XMEMCPY(x509->subjKeyId, + dCert->extSubjKeyIdSrc, dCert->extSubjKeyIdSz); + x509->subjKeyIdSz = dCert->extSubjKeyIdSz; + } + else + ret = MEMORY_E; + } x509->keyUsageSet = dCert->extKeyUsageSet; x509->keyUsageCrit = dCert->extKeyUsageCrit; #ifdef HAVE_ECC diff --git a/src/ssl.c b/src/ssl.c index 8ae90d350..43f0579c0 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -7209,13 +7209,16 @@ int CyaSSL_set_compression(CYASSL* ssl) CYASSL_X509* x509, byte* dst, int* dstLen) { byte *id = NULL; - int copySz = min(dstLen != NULL ? *dstLen : 0, SHA_SIZE); + int copySz = 0; CYASSL_ENTER("CyaSSL_X509_get_authorityKeyID"); if (x509 != NULL) { - if (x509->authKeyIdSet) + if (x509->authKeyIdSet) { + copySz = min(dstLen != NULL ? *dstLen : 0, + (int)x509->authKeyIdSz); id = x509->authKeyId; + } if (dst != NULL && dstLen != NULL && id != NULL && copySz > 0) { XMEMCPY(dst, id, copySz); @@ -7234,13 +7237,16 @@ int CyaSSL_set_compression(CYASSL* ssl) CYASSL_X509* x509, byte* dst, int* dstLen) { byte *id = NULL; - int copySz = min(dstLen != NULL ? *dstLen : 0, SHA_SIZE); + int copySz = 0; CYASSL_ENTER("CyaSSL_X509_get_subjectKeyID"); if (x509 != NULL) { - if (x509->subjKeyIdSet) + if (x509->subjKeyIdSet) { + copySz = min(dstLen != NULL ? *dstLen : 0, + (int)x509->subjKeyIdSz); id = x509->subjKeyId; + } if (dst != NULL && dstLen != NULL && id != NULL && copySz > 0) { XMEMCPY(dst, id, copySz); From 74c9ddcffb62dc612cee823a4002582c16fbcc17 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 19 Nov 2013 16:25:18 -0800 Subject: [PATCH 011/135] bump dev version --- configure.ac | 2 +- cyassl/version.h | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 6fda6da9f..34d37f647 100644 --- a/configure.ac +++ b/configure.ac @@ -6,7 +6,7 @@ # # -AC_INIT([cyassl],[2.8.3],[https://github.com/cyassl/cyassl/issues],[cyassl],[http://www.yassl.com]) +AC_INIT([cyassl],[2.8.4],[https://github.com/cyassl/cyassl/issues],[cyassl],[http://www.yassl.com]) AC_CONFIG_AUX_DIR([build-aux]) diff --git a/cyassl/version.h b/cyassl/version.h index e66d54a0d..bac8ec1d4 100644 --- a/cyassl/version.h +++ b/cyassl/version.h @@ -26,8 +26,8 @@ extern "C" { #endif -#define LIBCYASSL_VERSION_STRING "2.8.3" -#define LIBCYASSL_VERSION_HEX 0x02008003 +#define LIBCYASSL_VERSION_STRING "2.8.4" +#define LIBCYASSL_VERSION_HEX 0x02008004 #ifdef __cplusplus } From 7585e92fee5eac2bf7596bdf2cd60db64ae93cce Mon Sep 17 00:00:00 2001 From: toddouska Date: Tue, 19 Nov 2013 16:56:49 -0800 Subject: [PATCH 012/135] allow cert signing w/o Cert object, buffer only --- IDE/MDK5-ARM/Projects/CryptTest/test.c | 6 ++++-- IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c | 6 ++++-- ctaocrypt/src/asn.c | 19 +++++++++---------- ctaocrypt/test/test.c | 9 ++++++--- cyassl/ctaocrypt/asn_public.h | 4 ++-- 5 files changed, 25 insertions(+), 19 deletions(-) diff --git a/IDE/MDK5-ARM/Projects/CryptTest/test.c b/IDE/MDK5-ARM/Projects/CryptTest/test.c index 7ba1b0b39..086032ab7 100644 --- a/IDE/MDK5-ARM/Projects/CryptTest/test.c +++ b/IDE/MDK5-ARM/Projects/CryptTest/test.c @@ -2779,7 +2779,8 @@ int rsa_test(void) if (certSz < 0) return -407; - certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng); + certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, + &caKey, &rng); if (certSz < 0) return -408; @@ -2891,7 +2892,8 @@ int rsa_test(void) if (certSz < 0) return -456; - certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng); + certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, + &caKey, &rng); if (certSz < 0) return -457; diff --git a/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c b/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c index 6165cee31..22b4070eb 100644 --- a/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c +++ b/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c @@ -2550,7 +2550,8 @@ int rsa_test(void) if (certSz < 0) return -407; - certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng); + certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, + &caKey, &rng); if (certSz < 0) return -408; @@ -2662,7 +2663,8 @@ int rsa_test(void) if (certSz < 0) return -456; - certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng); + certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, + &caKey, &rng); if (certSz < 0) return -457; diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index 5f276af4f..d36d43c92 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -4592,25 +4592,24 @@ int MakeNtruCert(Cert* cert, byte* derBuffer, word32 derSz, #endif /* HAVE_NTRU */ -int SignCert(Cert* cert, byte* buffer, word32 buffSz, RsaKey* rsaKey, - ecc_key* eccKey, RNG* rng) +int SignCert(int requestSz, int sigType, byte* buffer, word32 buffSz, + RsaKey* rsaKey, ecc_key* eccKey, RNG* rng) { byte sig[MAX_ENCODED_SIG_SZ]; int sigSz; - int bodySz = cert->bodySz; - if (bodySz < 0) - return bodySz; + if (requestSz < 0) + return requestSz; - sigSz = MakeSignature(buffer, bodySz, sig, sizeof(sig), rsaKey, eccKey, - rng, cert->sigType); + sigSz = MakeSignature(buffer, requestSz, sig, sizeof(sig), rsaKey, eccKey, + rng, sigType); if (sigSz < 0) return sigSz; - if (bodySz + MAX_SEQ_SZ * 2 + sigSz > (int)buffSz) + if (requestSz + MAX_SEQ_SZ * 2 + sigSz > (int)buffSz) return BUFFER_E; - return AddSignature(buffer, bodySz, sig, sigSz, cert->sigType); + return AddSignature(buffer, requestSz, sig, sigSz, sigType); } @@ -4621,7 +4620,7 @@ int MakeSelfCert(Cert* cert, byte* buffer, word32 buffSz, RsaKey* key, RNG* rng) if (ret < 0) return ret; - return SignCert(cert, buffer, buffSz, key, NULL, rng); + return SignCert(cert->bodySz, cert->sigType, buffer, buffSz, key, NULL,rng); } diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index 8d26487eb..b213ddd39 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -2802,7 +2802,8 @@ int rsa_test(void) if (certSz < 0) return -407; - certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, NULL, &rng); + certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, + &caKey, NULL, &rng); if (certSz < 0) return -408; @@ -2890,7 +2891,8 @@ int rsa_test(void) if (certSz < 0) return -5407; - certSz = SignCert(&myCert, derCert, FOURK_BUF, NULL, &caKey, &rng); + certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, + NULL, &caKey, &rng); if (certSz < 0) return -5408; @@ -3002,7 +3004,8 @@ int rsa_test(void) if (certSz < 0) return -456; - certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, NULL, &rng); + certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, + &caKey, NULL, &rng); if (certSz < 0) return -457; diff --git a/cyassl/ctaocrypt/asn_public.h b/cyassl/ctaocrypt/asn_public.h index 6fdc0117d..17fafc3fa 100644 --- a/cyassl/ctaocrypt/asn_public.h +++ b/cyassl/ctaocrypt/asn_public.h @@ -127,8 +127,8 @@ typedef struct Cert { CYASSL_API void InitCert(Cert*); CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, ecc_key*, RNG*); -CYASSL_API int SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, - ecc_key*, RNG*); +CYASSL_API int SignCert(int requestSz, int sigType, byte* derBuffer, + word32 derSz, RsaKey*, ecc_key*, RNG*); CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); CYASSL_API int SetIssuer(Cert*, const char*); From c545202de06d12ca78cf9e32f658e5f7ca63b6fb Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 20 Nov 2013 13:17:39 -0800 Subject: [PATCH 013/135] don't allow inplace DerToPem, not supported --- ctaocrypt/src/asn.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index d36d43c92..ce5ccc988 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -3548,6 +3548,8 @@ static int SetMyVersion(word32 version, byte* output, int header) } +/* convert der buffer to pem into output, can't do inplace, der and output + need to be different */ int DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz, int type) { @@ -3560,6 +3562,9 @@ int DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz, int err; int outLen; /* return length or error */ + if (der == output) /* no in place conversion */ + return BAD_FUNC_ARG; + if (type == CERT_TYPE) { XSTRNCPY(header, "-----BEGIN CERTIFICATE-----\n", sizeof(header)); XSTRNCPY(footer, "-----END CERTIFICATE-----\n", sizeof(footer)); From 67b1b00a2c689be8bddc7c3589fd2ebb1cb35c3f Mon Sep 17 00:00:00 2001 From: John Safranek Date: Wed, 20 Nov 2013 13:46:46 -0800 Subject: [PATCH 014/135] OCSP Nonces are not critical extensions. Allow a response to be missing the nonce. --- ctaocrypt/src/asn.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index ce5ccc988..10dcf6337 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -5738,7 +5738,9 @@ int CompareOcspReqResp(OcspRequest* req, OcspResponse* resp) return 1; } - if (req->useNonce) { + /* Nonces are not critical. The responder may not necessarily add + * the nonce to the response. */ + if (req->useNonce && resp->nonceSz != 0) { cmp = req->nonceSz - resp->nonceSz; if (cmp != 0) { From 10a3f8ead30376ab6056e38621a758696af4cd48 Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 20 Nov 2013 15:12:33 -0800 Subject: [PATCH 015/135] make cert names more consistent with str type that openssl uses --- ctaocrypt/src/asn.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index ce5ccc988..13c3a1850 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -4266,12 +4266,16 @@ static int SetName(byte* output, CertName* name) } else { /* joint id */ + byte bType = GetNameId(i); names[i].encoded[idx++] = 0x55; names[i].encoded[idx++] = 0x04; /* id type */ - names[i].encoded[idx++] = GetNameId(i); + names[i].encoded[idx++] = bType; /* str type */ - names[i].encoded[idx++] = 0x13; + if (bType == ASN_COUNTRY_NAME) + names[i].encoded[idx++] = 0x13; /* printable */ + else + names[i].encoded[idx++] = 0x0c; /* utf8 */ } /* second length */ XMEMCPY(names[i].encoded + idx, secondLen, secondSz); From 2f7970ab6551b5de5d46b4bf2859230d1daa8e6f Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Wed, 20 Nov 2013 17:03:58 -0700 Subject: [PATCH 016/135] add FREERTOS current_time() to benchmark.c --- ctaocrypt/benchmark/benchmark.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/ctaocrypt/benchmark/benchmark.c b/ctaocrypt/benchmark/benchmark.c index f1264a7c7..64e85327e 100644 --- a/ctaocrypt/benchmark/benchmark.c +++ b/ctaocrypt/benchmark/benchmark.c @@ -1087,7 +1087,22 @@ void bench_eccKeyAgree(void) } #elif defined CYASSL_MDK_ARM + extern double current_time(int reset) ; + +#elif defined FREERTOS + + double current_time(int reset) + { + (void) reset; + + portTickType tickCount; + + /* tick count == ms, if configTICK_RATE_HZ is set to 1000 */ + tickCount = xTaskGetTickCount(); + return (double)tickCount / 1000; + } + #else #include From 8bf18d31c9fdbae605a6d272d784e89b9206e3f7 Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 20 Nov 2013 17:03:19 -0800 Subject: [PATCH 017/135] fix smartos warnings --- ctaocrypt/benchmark/benchmark.c | 28 ++++++++++++++-------------- ctaocrypt/src/asn.c | 8 +++++--- 2 files changed, 19 insertions(+), 17 deletions(-) diff --git a/ctaocrypt/benchmark/benchmark.c b/ctaocrypt/benchmark/benchmark.c index f1264a7c7..e941671e0 100644 --- a/ctaocrypt/benchmark/benchmark.c +++ b/ctaocrypt/benchmark/benchmark.c @@ -221,13 +221,13 @@ int benchmark_test(void *args) #ifdef BENCH_EMBEDDED const int numBlocks = 25; /* how many kB/megs to test (en/de)cryption */ const char blockType[] = "kB"; /* used in printf output */ -const int times = 1; /* public key iterations */ +const int ntimes = 1; /* public key iterations */ const int genTimes = 5; const int agreeTimes = 5; #else const int numBlocks = 5; const char blockType[] = "megs"; -const int times = 100; +const int ntimes = 100; const int genTimes = 100; const int agreeTimes = 100; #endif @@ -742,15 +742,15 @@ void bench_rsa(void) start = current_time(1); - for (i = 0; i < times; i++) + for (i = 0; i < ntimes; i++) ret = RsaPublicEncrypt(message,len,enc,sizeof(enc), &rsaKey, &rng); total = current_time(0) - start; - each = total / times; /* per second */ + each = total / ntimes; /* per second */ milliEach = each * 1000; /* milliseconds */ printf("RSA %d encryption took %6.2f milliseconds, avg over %d" - " iterations\n", rsaKeySz, milliEach, times); + " iterations\n", rsaKeySz, milliEach, ntimes); if (ret < 0) { printf("Rsa Public Encrypt failed\n"); @@ -759,17 +759,17 @@ void bench_rsa(void) start = current_time(1); - for (i = 0; i < times; i++) { + for (i = 0; i < ntimes; i++) { byte out[512]; /* for up to 4096 bit */ RsaPrivateDecrypt(enc, (word32)ret, out, sizeof(out), &rsaKey); } total = current_time(0) - start; - each = total / times; /* per second */ + each = total / ntimes; /* per second */ milliEach = each * 1000; /* milliseconds */ printf("RSA %d decryption took %6.2f milliseconds, avg over %d" - " iterations\n", rsaKeySz, milliEach, times); + " iterations\n", rsaKeySz, milliEach, ntimes); FreeRsaKey(&rsaKey); #ifdef HAVE_CAVIUM @@ -847,28 +847,28 @@ void bench_dh(void) start = current_time(1); - for (i = 0; i < times; i++) + for (i = 0; i < ntimes; i++) DhGenerateKeyPair(&dhKey, &rng, priv, &privSz, pub, &pubSz); total = current_time(0) - start; - each = total / times; /* per second */ + each = total / ntimes; /* per second */ milliEach = each * 1000; /* milliseconds */ printf("DH %d key generation %6.2f milliseconds, avg over %d" - " iterations\n", dhKeySz, milliEach, times); + " iterations\n", dhKeySz, milliEach, ntimes); DhGenerateKeyPair(&dhKey, &rng, priv2, &privSz2, pub2, &pubSz2); start = current_time(1); - for (i = 0; i < times; i++) + for (i = 0; i < ntimes; i++) DhAgree(&dhKey, agree, &agreeSz, priv, privSz, pub2, pubSz2); total = current_time(0) - start; - each = total / times; /* per second */ + each = total / ntimes; /* per second */ milliEach = each * 1000; /* milliseconds */ printf("DH %d key agreement %6.2f milliseconds, avg over %d" - " iterations\n", dhKeySz, milliEach, times); + " iterations\n", dhKeySz, milliEach, ntimes); #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) fclose(file); diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index 3cd2e33dc..f19ce79b0 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -3226,6 +3226,8 @@ static void DecodeCertExtensions(DecodedCert* cert) word32 oid; byte critical; + (void)critical; + CYASSL_ENTER("DecodeCertExtensions"); if (input == NULL || sz == 0) return; @@ -4601,7 +4603,7 @@ int MakeNtruCert(Cert* cert, byte* derBuffer, word32 derSz, #endif /* HAVE_NTRU */ -int SignCert(int requestSz, int sigType, byte* buffer, word32 buffSz, +int SignCert(int requestSz, int sType, byte* buffer, word32 buffSz, RsaKey* rsaKey, ecc_key* eccKey, RNG* rng) { byte sig[MAX_ENCODED_SIG_SZ]; @@ -4611,14 +4613,14 @@ int SignCert(int requestSz, int sigType, byte* buffer, word32 buffSz, return requestSz; sigSz = MakeSignature(buffer, requestSz, sig, sizeof(sig), rsaKey, eccKey, - rng, sigType); + rng, sType); if (sigSz < 0) return sigSz; if (requestSz + MAX_SEQ_SZ * 2 + sigSz > (int)buffSz) return BUFFER_E; - return AddSignature(buffer, requestSz, sig, sigSz, sigType); + return AddSignature(buffer, requestSz, sig, sigSz, sType); } From dda5413ae2e7a1fca416bab9694bdef930479cad Mon Sep 17 00:00:00 2001 From: John Safranek Date: Thu, 21 Nov 2013 10:48:45 -0800 Subject: [PATCH 018/135] moved some #defines around to fix sessioncerts-only build --- src/ssl.c | 84 +++++++++++++++++++++++++++---------------------------- 1 file changed, 41 insertions(+), 43 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 43f0579c0..afbc15b74 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -7092,6 +7092,21 @@ int CyaSSL_set_compression(CYASSL* ssl) } + int CyaSSL_X509_get_isCA(CYASSL_X509* x509) + { + int isCA = 0; + + CYASSL_ENTER("CyaSSL_X509_get_isCA"); + + if (x509 != NULL) + isCA = x509->isCa; + + CYASSL_LEAVE("CyaSSL_X509_get_isCA", isCA); + + return isCA; + } + + #ifdef OPENSSL_EXTRA int CyaSSL_X509_ext_isSet_by_NID(CYASSL_X509* x509, int nid) { @@ -7141,25 +7156,8 @@ int CyaSSL_set_compression(CYASSL* ssl) return crit; } -#endif - int CyaSSL_X509_get_isCA(CYASSL_X509* x509) - { - int isCA = 0; - - CYASSL_ENTER("CyaSSL_X509_get_isCA"); - - if (x509 != NULL) - isCA = x509->isCa; - - CYASSL_LEAVE("CyaSSL_X509_get_isCA", isCA); - - return isCA; - } - - -#ifdef OPENSSL_EXTRA int CyaSSL_X509_get_isSet_pathLength(CYASSL_X509* x509) { int isSet = 0; @@ -7259,32 +7257,6 @@ int CyaSSL_set_compression(CYASSL* ssl) return id; } -#endif - - - /* copy name into in buffer, at most sz bytes, if buffer is null will - malloc buffer, call responsible for freeing */ - char* CyaSSL_X509_NAME_oneline(CYASSL_X509_NAME* name, char* in, int sz) - { - int copySz = min(sz, name->sz); - - CYASSL_ENTER("CyaSSL_X509_NAME_oneline"); - if (!name->sz) return in; - - if (!in) { - in = (char*)XMALLOC(name->sz, 0, DYNAMIC_TYPE_OPENSSL); - if (!in ) return in; - copySz = name->sz; - } - - if (copySz == 0) - return in; - - XMEMCPY(in, name->name, copySz - 1); - in[copySz - 1] = 0; - - return in; - } int CyaSSL_X509_NAME_entry_count(CYASSL_X509_NAME* name) @@ -7355,6 +7327,32 @@ int CyaSSL_set_compression(CYASSL* ssl) CYASSL_LEAVE("CyaSSL_X509_NAME_get_text_by_NID", textSz); return textSz; } +#endif + + + /* copy name into in buffer, at most sz bytes, if buffer is null will + malloc buffer, call responsible for freeing */ + char* CyaSSL_X509_NAME_oneline(CYASSL_X509_NAME* name, char* in, int sz) + { + int copySz = min(sz, name->sz); + + CYASSL_ENTER("CyaSSL_X509_NAME_oneline"); + if (!name->sz) return in; + + if (!in) { + in = (char*)XMALLOC(name->sz, 0, DYNAMIC_TYPE_OPENSSL); + if (!in ) return in; + copySz = name->sz; + } + + if (copySz == 0) + return in; + + XMEMCPY(in, name->name, copySz - 1); + in[copySz - 1] = 0; + + return in; + } int CyaSSL_X509_get_signature_type(CYASSL_X509* x509) From ba18f8b03e57e4b4bd7c49dc36b368cab84ca4a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Tue, 19 Nov 2013 17:13:32 -0300 Subject: [PATCH 019/135] added new function to retrieve SNI from a buffer. --- cyassl/internal.h | 2 + cyassl/ssl.h | 4 ++ src/ssl.c | 10 ++++ src/tls.c | 124 ++++++++++++++++++++++++++++++++++++++++++++++ tests/api.c | 53 ++++++++++++++++++++ 5 files changed, 193 insertions(+) diff --git a/cyassl/internal.h b/cyassl/internal.h index 53e60c309..4d25bda6a 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -1153,6 +1153,8 @@ CYASSL_LOCAL void TLSX_SNI_SetOptions(TLSX* extensions, byte type, CYASSL_LOCAL byte TLSX_SNI_Status(TLSX* extensions, byte type); CYASSL_LOCAL word16 TLSX_SNI_GetRequest(TLSX* extensions, byte type, void** data); +CYASSL_LOCAL int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, + byte type, byte* sni, word32* inOutSz); #endif #endif /* HAVE_SNI */ diff --git a/cyassl/ssl.h b/cyassl/ssl.h index 6e2e0a889..f462ab1d2 100644 --- a/cyassl/ssl.h +++ b/cyassl/ssl.h @@ -1187,6 +1187,10 @@ CYASSL_API unsigned char CyaSSL_SNI_Status(CYASSL* ssl, unsigned char type); CYASSL_API unsigned short CyaSSL_SNI_GetRequest(CYASSL *ssl, unsigned char type, void** data); +CYASSL_API int CyaSSL_SNI_GetFromBuffer( + const unsigned char* buffer, unsigned int bufferSz, + unsigned char type, unsigned char* sni, unsigned int* inOutSz); + #endif /* NO_CYASSL_SERVER */ #endif /* HAVE_SNI */ diff --git a/src/ssl.c b/src/ssl.c index afbc15b74..3cf3d4600 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -568,6 +568,16 @@ word16 CyaSSL_SNI_GetRequest(CYASSL* ssl, byte type, void** data) return 0; } + +int CyaSSL_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, byte type, + byte* sni, word32* inOutSz) +{ + if (buffer && bufferSz > 0 && sni && inOutSz && inOutSz > 0) + return TLSX_SNI_GetFromBuffer(buffer, bufferSz, type, sni, inOutSz); + + return BAD_FUNC_ARG; +} + #endif /* NO_CYASSL_SERVER */ #endif /* HAVE_SNI */ diff --git a/src/tls.c b/src/tls.c index 878e2e003..e1bae7c24 100644 --- a/src/tls.c +++ b/src/tls.c @@ -376,6 +376,14 @@ static INLINE void ato16(const byte* c, word16* u16) { *u16 = (c[0] << 8) | (c[1]); } + +#ifdef HAVE_SNI +/* convert a 24 bit integer into a 32 bit one */ +static INLINE void c24to32(const word24 u24, word32* u32) +{ + *u32 = (u24[0] << 16) | (u24[1] << 8) | u24[2]; +} +#endif #endif /* convert 32 bit integer to opaque */ @@ -854,6 +862,122 @@ void TLSX_SNI_SetOptions(TLSX* extensions, byte type, byte options) if (sni) sni->options = options; } + +int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, + byte type, byte* sni, word32* inOutSz) +{ + word32 offset = 0; + word32 len32 = 0; + word16 len16 = 0; + + if (bufferSz < RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ + CLIENT_HELLO_FIRST) + return INCOMPLETE_DATA; + + /* TLS record header */ + if ((enum ContentType) buffer[offset++] != handshake) + return BUFFER_ERROR; + + if (buffer[offset++] != SSLv3_MAJOR) + return BUFFER_ERROR; + + if (buffer[offset++] < TLSv1_MINOR) + return BUFFER_ERROR; + + ato16(buffer + offset, &len16); + offset += OPAQUE16_LEN; + + if (offset + len16 > bufferSz) + return INCOMPLETE_DATA; + + /* Handshake header */ + if ((enum HandShakeType) buffer[offset] != client_hello) + return BUFFER_ERROR; + + c24to32(buffer + offset + 1, &len32); + offset += HANDSHAKE_HEADER_SZ; + + if (offset + len32 > bufferSz) + return INCOMPLETE_DATA; + + /* client hello */ + offset += VERSION_SZ + RAN_LEN; /* version, random */ + + if (offset + buffer[offset] > bufferSz) + return INCOMPLETE_DATA; + + offset += ENUM_LEN + buffer[offset]; /* session id */ + + ato16(buffer + offset, &len16); + offset += OPAQUE16_LEN; /* cypher suites len */ + + if (offset + len16 > bufferSz) + return INCOMPLETE_DATA; + + offset += len16; /* cypher suites */ + + if (offset + buffer[offset] > bufferSz) + return INCOMPLETE_DATA; + + offset += ENUM_LEN + buffer[offset]; /* compression methods */ + + ato16(buffer + offset, &len16); + offset += OPAQUE16_LEN; /* EXTENSIONS LEN */ + + if (offset + len16 > bufferSz) + return INCOMPLETE_DATA; + + while (len16 > OPAQUE16_LEN + OPAQUE16_LEN) { + word16 extType; + word16 extLen; + + ato16(buffer + offset, &extType); + offset += OPAQUE16_LEN; + + ato16(buffer + offset, &extLen); + offset += OPAQUE16_LEN; + + if (offset + extLen > bufferSz) + return INCOMPLETE_DATA; + + if (extType != SERVER_NAME_INDICATION) { + offset += extLen; + continue; + } else { + word16 listLen; + + ato16(buffer + offset, &listLen); + offset += OPAQUE16_LEN; + + if (offset + listLen > bufferSz) + return INCOMPLETE_DATA; + + while (listLen > ENUM_LEN + OPAQUE16_LEN) { + byte sniType = buffer[offset++]; + word16 sniLen; + + ato16(buffer + offset, &sniLen); + offset += OPAQUE16_LEN; + + if (offset + sniLen > bufferSz) + return INCOMPLETE_DATA; + + if (sniType != type) { + offset += sniLen; + continue; + } + + *inOutSz = min(sniLen, *inOutSz); + XMEMCPY(sni, buffer + offset, *inOutSz); + + break; + } + + break; + } + } + + return 0; +} #endif #define SNI_FREE_ALL TLSX_SNI_FreeAll diff --git a/tests/api.c b/tests/api.c index ecd89a5ba..47ba6ea4b 100644 --- a/tests/api.c +++ b/tests/api.c @@ -332,6 +332,57 @@ static void verify_SNI_fake_matching(CYASSL* ssl) AssertStrEQ(name, request); } +static void test_CyaSSL_SNI_GetFromBuffer(void) +{ + byte buffer[] = { /* api.textmate.org */ + 0x16, 0x03, 0x01, 0x00, 0xc6, 0x01, 0x00, 0x00, 0xc2, 0x03, 0x03, 0x52, + 0x8b, 0x7b, 0xca, 0x69, 0xec, 0x97, 0xd5, 0x08, 0x03, 0x50, 0xfe, 0x3b, + 0x99, 0xc3, 0x20, 0xce, 0xa5, 0xf6, 0x99, 0xa5, 0x71, 0xf9, 0x57, 0x7f, + 0x04, 0x38, 0xf6, 0x11, 0x0b, 0xb8, 0xd3, 0x00, 0x00, 0x5e, 0x00, 0xff, + 0xc0, 0x24, 0xc0, 0x23, 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x07, 0xc0, 0x08, + 0xc0, 0x28, 0xc0, 0x27, 0xc0, 0x14, 0xc0, 0x13, 0xc0, 0x11, 0xc0, 0x12, + 0xc0, 0x26, 0xc0, 0x25, 0xc0, 0x2a, 0xc0, 0x29, 0xc0, 0x05, 0xc0, 0x04, + 0xc0, 0x02, 0xc0, 0x03, 0xc0, 0x0f, 0xc0, 0x0e, 0xc0, 0x0c, 0xc0, 0x0d, + 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x35, + 0x00, 0x0a, 0x00, 0x67, 0x00, 0x6b, 0x00, 0x33, 0x00, 0x39, 0x00, 0x16, + 0x00, 0xaf, 0x00, 0xae, 0x00, 0x8d, 0x00, 0x8c, 0x00, 0x8a, 0x00, 0x8b, + 0x00, 0xb1, 0x00, 0xb0, 0x00, 0x2c, 0x00, 0x3b, 0x01, 0x00, 0x00, 0x3b, + 0x00, 0x00, 0x00, 0x15, 0x00, 0x13, 0x00, 0x00, 0x10, 0x61, 0x70, 0x69, + 0x2e, 0x74, 0x65, 0x78, 0x74, 0x6d, 0x61, 0x74, 0x65, 0x2e, 0x6f, 0x72, + 0x67, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x17, 0x00, 0x18, 0x00, + 0x19, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0d, 0x00, 0x0c, 0x00, + 0x0a, 0x05, 0x01, 0x04, 0x01, 0x02, 0x01, 0x04, 0x03, 0x02, 0x03 + }; + + byte buffer2[] = { /* www.paypal.com */ + 0x16, 0x03, 0x03, 0x00, 0x64, 0x01, 0x00, 0x00, 0x60, 0x03, 0x03, 0x5c, + 0xc4, 0xb3, 0x8c, 0x87, 0xef, 0xa4, 0x09, 0xe0, 0x02, 0xab, 0x86, 0xca, + 0x76, 0xf0, 0x9e, 0x01, 0x65, 0xf6, 0xa6, 0x06, 0x13, 0x1d, 0x0f, 0xa5, + 0x79, 0xb0, 0xd4, 0x77, 0x22, 0xeb, 0x1a, 0x00, 0x00, 0x16, 0x00, 0x6b, + 0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x35, + 0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x21, + 0x00, 0x00, 0x00, 0x13, 0x00, 0x11, 0x00, 0x00, 0x0e, 0x77, 0x77, 0x77, + 0x2e, 0x70, 0x61, 0x79, 0x70, 0x61, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x00, + 0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01 + }; + + byte result[32] = {0}; + word32 length = 32; + +// AssertIntEQ(-228, CyaSSL_SNI_GetFromBuffer((const byte*) "\x16\x03\x00\x00\x01", 5, 0, +// result, &length)); + + AssertIntEQ(0, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0, result, + &length)); + result[length] = 0; + AssertStrEQ("api.textmate.org", (const char*) result); + + AssertIntEQ(0, CyaSSL_SNI_GetFromBuffer(buffer2, sizeof(buffer2), 0, result, + &length)); + result[length] = 0; + AssertStrEQ("www.paypal.com", (const char*) result); +} + void test_CyaSSL_UseSNI(void) { callback_functions client_callbacks = {CyaSSLv23_client_method, 0, 0, 0}; @@ -390,6 +441,8 @@ void test_CyaSSL_UseSNI(void) server_callbacks.on_result = verify_SNI_fake_matching; test_CyaSSL_client_server(&client_callbacks, &server_callbacks); + + test_CyaSSL_SNI_GetFromBuffer(); } #endif /* HAVE_SNI */ From 0f2f9b698259f1c5b846420881e5fe00791eac41 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Tue, 19 Nov 2013 18:01:09 -0300 Subject: [PATCH 020/135] added more tests with code refactoring. --- src/ssl.c | 1 - src/tls.c | 114 ++++++++++++++++++++++++++-------------------------- tests/api.c | 62 ++++++++++++++++++---------- 3 files changed, 97 insertions(+), 80 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 3cf3d4600..fcf500e27 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -568,7 +568,6 @@ word16 CyaSSL_SNI_GetRequest(CYASSL* ssl, byte type, void** data) return 0; } - int CyaSSL_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, byte type, byte* sni, word32* inOutSz) { diff --git a/src/tls.c b/src/tls.c index e1bae7c24..f2e5250bb 100644 --- a/src/tls.c +++ b/src/tls.c @@ -863,6 +863,32 @@ void TLSX_SNI_SetOptions(TLSX* extensions, byte type, byte options) sni->options = options; } +#define BYTE_CHECK(buffer, offset, op, expected) do { \ + if (buffer[offset++] op expected) \ + return BUFFER_ERROR; \ +} while (0) + +#define SAFE_READ_16(buffer, offset, max, len) do { \ + ato16(buffer + offset, &len); offset += 2; \ + \ + if (offset + len > max) \ + return INCOMPLETE_DATA; \ +} while (0) + +#define SAFE_READ_32(buffer, offset, max, len) do { \ + c24to32(buffer + offset, &len); offset += 3; \ + \ + if (offset + len > max) \ + return INCOMPLETE_DATA; \ +} while (0) + +#define SKIP_LEN8(buffer, offset, max) do { \ + if (offset + buffer[offset] > max) \ + return INCOMPLETE_DATA; \ + \ + offset += ENUM_LEN + buffer[offset]; \ +} while (0) + int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, byte type, byte* sni, word32* inOutSz) { @@ -874,57 +900,37 @@ int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, return INCOMPLETE_DATA; /* TLS record header */ - if ((enum ContentType) buffer[offset++] != handshake) - return BUFFER_ERROR; - - if (buffer[offset++] != SSLv3_MAJOR) - return BUFFER_ERROR; - - if (buffer[offset++] < TLSv1_MINOR) - return BUFFER_ERROR; - - ato16(buffer + offset, &len16); - offset += OPAQUE16_LEN; - - if (offset + len16 > bufferSz) - return INCOMPLETE_DATA; + BYTE_CHECK(buffer, offset, !=, handshake); + BYTE_CHECK(buffer, offset, !=, SSLv3_MAJOR); + BYTE_CHECK(buffer, offset, <, TLSv1_MINOR); + SAFE_READ_16(buffer, offset, bufferSz, len16); /* Handshake header */ - if ((enum HandShakeType) buffer[offset] != client_hello) - return BUFFER_ERROR; - - c24to32(buffer + offset + 1, &len32); - offset += HANDSHAKE_HEADER_SZ; - - if (offset + len32 > bufferSz) - return INCOMPLETE_DATA; + BYTE_CHECK(buffer, offset, !=, client_hello); + SAFE_READ_32(buffer, offset, bufferSz, len32); /* client hello */ - offset += VERSION_SZ + RAN_LEN; /* version, random */ + offset += VERSION_SZ + RAN_LEN; /* version, random */ + SKIP_LEN8(buffer, offset, bufferSz); /* session id */ - if (offset + buffer[offset] > bufferSz) + /* cypher suites */ + if (bufferSz < offset + 2) return INCOMPLETE_DATA; - offset += ENUM_LEN + buffer[offset]; /* session id */ + SAFE_READ_16(buffer, offset, bufferSz, len16); + offset += len16; - ato16(buffer + offset, &len16); - offset += OPAQUE16_LEN; /* cypher suites len */ - - if (offset + len16 > bufferSz) + /* compression methods */ + if (bufferSz < offset + 1) return INCOMPLETE_DATA; - offset += len16; /* cypher suites */ + SKIP_LEN8(buffer, offset, bufferSz); - if (offset + buffer[offset] > bufferSz) - return INCOMPLETE_DATA; + /* extensions */ + if (bufferSz < offset + 2) + return 0; /* no extensions in client hello. */ - offset += ENUM_LEN + buffer[offset]; /* compression methods */ - - ato16(buffer + offset, &len16); - offset += OPAQUE16_LEN; /* EXTENSIONS LEN */ - - if (offset + len16 > bufferSz) - return INCOMPLETE_DATA; + SAFE_READ_16(buffer, offset, bufferSz, len16); while (len16 > OPAQUE16_LEN + OPAQUE16_LEN) { word16 extType; @@ -933,11 +939,7 @@ int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, ato16(buffer + offset, &extType); offset += OPAQUE16_LEN; - ato16(buffer + offset, &extLen); - offset += OPAQUE16_LEN; - - if (offset + extLen > bufferSz) - return INCOMPLETE_DATA; + SAFE_READ_16(buffer, offset, bufferSz, extLen); if (extType != SERVER_NAME_INDICATION) { offset += extLen; @@ -945,21 +947,13 @@ int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, } else { word16 listLen; - ato16(buffer + offset, &listLen); - offset += OPAQUE16_LEN; - - if (offset + listLen > bufferSz) - return INCOMPLETE_DATA; + SAFE_READ_16(buffer, offset, bufferSz, listLen); while (listLen > ENUM_LEN + OPAQUE16_LEN) { byte sniType = buffer[offset++]; word16 sniLen; - ato16(buffer + offset, &sniLen); - offset += OPAQUE16_LEN; - - if (offset + sniLen > bufferSz) - return INCOMPLETE_DATA; + SAFE_READ_16(buffer, offset, bufferSz, sniLen); if (sniType != type) { offset += sniLen; @@ -969,15 +963,19 @@ int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, *inOutSz = min(sniLen, *inOutSz); XMEMCPY(sni, buffer + offset, *inOutSz); - break; + return SSL_SUCCESS; } - - break; } } - return 0; + return len16 ? BUFFER_ERROR : 0; } + +#undef SAFE_READ_32 +#undef SAFE_READ_16 +#undef BYTE_CHECK +#undef SKIP_LEN8 + #endif #define SNI_FREE_ALL TLSX_SNI_FreeAll diff --git a/tests/api.c b/tests/api.c index 47ba6ea4b..dd211d54c 100644 --- a/tests/api.c +++ b/tests/api.c @@ -334,7 +334,19 @@ static void verify_SNI_fake_matching(CYASSL* ssl) static void test_CyaSSL_SNI_GetFromBuffer(void) { - byte buffer[] = { /* api.textmate.org */ + byte buffer[] = { /* www.paypal.com */ + 0x00, 0x00, 0x00, 0x00, 0xff, 0x01, 0x00, 0x00, 0x60, 0x03, 0x03, 0x5c, + 0xc4, 0xb3, 0x8c, 0x87, 0xef, 0xa4, 0x09, 0xe0, 0x02, 0xab, 0x86, 0xca, + 0x76, 0xf0, 0x9e, 0x01, 0x65, 0xf6, 0xa6, 0x06, 0x13, 0x1d, 0x0f, 0xa5, + 0x79, 0xb0, 0xd4, 0x77, 0x22, 0xeb, 0x1a, 0x00, 0x00, 0x16, 0x00, 0x6b, + 0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x35, + 0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x21, + 0x00, 0x00, 0x00, 0x13, 0x00, 0x11, 0x00, 0x00, 0x0e, 0x77, 0x77, 0x77, + 0x2e, 0x70, 0x61, 0x79, 0x70, 0x61, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x00, + 0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01 + }; + + byte buffer2[] = { /* api.textmate.org */ 0x16, 0x03, 0x01, 0x00, 0xc6, 0x01, 0x00, 0x00, 0xc2, 0x03, 0x03, 0x52, 0x8b, 0x7b, 0xca, 0x69, 0xec, 0x97, 0xd5, 0x08, 0x03, 0x50, 0xfe, 0x3b, 0x99, 0xc3, 0x20, 0xce, 0xa5, 0xf6, 0x99, 0xa5, 0x71, 0xf9, 0x57, 0x7f, @@ -354,33 +366,41 @@ static void test_CyaSSL_SNI_GetFromBuffer(void) 0x0a, 0x05, 0x01, 0x04, 0x01, 0x02, 0x01, 0x04, 0x03, 0x02, 0x03 }; - byte buffer2[] = { /* www.paypal.com */ - 0x16, 0x03, 0x03, 0x00, 0x64, 0x01, 0x00, 0x00, 0x60, 0x03, 0x03, 0x5c, - 0xc4, 0xb3, 0x8c, 0x87, 0xef, 0xa4, 0x09, 0xe0, 0x02, 0xab, 0x86, 0xca, - 0x76, 0xf0, 0x9e, 0x01, 0x65, 0xf6, 0xa6, 0x06, 0x13, 0x1d, 0x0f, 0xa5, - 0x79, 0xb0, 0xd4, 0x77, 0x22, 0xeb, 0x1a, 0x00, 0x00, 0x16, 0x00, 0x6b, - 0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x35, - 0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x21, - 0x00, 0x00, 0x00, 0x13, 0x00, 0x11, 0x00, 0x00, 0x0e, 0x77, 0x77, 0x77, - 0x2e, 0x70, 0x61, 0x79, 0x70, 0x61, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x00, - 0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01 - }; - byte result[32] = {0}; word32 length = 32; -// AssertIntEQ(-228, CyaSSL_SNI_GetFromBuffer((const byte*) "\x16\x03\x00\x00\x01", 5, 0, -// result, &length)); + AssertIntEQ(-228, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0, + result, &length)); - AssertIntEQ(0, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0, result, - &length)); - result[length] = 0; - AssertStrEQ("api.textmate.org", (const char*) result); + buffer[0] = 0x16; + + AssertIntEQ(-228, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0, + result, &length)); + + buffer[1] = 0x03; + + AssertIntEQ(-228, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0, + result, &length)); + + buffer[2] = 0x03; + + AssertIntEQ(-210, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0, + result, &length)); + + buffer[4] = 0x64; + + AssertIntEQ(1, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0, + result, &length)); - AssertIntEQ(0, CyaSSL_SNI_GetFromBuffer(buffer2, sizeof(buffer2), 0, result, - &length)); result[length] = 0; AssertStrEQ("www.paypal.com", (const char*) result); + + length = 32; + + AssertIntEQ(1, CyaSSL_SNI_GetFromBuffer(buffer2, sizeof(buffer2), 0, + result, &length)); + result[length] = 0; + AssertStrEQ("api.textmate.org", (const char*) result); } void test_CyaSSL_UseSNI(void) From 7dfb3c6b29bf490657609c2726d265f0d7cf990b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Mon, 25 Nov 2013 21:05:40 -0300 Subject: [PATCH 021/135] Fixing length adjustment on both while loops added test for client hello without SNI extension --- src/tls.c | 123 +++++++++++++++++++++++++++++----------------------- tests/api.c | 27 ++++++++---- 2 files changed, 88 insertions(+), 62 deletions(-) diff --git a/src/tls.c b/src/tls.c index f2e5250bb..0b025ecef 100644 --- a/src/tls.c +++ b/src/tls.c @@ -863,32 +863,6 @@ void TLSX_SNI_SetOptions(TLSX* extensions, byte type, byte options) sni->options = options; } -#define BYTE_CHECK(buffer, offset, op, expected) do { \ - if (buffer[offset++] op expected) \ - return BUFFER_ERROR; \ -} while (0) - -#define SAFE_READ_16(buffer, offset, max, len) do { \ - ato16(buffer + offset, &len); offset += 2; \ - \ - if (offset + len > max) \ - return INCOMPLETE_DATA; \ -} while (0) - -#define SAFE_READ_32(buffer, offset, max, len) do { \ - c24to32(buffer + offset, &len); offset += 3; \ - \ - if (offset + len > max) \ - return INCOMPLETE_DATA; \ -} while (0) - -#define SKIP_LEN8(buffer, offset, max) do { \ - if (offset + buffer[offset] > max) \ - return INCOMPLETE_DATA; \ - \ - offset += ENUM_LEN + buffer[offset]; \ -} while (0) - int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, byte type, byte* sni, word32* inOutSz) { @@ -900,37 +874,69 @@ int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, return INCOMPLETE_DATA; /* TLS record header */ - BYTE_CHECK(buffer, offset, !=, handshake); - BYTE_CHECK(buffer, offset, !=, SSLv3_MAJOR); - BYTE_CHECK(buffer, offset, <, TLSv1_MINOR); - SAFE_READ_16(buffer, offset, bufferSz, len16); + if ((enum ContentType) buffer[offset++] != handshake) + return BUFFER_ERROR; - /* Handshake header */ - BYTE_CHECK(buffer, offset, !=, client_hello); - SAFE_READ_32(buffer, offset, bufferSz, len32); + if (buffer[offset++] != SSLv3_MAJOR) + return BUFFER_ERROR; - /* client hello */ - offset += VERSION_SZ + RAN_LEN; /* version, random */ - SKIP_LEN8(buffer, offset, bufferSz); /* session id */ + if (buffer[offset++] < TLSv1_MINOR) + return BUFFER_ERROR; - /* cypher suites */ - if (bufferSz < offset + 2) + ato16(buffer + offset, &len16); + offset += OPAQUE16_LEN; + + if (offset + len16 > bufferSz) return INCOMPLETE_DATA; - SAFE_READ_16(buffer, offset, bufferSz, len16); - offset += len16; + /* Handshake header */ + if ((enum HandShakeType) buffer[offset] != client_hello) + return BUFFER_ERROR; + + c24to32(buffer + offset + 1, &len32); + offset += HANDSHAKE_HEADER_SZ; + + if (offset + len32 > bufferSz) + return INCOMPLETE_DATA; + + /* client hello */ + offset += VERSION_SZ + RAN_LEN; /* version, random */ + + if (bufferSz < offset + buffer[offset]) + return INCOMPLETE_DATA; + + offset += ENUM_LEN + buffer[offset]; /* skip session id */ + + /* cypher suites */ + if (bufferSz < offset + OPAQUE16_LEN) + return INCOMPLETE_DATA; + + ato16(buffer + offset, &len16); + offset += OPAQUE16_LEN; + + if (bufferSz < offset + len16) + return INCOMPLETE_DATA; + + offset += len16; /* skip cypher suites */ /* compression methods */ if (bufferSz < offset + 1) return INCOMPLETE_DATA; - SKIP_LEN8(buffer, offset, bufferSz); + if (bufferSz < offset + buffer[offset]) + return INCOMPLETE_DATA; + + offset += ENUM_LEN + buffer[offset]; /* skip compression methods */ /* extensions */ - if (bufferSz < offset + 2) + if (bufferSz < offset + OPAQUE16_LEN) return 0; /* no extensions in client hello. */ - SAFE_READ_16(buffer, offset, bufferSz, len16); + ato16(buffer + offset, &len16); + offset += OPAQUE16_LEN; + + if (bufferSz < offset + len16) + return INCOMPLETE_DATA; while (len16 > OPAQUE16_LEN + OPAQUE16_LEN) { word16 extType; @@ -939,24 +945,36 @@ int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, ato16(buffer + offset, &extType); offset += OPAQUE16_LEN; - SAFE_READ_16(buffer, offset, bufferSz, extLen); + ato16(buffer + offset, &extLen); + offset += OPAQUE16_LEN; + + if (bufferSz < offset + extLen) + return INCOMPLETE_DATA; if (extType != SERVER_NAME_INDICATION) { - offset += extLen; - continue; + offset += extLen; /* skip extension */ } else { word16 listLen; - SAFE_READ_16(buffer, offset, bufferSz, listLen); + ato16(buffer + offset, &listLen); + offset += OPAQUE16_LEN; + + if (bufferSz < offset + listLen) + return INCOMPLETE_DATA; while (listLen > ENUM_LEN + OPAQUE16_LEN) { byte sniType = buffer[offset++]; word16 sniLen; - SAFE_READ_16(buffer, offset, bufferSz, sniLen); + ato16(buffer + offset, &sniLen); + offset += OPAQUE16_LEN; + + if (bufferSz < offset + sniLen) + return INCOMPLETE_DATA; if (sniType != type) { - offset += sniLen; + offset += sniLen; + listLen -= MIN(ENUM_LEN + OPAQUE16_LEN + sniLen, listLen); continue; } @@ -966,16 +984,13 @@ int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, return SSL_SUCCESS; } } + + len16 -= MIN(2 * OPAQUE16_LEN + extLen, len16); } return len16 ? BUFFER_ERROR : 0; } -#undef SAFE_READ_32 -#undef SAFE_READ_16 -#undef BYTE_CHECK -#undef SKIP_LEN8 - #endif #define SNI_FREE_ALL TLSX_SNI_FreeAll diff --git a/tests/api.c b/tests/api.c index dd211d54c..677cfd3f7 100644 --- a/tests/api.c +++ b/tests/api.c @@ -366,32 +366,43 @@ static void test_CyaSSL_SNI_GetFromBuffer(void) 0x0a, 0x05, 0x01, 0x04, 0x01, 0x02, 0x01, 0x04, 0x03, 0x02, 0x03 }; + byte buffer3[] = { /* no sni extension */ + 0x16, 0x03, 0x03, 0x00, 0x4d, 0x01, 0x00, 0x00, 0x49, 0x03, 0x03, 0xea, + 0xa1, 0x9f, 0x60, 0xdd, 0x52, 0x12, 0x13, 0xbd, 0x84, 0x34, 0xd5, 0x1c, + 0x38, 0x25, 0xa8, 0x97, 0xd2, 0xd5, 0xc6, 0x45, 0xaf, 0x1b, 0x08, 0xe4, + 0x1e, 0xbb, 0xdf, 0x9d, 0x39, 0xf0, 0x65, 0x00, 0x00, 0x16, 0x00, 0x6b, + 0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x35, + 0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x0a, + 0x00, 0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01 + }; + byte result[32] = {0}; word32 length = 32; - AssertIntEQ(-228, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0, + AssertIntEQ(0, CyaSSL_SNI_GetFromBuffer(buffer3, sizeof(buffer3), 0, result, &length)); + AssertIntEQ(0, CyaSSL_SNI_GetFromBuffer(buffer2, sizeof(buffer2), 1, + result, &length)); + + AssertIntEQ(-228, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0, + result, &length)); buffer[0] = 0x16; AssertIntEQ(-228, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0, - result, &length)); - + result, &length)); buffer[1] = 0x03; AssertIntEQ(-228, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0, - result, &length)); - + result, &length)); buffer[2] = 0x03; AssertIntEQ(-210, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0, - result, &length)); - + result, &length)); buffer[4] = 0x64; AssertIntEQ(1, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0, result, &length)); - result[length] = 0; AssertStrEQ("www.paypal.com", (const char*) result); From 629410276098180dc7c0b31adfab6babae2e2776 Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 27 Nov 2013 11:59:23 -0800 Subject: [PATCH 022/135] fix wrong NO_DES flags for requirements --- src/internal.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/internal.c b/src/internal.c index 741cedfd7..1c334794a 100644 --- a/src/internal.c +++ b/src/internal.c @@ -9206,7 +9206,7 @@ static void PickHashSigAlgo(CYASSL* ssl, return 1; break; -#ifndef NO_3DES +#ifndef NO_DES3 case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA : if (requirement == REQUIRES_RSA) return 1; @@ -9235,7 +9235,7 @@ static void PickHashSigAlgo(CYASSL* ssl, #endif #endif /* NO_RSA */ -#ifndef NO_3DES +#ifndef NO_DES3 case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA : if (requirement == REQUIRES_ECC_DSA) return 1; From 1bcd61f134d28bc83528314349456c5535d167d3 Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Thu, 28 Nov 2013 09:05:33 +0900 Subject: [PATCH 023/135] Eliminating unused files --- ctaocrypt/src/random.c | 4 +- .../nbproject/Makefile-default.mk | 0 .../nbproject/Makefile-genesis.properties | 8 - .../nbproject/Makefile-impl.mk | 69 - .../nbproject/Makefile-local-default.mk | 0 .../nbproject/Makefile-variables.mk | 13 - .../nbproject/Package-default.bash | 73 - .../nbproject/configurations.xml | 22 - .../nbproject/private/private.xml | 3 - mcapi/ctaocrypt_test.X/main.c | 51 - .../nbproject/Makefile-default.mk | 164 -- .../nbproject/Makefile-genesis.properties | 8 - .../nbproject/Makefile-impl.mk | 69 - .../nbproject/Makefile-local-default.mk | 37 - .../nbproject/Makefile-variables.mk | 13 - .../nbproject/Package-default.bash | 73 - .../nbproject/configurations.xml | 22 - .../nbproject/private/private.xml | 8 - mcapi/cyassl.X/nbproject/Makefile-default.mk | 626 -------- .../nbproject/Makefile-genesis.properties | 8 - mcapi/cyassl.X/nbproject/Makefile-impl.mk | 69 - .../nbproject/Makefile-local-default.mk | 37 - .../cyassl.X/nbproject/Makefile-variables.mk | 13 - mcapi/cyassl.X/nbproject/Package-default.bash | 73 - mcapi/cyassl.X/nbproject/private/private.xml | 6 - mcapi/test.c | 1361 ----------------- mcapi/zlib.X/nbproject/Makefile-default.mk | 314 ---- .../nbproject/Makefile-genesis.properties | 8 - mcapi/zlib.X/nbproject/Makefile-impl.mk | 69 - .../nbproject/Makefile-local-default.mk | 37 - mcapi/zlib.X/nbproject/Makefile-variables.mk | 13 - mcapi/zlib.X/nbproject/Package-default.bash | 73 - mplabx/PIC32MZ-Putc.c | 10 - mplabx/crypto.h | 82 - mplabx/cryptoregs.h | 91 -- mplabx/cryptoregs.s | 21 - mplabx/ctaocrypt_benchmark.X/main.c | 116 -- .../nbproject/Makefile-default.mk | 162 -- .../nbproject/Makefile-genesis.properties | 8 - .../nbproject/Makefile-impl.mk | 69 - .../nbproject/Makefile-local-default.mk | 37 - .../nbproject/Makefile-variables.mk | 13 - .../nbproject/Package-default.bash | 73 - .../nbproject/configurations.xml | 26 +- .../nbproject/private/private.xml | 3 - mplabx/ctaocrypt_test.X/main.c | 60 - .../nbproject/Makefile-default.mk | 170 -- .../nbproject/Makefile-genesis.properties | 8 - .../nbproject/Makefile-impl.mk | 69 - .../nbproject/Makefile-local-default.mk | 37 - .../nbproject/Makefile-variables.mk | 13 - .../nbproject/Package-default.bash | 73 - .../nbproject/configurations.xml | 5 +- .../SuppressibleMessageMemo.properties | 3 - .../nbproject/private/private.xml | 3 - mplabx/cyassl.X/nbproject/Makefile-default.mk | 590 ------- .../nbproject/Makefile-genesis.properties | 8 - mplabx/cyassl.X/nbproject/Makefile-impl.mk | 69 - .../nbproject/Makefile-local-default.mk | 37 - .../cyassl.X/nbproject/Makefile-variables.mk | 13 - .../cyassl.X/nbproject/Package-default.bash | 73 - mplabx/cyassl.X/nbproject/configurations.xml | 4 +- mplabx/cyassl.X/nbproject/private/private.xml | 3 - 63 files changed, 30 insertions(+), 5263 deletions(-) delete mode 100644 mcapi/ctaocrypt_mcapi.X/nbproject/Makefile-default.mk delete mode 100644 mcapi/ctaocrypt_mcapi.X/nbproject/Makefile-genesis.properties delete mode 100644 mcapi/ctaocrypt_mcapi.X/nbproject/Makefile-impl.mk delete mode 100644 mcapi/ctaocrypt_mcapi.X/nbproject/Makefile-local-default.mk delete mode 100644 mcapi/ctaocrypt_mcapi.X/nbproject/Makefile-variables.mk delete mode 100644 mcapi/ctaocrypt_mcapi.X/nbproject/Package-default.bash delete mode 100644 mcapi/ctaocrypt_mcapi.X/nbproject/private/private.xml delete mode 100644 mcapi/ctaocrypt_test.X/main.c delete mode 100644 mcapi/ctaocrypt_test.X/nbproject/Makefile-default.mk delete mode 100644 mcapi/ctaocrypt_test.X/nbproject/Makefile-genesis.properties delete mode 100644 mcapi/ctaocrypt_test.X/nbproject/Makefile-impl.mk delete mode 100644 mcapi/ctaocrypt_test.X/nbproject/Makefile-local-default.mk delete mode 100644 mcapi/ctaocrypt_test.X/nbproject/Makefile-variables.mk delete mode 100644 mcapi/ctaocrypt_test.X/nbproject/Package-default.bash delete mode 100644 mcapi/ctaocrypt_test.X/nbproject/private/private.xml delete mode 100644 mcapi/cyassl.X/nbproject/Makefile-default.mk delete mode 100644 mcapi/cyassl.X/nbproject/Makefile-genesis.properties delete mode 100644 mcapi/cyassl.X/nbproject/Makefile-impl.mk delete mode 100644 mcapi/cyassl.X/nbproject/Makefile-local-default.mk delete mode 100644 mcapi/cyassl.X/nbproject/Makefile-variables.mk delete mode 100644 mcapi/cyassl.X/nbproject/Package-default.bash delete mode 100644 mcapi/cyassl.X/nbproject/private/private.xml delete mode 100644 mcapi/test.c delete mode 100644 mcapi/zlib.X/nbproject/Makefile-default.mk delete mode 100644 mcapi/zlib.X/nbproject/Makefile-genesis.properties delete mode 100644 mcapi/zlib.X/nbproject/Makefile-impl.mk delete mode 100644 mcapi/zlib.X/nbproject/Makefile-local-default.mk delete mode 100644 mcapi/zlib.X/nbproject/Makefile-variables.mk delete mode 100644 mcapi/zlib.X/nbproject/Package-default.bash delete mode 100644 mplabx/PIC32MZ-Putc.c delete mode 100644 mplabx/crypto.h delete mode 100644 mplabx/cryptoregs.h delete mode 100644 mplabx/cryptoregs.s delete mode 100644 mplabx/ctaocrypt_benchmark.X/main.c delete mode 100644 mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-default.mk delete mode 100644 mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-genesis.properties delete mode 100644 mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-impl.mk delete mode 100644 mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-local-default.mk delete mode 100644 mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-variables.mk delete mode 100644 mplabx/ctaocrypt_benchmark.X/nbproject/Package-default.bash delete mode 100644 mplabx/ctaocrypt_benchmark.X/nbproject/private/private.xml delete mode 100644 mplabx/ctaocrypt_test.X/main.c delete mode 100644 mplabx/ctaocrypt_test.X/nbproject/Makefile-default.mk delete mode 100644 mplabx/ctaocrypt_test.X/nbproject/Makefile-genesis.properties delete mode 100644 mplabx/ctaocrypt_test.X/nbproject/Makefile-impl.mk delete mode 100644 mplabx/ctaocrypt_test.X/nbproject/Makefile-local-default.mk delete mode 100644 mplabx/ctaocrypt_test.X/nbproject/Makefile-variables.mk delete mode 100644 mplabx/ctaocrypt_test.X/nbproject/Package-default.bash delete mode 100644 mplabx/ctaocrypt_test.X/nbproject/private/SuppressibleMessageMemo.properties delete mode 100644 mplabx/ctaocrypt_test.X/nbproject/private/private.xml delete mode 100644 mplabx/cyassl.X/nbproject/Makefile-default.mk delete mode 100644 mplabx/cyassl.X/nbproject/Makefile-genesis.properties delete mode 100644 mplabx/cyassl.X/nbproject/Makefile-impl.mk delete mode 100644 mplabx/cyassl.X/nbproject/Makefile-local-default.mk delete mode 100644 mplabx/cyassl.X/nbproject/Makefile-variables.mk delete mode 100644 mplabx/cyassl.X/nbproject/Package-default.bash delete mode 100644 mplabx/cyassl.X/nbproject/private/private.xml diff --git a/ctaocrypt/src/random.c b/ctaocrypt/src/random.c index 33bd75db8..03dd75553 100644 --- a/ctaocrypt/src/random.c +++ b/ctaocrypt/src/random.c @@ -463,7 +463,9 @@ int GenerateSeed(OS_Seed* os, byte* output, word32 sz) #ifdef MICROCHIP_MPLAB_HARMONY #define PIC32_SEED_COUNT _CP0_GET_COUNT #else - #include + #if !defined(CYASSL_MICROCHIP_PIC32MZ) + #include + #endif #define PIC32_SEED_COUNT ReadCoreTimer #endif diff --git a/mcapi/ctaocrypt_mcapi.X/nbproject/Makefile-default.mk b/mcapi/ctaocrypt_mcapi.X/nbproject/Makefile-default.mk deleted file mode 100644 index e69de29bb..000000000 diff --git a/mcapi/ctaocrypt_mcapi.X/nbproject/Makefile-genesis.properties b/mcapi/ctaocrypt_mcapi.X/nbproject/Makefile-genesis.properties deleted file mode 100644 index 8aa7bfafe..000000000 --- a/mcapi/ctaocrypt_mcapi.X/nbproject/Makefile-genesis.properties +++ /dev/null @@ -1,8 +0,0 @@ -# -#Mon Nov 11 09:26:29 JST 2013 -default.com-microchip-mplab-nbide-toolchainXC32-XC32LanguageToolchain.md5=cd6a1e93a26f632c22d91cbbe4deaf2c -default.languagetoolchain.dir=C\:\\Program Files (x86)\\Microchip\\xc32\\v1.30\\bin -com-microchip-mplab-nbide-embedded-makeproject-MakeProject.md5=43bd1633f14a944b6e95abd1333fdfc3 -default.languagetoolchain.version=1.30 -host.platform=windows -conf.ids=default diff --git a/mcapi/ctaocrypt_mcapi.X/nbproject/Makefile-impl.mk b/mcapi/ctaocrypt_mcapi.X/nbproject/Makefile-impl.mk deleted file mode 100644 index 1078c9622..000000000 --- a/mcapi/ctaocrypt_mcapi.X/nbproject/Makefile-impl.mk +++ /dev/null @@ -1,69 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# Edit the Makefile in the project folder instead (../Makefile). Each target -# has a pre- and a post- target defined where you can add customization code. -# -# This makefile implements macros and targets common to all configurations. -# -# NOCDDL - - -# Building and Cleaning subprojects are done by default, but can be controlled with the SUB -# macro. If SUB=no, subprojects will not be built or cleaned. The following macro -# statements set BUILD_SUB-CONF and CLEAN_SUB-CONF to .build-reqprojects-conf -# and .clean-reqprojects-conf unless SUB has the value 'no' -SUB_no=NO -SUBPROJECTS=${SUB_${SUB}} -BUILD_SUBPROJECTS_=.build-subprojects -BUILD_SUBPROJECTS_NO= -BUILD_SUBPROJECTS=${BUILD_SUBPROJECTS_${SUBPROJECTS}} -CLEAN_SUBPROJECTS_=.clean-subprojects -CLEAN_SUBPROJECTS_NO= -CLEAN_SUBPROJECTS=${CLEAN_SUBPROJECTS_${SUBPROJECTS}} - - -# Project Name -PROJECTNAME=ctaocrypt_mcapi.X - -# Active Configuration -DEFAULTCONF=default -CONF=${DEFAULTCONF} - -# All Configurations -ALLCONFS=default - - -# build -.build-impl: .build-pre - ${MAKE} -f nbproject/Makefile-${CONF}.mk SUBPROJECTS=${SUBPROJECTS} .build-conf - - -# clean -.clean-impl: .clean-pre - ${MAKE} -f nbproject/Makefile-${CONF}.mk SUBPROJECTS=${SUBPROJECTS} .clean-conf - -# clobber -.clobber-impl: .clobber-pre .depcheck-impl - ${MAKE} SUBPROJECTS=${SUBPROJECTS} CONF=default clean - - - -# all -.all-impl: .all-pre .depcheck-impl - ${MAKE} SUBPROJECTS=${SUBPROJECTS} CONF=default build - - - -# dependency checking support -.depcheck-impl: -# @echo "# This code depends on make tool being used" >.dep.inc -# @if [ -n "${MAKE_VERSION}" ]; then \ -# echo "DEPFILES=\$$(wildcard \$$(addsuffix .d, \$${OBJECTFILES}))" >>.dep.inc; \ -# echo "ifneq (\$${DEPFILES},)" >>.dep.inc; \ -# echo "include \$${DEPFILES}" >>.dep.inc; \ -# echo "endif" >>.dep.inc; \ -# else \ -# echo ".KEEP_STATE:" >>.dep.inc; \ -# echo ".KEEP_STATE_FILE:.make.state.\$${CONF}" >>.dep.inc; \ -# fi diff --git a/mcapi/ctaocrypt_mcapi.X/nbproject/Makefile-local-default.mk b/mcapi/ctaocrypt_mcapi.X/nbproject/Makefile-local-default.mk deleted file mode 100644 index e69de29bb..000000000 diff --git a/mcapi/ctaocrypt_mcapi.X/nbproject/Makefile-variables.mk b/mcapi/ctaocrypt_mcapi.X/nbproject/Makefile-variables.mk deleted file mode 100644 index d31702c8e..000000000 --- a/mcapi/ctaocrypt_mcapi.X/nbproject/Makefile-variables.mk +++ /dev/null @@ -1,13 +0,0 @@ -# -# Generated - do not edit! -# -# NOCDDL -# -CND_BASEDIR=`pwd` -# default configuration -CND_ARTIFACT_DIR_default=dist/default/production -CND_ARTIFACT_NAME_default=ctaocrypt_mcapi.X.production.hex -CND_ARTIFACT_PATH_default=dist/default/production/ctaocrypt_mcapi.X.production.hex -CND_PACKAGE_DIR_default=${CND_DISTDIR}/default/package -CND_PACKAGE_NAME_default=ctaocryptmcapi.x.tar -CND_PACKAGE_PATH_default=${CND_DISTDIR}/default/package/ctaocryptmcapi.x.tar diff --git a/mcapi/ctaocrypt_mcapi.X/nbproject/Package-default.bash b/mcapi/ctaocrypt_mcapi.X/nbproject/Package-default.bash deleted file mode 100644 index 26a502830..000000000 --- a/mcapi/ctaocrypt_mcapi.X/nbproject/Package-default.bash +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash -x - -# -# Generated - do not edit! -# - -# Macros -TOP=`pwd` -CND_CONF=default -CND_DISTDIR=dist -TMPDIR=build/${CND_CONF}/${IMAGE_TYPE}/tmp-packaging -TMPDIRNAME=tmp-packaging -OUTPUT_PATH=dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_mcapi.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} -OUTPUT_BASENAME=ctaocrypt_mcapi.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} -PACKAGE_TOP_DIR=ctaocryptmcapi.x/ - -# Functions -function checkReturnCode -{ - rc=$? - if [ $rc != 0 ] - then - exit $rc - fi -} -function makeDirectory -# $1 directory path -# $2 permission (optional) -{ - mkdir -p "$1" - checkReturnCode - if [ "$2" != "" ] - then - chmod $2 "$1" - checkReturnCode - fi -} -function copyFileToTmpDir -# $1 from-file path -# $2 to-file path -# $3 permission -{ - cp "$1" "$2" - checkReturnCode - if [ "$3" != "" ] - then - chmod $3 "$2" - checkReturnCode - fi -} - -# Setup -cd "${TOP}" -mkdir -p ${CND_DISTDIR}/${CND_CONF}/package -rm -rf ${TMPDIR} -mkdir -p ${TMPDIR} - -# Copy files and create directories and links -cd "${TOP}" -makeDirectory ${TMPDIR}/ctaocryptmcapi.x/bin -copyFileToTmpDir "${OUTPUT_PATH}" "${TMPDIR}/${PACKAGE_TOP_DIR}bin/${OUTPUT_BASENAME}" 0755 - - -# Generate tar file -cd "${TOP}" -rm -f ${CND_DISTDIR}/${CND_CONF}/package/ctaocryptmcapi.x.tar -cd ${TMPDIR} -tar -vcf ../../../../${CND_DISTDIR}/${CND_CONF}/package/ctaocryptmcapi.x.tar * -checkReturnCode - -# Cleanup -cd "${TOP}" -rm -rf ${TMPDIR} diff --git a/mcapi/ctaocrypt_mcapi.X/nbproject/configurations.xml b/mcapi/ctaocrypt_mcapi.X/nbproject/configurations.xml index 54eef5bf8..e9792ab63 100644 --- a/mcapi/ctaocrypt_mcapi.X/nbproject/configurations.xml +++ b/mcapi/ctaocrypt_mcapi.X/nbproject/configurations.xml @@ -167,28 +167,6 @@ - - - - - - - - - - - - - - - - - - - - - diff --git a/mcapi/ctaocrypt_mcapi.X/nbproject/private/private.xml b/mcapi/ctaocrypt_mcapi.X/nbproject/private/private.xml deleted file mode 100644 index e39667075..000000000 --- a/mcapi/ctaocrypt_mcapi.X/nbproject/private/private.xml +++ /dev/null @@ -1,3 +0,0 @@ - - - diff --git a/mcapi/ctaocrypt_test.X/main.c b/mcapi/ctaocrypt_test.X/main.c deleted file mode 100644 index c39a3c9e9..000000000 --- a/mcapi/ctaocrypt_test.X/main.c +++ /dev/null @@ -1,51 +0,0 @@ -/* main.c - * - * Copyright (C) 2006-2013 wolfSSL Inc. All rights reserved. - * - * This file is part of CyaSSL. - * - * Contact licensing@yassl.com with any questions or comments. - * - * http://www.yassl.com - */ - - -#define PIC32_STARTER_KIT - -#include -#include -#include -#include -#include - -/* func_args from test.h, so don't have to pull in other junk */ -typedef struct func_args { - int argc; - char** argv; - int return_code; -} func_args; - -/* - * Main driver for CTaoCrypt tests. - */ -int main(int argc, char** argv) { - - SYSTEMConfigPerformance(80000000); - - DBINIT(); - printf("CTaoCrypt Test:\n"); - - func_args args; - - args.argc = argc; - args.argv = argv; - - ctaocrypt_test(&args); - - if (args.return_code == 0) { - printf("All tests passed!\n"); - } - - return 0; -} - diff --git a/mcapi/ctaocrypt_test.X/nbproject/Makefile-default.mk b/mcapi/ctaocrypt_test.X/nbproject/Makefile-default.mk deleted file mode 100644 index df588914c..000000000 --- a/mcapi/ctaocrypt_test.X/nbproject/Makefile-default.mk +++ /dev/null @@ -1,164 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# Edit the Makefile in the project folder instead (../Makefile). Each target -# has a -pre and a -post target defined where you can add customized code. -# -# This makefile implements configuration specific macros and targets. - - -# Include project Makefile -ifeq "${IGNORE_LOCAL}" "TRUE" -# do not include local makefile. User is passing all local related variables already -else -include Makefile -# Include makefile containing local settings -ifeq "$(wildcard nbproject/Makefile-local-default.mk)" "nbproject/Makefile-local-default.mk" -include nbproject/Makefile-local-default.mk -endif -endif - -# Environment -MKDIR=gnumkdir -p -RM=rm -f -MV=mv -CP=cp - -# Macros -CND_CONF=default -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -IMAGE_TYPE=debug -OUTPUT_SUFFIX=elf -DEBUGGABLE_SUFFIX=elf -FINAL_IMAGE=dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} -else -IMAGE_TYPE=production -OUTPUT_SUFFIX=hex -DEBUGGABLE_SUFFIX=elf -FINAL_IMAGE=dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} -endif - -# Object Directory -OBJECTDIR=build/${CND_CONF}/${IMAGE_TYPE} - -# Distribution Directory -DISTDIR=dist/${CND_CONF}/${IMAGE_TYPE} - -# Source Files Quoted if spaced -SOURCEFILES_QUOTED_IF_SPACED=../../ctaocrypt/test/test.c ../../mplabx/test_main.c - -# Object Files Quoted if spaced -OBJECTFILES_QUOTED_IF_SPACED=${OBJECTDIR}/_ext/1679622190/test.o ${OBJECTDIR}/_ext/1042050482/test_main.o -POSSIBLE_DEPFILES=${OBJECTDIR}/_ext/1679622190/test.o.d ${OBJECTDIR}/_ext/1042050482/test_main.o.d - -# Object Files -OBJECTFILES=${OBJECTDIR}/_ext/1679622190/test.o ${OBJECTDIR}/_ext/1042050482/test_main.o - -# Source Files -SOURCEFILES=../../ctaocrypt/test/test.c ../../mplabx/test_main.c - - -CFLAGS= -ASFLAGS= -LDLIBSOPTIONS= - -############# Tool locations ########################################## -# If you copy a project from one host to another, the path where the # -# compiler is installed may be different. # -# If you open this project with MPLAB X in the new host, this # -# makefile will be regenerated and the paths will be corrected. # -####################################################################### -# fixDeps replaces a bunch of sed/cat/printf statements that slow down the build -FIXDEPS=fixDeps - -.build-conf: ${BUILD_SUBPROJECTS} - ${MAKE} ${MAKE_OPTIONS} -f nbproject/Makefile-default.mk dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} - -MP_PROCESSOR_OPTION=32MZ2048ECM144 -MP_LINKER_FILE_OPTION= -# ------------------------------------------------------------------------------------ -# Rules for buildStep: assemble -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -else -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: assembleWithPreprocess -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -else -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: compile -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -${OBJECTDIR}/_ext/1679622190/test.o: ../../ctaocrypt/test/test.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1679622190 - @${RM} ${OBJECTDIR}/_ext/1679622190/test.o.d - @${RM} ${OBJECTDIR}/_ext/1679622190/test.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1679622190/test.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DNO_MAIN_DRIVER -DUSE_CERT_BUFFERS_1024 -DCYASSL_SHA384 -DCYASSL_SHA512 -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1679622190/test.o.d" -o ${OBJECTDIR}/_ext/1679622190/test.o ../../ctaocrypt/test/test.c - -${OBJECTDIR}/_ext/1042050482/test_main.o: ../../mplabx/test_main.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1042050482 - @${RM} ${OBJECTDIR}/_ext/1042050482/test_main.o.d - @${RM} ${OBJECTDIR}/_ext/1042050482/test_main.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1042050482/test_main.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DNO_MAIN_DRIVER -DUSE_CERT_BUFFERS_1024 -DCYASSL_SHA384 -DCYASSL_SHA512 -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1042050482/test_main.o.d" -o ${OBJECTDIR}/_ext/1042050482/test_main.o ../../mplabx/test_main.c - -else -${OBJECTDIR}/_ext/1679622190/test.o: ../../ctaocrypt/test/test.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1679622190 - @${RM} ${OBJECTDIR}/_ext/1679622190/test.o.d - @${RM} ${OBJECTDIR}/_ext/1679622190/test.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1679622190/test.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DNO_MAIN_DRIVER -DUSE_CERT_BUFFERS_1024 -DCYASSL_SHA384 -DCYASSL_SHA512 -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1679622190/test.o.d" -o ${OBJECTDIR}/_ext/1679622190/test.o ../../ctaocrypt/test/test.c - -${OBJECTDIR}/_ext/1042050482/test_main.o: ../../mplabx/test_main.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1042050482 - @${RM} ${OBJECTDIR}/_ext/1042050482/test_main.o.d - @${RM} ${OBJECTDIR}/_ext/1042050482/test_main.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1042050482/test_main.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DNO_MAIN_DRIVER -DUSE_CERT_BUFFERS_1024 -DCYASSL_SHA384 -DCYASSL_SHA512 -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1042050482/test_main.o.d" -o ${OBJECTDIR}/_ext/1042050482/test_main.o ../../mplabx/test_main.c - -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: compileCPP -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -else -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: link -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX}: ${OBJECTFILES} nbproject/Makefile-${CND_CONF}.mk ../cyassl.X/dist/default/debug/cyassl.X.a ../zlib.X/dist/default/debug/zlib.X.a - @${MKDIR} dist/${CND_CONF}/${IMAGE_TYPE} - ${MP_CC} $(MP_EXTRA_LD_PRE) -mdebugger -D__MPLAB_DEBUGGER_PK3=1 -mprocessor=$(MP_PROCESSOR_OPTION) -Os -o dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} ${OBJECTFILES_QUOTED_IF_SPACED} ..\cyassl.X\dist\default\debug\cyassl.X.a ..\zlib.X\dist\default\debug\zlib.X.a -mreserve=data@0x0:0x27F -Wl,--defsym=__MPLAB_BUILD=1$(MP_EXTRA_LD_POST)$(MP_LINKER_FILE_OPTION),--defsym=__MPLAB_DEBUG=1,--defsym=__DEBUG=1,--defsym=__MPLAB_DEBUGGER_PK3=1,--defsym=_min_heap_size=32768,--defsym=_min_stack_size=1024,--gc-sections - -else -dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX}: ${OBJECTFILES} nbproject/Makefile-${CND_CONF}.mk ../cyassl.X/dist/default/production/cyassl.X.a ../zlib.X/dist/default/production/zlib.X.a - @${MKDIR} dist/${CND_CONF}/${IMAGE_TYPE} - ${MP_CC} $(MP_EXTRA_LD_PRE) -mprocessor=$(MP_PROCESSOR_OPTION) -Os -o dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${DEBUGGABLE_SUFFIX} ${OBJECTFILES_QUOTED_IF_SPACED} ..\cyassl.X\dist\default\production\cyassl.X.a ..\zlib.X\dist\default\production\zlib.X.a -Wl,--defsym=__MPLAB_BUILD=1$(MP_EXTRA_LD_POST)$(MP_LINKER_FILE_OPTION),--defsym=_min_heap_size=32768,--defsym=_min_stack_size=1024,--gc-sections - ${MP_CC_DIR}\\xc32-bin2hex dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${DEBUGGABLE_SUFFIX} -endif - - -# Subprojects -.build-subprojects: - cd /D ../cyassl.X && ${MAKE} -f Makefile CONF=default - cd /D ../zlib.X && ${MAKE} -f Makefile CONF=default - - -# Subprojects -.clean-subprojects: - cd /D ../cyassl.X && rm -rf "build/default" "dist/default" - cd /D ../zlib.X && rm -rf "build/default" "dist/default" - -# Clean Targets -.clean-conf: ${CLEAN_SUBPROJECTS} - ${RM} -r build/default - ${RM} -r dist/default - -# Enable dependency checking -.dep.inc: .depcheck-impl - -DEPFILES=$(shell mplabwildcard ${POSSIBLE_DEPFILES}) -ifneq (${DEPFILES},) -include ${DEPFILES} -endif diff --git a/mcapi/ctaocrypt_test.X/nbproject/Makefile-genesis.properties b/mcapi/ctaocrypt_test.X/nbproject/Makefile-genesis.properties deleted file mode 100644 index 26bb35fe2..000000000 --- a/mcapi/ctaocrypt_test.X/nbproject/Makefile-genesis.properties +++ /dev/null @@ -1,8 +0,0 @@ -# -#Mon Nov 11 09:26:21 JST 2013 -default.com-microchip-mplab-nbide-toolchainXC32-XC32LanguageToolchain.md5=cd6a1e93a26f632c22d91cbbe4deaf2c -default.languagetoolchain.dir=C\:\\Program Files (x86)\\Microchip\\xc32\\v1.30\\bin -com-microchip-mplab-nbide-embedded-makeproject-MakeProject.md5=43bd1633f14a944b6e95abd1333fdfc3 -default.languagetoolchain.version=1.30 -host.platform=windows -conf.ids=default diff --git a/mcapi/ctaocrypt_test.X/nbproject/Makefile-impl.mk b/mcapi/ctaocrypt_test.X/nbproject/Makefile-impl.mk deleted file mode 100644 index 32630f76c..000000000 --- a/mcapi/ctaocrypt_test.X/nbproject/Makefile-impl.mk +++ /dev/null @@ -1,69 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# Edit the Makefile in the project folder instead (../Makefile). Each target -# has a pre- and a post- target defined where you can add customization code. -# -# This makefile implements macros and targets common to all configurations. -# -# NOCDDL - - -# Building and Cleaning subprojects are done by default, but can be controlled with the SUB -# macro. If SUB=no, subprojects will not be built or cleaned. The following macro -# statements set BUILD_SUB-CONF and CLEAN_SUB-CONF to .build-reqprojects-conf -# and .clean-reqprojects-conf unless SUB has the value 'no' -SUB_no=NO -SUBPROJECTS=${SUB_${SUB}} -BUILD_SUBPROJECTS_=.build-subprojects -BUILD_SUBPROJECTS_NO= -BUILD_SUBPROJECTS=${BUILD_SUBPROJECTS_${SUBPROJECTS}} -CLEAN_SUBPROJECTS_=.clean-subprojects -CLEAN_SUBPROJECTS_NO= -CLEAN_SUBPROJECTS=${CLEAN_SUBPROJECTS_${SUBPROJECTS}} - - -# Project Name -PROJECTNAME=ctaocrypt_test.X - -# Active Configuration -DEFAULTCONF=default -CONF=${DEFAULTCONF} - -# All Configurations -ALLCONFS=default - - -# build -.build-impl: .build-pre - ${MAKE} -f nbproject/Makefile-${CONF}.mk SUBPROJECTS=${SUBPROJECTS} .build-conf - - -# clean -.clean-impl: .clean-pre - ${MAKE} -f nbproject/Makefile-${CONF}.mk SUBPROJECTS=${SUBPROJECTS} .clean-conf - -# clobber -.clobber-impl: .clobber-pre .depcheck-impl - ${MAKE} SUBPROJECTS=${SUBPROJECTS} CONF=default clean - - - -# all -.all-impl: .all-pre .depcheck-impl - ${MAKE} SUBPROJECTS=${SUBPROJECTS} CONF=default build - - - -# dependency checking support -.depcheck-impl: -# @echo "# This code depends on make tool being used" >.dep.inc -# @if [ -n "${MAKE_VERSION}" ]; then \ -# echo "DEPFILES=\$$(wildcard \$$(addsuffix .d, \$${OBJECTFILES}))" >>.dep.inc; \ -# echo "ifneq (\$${DEPFILES},)" >>.dep.inc; \ -# echo "include \$${DEPFILES}" >>.dep.inc; \ -# echo "endif" >>.dep.inc; \ -# else \ -# echo ".KEEP_STATE:" >>.dep.inc; \ -# echo ".KEEP_STATE_FILE:.make.state.\$${CONF}" >>.dep.inc; \ -# fi diff --git a/mcapi/ctaocrypt_test.X/nbproject/Makefile-local-default.mk b/mcapi/ctaocrypt_test.X/nbproject/Makefile-local-default.mk deleted file mode 100644 index 3350f874d..000000000 --- a/mcapi/ctaocrypt_test.X/nbproject/Makefile-local-default.mk +++ /dev/null @@ -1,37 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# -# This file contains information about the location of compilers and other tools. -# If you commmit this file into your revision control server, you will be able to -# to checkout the project and build it from the command line with make. However, -# if more than one person works on the same project, then this file might show -# conflicts since different users are bound to have compilers in different places. -# In that case you might choose to not commit this file and let MPLAB X recreate this file -# for each user. The disadvantage of not commiting this file is that you must run MPLAB X at -# least once so the file gets created and the project can be built. Finally, you can also -# avoid using this file at all if you are only building from the command line with make. -# You can invoke make with the values of the macros: -# $ makeMP_CC="/opt/microchip/mplabc30/v3.30c/bin/pic30-gcc" ... -# -SHELL=cmd.exe -PATH_TO_IDE_BIN=C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/ -# Adding MPLAB X bin directory to path. -PATH:=C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/:$(PATH) -# Path to java used to run MPLAB X when this makefile was created -MP_JAVA_PATH="C:\Program Files (x86)\Microchip\MPLABX-v1.95.RC3\sys\java\jre1.7.0_25-windows-x64\java-windows/bin/" -OS_CURRENT="$(shell uname -s)" -MP_CC="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-gcc.exe" -MP_CPPC="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-g++.exe" -# MP_BC is not defined -MP_AS="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-as.exe" -MP_LD="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-ld.exe" -MP_AR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-ar.exe" -DEP_GEN=${MP_JAVA_PATH}java -jar "C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/extractobjectdependencies.jar" -MP_CC_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -MP_CPPC_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -# MP_BC_DIR is not defined -MP_AS_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -MP_LD_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -MP_AR_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -# MP_BC_DIR is not defined diff --git a/mcapi/ctaocrypt_test.X/nbproject/Makefile-variables.mk b/mcapi/ctaocrypt_test.X/nbproject/Makefile-variables.mk deleted file mode 100644 index 09fbeab2d..000000000 --- a/mcapi/ctaocrypt_test.X/nbproject/Makefile-variables.mk +++ /dev/null @@ -1,13 +0,0 @@ -# -# Generated - do not edit! -# -# NOCDDL -# -CND_BASEDIR=`pwd` -# default configuration -CND_ARTIFACT_DIR_default=dist/default/production -CND_ARTIFACT_NAME_default=ctaocrypt_test.X.production.hex -CND_ARTIFACT_PATH_default=dist/default/production/ctaocrypt_test.X.production.hex -CND_PACKAGE_DIR_default=${CND_DISTDIR}/default/package -CND_PACKAGE_NAME_default=ctaocrypttest.x.tar -CND_PACKAGE_PATH_default=${CND_DISTDIR}/default/package/ctaocrypttest.x.tar diff --git a/mcapi/ctaocrypt_test.X/nbproject/Package-default.bash b/mcapi/ctaocrypt_test.X/nbproject/Package-default.bash deleted file mode 100644 index 24387c9d2..000000000 --- a/mcapi/ctaocrypt_test.X/nbproject/Package-default.bash +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash -x - -# -# Generated - do not edit! -# - -# Macros -TOP=`pwd` -CND_CONF=default -CND_DISTDIR=dist -TMPDIR=build/${CND_CONF}/${IMAGE_TYPE}/tmp-packaging -TMPDIRNAME=tmp-packaging -OUTPUT_PATH=dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} -OUTPUT_BASENAME=ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} -PACKAGE_TOP_DIR=ctaocrypttest.x/ - -# Functions -function checkReturnCode -{ - rc=$? - if [ $rc != 0 ] - then - exit $rc - fi -} -function makeDirectory -# $1 directory path -# $2 permission (optional) -{ - mkdir -p "$1" - checkReturnCode - if [ "$2" != "" ] - then - chmod $2 "$1" - checkReturnCode - fi -} -function copyFileToTmpDir -# $1 from-file path -# $2 to-file path -# $3 permission -{ - cp "$1" "$2" - checkReturnCode - if [ "$3" != "" ] - then - chmod $3 "$2" - checkReturnCode - fi -} - -# Setup -cd "${TOP}" -mkdir -p ${CND_DISTDIR}/${CND_CONF}/package -rm -rf ${TMPDIR} -mkdir -p ${TMPDIR} - -# Copy files and create directories and links -cd "${TOP}" -makeDirectory ${TMPDIR}/ctaocrypttest.x/bin -copyFileToTmpDir "${OUTPUT_PATH}" "${TMPDIR}/${PACKAGE_TOP_DIR}bin/${OUTPUT_BASENAME}" 0755 - - -# Generate tar file -cd "${TOP}" -rm -f ${CND_DISTDIR}/${CND_CONF}/package/ctaocrypttest.x.tar -cd ${TMPDIR} -tar -vcf ../../../../${CND_DISTDIR}/${CND_CONF}/package/ctaocrypttest.x.tar * -checkReturnCode - -# Cleanup -cd "${TOP}" -rm -rf ${TMPDIR} diff --git a/mcapi/ctaocrypt_test.X/nbproject/configurations.xml b/mcapi/ctaocrypt_test.X/nbproject/configurations.xml index e0ee5463e..d5b8d3e85 100644 --- a/mcapi/ctaocrypt_test.X/nbproject/configurations.xml +++ b/mcapi/ctaocrypt_test.X/nbproject/configurations.xml @@ -184,28 +184,6 @@ - - - - - - - - - - - - - - - - - - - - - diff --git a/mcapi/ctaocrypt_test.X/nbproject/private/private.xml b/mcapi/ctaocrypt_test.X/nbproject/private/private.xml deleted file mode 100644 index 7015ffd51..000000000 --- a/mcapi/ctaocrypt_test.X/nbproject/private/private.xml +++ /dev/null @@ -1,8 +0,0 @@ - - - - file:/C:/ROOT/CyaSSL-Release/PIC32MZ/cyassl/mplabx/test_main.c - file:/C:/ROOT/CyaSSL-Release/PIC32MZ/cyassl/mplabx/benchmark_main.c - file:/C:/ROOT/CyaSSL-Release/PIC32MZ/cyassl/ctaocrypt/test/test.c - - diff --git a/mcapi/cyassl.X/nbproject/Makefile-default.mk b/mcapi/cyassl.X/nbproject/Makefile-default.mk deleted file mode 100644 index cb552df92..000000000 --- a/mcapi/cyassl.X/nbproject/Makefile-default.mk +++ /dev/null @@ -1,626 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# Edit the Makefile in the project folder instead (../Makefile). Each target -# has a -pre and a -post target defined where you can add customized code. -# -# This makefile implements configuration specific macros and targets. - - -# Include project Makefile -ifeq "${IGNORE_LOCAL}" "TRUE" -# do not include local makefile. User is passing all local related variables already -else -include Makefile -# Include makefile containing local settings -ifeq "$(wildcard nbproject/Makefile-local-default.mk)" "nbproject/Makefile-local-default.mk" -include nbproject/Makefile-local-default.mk -endif -endif - -# Environment -MKDIR=gnumkdir -p -RM=rm -f -MV=mv -CP=cp - -# Macros -CND_CONF=default -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -IMAGE_TYPE=debug -OUTPUT_SUFFIX=a -DEBUGGABLE_SUFFIX= -FINAL_IMAGE=dist/${CND_CONF}/${IMAGE_TYPE}/cyassl.X.${OUTPUT_SUFFIX} -else -IMAGE_TYPE=production -OUTPUT_SUFFIX=a -DEBUGGABLE_SUFFIX= -FINAL_IMAGE=dist/${CND_CONF}/${IMAGE_TYPE}/cyassl.X.${OUTPUT_SUFFIX} -endif - -# Object Directory -OBJECTDIR=build/${CND_CONF}/${IMAGE_TYPE} - -# Distribution Directory -DISTDIR=dist/${CND_CONF}/${IMAGE_TYPE} - -# Source Files Quoted if spaced -SOURCEFILES_QUOTED_IF_SPACED=../../src/crl.c ../../src/internal.c ../../src/io.c ../../src/keys.c ../../src/ocsp.c ../../src/sniffer.c ../../src/ssl.c ../../src/tls.c ../../ctaocrypt/src/aes.c ../../ctaocrypt/src/arc4.c ../../ctaocrypt/src/asm.c ../../ctaocrypt/src/asn.c ../../ctaocrypt/src/coding.c ../../ctaocrypt/src/des3.c ../../ctaocrypt/src/dh.c ../../ctaocrypt/src/dsa.c ../../ctaocrypt/src/ecc.c ../../ctaocrypt/src/ecc_fp.c ../../ctaocrypt/src/error.c ../../ctaocrypt/src/hc128.c ../../ctaocrypt/src/hmac.c ../../ctaocrypt/src/integer.c ../../ctaocrypt/src/logging.c ../../ctaocrypt/src/md2.c ../../ctaocrypt/src/md4.c ../../ctaocrypt/src/md5.c ../../ctaocrypt/src/memory.c ../../ctaocrypt/src/misc.c ../../ctaocrypt/src/pwdbased.c ../../ctaocrypt/src/rabbit.c ../../ctaocrypt/src/random.c ../../ctaocrypt/src/ripemd.c ../../ctaocrypt/src/rsa.c ../../ctaocrypt/src/sha.c ../../ctaocrypt/src/sha256.c ../../ctaocrypt/src/sha512.c ../../ctaocrypt/src/tfm.c ../../mcapi/crypto.c ../../ctaocrypt/src/compress.c ../../ctaocrypt/src/camellia.c ../../ctaocrypt/src/port.c - -# Object Files Quoted if spaced -OBJECTFILES_QUOTED_IF_SPACED=${OBJECTDIR}/_ext/1445274692/crl.o ${OBJECTDIR}/_ext/1445274692/internal.o ${OBJECTDIR}/_ext/1445274692/io.o ${OBJECTDIR}/_ext/1445274692/keys.o ${OBJECTDIR}/_ext/1445274692/ocsp.o ${OBJECTDIR}/_ext/1445274692/sniffer.o ${OBJECTDIR}/_ext/1445274692/ssl.o ${OBJECTDIR}/_ext/1445274692/tls.o ${OBJECTDIR}/_ext/1439655260/aes.o ${OBJECTDIR}/_ext/1439655260/arc4.o ${OBJECTDIR}/_ext/1439655260/asm.o ${OBJECTDIR}/_ext/1439655260/asn.o ${OBJECTDIR}/_ext/1439655260/coding.o ${OBJECTDIR}/_ext/1439655260/des3.o ${OBJECTDIR}/_ext/1439655260/dh.o ${OBJECTDIR}/_ext/1439655260/dsa.o ${OBJECTDIR}/_ext/1439655260/ecc.o ${OBJECTDIR}/_ext/1439655260/ecc_fp.o ${OBJECTDIR}/_ext/1439655260/error.o ${OBJECTDIR}/_ext/1439655260/hc128.o ${OBJECTDIR}/_ext/1439655260/hmac.o ${OBJECTDIR}/_ext/1439655260/integer.o ${OBJECTDIR}/_ext/1439655260/logging.o ${OBJECTDIR}/_ext/1439655260/md2.o ${OBJECTDIR}/_ext/1439655260/md4.o ${OBJECTDIR}/_ext/1439655260/md5.o ${OBJECTDIR}/_ext/1439655260/memory.o ${OBJECTDIR}/_ext/1439655260/misc.o ${OBJECTDIR}/_ext/1439655260/pwdbased.o ${OBJECTDIR}/_ext/1439655260/rabbit.o ${OBJECTDIR}/_ext/1439655260/random.o ${OBJECTDIR}/_ext/1439655260/ripemd.o ${OBJECTDIR}/_ext/1439655260/rsa.o ${OBJECTDIR}/_ext/1439655260/sha.o ${OBJECTDIR}/_ext/1439655260/sha256.o ${OBJECTDIR}/_ext/1439655260/sha512.o ${OBJECTDIR}/_ext/1439655260/tfm.o ${OBJECTDIR}/_ext/1628556068/crypto.o ${OBJECTDIR}/_ext/1439655260/compress.o ${OBJECTDIR}/_ext/1439655260/camellia.o ${OBJECTDIR}/_ext/1439655260/port.o -POSSIBLE_DEPFILES=${OBJECTDIR}/_ext/1445274692/crl.o.d ${OBJECTDIR}/_ext/1445274692/internal.o.d ${OBJECTDIR}/_ext/1445274692/io.o.d ${OBJECTDIR}/_ext/1445274692/keys.o.d ${OBJECTDIR}/_ext/1445274692/ocsp.o.d ${OBJECTDIR}/_ext/1445274692/sniffer.o.d ${OBJECTDIR}/_ext/1445274692/ssl.o.d ${OBJECTDIR}/_ext/1445274692/tls.o.d ${OBJECTDIR}/_ext/1439655260/aes.o.d ${OBJECTDIR}/_ext/1439655260/arc4.o.d ${OBJECTDIR}/_ext/1439655260/asm.o.d ${OBJECTDIR}/_ext/1439655260/asn.o.d ${OBJECTDIR}/_ext/1439655260/coding.o.d ${OBJECTDIR}/_ext/1439655260/des3.o.d ${OBJECTDIR}/_ext/1439655260/dh.o.d ${OBJECTDIR}/_ext/1439655260/dsa.o.d ${OBJECTDIR}/_ext/1439655260/ecc.o.d ${OBJECTDIR}/_ext/1439655260/ecc_fp.o.d ${OBJECTDIR}/_ext/1439655260/error.o.d ${OBJECTDIR}/_ext/1439655260/hc128.o.d ${OBJECTDIR}/_ext/1439655260/hmac.o.d ${OBJECTDIR}/_ext/1439655260/integer.o.d ${OBJECTDIR}/_ext/1439655260/logging.o.d ${OBJECTDIR}/_ext/1439655260/md2.o.d ${OBJECTDIR}/_ext/1439655260/md4.o.d ${OBJECTDIR}/_ext/1439655260/md5.o.d ${OBJECTDIR}/_ext/1439655260/memory.o.d ${OBJECTDIR}/_ext/1439655260/misc.o.d ${OBJECTDIR}/_ext/1439655260/pwdbased.o.d ${OBJECTDIR}/_ext/1439655260/rabbit.o.d ${OBJECTDIR}/_ext/1439655260/random.o.d ${OBJECTDIR}/_ext/1439655260/ripemd.o.d ${OBJECTDIR}/_ext/1439655260/rsa.o.d ${OBJECTDIR}/_ext/1439655260/sha.o.d ${OBJECTDIR}/_ext/1439655260/sha256.o.d ${OBJECTDIR}/_ext/1439655260/sha512.o.d ${OBJECTDIR}/_ext/1439655260/tfm.o.d ${OBJECTDIR}/_ext/1628556068/crypto.o.d ${OBJECTDIR}/_ext/1439655260/compress.o.d ${OBJECTDIR}/_ext/1439655260/camellia.o.d ${OBJECTDIR}/_ext/1439655260/port.o.d - -# Object Files -OBJECTFILES=${OBJECTDIR}/_ext/1445274692/crl.o ${OBJECTDIR}/_ext/1445274692/internal.o ${OBJECTDIR}/_ext/1445274692/io.o ${OBJECTDIR}/_ext/1445274692/keys.o ${OBJECTDIR}/_ext/1445274692/ocsp.o ${OBJECTDIR}/_ext/1445274692/sniffer.o ${OBJECTDIR}/_ext/1445274692/ssl.o ${OBJECTDIR}/_ext/1445274692/tls.o ${OBJECTDIR}/_ext/1439655260/aes.o ${OBJECTDIR}/_ext/1439655260/arc4.o ${OBJECTDIR}/_ext/1439655260/asm.o ${OBJECTDIR}/_ext/1439655260/asn.o ${OBJECTDIR}/_ext/1439655260/coding.o ${OBJECTDIR}/_ext/1439655260/des3.o ${OBJECTDIR}/_ext/1439655260/dh.o ${OBJECTDIR}/_ext/1439655260/dsa.o ${OBJECTDIR}/_ext/1439655260/ecc.o ${OBJECTDIR}/_ext/1439655260/ecc_fp.o ${OBJECTDIR}/_ext/1439655260/error.o ${OBJECTDIR}/_ext/1439655260/hc128.o ${OBJECTDIR}/_ext/1439655260/hmac.o ${OBJECTDIR}/_ext/1439655260/integer.o ${OBJECTDIR}/_ext/1439655260/logging.o ${OBJECTDIR}/_ext/1439655260/md2.o ${OBJECTDIR}/_ext/1439655260/md4.o ${OBJECTDIR}/_ext/1439655260/md5.o ${OBJECTDIR}/_ext/1439655260/memory.o ${OBJECTDIR}/_ext/1439655260/misc.o ${OBJECTDIR}/_ext/1439655260/pwdbased.o ${OBJECTDIR}/_ext/1439655260/rabbit.o ${OBJECTDIR}/_ext/1439655260/random.o ${OBJECTDIR}/_ext/1439655260/ripemd.o ${OBJECTDIR}/_ext/1439655260/rsa.o ${OBJECTDIR}/_ext/1439655260/sha.o ${OBJECTDIR}/_ext/1439655260/sha256.o ${OBJECTDIR}/_ext/1439655260/sha512.o ${OBJECTDIR}/_ext/1439655260/tfm.o ${OBJECTDIR}/_ext/1628556068/crypto.o ${OBJECTDIR}/_ext/1439655260/compress.o ${OBJECTDIR}/_ext/1439655260/camellia.o ${OBJECTDIR}/_ext/1439655260/port.o - -# Source Files -SOURCEFILES=../../src/crl.c ../../src/internal.c ../../src/io.c ../../src/keys.c ../../src/ocsp.c ../../src/sniffer.c ../../src/ssl.c ../../src/tls.c ../../ctaocrypt/src/aes.c ../../ctaocrypt/src/arc4.c ../../ctaocrypt/src/asm.c ../../ctaocrypt/src/asn.c ../../ctaocrypt/src/coding.c ../../ctaocrypt/src/des3.c ../../ctaocrypt/src/dh.c ../../ctaocrypt/src/dsa.c ../../ctaocrypt/src/ecc.c ../../ctaocrypt/src/ecc_fp.c ../../ctaocrypt/src/error.c ../../ctaocrypt/src/hc128.c ../../ctaocrypt/src/hmac.c ../../ctaocrypt/src/integer.c ../../ctaocrypt/src/logging.c ../../ctaocrypt/src/md2.c ../../ctaocrypt/src/md4.c ../../ctaocrypt/src/md5.c ../../ctaocrypt/src/memory.c ../../ctaocrypt/src/misc.c ../../ctaocrypt/src/pwdbased.c ../../ctaocrypt/src/rabbit.c ../../ctaocrypt/src/random.c ../../ctaocrypt/src/ripemd.c ../../ctaocrypt/src/rsa.c ../../ctaocrypt/src/sha.c ../../ctaocrypt/src/sha256.c ../../ctaocrypt/src/sha512.c ../../ctaocrypt/src/tfm.c ../../mcapi/crypto.c ../../ctaocrypt/src/compress.c ../../ctaocrypt/src/camellia.c ../../ctaocrypt/src/port.c - - -CFLAGS= -ASFLAGS= -LDLIBSOPTIONS= - -############# Tool locations ########################################## -# If you copy a project from one host to another, the path where the # -# compiler is installed may be different. # -# If you open this project with MPLAB X in the new host, this # -# makefile will be regenerated and the paths will be corrected. # -####################################################################### -# fixDeps replaces a bunch of sed/cat/printf statements that slow down the build -FIXDEPS=fixDeps - -.build-conf: ${BUILD_SUBPROJECTS} - ${MAKE} ${MAKE_OPTIONS} -f nbproject/Makefile-default.mk dist/${CND_CONF}/${IMAGE_TYPE}/cyassl.X.${OUTPUT_SUFFIX} - -MP_PROCESSOR_OPTION=32MZ2048ECM144 -MP_LINKER_FILE_OPTION= -# ------------------------------------------------------------------------------------ -# Rules for buildStep: assemble -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -else -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: assembleWithPreprocess -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -else -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: compile -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -${OBJECTDIR}/_ext/1445274692/crl.o: ../../src/crl.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/crl.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/crl.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/crl.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1445274692/crl.o.d" -o ${OBJECTDIR}/_ext/1445274692/crl.o ../../src/crl.c - -${OBJECTDIR}/_ext/1445274692/internal.o: ../../src/internal.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/internal.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/internal.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/internal.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1445274692/internal.o.d" -o ${OBJECTDIR}/_ext/1445274692/internal.o ../../src/internal.c - -${OBJECTDIR}/_ext/1445274692/io.o: ../../src/io.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/io.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/io.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/io.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1445274692/io.o.d" -o ${OBJECTDIR}/_ext/1445274692/io.o ../../src/io.c - -${OBJECTDIR}/_ext/1445274692/keys.o: ../../src/keys.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/keys.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/keys.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/keys.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1445274692/keys.o.d" -o ${OBJECTDIR}/_ext/1445274692/keys.o ../../src/keys.c - -${OBJECTDIR}/_ext/1445274692/ocsp.o: ../../src/ocsp.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/ocsp.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/ocsp.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/ocsp.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1445274692/ocsp.o.d" -o ${OBJECTDIR}/_ext/1445274692/ocsp.o ../../src/ocsp.c - -${OBJECTDIR}/_ext/1445274692/sniffer.o: ../../src/sniffer.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/sniffer.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/sniffer.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/sniffer.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1445274692/sniffer.o.d" -o ${OBJECTDIR}/_ext/1445274692/sniffer.o ../../src/sniffer.c - -${OBJECTDIR}/_ext/1445274692/ssl.o: ../../src/ssl.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/ssl.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/ssl.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/ssl.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1445274692/ssl.o.d" -o ${OBJECTDIR}/_ext/1445274692/ssl.o ../../src/ssl.c - -${OBJECTDIR}/_ext/1445274692/tls.o: ../../src/tls.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/tls.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/tls.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/tls.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1445274692/tls.o.d" -o ${OBJECTDIR}/_ext/1445274692/tls.o ../../src/tls.c - -${OBJECTDIR}/_ext/1439655260/aes.o: ../../ctaocrypt/src/aes.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/aes.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/aes.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/aes.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/aes.o.d" -o ${OBJECTDIR}/_ext/1439655260/aes.o ../../ctaocrypt/src/aes.c - -${OBJECTDIR}/_ext/1439655260/arc4.o: ../../ctaocrypt/src/arc4.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/arc4.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/arc4.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/arc4.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/arc4.o.d" -o ${OBJECTDIR}/_ext/1439655260/arc4.o ../../ctaocrypt/src/arc4.c - -${OBJECTDIR}/_ext/1439655260/asm.o: ../../ctaocrypt/src/asm.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/asm.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/asm.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/asm.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/asm.o.d" -o ${OBJECTDIR}/_ext/1439655260/asm.o ../../ctaocrypt/src/asm.c - -${OBJECTDIR}/_ext/1439655260/asn.o: ../../ctaocrypt/src/asn.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/asn.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/asn.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/asn.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/asn.o.d" -o ${OBJECTDIR}/_ext/1439655260/asn.o ../../ctaocrypt/src/asn.c - -${OBJECTDIR}/_ext/1439655260/coding.o: ../../ctaocrypt/src/coding.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/coding.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/coding.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/coding.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/coding.o.d" -o ${OBJECTDIR}/_ext/1439655260/coding.o ../../ctaocrypt/src/coding.c - -${OBJECTDIR}/_ext/1439655260/des3.o: ../../ctaocrypt/src/des3.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/des3.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/des3.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/des3.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/des3.o.d" -o ${OBJECTDIR}/_ext/1439655260/des3.o ../../ctaocrypt/src/des3.c - -${OBJECTDIR}/_ext/1439655260/dh.o: ../../ctaocrypt/src/dh.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/dh.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/dh.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/dh.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/dh.o.d" -o ${OBJECTDIR}/_ext/1439655260/dh.o ../../ctaocrypt/src/dh.c - -${OBJECTDIR}/_ext/1439655260/dsa.o: ../../ctaocrypt/src/dsa.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/dsa.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/dsa.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/dsa.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/dsa.o.d" -o ${OBJECTDIR}/_ext/1439655260/dsa.o ../../ctaocrypt/src/dsa.c - -${OBJECTDIR}/_ext/1439655260/ecc.o: ../../ctaocrypt/src/ecc.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/ecc.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/ecc.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/ecc.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/ecc.o.d" -o ${OBJECTDIR}/_ext/1439655260/ecc.o ../../ctaocrypt/src/ecc.c - -${OBJECTDIR}/_ext/1439655260/ecc_fp.o: ../../ctaocrypt/src/ecc_fp.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/ecc_fp.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/ecc_fp.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/ecc_fp.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/ecc_fp.o.d" -o ${OBJECTDIR}/_ext/1439655260/ecc_fp.o ../../ctaocrypt/src/ecc_fp.c - -${OBJECTDIR}/_ext/1439655260/error.o: ../../ctaocrypt/src/error.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/error.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/error.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/error.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/error.o.d" -o ${OBJECTDIR}/_ext/1439655260/error.o ../../ctaocrypt/src/error.c - -${OBJECTDIR}/_ext/1439655260/hc128.o: ../../ctaocrypt/src/hc128.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/hc128.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/hc128.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/hc128.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/hc128.o.d" -o ${OBJECTDIR}/_ext/1439655260/hc128.o ../../ctaocrypt/src/hc128.c - -${OBJECTDIR}/_ext/1439655260/hmac.o: ../../ctaocrypt/src/hmac.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/hmac.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/hmac.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/hmac.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/hmac.o.d" -o ${OBJECTDIR}/_ext/1439655260/hmac.o ../../ctaocrypt/src/hmac.c - -${OBJECTDIR}/_ext/1439655260/integer.o: ../../ctaocrypt/src/integer.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/integer.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/integer.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/integer.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/integer.o.d" -o ${OBJECTDIR}/_ext/1439655260/integer.o ../../ctaocrypt/src/integer.c - -${OBJECTDIR}/_ext/1439655260/logging.o: ../../ctaocrypt/src/logging.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/logging.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/logging.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/logging.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/logging.o.d" -o ${OBJECTDIR}/_ext/1439655260/logging.o ../../ctaocrypt/src/logging.c - -${OBJECTDIR}/_ext/1439655260/md2.o: ../../ctaocrypt/src/md2.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/md2.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/md2.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/md2.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/md2.o.d" -o ${OBJECTDIR}/_ext/1439655260/md2.o ../../ctaocrypt/src/md2.c - -${OBJECTDIR}/_ext/1439655260/md4.o: ../../ctaocrypt/src/md4.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/md4.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/md4.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/md4.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/md4.o.d" -o ${OBJECTDIR}/_ext/1439655260/md4.o ../../ctaocrypt/src/md4.c - -${OBJECTDIR}/_ext/1439655260/md5.o: ../../ctaocrypt/src/md5.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/md5.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/md5.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/md5.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/md5.o.d" -o ${OBJECTDIR}/_ext/1439655260/md5.o ../../ctaocrypt/src/md5.c - -${OBJECTDIR}/_ext/1439655260/memory.o: ../../ctaocrypt/src/memory.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/memory.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/memory.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/memory.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/memory.o.d" -o ${OBJECTDIR}/_ext/1439655260/memory.o ../../ctaocrypt/src/memory.c - -${OBJECTDIR}/_ext/1439655260/misc.o: ../../ctaocrypt/src/misc.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/misc.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/misc.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/misc.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/misc.o.d" -o ${OBJECTDIR}/_ext/1439655260/misc.o ../../ctaocrypt/src/misc.c - -${OBJECTDIR}/_ext/1439655260/pwdbased.o: ../../ctaocrypt/src/pwdbased.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/pwdbased.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/pwdbased.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/pwdbased.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/pwdbased.o.d" -o ${OBJECTDIR}/_ext/1439655260/pwdbased.o ../../ctaocrypt/src/pwdbased.c - -${OBJECTDIR}/_ext/1439655260/rabbit.o: ../../ctaocrypt/src/rabbit.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/rabbit.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/rabbit.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/rabbit.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/rabbit.o.d" -o ${OBJECTDIR}/_ext/1439655260/rabbit.o ../../ctaocrypt/src/rabbit.c - -${OBJECTDIR}/_ext/1439655260/random.o: ../../ctaocrypt/src/random.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/random.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/random.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/random.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/random.o.d" -o ${OBJECTDIR}/_ext/1439655260/random.o ../../ctaocrypt/src/random.c - -${OBJECTDIR}/_ext/1439655260/ripemd.o: ../../ctaocrypt/src/ripemd.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/ripemd.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/ripemd.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/ripemd.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/ripemd.o.d" -o ${OBJECTDIR}/_ext/1439655260/ripemd.o ../../ctaocrypt/src/ripemd.c - -${OBJECTDIR}/_ext/1439655260/rsa.o: ../../ctaocrypt/src/rsa.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/rsa.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/rsa.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/rsa.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/rsa.o.d" -o ${OBJECTDIR}/_ext/1439655260/rsa.o ../../ctaocrypt/src/rsa.c - -${OBJECTDIR}/_ext/1439655260/sha.o: ../../ctaocrypt/src/sha.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/sha.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/sha.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/sha.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/sha.o.d" -o ${OBJECTDIR}/_ext/1439655260/sha.o ../../ctaocrypt/src/sha.c - -${OBJECTDIR}/_ext/1439655260/sha256.o: ../../ctaocrypt/src/sha256.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/sha256.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/sha256.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/sha256.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/sha256.o.d" -o ${OBJECTDIR}/_ext/1439655260/sha256.o ../../ctaocrypt/src/sha256.c - -${OBJECTDIR}/_ext/1439655260/sha512.o: ../../ctaocrypt/src/sha512.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/sha512.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/sha512.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/sha512.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/sha512.o.d" -o ${OBJECTDIR}/_ext/1439655260/sha512.o ../../ctaocrypt/src/sha512.c - -${OBJECTDIR}/_ext/1439655260/tfm.o: ../../ctaocrypt/src/tfm.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/tfm.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/tfm.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/tfm.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/tfm.o.d" -o ${OBJECTDIR}/_ext/1439655260/tfm.o ../../ctaocrypt/src/tfm.c - -${OBJECTDIR}/_ext/1628556068/crypto.o: ../../mcapi/crypto.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1628556068 - @${RM} ${OBJECTDIR}/_ext/1628556068/crypto.o.d - @${RM} ${OBJECTDIR}/_ext/1628556068/crypto.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1628556068/crypto.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1628556068/crypto.o.d" -o ${OBJECTDIR}/_ext/1628556068/crypto.o ../../mcapi/crypto.c - -${OBJECTDIR}/_ext/1439655260/compress.o: ../../ctaocrypt/src/compress.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/compress.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/compress.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/compress.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/compress.o.d" -o ${OBJECTDIR}/_ext/1439655260/compress.o ../../ctaocrypt/src/compress.c - -${OBJECTDIR}/_ext/1439655260/camellia.o: ../../ctaocrypt/src/camellia.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/camellia.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/camellia.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/camellia.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/camellia.o.d" -o ${OBJECTDIR}/_ext/1439655260/camellia.o ../../ctaocrypt/src/camellia.c - -${OBJECTDIR}/_ext/1439655260/port.o: ../../ctaocrypt/src/port.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/port.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/port.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/port.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/port.o.d" -o ${OBJECTDIR}/_ext/1439655260/port.o ../../ctaocrypt/src/port.c - -else -${OBJECTDIR}/_ext/1445274692/crl.o: ../../src/crl.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/crl.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/crl.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/crl.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1445274692/crl.o.d" -o ${OBJECTDIR}/_ext/1445274692/crl.o ../../src/crl.c - -${OBJECTDIR}/_ext/1445274692/internal.o: ../../src/internal.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/internal.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/internal.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/internal.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1445274692/internal.o.d" -o ${OBJECTDIR}/_ext/1445274692/internal.o ../../src/internal.c - -${OBJECTDIR}/_ext/1445274692/io.o: ../../src/io.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/io.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/io.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/io.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1445274692/io.o.d" -o ${OBJECTDIR}/_ext/1445274692/io.o ../../src/io.c - -${OBJECTDIR}/_ext/1445274692/keys.o: ../../src/keys.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/keys.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/keys.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/keys.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1445274692/keys.o.d" -o ${OBJECTDIR}/_ext/1445274692/keys.o ../../src/keys.c - -${OBJECTDIR}/_ext/1445274692/ocsp.o: ../../src/ocsp.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/ocsp.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/ocsp.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/ocsp.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1445274692/ocsp.o.d" -o ${OBJECTDIR}/_ext/1445274692/ocsp.o ../../src/ocsp.c - -${OBJECTDIR}/_ext/1445274692/sniffer.o: ../../src/sniffer.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/sniffer.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/sniffer.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/sniffer.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1445274692/sniffer.o.d" -o ${OBJECTDIR}/_ext/1445274692/sniffer.o ../../src/sniffer.c - -${OBJECTDIR}/_ext/1445274692/ssl.o: ../../src/ssl.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/ssl.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/ssl.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/ssl.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1445274692/ssl.o.d" -o ${OBJECTDIR}/_ext/1445274692/ssl.o ../../src/ssl.c - -${OBJECTDIR}/_ext/1445274692/tls.o: ../../src/tls.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/tls.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/tls.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/tls.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1445274692/tls.o.d" -o ${OBJECTDIR}/_ext/1445274692/tls.o ../../src/tls.c - -${OBJECTDIR}/_ext/1439655260/aes.o: ../../ctaocrypt/src/aes.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/aes.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/aes.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/aes.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/aes.o.d" -o ${OBJECTDIR}/_ext/1439655260/aes.o ../../ctaocrypt/src/aes.c - -${OBJECTDIR}/_ext/1439655260/arc4.o: ../../ctaocrypt/src/arc4.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/arc4.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/arc4.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/arc4.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/arc4.o.d" -o ${OBJECTDIR}/_ext/1439655260/arc4.o ../../ctaocrypt/src/arc4.c - -${OBJECTDIR}/_ext/1439655260/asm.o: ../../ctaocrypt/src/asm.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/asm.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/asm.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/asm.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/asm.o.d" -o ${OBJECTDIR}/_ext/1439655260/asm.o ../../ctaocrypt/src/asm.c - -${OBJECTDIR}/_ext/1439655260/asn.o: ../../ctaocrypt/src/asn.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/asn.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/asn.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/asn.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/asn.o.d" -o ${OBJECTDIR}/_ext/1439655260/asn.o ../../ctaocrypt/src/asn.c - -${OBJECTDIR}/_ext/1439655260/coding.o: ../../ctaocrypt/src/coding.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/coding.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/coding.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/coding.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/coding.o.d" -o ${OBJECTDIR}/_ext/1439655260/coding.o ../../ctaocrypt/src/coding.c - -${OBJECTDIR}/_ext/1439655260/des3.o: ../../ctaocrypt/src/des3.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/des3.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/des3.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/des3.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/des3.o.d" -o ${OBJECTDIR}/_ext/1439655260/des3.o ../../ctaocrypt/src/des3.c - -${OBJECTDIR}/_ext/1439655260/dh.o: ../../ctaocrypt/src/dh.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/dh.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/dh.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/dh.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/dh.o.d" -o ${OBJECTDIR}/_ext/1439655260/dh.o ../../ctaocrypt/src/dh.c - -${OBJECTDIR}/_ext/1439655260/dsa.o: ../../ctaocrypt/src/dsa.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/dsa.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/dsa.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/dsa.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/dsa.o.d" -o ${OBJECTDIR}/_ext/1439655260/dsa.o ../../ctaocrypt/src/dsa.c - -${OBJECTDIR}/_ext/1439655260/ecc.o: ../../ctaocrypt/src/ecc.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/ecc.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/ecc.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/ecc.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/ecc.o.d" -o ${OBJECTDIR}/_ext/1439655260/ecc.o ../../ctaocrypt/src/ecc.c - -${OBJECTDIR}/_ext/1439655260/ecc_fp.o: ../../ctaocrypt/src/ecc_fp.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/ecc_fp.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/ecc_fp.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/ecc_fp.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/ecc_fp.o.d" -o ${OBJECTDIR}/_ext/1439655260/ecc_fp.o ../../ctaocrypt/src/ecc_fp.c - -${OBJECTDIR}/_ext/1439655260/error.o: ../../ctaocrypt/src/error.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/error.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/error.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/error.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/error.o.d" -o ${OBJECTDIR}/_ext/1439655260/error.o ../../ctaocrypt/src/error.c - -${OBJECTDIR}/_ext/1439655260/hc128.o: ../../ctaocrypt/src/hc128.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/hc128.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/hc128.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/hc128.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/hc128.o.d" -o ${OBJECTDIR}/_ext/1439655260/hc128.o ../../ctaocrypt/src/hc128.c - -${OBJECTDIR}/_ext/1439655260/hmac.o: ../../ctaocrypt/src/hmac.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/hmac.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/hmac.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/hmac.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/hmac.o.d" -o ${OBJECTDIR}/_ext/1439655260/hmac.o ../../ctaocrypt/src/hmac.c - -${OBJECTDIR}/_ext/1439655260/integer.o: ../../ctaocrypt/src/integer.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/integer.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/integer.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/integer.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/integer.o.d" -o ${OBJECTDIR}/_ext/1439655260/integer.o ../../ctaocrypt/src/integer.c - -${OBJECTDIR}/_ext/1439655260/logging.o: ../../ctaocrypt/src/logging.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/logging.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/logging.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/logging.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/logging.o.d" -o ${OBJECTDIR}/_ext/1439655260/logging.o ../../ctaocrypt/src/logging.c - -${OBJECTDIR}/_ext/1439655260/md2.o: ../../ctaocrypt/src/md2.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/md2.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/md2.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/md2.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/md2.o.d" -o ${OBJECTDIR}/_ext/1439655260/md2.o ../../ctaocrypt/src/md2.c - -${OBJECTDIR}/_ext/1439655260/md4.o: ../../ctaocrypt/src/md4.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/md4.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/md4.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/md4.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/md4.o.d" -o ${OBJECTDIR}/_ext/1439655260/md4.o ../../ctaocrypt/src/md4.c - -${OBJECTDIR}/_ext/1439655260/md5.o: ../../ctaocrypt/src/md5.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/md5.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/md5.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/md5.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/md5.o.d" -o ${OBJECTDIR}/_ext/1439655260/md5.o ../../ctaocrypt/src/md5.c - -${OBJECTDIR}/_ext/1439655260/memory.o: ../../ctaocrypt/src/memory.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/memory.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/memory.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/memory.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/memory.o.d" -o ${OBJECTDIR}/_ext/1439655260/memory.o ../../ctaocrypt/src/memory.c - -${OBJECTDIR}/_ext/1439655260/misc.o: ../../ctaocrypt/src/misc.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/misc.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/misc.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/misc.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/misc.o.d" -o ${OBJECTDIR}/_ext/1439655260/misc.o ../../ctaocrypt/src/misc.c - -${OBJECTDIR}/_ext/1439655260/pwdbased.o: ../../ctaocrypt/src/pwdbased.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/pwdbased.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/pwdbased.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/pwdbased.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/pwdbased.o.d" -o ${OBJECTDIR}/_ext/1439655260/pwdbased.o ../../ctaocrypt/src/pwdbased.c - -${OBJECTDIR}/_ext/1439655260/rabbit.o: ../../ctaocrypt/src/rabbit.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/rabbit.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/rabbit.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/rabbit.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/rabbit.o.d" -o ${OBJECTDIR}/_ext/1439655260/rabbit.o ../../ctaocrypt/src/rabbit.c - -${OBJECTDIR}/_ext/1439655260/random.o: ../../ctaocrypt/src/random.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/random.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/random.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/random.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/random.o.d" -o ${OBJECTDIR}/_ext/1439655260/random.o ../../ctaocrypt/src/random.c - -${OBJECTDIR}/_ext/1439655260/ripemd.o: ../../ctaocrypt/src/ripemd.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/ripemd.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/ripemd.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/ripemd.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/ripemd.o.d" -o ${OBJECTDIR}/_ext/1439655260/ripemd.o ../../ctaocrypt/src/ripemd.c - -${OBJECTDIR}/_ext/1439655260/rsa.o: ../../ctaocrypt/src/rsa.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/rsa.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/rsa.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/rsa.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/rsa.o.d" -o ${OBJECTDIR}/_ext/1439655260/rsa.o ../../ctaocrypt/src/rsa.c - -${OBJECTDIR}/_ext/1439655260/sha.o: ../../ctaocrypt/src/sha.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/sha.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/sha.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/sha.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/sha.o.d" -o ${OBJECTDIR}/_ext/1439655260/sha.o ../../ctaocrypt/src/sha.c - -${OBJECTDIR}/_ext/1439655260/sha256.o: ../../ctaocrypt/src/sha256.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/sha256.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/sha256.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/sha256.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/sha256.o.d" -o ${OBJECTDIR}/_ext/1439655260/sha256.o ../../ctaocrypt/src/sha256.c - -${OBJECTDIR}/_ext/1439655260/sha512.o: ../../ctaocrypt/src/sha512.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/sha512.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/sha512.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/sha512.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/sha512.o.d" -o ${OBJECTDIR}/_ext/1439655260/sha512.o ../../ctaocrypt/src/sha512.c - -${OBJECTDIR}/_ext/1439655260/tfm.o: ../../ctaocrypt/src/tfm.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/tfm.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/tfm.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/tfm.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/tfm.o.d" -o ${OBJECTDIR}/_ext/1439655260/tfm.o ../../ctaocrypt/src/tfm.c - -${OBJECTDIR}/_ext/1628556068/crypto.o: ../../mcapi/crypto.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1628556068 - @${RM} ${OBJECTDIR}/_ext/1628556068/crypto.o.d - @${RM} ${OBJECTDIR}/_ext/1628556068/crypto.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1628556068/crypto.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1628556068/crypto.o.d" -o ${OBJECTDIR}/_ext/1628556068/crypto.o ../../mcapi/crypto.c - -${OBJECTDIR}/_ext/1439655260/compress.o: ../../ctaocrypt/src/compress.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/compress.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/compress.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/compress.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/compress.o.d" -o ${OBJECTDIR}/_ext/1439655260/compress.o ../../ctaocrypt/src/compress.c - -${OBJECTDIR}/_ext/1439655260/camellia.o: ../../ctaocrypt/src/camellia.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/camellia.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/camellia.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/camellia.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/camellia.o.d" -o ${OBJECTDIR}/_ext/1439655260/camellia.o ../../ctaocrypt/src/camellia.c - -${OBJECTDIR}/_ext/1439655260/port.o: ../../ctaocrypt/src/port.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/port.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/port.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/port.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DHAVE_ECC -DHAVE_LIBZ -DHAVE_MCAPI -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../../mcapi" -I"../../zlib-1.2.7" -I"/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/1439655260/port.o.d" -o ${OBJECTDIR}/_ext/1439655260/port.o ../../ctaocrypt/src/port.c - -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: compileCPP -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -else -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: archive -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -dist/${CND_CONF}/${IMAGE_TYPE}/cyassl.X.${OUTPUT_SUFFIX}: ${OBJECTFILES} nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} dist/${CND_CONF}/${IMAGE_TYPE} - ${MP_AR} $(MP_EXTRA_AR_PRE) r dist/${CND_CONF}/${IMAGE_TYPE}/cyassl.X.${OUTPUT_SUFFIX} ${OBJECTFILES_QUOTED_IF_SPACED} -else -dist/${CND_CONF}/${IMAGE_TYPE}/cyassl.X.${OUTPUT_SUFFIX}: ${OBJECTFILES} nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} dist/${CND_CONF}/${IMAGE_TYPE} - ${MP_AR} $(MP_EXTRA_AR_PRE) r dist/${CND_CONF}/${IMAGE_TYPE}/cyassl.X.${OUTPUT_SUFFIX} ${OBJECTFILES_QUOTED_IF_SPACED} -endif - - -# Subprojects -.build-subprojects: - - -# Subprojects -.clean-subprojects: - -# Clean Targets -.clean-conf: ${CLEAN_SUBPROJECTS} - ${RM} -r build/default - ${RM} -r dist/default - -# Enable dependency checking -.dep.inc: .depcheck-impl - -DEPFILES=$(shell mplabwildcard ${POSSIBLE_DEPFILES}) -ifneq (${DEPFILES},) -include ${DEPFILES} -endif diff --git a/mcapi/cyassl.X/nbproject/Makefile-genesis.properties b/mcapi/cyassl.X/nbproject/Makefile-genesis.properties deleted file mode 100644 index 028a18887..000000000 --- a/mcapi/cyassl.X/nbproject/Makefile-genesis.properties +++ /dev/null @@ -1,8 +0,0 @@ -# -#Mon Nov 11 09:26:33 JST 2013 -default.com-microchip-mplab-nbide-toolchainXC32-XC32LanguageToolchain.md5=cd6a1e93a26f632c22d91cbbe4deaf2c -default.languagetoolchain.dir=C\:\\Program Files (x86)\\Microchip\\xc32\\v1.30\\bin -com-microchip-mplab-nbide-embedded-makeproject-MakeProject.md5=43bd1633f14a944b6e95abd1333fdfc3 -default.languagetoolchain.version=1.30 -host.platform=windows -conf.ids=default diff --git a/mcapi/cyassl.X/nbproject/Makefile-impl.mk b/mcapi/cyassl.X/nbproject/Makefile-impl.mk deleted file mode 100644 index 6f20c0abd..000000000 --- a/mcapi/cyassl.X/nbproject/Makefile-impl.mk +++ /dev/null @@ -1,69 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# Edit the Makefile in the project folder instead (../Makefile). Each target -# has a pre- and a post- target defined where you can add customization code. -# -# This makefile implements macros and targets common to all configurations. -# -# NOCDDL - - -# Building and Cleaning subprojects are done by default, but can be controlled with the SUB -# macro. If SUB=no, subprojects will not be built or cleaned. The following macro -# statements set BUILD_SUB-CONF and CLEAN_SUB-CONF to .build-reqprojects-conf -# and .clean-reqprojects-conf unless SUB has the value 'no' -SUB_no=NO -SUBPROJECTS=${SUB_${SUB}} -BUILD_SUBPROJECTS_=.build-subprojects -BUILD_SUBPROJECTS_NO= -BUILD_SUBPROJECTS=${BUILD_SUBPROJECTS_${SUBPROJECTS}} -CLEAN_SUBPROJECTS_=.clean-subprojects -CLEAN_SUBPROJECTS_NO= -CLEAN_SUBPROJECTS=${CLEAN_SUBPROJECTS_${SUBPROJECTS}} - - -# Project Name -PROJECTNAME=cyassl.X - -# Active Configuration -DEFAULTCONF=default -CONF=${DEFAULTCONF} - -# All Configurations -ALLCONFS=default - - -# build -.build-impl: .build-pre - ${MAKE} -f nbproject/Makefile-${CONF}.mk SUBPROJECTS=${SUBPROJECTS} .build-conf - - -# clean -.clean-impl: .clean-pre - ${MAKE} -f nbproject/Makefile-${CONF}.mk SUBPROJECTS=${SUBPROJECTS} .clean-conf - -# clobber -.clobber-impl: .clobber-pre .depcheck-impl - ${MAKE} SUBPROJECTS=${SUBPROJECTS} CONF=default clean - - - -# all -.all-impl: .all-pre .depcheck-impl - ${MAKE} SUBPROJECTS=${SUBPROJECTS} CONF=default build - - - -# dependency checking support -.depcheck-impl: -# @echo "# This code depends on make tool being used" >.dep.inc -# @if [ -n "${MAKE_VERSION}" ]; then \ -# echo "DEPFILES=\$$(wildcard \$$(addsuffix .d, \$${OBJECTFILES}))" >>.dep.inc; \ -# echo "ifneq (\$${DEPFILES},)" >>.dep.inc; \ -# echo "include \$${DEPFILES}" >>.dep.inc; \ -# echo "endif" >>.dep.inc; \ -# else \ -# echo ".KEEP_STATE:" >>.dep.inc; \ -# echo ".KEEP_STATE_FILE:.make.state.\$${CONF}" >>.dep.inc; \ -# fi diff --git a/mcapi/cyassl.X/nbproject/Makefile-local-default.mk b/mcapi/cyassl.X/nbproject/Makefile-local-default.mk deleted file mode 100644 index 3350f874d..000000000 --- a/mcapi/cyassl.X/nbproject/Makefile-local-default.mk +++ /dev/null @@ -1,37 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# -# This file contains information about the location of compilers and other tools. -# If you commmit this file into your revision control server, you will be able to -# to checkout the project and build it from the command line with make. However, -# if more than one person works on the same project, then this file might show -# conflicts since different users are bound to have compilers in different places. -# In that case you might choose to not commit this file and let MPLAB X recreate this file -# for each user. The disadvantage of not commiting this file is that you must run MPLAB X at -# least once so the file gets created and the project can be built. Finally, you can also -# avoid using this file at all if you are only building from the command line with make. -# You can invoke make with the values of the macros: -# $ makeMP_CC="/opt/microchip/mplabc30/v3.30c/bin/pic30-gcc" ... -# -SHELL=cmd.exe -PATH_TO_IDE_BIN=C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/ -# Adding MPLAB X bin directory to path. -PATH:=C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/:$(PATH) -# Path to java used to run MPLAB X when this makefile was created -MP_JAVA_PATH="C:\Program Files (x86)\Microchip\MPLABX-v1.95.RC3\sys\java\jre1.7.0_25-windows-x64\java-windows/bin/" -OS_CURRENT="$(shell uname -s)" -MP_CC="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-gcc.exe" -MP_CPPC="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-g++.exe" -# MP_BC is not defined -MP_AS="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-as.exe" -MP_LD="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-ld.exe" -MP_AR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-ar.exe" -DEP_GEN=${MP_JAVA_PATH}java -jar "C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/extractobjectdependencies.jar" -MP_CC_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -MP_CPPC_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -# MP_BC_DIR is not defined -MP_AS_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -MP_LD_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -MP_AR_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -# MP_BC_DIR is not defined diff --git a/mcapi/cyassl.X/nbproject/Makefile-variables.mk b/mcapi/cyassl.X/nbproject/Makefile-variables.mk deleted file mode 100644 index b480b107d..000000000 --- a/mcapi/cyassl.X/nbproject/Makefile-variables.mk +++ /dev/null @@ -1,13 +0,0 @@ -# -# Generated - do not edit! -# -# NOCDDL -# -CND_BASEDIR=`pwd` -# default configuration -CND_ARTIFACT_DIR_default=dist/default/production -CND_ARTIFACT_NAME_default=cyassl.X.a -CND_ARTIFACT_PATH_default=dist/default/production/cyassl.X.a -CND_PACKAGE_DIR_default=${CND_DISTDIR}/default/package -CND_PACKAGE_NAME_default=cyassl.X.tar -CND_PACKAGE_PATH_default=${CND_DISTDIR}/default/package/cyassl.X.tar diff --git a/mcapi/cyassl.X/nbproject/Package-default.bash b/mcapi/cyassl.X/nbproject/Package-default.bash deleted file mode 100644 index baae5e998..000000000 --- a/mcapi/cyassl.X/nbproject/Package-default.bash +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash -x - -# -# Generated - do not edit! -# - -# Macros -TOP=`pwd` -CND_CONF=default -CND_DISTDIR=dist -TMPDIR=build/${CND_CONF}/${IMAGE_TYPE}/tmp-packaging -TMPDIRNAME=tmp-packaging -OUTPUT_PATH=dist/${CND_CONF}/${IMAGE_TYPE}/cyassl.X.${OUTPUT_SUFFIX} -OUTPUT_BASENAME=cyassl.X.${OUTPUT_SUFFIX} -PACKAGE_TOP_DIR=cyassl.X/ - -# Functions -function checkReturnCode -{ - rc=$? - if [ $rc != 0 ] - then - exit $rc - fi -} -function makeDirectory -# $1 directory path -# $2 permission (optional) -{ - mkdir -p "$1" - checkReturnCode - if [ "$2" != "" ] - then - chmod $2 "$1" - checkReturnCode - fi -} -function copyFileToTmpDir -# $1 from-file path -# $2 to-file path -# $3 permission -{ - cp "$1" "$2" - checkReturnCode - if [ "$3" != "" ] - then - chmod $3 "$2" - checkReturnCode - fi -} - -# Setup -cd "${TOP}" -mkdir -p ${CND_DISTDIR}/${CND_CONF}/package -rm -rf ${TMPDIR} -mkdir -p ${TMPDIR} - -# Copy files and create directories and links -cd "${TOP}" -makeDirectory ${TMPDIR}/cyassl.X/lib -copyFileToTmpDir "${OUTPUT_PATH}" "${TMPDIR}/${PACKAGE_TOP_DIR}lib/${OUTPUT_BASENAME}" 0644 - - -# Generate tar file -cd "${TOP}" -rm -f ${CND_DISTDIR}/${CND_CONF}/package/cyassl.X.tar -cd ${TMPDIR} -tar -vcf ../../../../${CND_DISTDIR}/${CND_CONF}/package/cyassl.X.tar * -checkReturnCode - -# Cleanup -cd "${TOP}" -rm -rf ${TMPDIR} diff --git a/mcapi/cyassl.X/nbproject/private/private.xml b/mcapi/cyassl.X/nbproject/private/private.xml deleted file mode 100644 index 29311904a..000000000 --- a/mcapi/cyassl.X/nbproject/private/private.xml +++ /dev/null @@ -1,6 +0,0 @@ - - - file:/C:/ROOT/CyaSSL-Release/PIC32MZ/cyassl/ctaocrypt/src/sha256.c - file:/C:/ROOT/CyaSSL-Release/PIC32MZ/cyassl/ctaocrypt/src/tfm.c - - diff --git a/mcapi/test.c b/mcapi/test.c deleted file mode 100644 index 40de58bc0..000000000 --- a/mcapi/test.c +++ /dev/null @@ -1,1361 +0,0 @@ -/* test.c - * - * Copyright (C) 2006-2013 wolfSSL Inc. - * - * This file is part of CyaSSL. - * - * CyaSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * CyaSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - - -/* Tests Microchip CRYPTO API layer */ - - - -/* mc api header */ -#include "crypto.h" - -#include - -/* sanity test against our default implementation, cyassl headers */ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#define USE_CERT_BUFFERS_1024 -#include - -/* c stdlib headers */ -#include - -/* pic32 specific */ -#ifdef MICROCHIP_PIC32 - #define PIC32_STARTER_KIT - #include - #include -#endif - -#define OUR_DATA_SIZE 1024 -static byte ourData[OUR_DATA_SIZE]; -static byte* key = NULL; -static byte* iv = NULL; -static CRYPT_RNG_CTX mcRng; -static RNG defRng; - -static int check_md5(void); -static int check_sha(void); -static int check_sha256(void); -static int check_sha384(void); -static int check_sha512(void); -static int check_hmac(void); -static int check_compress(void); -static int check_rng(void); -static int check_des3(void); -static int check_aescbc(void); -static int check_aesctr(void); -static int check_aesdirect(void); -static int check_rsa(void); -static int check_ecc(void); - - -int main(int argc, char** argv) -{ - int ret; - int i; - - (void)argc; - (void)argv; - -#ifdef MICROCHIP_PIC32 - SYSTEMConfigPerformance(80000000); - DBINIT(); -#endif - - /* align key, iv pointers */ - key = (byte*)XMALLOC(32, NULL, DYNAMIC_TYPE_KEY); - if (key == NULL) { - printf("mcapi key alloc failed\n"); - return -1; - } - - iv = (byte*)XMALLOC(16, NULL, DYNAMIC_TYPE_KEY); - if (iv == NULL) { - printf("mcapi iv alloc failed\n"); - return -1; - } - - for (i = 0; i < OUR_DATA_SIZE; i++) - ourData[i] = (byte)i; - - ret = check_md5(); - if (ret != 0) { - printf("mcapi check_md5 failed\n"); - return -1; - } - - ret = check_sha(); - if (ret != 0) { - printf("mcapi check_sha failed\n"); - return -1; - } - - ret = check_sha256(); - if (ret != 0) { - printf("mcapi check_sha256 failed\n"); - return -1; - } - - ret = check_sha384(); - if (ret != 0) { - printf("mcapi check_sha384 failed\n"); - return -1; - } - - ret = check_sha512(); - if (ret != 0) { - printf("mcapi check_sha512 failed\n"); - return -1; - } - - ret = check_hmac(); - if (ret != 0) { - printf("mcapi check_hmac failed\n"); - return -1; - } - - ret = check_compress(); - if (ret != 0) { - printf("mcapi check_compress failed\n"); - return -1; - } - - ret = check_rng(); - if (ret != 0) { - printf("mcapi check_rng failed\n"); - return -1; - } - - ret = check_des3(); - if (ret != 0) { - printf("mcapi check_des3 failed\n"); - return -1; - } - - ret = check_aescbc(); - if (ret != 0) { - printf("mcapi check_aes cbc failed\n"); - return -1; - } - - ret = check_aesctr(); - if (ret != 0) { - printf("mcapi check_aes ctr failed\n"); - return -1; - } - - ret = check_aesdirect(); - if (ret != 0) { - printf("mcapi check_aes direct failed\n"); - return -1; - } - - ret = check_rsa(); - if (ret != 0) { - printf("mcapi check_rsa failed\n"); - return -1; - } - - ret = check_ecc(); - if (ret != 0) { - printf("mcapi check_ecc failed\n"); - return -1; - } - - XFREE(iv, NULL, DYNAMIC_TYPE_KEY); - XFREE(key, NULL, DYNAMIC_TYPE_KEY); - - return 0; -} - - -/* check mcapi md5 against internal */ -static int check_md5(void) -{ - CRYPT_MD5_CTX mcMd5; - Md5 defMd5; - byte mcDigest[CRYPT_MD5_DIGEST_SIZE]; - byte defDigest[MD5_DIGEST_SIZE]; - - CRYPT_MD5_Initialize(&mcMd5); - InitMd5(&defMd5); - - CRYPT_MD5_DataAdd(&mcMd5, ourData, OUR_DATA_SIZE); - Md5Update(&defMd5, ourData, OUR_DATA_SIZE); - - CRYPT_MD5_Finalize(&mcMd5, mcDigest); - Md5Final(&defMd5, defDigest); - - if (memcmp(mcDigest, defDigest, CRYPT_MD5_DIGEST_SIZE) != 0) { - printf("md5 final memcmp fialed\n"); - return -1; - } - printf("md5 mcapi test passed\n"); - - return 0; -} - - -/* check mcapi sha against internal */ -static int check_sha(void) -{ - CRYPT_SHA_CTX mcSha; - Sha defSha; - byte mcDigest[CRYPT_SHA_DIGEST_SIZE]; - byte defDigest[SHA_DIGEST_SIZE]; - - CRYPT_SHA_Initialize(&mcSha); - InitSha(&defSha); - - CRYPT_SHA_DataAdd(&mcSha, ourData, OUR_DATA_SIZE); - ShaUpdate(&defSha, ourData, OUR_DATA_SIZE); - - CRYPT_SHA_Finalize(&mcSha, mcDigest); - ShaFinal(&defSha, defDigest); - - if (memcmp(mcDigest, defDigest, CRYPT_SHA_DIGEST_SIZE) != 0) { - printf("sha final memcmp fialed\n"); - return -1; - } - printf("sha mcapi test passed\n"); - - return 0; -} - - -/* check mcapi sha256 against internal */ -static int check_sha256(void) -{ - CRYPT_SHA256_CTX mcSha256; - Sha256 defSha256; - byte mcDigest[CRYPT_SHA256_DIGEST_SIZE]; - byte defDigest[SHA256_DIGEST_SIZE]; - - CRYPT_SHA256_Initialize(&mcSha256); - InitSha256(&defSha256); - - CRYPT_SHA256_DataAdd(&mcSha256, ourData, OUR_DATA_SIZE); - Sha256Update(&defSha256, ourData, OUR_DATA_SIZE); - - CRYPT_SHA256_Finalize(&mcSha256, mcDigest); - Sha256Final(&defSha256, defDigest); - - if (memcmp(mcDigest, defDigest, CRYPT_SHA256_DIGEST_SIZE) != 0) { - printf("sha256 final memcmp fialed\n"); - return -1; - } - printf("sha256 mcapi test passed\n"); - - return 0; -} - - -/* check mcapi sha384 against internal */ -static int check_sha384(void) -{ - CRYPT_SHA384_CTX mcSha384; - Sha384 defSha384; - byte mcDigest[CRYPT_SHA384_DIGEST_SIZE]; - byte defDigest[SHA384_DIGEST_SIZE]; - - CRYPT_SHA384_Initialize(&mcSha384); - InitSha384(&defSha384); - - CRYPT_SHA384_DataAdd(&mcSha384, ourData, OUR_DATA_SIZE); - Sha384Update(&defSha384, ourData, OUR_DATA_SIZE); - - CRYPT_SHA384_Finalize(&mcSha384, mcDigest); - Sha384Final(&defSha384, defDigest); - - if (memcmp(mcDigest, defDigest, CRYPT_SHA384_DIGEST_SIZE) != 0) { - printf("sha384 final memcmp fialed\n"); - return -1; - } - printf("sha384 mcapi test passed\n"); - - return 0; -} - - -/* check mcapi sha512 against internal */ -static int check_sha512(void) -{ - CRYPT_SHA512_CTX mcSha512; - Sha512 defSha512; - byte mcDigest[CRYPT_SHA512_DIGEST_SIZE]; - byte defDigest[SHA512_DIGEST_SIZE]; - - CRYPT_SHA512_Initialize(&mcSha512); - InitSha512(&defSha512); - - CRYPT_SHA512_DataAdd(&mcSha512, ourData, OUR_DATA_SIZE); - Sha512Update(&defSha512, ourData, OUR_DATA_SIZE); - - CRYPT_SHA512_Finalize(&mcSha512, mcDigest); - Sha512Final(&defSha512, defDigest); - - if (memcmp(mcDigest, defDigest, CRYPT_SHA512_DIGEST_SIZE) != 0) { - printf("sha512 final memcmp fialed\n"); - return -1; - } - printf("sha512 mcapi test passed\n"); - - return 0; -} - - -/* check mcapi hmac against internal */ -static int check_hmac(void) -{ - CRYPT_HMAC_CTX mcHmac; - Hmac defHmac; - byte mcDigest[CRYPT_SHA512_DIGEST_SIZE]; - byte defDigest[SHA512_DIGEST_SIZE]; - - strncpy((char*)key, "Jefe", 4); - - /* SHA1 */ - CRYPT_HMAC_SetKey(&mcHmac, CRYPT_HMAC_SHA, key, 4); - HmacSetKey(&defHmac, SHA, key, 4); - - CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE); - HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE); - - CRYPT_HMAC_Finalize(&mcHmac, mcDigest); - HmacFinal(&defHmac, defDigest); - - if (memcmp(mcDigest, defDigest, CRYPT_SHA_DIGEST_SIZE) != 0) { - printf("hmac sha final memcmp fialed\n"); - return -1; - } - printf("hmac sha mcapi test passed\n"); - - /* SHA-256 */ - CRYPT_HMAC_SetKey(&mcHmac, CRYPT_HMAC_SHA256, key, 4); - HmacSetKey(&defHmac, SHA256, key, 4); - - CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE); - HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE); - - CRYPT_HMAC_Finalize(&mcHmac, mcDigest); - HmacFinal(&defHmac, defDigest); - - if (memcmp(mcDigest, defDigest, CRYPT_SHA256_DIGEST_SIZE) != 0) { - printf("hmac sha256 final memcmp fialed\n"); - return -1; - } - printf("hmac sha256 mcapi test passed\n"); - - /* SHA-384 */ - CRYPT_HMAC_SetKey(&mcHmac, CRYPT_HMAC_SHA384, key, 4); - HmacSetKey(&defHmac, SHA384, key, 4); - - CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE); - HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE); - - CRYPT_HMAC_Finalize(&mcHmac, mcDigest); - HmacFinal(&defHmac, defDigest); - - if (memcmp(mcDigest, defDigest, CRYPT_SHA384_DIGEST_SIZE) != 0) { - printf("hmac sha384 final memcmp fialed\n"); - return -1; - } - printf("hmac sha384 mcapi test passed\n"); - - /* SHA-512 */ - CRYPT_HMAC_SetKey(&mcHmac, CRYPT_HMAC_SHA512, key, 4); - HmacSetKey(&defHmac, SHA512, key, 4); - - CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE); - HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE); - - CRYPT_HMAC_Finalize(&mcHmac, mcDigest); - HmacFinal(&defHmac, defDigest); - - if (memcmp(mcDigest, defDigest, CRYPT_SHA512_DIGEST_SIZE) != 0) { - printf("hmac sha512 final memcmp fialed\n"); - return -1; - } - printf("hmac sha512 mcapi test passed\n"); - - return 0; -} - - -/* check mcapi compress against internal */ -static int check_compress(void) -{ - const unsigned char text[] = - "Biodiesel cupidatat marfa, cliche aute put a bird on it incididunt elit\n" - "polaroid. Sunt tattooed bespoke reprehenderit. Sint twee organic id\n" - "marfa. Commodo veniam ad esse gastropub. 3 wolf moon sartorial vero,\n" - "plaid delectus biodiesel squid +1 vice. Post-ironic keffiyeh leggings\n" - "selfies cray fap hoodie, forage anim. Carles cupidatat shoreditch, VHS\n" - "small batch meggings kogi dolore food truck bespoke gastropub.\n" - "\n" - "Terry richardson adipisicing actually typewriter tumblr, twee whatever\n" - "four loko you probably haven't heard of them high life. Messenger bag\n" - "whatever tattooed deep v mlkshk. Brooklyn pinterest assumenda chillwave\n" - "et, banksy ullamco messenger bag umami pariatur direct trade forage.\n" - "Typewriter culpa try-hard, pariatur sint brooklyn meggings. Gentrify\n" - "food truck next level, tousled irony non semiotics PBR ethical anim cred\n" - "readymade. Mumblecore brunch lomo odd future, portland organic terry\n" - "four loko whatever street art yr farm-to-table.\n"; - - unsigned int inSz = sizeof(text); - unsigned int outSz; - unsigned char cBuffer[1024]; - unsigned char dBuffer[1024]; - - int ret1, ret2; - - /* dynamic */ - ret1 = CRYPT_HUFFMAN_Compress(cBuffer, sizeof(cBuffer), text, inSz, 0); - ret2 = Compress(dBuffer, sizeof(dBuffer), text, inSz, 0); - - if (ret1 != ret2 || ret1 < 0) { - printf("compress dynamic ret failed\n"); - return -1; - } - - if (memcmp(cBuffer, dBuffer, ret1) != 0) { - printf("compress dynamic cmp failed\n"); - return -1; - } - - outSz = ret1; - - ret1 = CRYPT_HUFFMAN_DeCompress(dBuffer, sizeof(dBuffer), cBuffer, outSz); - - if (memcmp(dBuffer, text, inSz) != 0) { - printf("mcapi decompress dynamic cmp failed\n"); - return -1; - } - - memset(dBuffer, 0, sizeof(dBuffer)); - - ret1 = DeCompress(dBuffer, sizeof(dBuffer), cBuffer, outSz); - - if (memcmp(dBuffer, text, inSz) != 0) { - printf("decompress dynamic cmp failed\n"); - return -1; - } - - memset(cBuffer, 0, sizeof(cBuffer)); - memset(dBuffer, 0, sizeof(dBuffer)); - - /* static */ - ret1 = CRYPT_HUFFMAN_Compress(cBuffer, sizeof(cBuffer), text, inSz, 1); - ret2 = Compress(dBuffer, sizeof(dBuffer), text, inSz, 1); - - if (ret1 != ret2 || ret1 < 0) { - printf("compress static ret failed\n"); - return -1; - } - - if (memcmp(cBuffer, dBuffer, ret1) != 0) { - printf("compress static cmp failed\n"); - return -1; - } - - outSz = ret1; - - ret1 = CRYPT_HUFFMAN_DeCompress(dBuffer, sizeof(dBuffer), cBuffer, outSz); - - if (memcmp(dBuffer, text, inSz) != 0) { - printf("mcapi decompress static cmp failed\n"); - return -1; - } - - memset(dBuffer, 0, sizeof(dBuffer)); - - ret1 = DeCompress(dBuffer, sizeof(dBuffer), cBuffer, outSz); - - if (memcmp(dBuffer, text, inSz) != 0) { - printf("decompress static cmp failed\n"); - return -1; - } - - printf("huffman mcapi test passed\n"); - - return 0; -} - - -#define RANDOM_BYTE_SZ 32 - -/* check mcapi rng */ -static int check_rng(void) -{ - int ret; - int i; - byte in[RANDOM_BYTE_SZ]; - byte out[RANDOM_BYTE_SZ]; - - for (i = 0; i < RANDOM_BYTE_SZ; i++) - in[i] = (byte)i; - - for (i = 0; i < RANDOM_BYTE_SZ; i++) - out[i] = (byte)i; - - ret = InitRng(&defRng); - if (ret != 0) { - printf("default rng init failed\n"); - return -1; - } - - ret = CRYPT_RNG_Initialize(&mcRng); - if (ret != 0) { - printf("mcapi rng init failed\n"); - return -1; - } - - ret = CRYPT_RNG_Get(&mcRng, &out[0]); - if (ret != 0) { - printf("mcapi rng get failed\n"); - return -1; - } - - ret = CRYPT_RNG_BlockGenerate(&mcRng, out, RANDOM_BYTE_SZ); - if (ret != 0) { - printf("mcapi rng block gen failed\n"); - return -1; - } - - if (memcmp(in, out, RANDOM_BYTE_SZ) == 0) { - printf("mcapi rng block gen output failed\n"); - return -1; - } - - printf("rng mcapi test passed\n"); - - return 0; -} - - -#define TDES_TEST_SIZE 32 - -/* check mcapi des3 */ -static int check_des3(void) -{ - CRYPT_TDES_CTX mcDes3; - Des3 defDes3; - int ret; - byte out1[TDES_TEST_SIZE]; - byte out2[TDES_TEST_SIZE]; - - strncpy((char*)key, "1234567890abcdefghijklmn", 24); - strncpy((char*)iv, "12345678", 8); - - /* cbc encrypt */ - ret = CRYPT_TDES_KeySet(&mcDes3, key, iv, CRYPT_TDES_ENCRYPTION); - if (ret != 0) { - printf("mcapi tdes key set failed\n"); - return -1; - } - Des3_SetKey(&defDes3, key, iv, DES_ENCRYPTION); - - ret = CRYPT_TDES_CBC_Encrypt(&mcDes3, out1, ourData, TDES_TEST_SIZE); - if (ret != 0) { - printf("mcapi tdes cbc encrypt failed\n"); - return -1; - } - Des3_CbcEncrypt(&defDes3, out2, ourData, TDES_TEST_SIZE); - - if (memcmp(out1, out2, TDES_TEST_SIZE) != 0) { - printf("mcapi tdes cbc encrypt cmp failed\n"); - return -1; - } - - /* cbc decrypt */ - ret = CRYPT_TDES_KeySet(&mcDes3, key, iv, CRYPT_TDES_DECRYPTION); - if (ret != 0) { - printf("mcapi tdes key set failed\n"); - return -1; - } - Des3_SetKey(&defDes3, key, iv, DES_DECRYPTION); - - ret = CRYPT_TDES_CBC_Decrypt(&mcDes3, out2, out1, TDES_TEST_SIZE); - if (ret != 0) { - printf("mcapi tdes cbc decrypt failed\n"); - return -1; - } - Des3_CbcDecrypt(&defDes3, out1, out1, TDES_TEST_SIZE); - - if (memcmp(out1, out2, TDES_TEST_SIZE) != 0) { - printf("mcapi tdes cbc decrypt cmp failed\n"); - return -1; - } - - if (memcmp(out1, ourData, TDES_TEST_SIZE) != 0) { - printf("mcapi tdes cbc decrypt orig cmp failed\n"); - return -1; - } - - printf("tdes mcapi test passed\n"); - - return 0; -} - - -#define AES_TEST_SIZE 32 - -/* check mcapi aes cbc */ -static int check_aescbc(void) -{ - CRYPT_AES_CTX mcAes; - Aes defAes; - int ret; - byte out1[AES_TEST_SIZE]; - byte out2[AES_TEST_SIZE]; - - strncpy((char*)key, "1234567890abcdefghijklmnopqrstuv", 32); - strncpy((char*)iv, "1234567890abcdef", 16); - - /* 128 cbc encrypt */ - ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION); - if (ret != 0) { - printf("mcapi aes-128 key set failed\n"); - return -1; - } - ret = AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION); - if (ret != 0) { - printf("default aes-128 key set failed\n"); - return -1; - } - - ret = CRYPT_AES_CBC_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); - if (ret != 0) { - printf("mcapi aes-128 cbc encrypt failed\n"); - return -1; - } - AesCbcEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); - - if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { - printf("mcapi aes-128 cbc encrypt cmp failed\n"); - return -1; - } - - /* 128 cbc decrypt */ - ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_DECRYPTION); - if (ret != 0) { - printf("mcapi aes-128 key set failed\n"); - return -1; - } - ret = AesSetKey(&defAes, key, 16, iv, DES_DECRYPTION); - if (ret != 0) { - printf("default aes-128 key set failed\n"); - return -1; - } - - ret = CRYPT_AES_CBC_Decrypt(&mcAes, out2, out1, AES_TEST_SIZE); - if (ret != 0) { - printf("mcapi aes-128 cbc decrypt failed\n"); - return -1; - } - AesCbcDecrypt(&defAes, out1, out1, AES_TEST_SIZE); - - if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { - printf("mcapi aes-128 cbc decrypt cmp failed\n"); - return -1; - } - - if (memcmp(out1, ourData, AES_TEST_SIZE) != 0) { - printf("mcapi aes-128 cbc decrypt orig cmp failed\n"); - return -1; - } - - /* 192 cbc encrypt */ - ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION); - if (ret != 0) { - printf("mcapi aes-192 key set failed\n"); - return -1; - } - ret = AesSetKey(&defAes, key, 24, iv, AES_ENCRYPTION); - if (ret != 0) { - printf("default aes-192 key set failed\n"); - return -1; - } - - ret = CRYPT_AES_CBC_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); - if (ret != 0) { - printf("mcapi aes-192 cbc encrypt failed\n"); - return -1; - } - AesCbcEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); - - if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { - printf("mcapi aes-192 cbc encrypt cmp failed\n"); - return -1; - } - - /* 192 cbc decrypt */ - ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_DECRYPTION); - if (ret != 0) { - printf("mcapi aes-192 key set failed\n"); - return -1; - } - ret = AesSetKey(&defAes, key, 24, iv, AES_DECRYPTION); - if (ret != 0) { - printf("default aes-192 key set failed\n"); - return -1; - } - - ret = CRYPT_AES_CBC_Decrypt(&mcAes, out2, out1, AES_TEST_SIZE); - if (ret != 0) { - printf("mcapi aes-192 cbc decrypt failed\n"); - return -1; - } - AesCbcDecrypt(&defAes, out1, out1, AES_TEST_SIZE); - - if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { - printf("mcapi aes-192 cbc decrypt cmp failed\n"); - return -1; - } - - if (memcmp(out1, ourData, AES_TEST_SIZE) != 0) { - printf("mcapi aes-192 cbc decrypt orig cmp failed\n"); - return -1; - } - - /* 256 cbc encrypt */ - ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION); - if (ret != 0) { - printf("mcapi aes-256 key set failed\n"); - return -1; - } - ret = AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION); - if (ret != 0) { - printf("default aes-256 key set failed\n"); - return -1; - } - - ret = CRYPT_AES_CBC_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); - if (ret != 0) { - printf("mcapi aes-256 cbc encrypt failed\n"); - return -1; - } - AesCbcEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); - - if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { - printf("mcapi aes-256 cbc encrypt cmp failed\n"); - return -1; - } - - /* 256 cbc decrypt */ - ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_DECRYPTION); - if (ret != 0) { - printf("mcapi aes-256 key set failed\n"); - return -1; - } - ret = AesSetKey(&defAes, key, 32, iv, AES_DECRYPTION); - if (ret != 0) { - printf("default aes-256 key set failed\n"); - return -1; - } - - ret = CRYPT_AES_CBC_Decrypt(&mcAes, out2, out1, AES_TEST_SIZE); - if (ret != 0) { - printf("mcapi aes-256 cbc decrypt failed\n"); - return -1; - } - AesCbcDecrypt(&defAes, out1, out1, AES_TEST_SIZE); - - if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { - printf("mcapi aes-256 cbc decrypt cmp failed\n"); - return -1; - } - - if (memcmp(out1, ourData, AES_TEST_SIZE) != 0) { - printf("mcapi aes-256 cbc decrypt orig cmp failed\n"); - return -1; - } - - printf("aes-cbc mcapi test passed\n"); - - return 0; -} - - -/* check mcapi aes ctr */ -static int check_aesctr(void) -{ - CRYPT_AES_CTX mcAes; - Aes defAes; - int ret; - byte out1[AES_TEST_SIZE]; - byte out2[AES_TEST_SIZE]; - - strncpy((char*)key, "1234567890abcdefghijklmnopqrstuv", 32); - strncpy((char*)iv, "1234567890abcdef", 16); - - /* 128 ctr encrypt */ - ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION); - if (ret != 0) { - printf("mcapi aes-128 key set failed\n"); - return -1; - } - ret = AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION); - if (ret != 0) { - printf("default aes-128 key set failed\n"); - return -1; - } - - ret = CRYPT_AES_CTR_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); - if (ret != 0) { - printf("mcapi aes-128 ctr encrypt failed\n"); - return -1; - } - AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); - - if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { - printf("mcapi aes-128 ctr encrypt cmp failed\n"); - return -1; - } - - /* 128 ctr decrypt */ - ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION); - if (ret != 0) { - printf("mcapi aes-128 key set failed\n"); - return -1; - } - ret = AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION); - if (ret != 0) { - printf("default aes-128 key set failed\n"); - return -1; - } - - ret = CRYPT_AES_CTR_Encrypt(&mcAes, out2, out1, AES_TEST_SIZE); - if (ret != 0) { - printf("mcapi aes-128 ctr decrypt failed\n"); - return -1; - } - - if (memcmp(out2, ourData, AES_TEST_SIZE) != 0) { - printf("mcapi aes-128 ctr decrypt orig cmp failed\n"); - return -1; - } - - /* 192 ctr encrypt */ - ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION); - if (ret != 0) { - printf("mcapi aes-192 key set failed\n"); - return -1; - } - ret = AesSetKey(&defAes, key, 24, iv, AES_ENCRYPTION); - if (ret != 0) { - printf("default aes-192 key set failed\n"); - return -1; - } - - ret = CRYPT_AES_CTR_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); - if (ret != 0) { - printf("mcapi aes-192 ctr encrypt failed\n"); - return -1; - } - AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); - - if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { - printf("mcapi aes-192 ctr encrypt cmp failed\n"); - return -1; - } - - /* 192 ctr decrypt */ - ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION); - if (ret != 0) { - printf("mcapi aes-192 key set failed\n"); - return -1; - } - ret = AesSetKey(&defAes, key, 24, iv, AES_DECRYPTION); - if (ret != 0) { - printf("default aes-192 key set failed\n"); - return -1; - } - - ret = CRYPT_AES_CTR_Encrypt(&mcAes, out2, out1, AES_TEST_SIZE); - if (ret != 0) { - printf("mcapi aes-192 ctr decrypt failed\n"); - return -1; - } - - if (memcmp(out2, ourData, AES_TEST_SIZE) != 0) { - printf("mcapi aes-192 ctr decrypt orig cmp failed\n"); - return -1; - } - - /* 256 ctr encrypt */ - ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION); - if (ret != 0) { - printf("mcapi aes-256 key set failed\n"); - return -1; - } - ret = AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION); - if (ret != 0) { - printf("default aes-256 key set failed\n"); - return -1; - } - - ret = CRYPT_AES_CTR_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); - if (ret != 0) { - printf("mcapi aes-256 ctr encrypt failed\n"); - return -1; - } - AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); - - if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { - printf("mcapi aes-256 ctr encrypt cmp failed\n"); - return -1; - } - - /* 256 ctr decrypt */ - ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION); - if (ret != 0) { - printf("mcapi aes-256 key set failed\n"); - return -1; - } - ret = AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION); - if (ret != 0) { - printf("default aes-256 key set failed\n"); - return -1; - } - - ret = CRYPT_AES_CTR_Encrypt(&mcAes, out2, out1, AES_TEST_SIZE); - if (ret != 0) { - printf("mcapi aes-256 ctr decrypt failed\n"); - return -1; - } - - if (memcmp(out2, ourData, AES_TEST_SIZE) != 0) { - printf("mcapi aes-256 ctr decrypt orig cmp failed\n"); - return -1; - } - - printf("aes-ctr mcapi test passed\n"); - - return 0; -} - - -/* check mcapi aes direct */ -static int check_aesdirect(void) -{ - CRYPT_AES_CTX mcAes; - Aes defAes; - int ret; - byte out1[CRYPT_AES_BLOCK_SIZE]; - byte out2[16]; /* one block at a time */ - - strncpy((char*)key, "1234567890abcdefghijklmnopqrstuv", 32); - strncpy((char*)iv, "1234567890abcdef", 16); - - /* 128 direct encrypt */ - ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION); - if (ret != 0) { - printf("mcapi aes-128 key set failed\n"); - return -1; - } - ret = AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION); - if (ret != 0) { - printf("default aes-128 key set failed\n"); - return -1; - } - - ret = CRYPT_AES_DIRECT_Encrypt(&mcAes, out1, ourData); - if (ret != 0) { - printf("mcapi aes-128 direct encrypt failed\n"); - return -1; - } - AesEncryptDirect(&defAes, out2, ourData); - - if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) { - printf("mcapi aes-128 direct encrypt cmp failed\n"); - return -1; - } - - /* 128 direct decrypt */ - ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_DECRYPTION); - if (ret != 0) { - printf("mcapi aes-128 key set failed\n"); - return -1; - } - ret = AesSetKey(&defAes, key, 16, iv, DES_DECRYPTION); - if (ret != 0) { - printf("default aes-128 key set failed\n"); - return -1; - } - - ret = CRYPT_AES_DIRECT_Decrypt(&mcAes, out2, out1); - if (ret != 0) { - printf("mcapi aes-128 direct decrypt failed\n"); - return -1; - } - AesDecryptDirect(&defAes, out1, out1); - - if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) { - printf("mcapi aes-128 direct decrypt cmp failed\n"); - return -1; - } - - if (memcmp(out1, ourData, CRYPT_AES_BLOCK_SIZE) != 0) { - printf("mcapi aes-128 direct decrypt orig cmp failed\n"); - return -1; - } - - /* 192 direct encrypt */ - ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION); - if (ret != 0) { - printf("mcapi aes-192 key set failed\n"); - return -1; - } - ret = AesSetKey(&defAes, key, 24, iv, AES_ENCRYPTION); - if (ret != 0) { - printf("default aes-192 key set failed\n"); - return -1; - } - - ret = CRYPT_AES_DIRECT_Encrypt(&mcAes, out1, ourData); - if (ret != 0) { - printf("mcapi aes-192 direct encrypt failed\n"); - return -1; - } - AesEncryptDirect(&defAes, out2, ourData); - - if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) { - printf("mcapi aes-192 direct encrypt cmp failed\n"); - return -1; - } - - /* 192 direct decrypt */ - ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_DECRYPTION); - if (ret != 0) { - printf("mcapi aes-192 key set failed\n"); - return -1; - } - ret = AesSetKey(&defAes, key, 24, iv, AES_DECRYPTION); - if (ret != 0) { - printf("default aes-192 key set failed\n"); - return -1; - } - - ret = CRYPT_AES_DIRECT_Decrypt(&mcAes, out2, out1); - if (ret != 0) { - printf("mcapi aes-192 direct decrypt failed\n"); - return -1; - } - AesDecryptDirect(&defAes, out1, out1); - - if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) { - printf("mcapi aes-192 direct decrypt cmp failed\n"); - return -1; - } - - if (memcmp(out1, ourData, CRYPT_AES_BLOCK_SIZE) != 0) { - printf("mcapi aes-192 direct decrypt orig cmp failed\n"); - return -1; - } - - /* 256 direct encrypt */ - ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION); - if (ret != 0) { - printf("mcapi aes-256 key set failed\n"); - return -1; - } - ret = AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION); - if (ret != 0) { - printf("default aes-256 key set failed\n"); - return -1; - } - - ret = CRYPT_AES_DIRECT_Encrypt(&mcAes, out1, ourData); - if (ret != 0) { - printf("mcapi aes-256 direct encrypt failed\n"); - return -1; - } - AesEncryptDirect(&defAes, out2, ourData); - - if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) { - printf("mcapi aes-256 direct encrypt cmp failed\n"); - return -1; - } - - /* 256 direct decrypt */ - ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_DECRYPTION); - if (ret != 0) { - printf("mcapi aes-256 key set failed\n"); - return -1; - } - ret = AesSetKey(&defAes, key, 32, iv, AES_DECRYPTION); - if (ret != 0) { - printf("default aes-256 key set failed\n"); - return -1; - } - - ret = CRYPT_AES_DIRECT_Decrypt(&mcAes, out2, out1); - if (ret != 0) { - printf("mcapi aes-256 direct decrypt failed\n"); - return -1; - } - AesDecryptDirect(&defAes, out1, out1); - - if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) { - printf("mcapi aes-256 direct decrypt cmp failed\n"); - return -1; - } - - if (memcmp(out1, ourData, CRYPT_AES_BLOCK_SIZE) != 0) { - printf("mcapi aes-256 direct decrypt orig cmp failed\n"); - return -1; - } - - printf("aes-direct mcapi test passed\n"); - - return 0; -} - - -#define RSA_TEST_SIZE 64 - -/* check mcapi rsa */ -static int check_rsa(void) -{ - CRYPT_RSA_CTX mcRsa; - RsaKey defRsa; - int ret; - int ret2; - unsigned int keySz = (unsigned int)sizeof(client_key_der_1024); - unsigned int idx = 0; - byte out1[256]; - byte out2[256]; - - InitRsaKey(&defRsa, NULL); - ret = CRYPT_RSA_Initialize(&mcRsa); - if (ret != 0) { - printf("mcapi rsa init failed\n"); - return -1; - } - - ret = CRYPT_RSA_PrivateKeyDecode(&mcRsa, client_key_der_1024, keySz); - if (ret != 0) { - printf("mcapi rsa private key decode failed\n"); - return -1; - } - - ret = RsaPrivateKeyDecode(client_key_der_1024, &idx, &defRsa, keySz); - if (ret != 0) { - printf("default rsa private key decode failed\n"); - return -1; - } - - ret = CRYPT_RSA_PublicEncrypt(&mcRsa, out1, sizeof(out1), ourData, - RSA_TEST_SIZE, &mcRng); - if (ret < 0) { - printf("mcapi rsa public encrypt failed\n"); - return -1; - } - - ret2 = RsaPublicEncrypt(ourData, RSA_TEST_SIZE, out2, sizeof(out2), - &defRsa, &defRng); - if (ret2 < 0) { - printf("default rsa public encrypt failed\n"); - return -1; - } - - if (ret != ret2) { - printf("default rsa public encrypt sz != mcapi sz\n"); - return -1; - } - - if (ret != CRYPT_RSA_EncryptSizeGet(&mcRsa)) { - printf("mcapi encrypt sz get != mcapi sz\n"); - return -1; - } - - ret = CRYPT_RSA_PrivateDecrypt(&mcRsa, out2, sizeof(out2), out1, ret); - if (ret < 0) { - printf("mcapi rsa private derypt failed\n"); - return -1; - } - - if (ret != RSA_TEST_SIZE) { - printf("mcapi rsa private derypt plain size wrong\n"); - return -1; - } - - if (memcmp(out2, ourData, ret) != 0) { - printf("mcapi rsa private derypt plain text bad\n"); - return -1; - } - - FreeRsaKey(&defRsa); - ret = CRYPT_RSA_Free(&mcRsa); - if (ret != 0) { - printf("mcapi rsa free failed\n"); - return -1; - } - - printf("rsa mcapi test passed\n"); - - return 0; -} - - -/* check mcapi ecc */ -static int check_ecc(void) -{ - CRYPT_ECC_CTX userA; - CRYPT_ECC_CTX userB; - int ret; - byte sharedA[100]; - byte sharedB[100]; - byte sig[100]; - unsigned int aSz = (unsigned int)sizeof(sharedA); - unsigned int bSz = (unsigned int)sizeof(sharedB); - unsigned int sigSz = (unsigned int)sizeof(sig); - unsigned int usedA = 0; - unsigned int usedB = 0; - int verifyStatus = 0; - - /* init */ - ret = CRYPT_ECC_Initialize(&userA); - if (ret != 0) { - printf("mcapi ecc init failed\n"); - return -1; - } - - ret = CRYPT_ECC_Initialize(&userB); - if (ret != 0) { - printf("mcapi ecc init b failed\n"); - return -1; - } - - /* dhe + helpers */ - ret = CRYPT_ECC_DHE_KeyMake(&userA, &mcRng, 32); - if (ret != 0) { - printf("mcapi ecc make key failed\n"); - return -1; - } - - ret = CRYPT_ECC_DHE_KeyMake(&userB, &mcRng, 32); - if (ret != 0) { - printf("mcapi ecc make key b failed\n"); - return -1; - } - - ret = CRYPT_ECC_KeySizeGet(&userA); - if (ret <= 0) { - printf("mcapi ecc key size get failed\n"); - return -1; - } - - ret = CRYPT_ECC_SignatureSizeGet(&userA); - if (ret <= 0) { - printf("mcapi ecc signature size get failed\n"); - return -1; - } - - ret = CRYPT_ECC_DHE_SharedSecretMake(&userA, &userB, sharedA, aSz, &usedA); - if (ret != 0) { - printf("mcapi ecc make shared secret failed\n"); - return -1; - } - - ret = CRYPT_ECC_DHE_SharedSecretMake(&userB, &userA, sharedB, bSz, &usedB); - if (ret != 0) { - printf("mcapi ecc make shared secret failed\n"); - return -1; - } - - if (usedA != usedB || usedA <= 0) { - printf("mcapi ecc make shared secret output size match failed\n"); - return -1; - } - - if (memcmp(sharedA, sharedB, usedA) != 0) { - printf("mcapi ecc make shared secret output match cmp failed\n"); - return -1; - } - - /* dsa */ - ret = CRYPT_ECC_DSA_HashSign(&userA, &mcRng, sig, sigSz, &usedA, ourData, - CRYPT_SHA_DIGEST_SIZE); - if (ret != 0) { - printf("mcapi ecc sign hash failed\n"); - return -1; - } - - sigSz = usedA; - if (sigSz <= 0) { - printf("mcapi ecc sign hash bad sig size\n"); - return -1; - } - - ret = CRYPT_ECC_DSA_HashVerify(&userA, sig, sigSz, ourData, - CRYPT_SHA_DIGEST_SIZE, &verifyStatus); - if (ret != 0) { - printf("mcapi ecc verify hash failed\n"); - return -1; - } - if (verifyStatus != 1) { - printf("mcapi ecc verify hash status failed\n"); - return -1; - } - - /* import / export */ - usedA = 0; - ret = CRYPT_ECC_PublicExport(&userA, sharedA, aSz, &usedA); - if (ret != 0) { - printf("mcapi ecc public export failed\n"); - return -1; - } - - ret = CRYPT_ECC_PublicImport(&userB, sharedA, usedA); - if (ret != 0) { - printf("mcapi ecc public import failed\n"); - return -1; - } - - ret = CRYPT_ECC_Free(&userA); - if (ret != 0) { - printf("mcapi ecc free failed\n"); - return -1; - } - - ret = CRYPT_ECC_Free(&userB); - if (ret != 0) { - printf("mcapi ecc free b failed\n"); - return -1; - } - - printf("ecc mcapi test passed\n"); - - return 0; -} - diff --git a/mcapi/zlib.X/nbproject/Makefile-default.mk b/mcapi/zlib.X/nbproject/Makefile-default.mk deleted file mode 100644 index 8ca615867..000000000 --- a/mcapi/zlib.X/nbproject/Makefile-default.mk +++ /dev/null @@ -1,314 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# Edit the Makefile in the project folder instead (../Makefile). Each target -# has a -pre and a -post target defined where you can add customized code. -# -# This makefile implements configuration specific macros and targets. - - -# Include project Makefile -ifeq "${IGNORE_LOCAL}" "TRUE" -# do not include local makefile. User is passing all local related variables already -else -include Makefile -# Include makefile containing local settings -ifeq "$(wildcard nbproject/Makefile-local-default.mk)" "nbproject/Makefile-local-default.mk" -include nbproject/Makefile-local-default.mk -endif -endif - -# Environment -MKDIR=gnumkdir -p -RM=rm -f -MV=mv -CP=cp - -# Macros -CND_CONF=default -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -IMAGE_TYPE=debug -OUTPUT_SUFFIX=a -DEBUGGABLE_SUFFIX= -FINAL_IMAGE=dist/${CND_CONF}/${IMAGE_TYPE}/zlib.X.${OUTPUT_SUFFIX} -else -IMAGE_TYPE=production -OUTPUT_SUFFIX=a -DEBUGGABLE_SUFFIX= -FINAL_IMAGE=dist/${CND_CONF}/${IMAGE_TYPE}/zlib.X.${OUTPUT_SUFFIX} -endif - -# Object Directory -OBJECTDIR=build/${CND_CONF}/${IMAGE_TYPE} - -# Distribution Directory -DISTDIR=dist/${CND_CONF}/${IMAGE_TYPE} - -# Source Files Quoted if spaced -SOURCEFILES_QUOTED_IF_SPACED=../../zlib-1.2.7/adler32.c ../../zlib-1.2.7/compress.c ../../zlib-1.2.7/crc32.c ../../zlib-1.2.7/deflate.c ../../zlib-1.2.7/gzclose.c ../../zlib-1.2.7/gzlib.c ../../zlib-1.2.7/gzread.c ../../zlib-1.2.7/gzwrite.c ../../zlib-1.2.7/infback.c ../../zlib-1.2.7/inffast.c ../../zlib-1.2.7/inflate.c ../../zlib-1.2.7/inftrees.c ../../zlib-1.2.7/trees.c ../../zlib-1.2.7/uncompr.c ../../zlib-1.2.7/zutil.c - -# Object Files Quoted if spaced -OBJECTFILES_QUOTED_IF_SPACED=${OBJECTDIR}/_ext/608321700/adler32.o ${OBJECTDIR}/_ext/608321700/compress.o ${OBJECTDIR}/_ext/608321700/crc32.o ${OBJECTDIR}/_ext/608321700/deflate.o ${OBJECTDIR}/_ext/608321700/gzclose.o ${OBJECTDIR}/_ext/608321700/gzlib.o ${OBJECTDIR}/_ext/608321700/gzread.o ${OBJECTDIR}/_ext/608321700/gzwrite.o ${OBJECTDIR}/_ext/608321700/infback.o ${OBJECTDIR}/_ext/608321700/inffast.o ${OBJECTDIR}/_ext/608321700/inflate.o ${OBJECTDIR}/_ext/608321700/inftrees.o ${OBJECTDIR}/_ext/608321700/trees.o ${OBJECTDIR}/_ext/608321700/uncompr.o ${OBJECTDIR}/_ext/608321700/zutil.o -POSSIBLE_DEPFILES=${OBJECTDIR}/_ext/608321700/adler32.o.d ${OBJECTDIR}/_ext/608321700/compress.o.d ${OBJECTDIR}/_ext/608321700/crc32.o.d ${OBJECTDIR}/_ext/608321700/deflate.o.d ${OBJECTDIR}/_ext/608321700/gzclose.o.d ${OBJECTDIR}/_ext/608321700/gzlib.o.d ${OBJECTDIR}/_ext/608321700/gzread.o.d ${OBJECTDIR}/_ext/608321700/gzwrite.o.d ${OBJECTDIR}/_ext/608321700/infback.o.d ${OBJECTDIR}/_ext/608321700/inffast.o.d ${OBJECTDIR}/_ext/608321700/inflate.o.d ${OBJECTDIR}/_ext/608321700/inftrees.o.d ${OBJECTDIR}/_ext/608321700/trees.o.d ${OBJECTDIR}/_ext/608321700/uncompr.o.d ${OBJECTDIR}/_ext/608321700/zutil.o.d - -# Object Files -OBJECTFILES=${OBJECTDIR}/_ext/608321700/adler32.o ${OBJECTDIR}/_ext/608321700/compress.o ${OBJECTDIR}/_ext/608321700/crc32.o ${OBJECTDIR}/_ext/608321700/deflate.o ${OBJECTDIR}/_ext/608321700/gzclose.o ${OBJECTDIR}/_ext/608321700/gzlib.o ${OBJECTDIR}/_ext/608321700/gzread.o ${OBJECTDIR}/_ext/608321700/gzwrite.o ${OBJECTDIR}/_ext/608321700/infback.o ${OBJECTDIR}/_ext/608321700/inffast.o ${OBJECTDIR}/_ext/608321700/inflate.o ${OBJECTDIR}/_ext/608321700/inftrees.o ${OBJECTDIR}/_ext/608321700/trees.o ${OBJECTDIR}/_ext/608321700/uncompr.o ${OBJECTDIR}/_ext/608321700/zutil.o - -# Source Files -SOURCEFILES=../../zlib-1.2.7/adler32.c ../../zlib-1.2.7/compress.c ../../zlib-1.2.7/crc32.c ../../zlib-1.2.7/deflate.c ../../zlib-1.2.7/gzclose.c ../../zlib-1.2.7/gzlib.c ../../zlib-1.2.7/gzread.c ../../zlib-1.2.7/gzwrite.c ../../zlib-1.2.7/infback.c ../../zlib-1.2.7/inffast.c ../../zlib-1.2.7/inflate.c ../../zlib-1.2.7/inftrees.c ../../zlib-1.2.7/trees.c ../../zlib-1.2.7/uncompr.c ../../zlib-1.2.7/zutil.c - - -CFLAGS= -ASFLAGS= -LDLIBSOPTIONS= - -############# Tool locations ########################################## -# If you copy a project from one host to another, the path where the # -# compiler is installed may be different. # -# If you open this project with MPLAB X in the new host, this # -# makefile will be regenerated and the paths will be corrected. # -####################################################################### -# fixDeps replaces a bunch of sed/cat/printf statements that slow down the build -FIXDEPS=fixDeps - -.build-conf: ${BUILD_SUBPROJECTS} - ${MAKE} ${MAKE_OPTIONS} -f nbproject/Makefile-default.mk dist/${CND_CONF}/${IMAGE_TYPE}/zlib.X.${OUTPUT_SUFFIX} - -MP_PROCESSOR_OPTION=32MZ2048ECM144 -MP_LINKER_FILE_OPTION= -# ------------------------------------------------------------------------------------ -# Rules for buildStep: assemble -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -else -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: assembleWithPreprocess -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -else -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: compile -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -${OBJECTDIR}/_ext/608321700/adler32.o: ../../zlib-1.2.7/adler32.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/adler32.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/adler32.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/adler32.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/adler32.o.d" -o ${OBJECTDIR}/_ext/608321700/adler32.o ../../zlib-1.2.7/adler32.c - -${OBJECTDIR}/_ext/608321700/compress.o: ../../zlib-1.2.7/compress.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/compress.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/compress.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/compress.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/compress.o.d" -o ${OBJECTDIR}/_ext/608321700/compress.o ../../zlib-1.2.7/compress.c - -${OBJECTDIR}/_ext/608321700/crc32.o: ../../zlib-1.2.7/crc32.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/crc32.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/crc32.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/crc32.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/crc32.o.d" -o ${OBJECTDIR}/_ext/608321700/crc32.o ../../zlib-1.2.7/crc32.c - -${OBJECTDIR}/_ext/608321700/deflate.o: ../../zlib-1.2.7/deflate.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/deflate.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/deflate.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/deflate.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/deflate.o.d" -o ${OBJECTDIR}/_ext/608321700/deflate.o ../../zlib-1.2.7/deflate.c - -${OBJECTDIR}/_ext/608321700/gzclose.o: ../../zlib-1.2.7/gzclose.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/gzclose.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/gzclose.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/gzclose.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/gzclose.o.d" -o ${OBJECTDIR}/_ext/608321700/gzclose.o ../../zlib-1.2.7/gzclose.c - -${OBJECTDIR}/_ext/608321700/gzlib.o: ../../zlib-1.2.7/gzlib.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/gzlib.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/gzlib.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/gzlib.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/gzlib.o.d" -o ${OBJECTDIR}/_ext/608321700/gzlib.o ../../zlib-1.2.7/gzlib.c - -${OBJECTDIR}/_ext/608321700/gzread.o: ../../zlib-1.2.7/gzread.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/gzread.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/gzread.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/gzread.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/gzread.o.d" -o ${OBJECTDIR}/_ext/608321700/gzread.o ../../zlib-1.2.7/gzread.c - -${OBJECTDIR}/_ext/608321700/gzwrite.o: ../../zlib-1.2.7/gzwrite.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/gzwrite.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/gzwrite.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/gzwrite.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/gzwrite.o.d" -o ${OBJECTDIR}/_ext/608321700/gzwrite.o ../../zlib-1.2.7/gzwrite.c - -${OBJECTDIR}/_ext/608321700/infback.o: ../../zlib-1.2.7/infback.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/infback.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/infback.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/infback.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/infback.o.d" -o ${OBJECTDIR}/_ext/608321700/infback.o ../../zlib-1.2.7/infback.c - -${OBJECTDIR}/_ext/608321700/inffast.o: ../../zlib-1.2.7/inffast.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/inffast.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/inffast.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/inffast.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/inffast.o.d" -o ${OBJECTDIR}/_ext/608321700/inffast.o ../../zlib-1.2.7/inffast.c - -${OBJECTDIR}/_ext/608321700/inflate.o: ../../zlib-1.2.7/inflate.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/inflate.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/inflate.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/inflate.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/inflate.o.d" -o ${OBJECTDIR}/_ext/608321700/inflate.o ../../zlib-1.2.7/inflate.c - -${OBJECTDIR}/_ext/608321700/inftrees.o: ../../zlib-1.2.7/inftrees.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/inftrees.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/inftrees.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/inftrees.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/inftrees.o.d" -o ${OBJECTDIR}/_ext/608321700/inftrees.o ../../zlib-1.2.7/inftrees.c - -${OBJECTDIR}/_ext/608321700/trees.o: ../../zlib-1.2.7/trees.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/trees.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/trees.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/trees.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/trees.o.d" -o ${OBJECTDIR}/_ext/608321700/trees.o ../../zlib-1.2.7/trees.c - -${OBJECTDIR}/_ext/608321700/uncompr.o: ../../zlib-1.2.7/uncompr.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/uncompr.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/uncompr.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/uncompr.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/uncompr.o.d" -o ${OBJECTDIR}/_ext/608321700/uncompr.o ../../zlib-1.2.7/uncompr.c - -${OBJECTDIR}/_ext/608321700/zutil.o: ../../zlib-1.2.7/zutil.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/zutil.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/zutil.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/zutil.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/zutil.o.d" -o ${OBJECTDIR}/_ext/608321700/zutil.o ../../zlib-1.2.7/zutil.c - -else -${OBJECTDIR}/_ext/608321700/adler32.o: ../../zlib-1.2.7/adler32.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/adler32.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/adler32.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/adler32.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/adler32.o.d" -o ${OBJECTDIR}/_ext/608321700/adler32.o ../../zlib-1.2.7/adler32.c - -${OBJECTDIR}/_ext/608321700/compress.o: ../../zlib-1.2.7/compress.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/compress.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/compress.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/compress.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/compress.o.d" -o ${OBJECTDIR}/_ext/608321700/compress.o ../../zlib-1.2.7/compress.c - -${OBJECTDIR}/_ext/608321700/crc32.o: ../../zlib-1.2.7/crc32.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/crc32.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/crc32.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/crc32.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/crc32.o.d" -o ${OBJECTDIR}/_ext/608321700/crc32.o ../../zlib-1.2.7/crc32.c - -${OBJECTDIR}/_ext/608321700/deflate.o: ../../zlib-1.2.7/deflate.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/deflate.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/deflate.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/deflate.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/deflate.o.d" -o ${OBJECTDIR}/_ext/608321700/deflate.o ../../zlib-1.2.7/deflate.c - -${OBJECTDIR}/_ext/608321700/gzclose.o: ../../zlib-1.2.7/gzclose.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/gzclose.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/gzclose.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/gzclose.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/gzclose.o.d" -o ${OBJECTDIR}/_ext/608321700/gzclose.o ../../zlib-1.2.7/gzclose.c - -${OBJECTDIR}/_ext/608321700/gzlib.o: ../../zlib-1.2.7/gzlib.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/gzlib.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/gzlib.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/gzlib.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/gzlib.o.d" -o ${OBJECTDIR}/_ext/608321700/gzlib.o ../../zlib-1.2.7/gzlib.c - -${OBJECTDIR}/_ext/608321700/gzread.o: ../../zlib-1.2.7/gzread.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/gzread.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/gzread.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/gzread.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/gzread.o.d" -o ${OBJECTDIR}/_ext/608321700/gzread.o ../../zlib-1.2.7/gzread.c - -${OBJECTDIR}/_ext/608321700/gzwrite.o: ../../zlib-1.2.7/gzwrite.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/gzwrite.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/gzwrite.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/gzwrite.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/gzwrite.o.d" -o ${OBJECTDIR}/_ext/608321700/gzwrite.o ../../zlib-1.2.7/gzwrite.c - -${OBJECTDIR}/_ext/608321700/infback.o: ../../zlib-1.2.7/infback.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/infback.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/infback.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/infback.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/infback.o.d" -o ${OBJECTDIR}/_ext/608321700/infback.o ../../zlib-1.2.7/infback.c - -${OBJECTDIR}/_ext/608321700/inffast.o: ../../zlib-1.2.7/inffast.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/inffast.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/inffast.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/inffast.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/inffast.o.d" -o ${OBJECTDIR}/_ext/608321700/inffast.o ../../zlib-1.2.7/inffast.c - -${OBJECTDIR}/_ext/608321700/inflate.o: ../../zlib-1.2.7/inflate.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/inflate.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/inflate.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/inflate.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/inflate.o.d" -o ${OBJECTDIR}/_ext/608321700/inflate.o ../../zlib-1.2.7/inflate.c - -${OBJECTDIR}/_ext/608321700/inftrees.o: ../../zlib-1.2.7/inftrees.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/inftrees.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/inftrees.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/inftrees.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/inftrees.o.d" -o ${OBJECTDIR}/_ext/608321700/inftrees.o ../../zlib-1.2.7/inftrees.c - -${OBJECTDIR}/_ext/608321700/trees.o: ../../zlib-1.2.7/trees.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/trees.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/trees.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/trees.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/trees.o.d" -o ${OBJECTDIR}/_ext/608321700/trees.o ../../zlib-1.2.7/trees.c - -${OBJECTDIR}/_ext/608321700/uncompr.o: ../../zlib-1.2.7/uncompr.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/uncompr.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/uncompr.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/uncompr.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/uncompr.o.d" -o ${OBJECTDIR}/_ext/608321700/uncompr.o ../../zlib-1.2.7/uncompr.c - -${OBJECTDIR}/_ext/608321700/zutil.o: ../../zlib-1.2.7/zutil.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/608321700 - @${RM} ${OBJECTDIR}/_ext/608321700/zutil.o.d - @${RM} ${OBJECTDIR}/_ext/608321700/zutil.o - @${FIXDEPS} "${OBJECTDIR}/_ext/608321700/zutil.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -Os -DHAVE_HIDDEN -DMAX_MEM_LEVEL=1 -DMAX_WBITS=11 -DCYASSL_MICROCHIP_PIC32MZ -I"../../zlib-1.2.7" -MMD -MF "${OBJECTDIR}/_ext/608321700/zutil.o.d" -o ${OBJECTDIR}/_ext/608321700/zutil.o ../../zlib-1.2.7/zutil.c - -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: compileCPP -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -else -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: archive -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -dist/${CND_CONF}/${IMAGE_TYPE}/zlib.X.${OUTPUT_SUFFIX}: ${OBJECTFILES} nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} dist/${CND_CONF}/${IMAGE_TYPE} - ${MP_AR} $(MP_EXTRA_AR_PRE) r dist/${CND_CONF}/${IMAGE_TYPE}/zlib.X.${OUTPUT_SUFFIX} ${OBJECTFILES_QUOTED_IF_SPACED} -else -dist/${CND_CONF}/${IMAGE_TYPE}/zlib.X.${OUTPUT_SUFFIX}: ${OBJECTFILES} nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} dist/${CND_CONF}/${IMAGE_TYPE} - ${MP_AR} $(MP_EXTRA_AR_PRE) r dist/${CND_CONF}/${IMAGE_TYPE}/zlib.X.${OUTPUT_SUFFIX} ${OBJECTFILES_QUOTED_IF_SPACED} -endif - - -# Subprojects -.build-subprojects: - - -# Subprojects -.clean-subprojects: - -# Clean Targets -.clean-conf: ${CLEAN_SUBPROJECTS} - ${RM} -r build/default - ${RM} -r dist/default - -# Enable dependency checking -.dep.inc: .depcheck-impl - -DEPFILES=$(shell mplabwildcard ${POSSIBLE_DEPFILES}) -ifneq (${DEPFILES},) -include ${DEPFILES} -endif diff --git a/mcapi/zlib.X/nbproject/Makefile-genesis.properties b/mcapi/zlib.X/nbproject/Makefile-genesis.properties deleted file mode 100644 index fb29557a2..000000000 --- a/mcapi/zlib.X/nbproject/Makefile-genesis.properties +++ /dev/null @@ -1,8 +0,0 @@ -# -#Mon Nov 11 09:26:35 JST 2013 -default.com-microchip-mplab-nbide-toolchainXC32-XC32LanguageToolchain.md5=cd6a1e93a26f632c22d91cbbe4deaf2c -default.languagetoolchain.dir=C\:\\Program Files (x86)\\Microchip\\xc32\\v1.30\\bin -com-microchip-mplab-nbide-embedded-makeproject-MakeProject.md5=43bd1633f14a944b6e95abd1333fdfc3 -default.languagetoolchain.version=1.30 -host.platform=windows -conf.ids=default diff --git a/mcapi/zlib.X/nbproject/Makefile-impl.mk b/mcapi/zlib.X/nbproject/Makefile-impl.mk deleted file mode 100644 index df37d06fb..000000000 --- a/mcapi/zlib.X/nbproject/Makefile-impl.mk +++ /dev/null @@ -1,69 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# Edit the Makefile in the project folder instead (../Makefile). Each target -# has a pre- and a post- target defined where you can add customization code. -# -# This makefile implements macros and targets common to all configurations. -# -# NOCDDL - - -# Building and Cleaning subprojects are done by default, but can be controlled with the SUB -# macro. If SUB=no, subprojects will not be built or cleaned. The following macro -# statements set BUILD_SUB-CONF and CLEAN_SUB-CONF to .build-reqprojects-conf -# and .clean-reqprojects-conf unless SUB has the value 'no' -SUB_no=NO -SUBPROJECTS=${SUB_${SUB}} -BUILD_SUBPROJECTS_=.build-subprojects -BUILD_SUBPROJECTS_NO= -BUILD_SUBPROJECTS=${BUILD_SUBPROJECTS_${SUBPROJECTS}} -CLEAN_SUBPROJECTS_=.clean-subprojects -CLEAN_SUBPROJECTS_NO= -CLEAN_SUBPROJECTS=${CLEAN_SUBPROJECTS_${SUBPROJECTS}} - - -# Project Name -PROJECTNAME=zlib.X - -# Active Configuration -DEFAULTCONF=default -CONF=${DEFAULTCONF} - -# All Configurations -ALLCONFS=default - - -# build -.build-impl: .build-pre - ${MAKE} -f nbproject/Makefile-${CONF}.mk SUBPROJECTS=${SUBPROJECTS} .build-conf - - -# clean -.clean-impl: .clean-pre - ${MAKE} -f nbproject/Makefile-${CONF}.mk SUBPROJECTS=${SUBPROJECTS} .clean-conf - -# clobber -.clobber-impl: .clobber-pre .depcheck-impl - ${MAKE} SUBPROJECTS=${SUBPROJECTS} CONF=default clean - - - -# all -.all-impl: .all-pre .depcheck-impl - ${MAKE} SUBPROJECTS=${SUBPROJECTS} CONF=default build - - - -# dependency checking support -.depcheck-impl: -# @echo "# This code depends on make tool being used" >.dep.inc -# @if [ -n "${MAKE_VERSION}" ]; then \ -# echo "DEPFILES=\$$(wildcard \$$(addsuffix .d, \$${OBJECTFILES}))" >>.dep.inc; \ -# echo "ifneq (\$${DEPFILES},)" >>.dep.inc; \ -# echo "include \$${DEPFILES}" >>.dep.inc; \ -# echo "endif" >>.dep.inc; \ -# else \ -# echo ".KEEP_STATE:" >>.dep.inc; \ -# echo ".KEEP_STATE_FILE:.make.state.\$${CONF}" >>.dep.inc; \ -# fi diff --git a/mcapi/zlib.X/nbproject/Makefile-local-default.mk b/mcapi/zlib.X/nbproject/Makefile-local-default.mk deleted file mode 100644 index 3350f874d..000000000 --- a/mcapi/zlib.X/nbproject/Makefile-local-default.mk +++ /dev/null @@ -1,37 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# -# This file contains information about the location of compilers and other tools. -# If you commmit this file into your revision control server, you will be able to -# to checkout the project and build it from the command line with make. However, -# if more than one person works on the same project, then this file might show -# conflicts since different users are bound to have compilers in different places. -# In that case you might choose to not commit this file and let MPLAB X recreate this file -# for each user. The disadvantage of not commiting this file is that you must run MPLAB X at -# least once so the file gets created and the project can be built. Finally, you can also -# avoid using this file at all if you are only building from the command line with make. -# You can invoke make with the values of the macros: -# $ makeMP_CC="/opt/microchip/mplabc30/v3.30c/bin/pic30-gcc" ... -# -SHELL=cmd.exe -PATH_TO_IDE_BIN=C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/ -# Adding MPLAB X bin directory to path. -PATH:=C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/:$(PATH) -# Path to java used to run MPLAB X when this makefile was created -MP_JAVA_PATH="C:\Program Files (x86)\Microchip\MPLABX-v1.95.RC3\sys\java\jre1.7.0_25-windows-x64\java-windows/bin/" -OS_CURRENT="$(shell uname -s)" -MP_CC="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-gcc.exe" -MP_CPPC="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-g++.exe" -# MP_BC is not defined -MP_AS="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-as.exe" -MP_LD="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-ld.exe" -MP_AR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-ar.exe" -DEP_GEN=${MP_JAVA_PATH}java -jar "C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/extractobjectdependencies.jar" -MP_CC_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -MP_CPPC_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -# MP_BC_DIR is not defined -MP_AS_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -MP_LD_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -MP_AR_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -# MP_BC_DIR is not defined diff --git a/mcapi/zlib.X/nbproject/Makefile-variables.mk b/mcapi/zlib.X/nbproject/Makefile-variables.mk deleted file mode 100644 index 6d21f14b9..000000000 --- a/mcapi/zlib.X/nbproject/Makefile-variables.mk +++ /dev/null @@ -1,13 +0,0 @@ -# -# Generated - do not edit! -# -# NOCDDL -# -CND_BASEDIR=`pwd` -# default configuration -CND_ARTIFACT_DIR_default=dist/default/production -CND_ARTIFACT_NAME_default=zlib.X.a -CND_ARTIFACT_PATH_default=dist/default/production/zlib.X.a -CND_PACKAGE_DIR_default=${CND_DISTDIR}/default/package -CND_PACKAGE_NAME_default=zlib.X.tar -CND_PACKAGE_PATH_default=${CND_DISTDIR}/default/package/zlib.X.tar diff --git a/mcapi/zlib.X/nbproject/Package-default.bash b/mcapi/zlib.X/nbproject/Package-default.bash deleted file mode 100644 index 66c5b0bd9..000000000 --- a/mcapi/zlib.X/nbproject/Package-default.bash +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash -x - -# -# Generated - do not edit! -# - -# Macros -TOP=`pwd` -CND_CONF=default -CND_DISTDIR=dist -TMPDIR=build/${CND_CONF}/${IMAGE_TYPE}/tmp-packaging -TMPDIRNAME=tmp-packaging -OUTPUT_PATH=dist/${CND_CONF}/${IMAGE_TYPE}/zlib.X.${OUTPUT_SUFFIX} -OUTPUT_BASENAME=zlib.X.${OUTPUT_SUFFIX} -PACKAGE_TOP_DIR=zlib.X/ - -# Functions -function checkReturnCode -{ - rc=$? - if [ $rc != 0 ] - then - exit $rc - fi -} -function makeDirectory -# $1 directory path -# $2 permission (optional) -{ - mkdir -p "$1" - checkReturnCode - if [ "$2" != "" ] - then - chmod $2 "$1" - checkReturnCode - fi -} -function copyFileToTmpDir -# $1 from-file path -# $2 to-file path -# $3 permission -{ - cp "$1" "$2" - checkReturnCode - if [ "$3" != "" ] - then - chmod $3 "$2" - checkReturnCode - fi -} - -# Setup -cd "${TOP}" -mkdir -p ${CND_DISTDIR}/${CND_CONF}/package -rm -rf ${TMPDIR} -mkdir -p ${TMPDIR} - -# Copy files and create directories and links -cd "${TOP}" -makeDirectory ${TMPDIR}/zlib.X/lib -copyFileToTmpDir "${OUTPUT_PATH}" "${TMPDIR}/${PACKAGE_TOP_DIR}lib/${OUTPUT_BASENAME}" 0644 - - -# Generate tar file -cd "${TOP}" -rm -f ${CND_DISTDIR}/${CND_CONF}/package/zlib.X.tar -cd ${TMPDIR} -tar -vcf ../../../../${CND_DISTDIR}/${CND_CONF}/package/zlib.X.tar * -checkReturnCode - -# Cleanup -cd "${TOP}" -rm -rf ${TMPDIR} diff --git a/mplabx/PIC32MZ-Putc.c b/mplabx/PIC32MZ-Putc.c deleted file mode 100644 index d77c4794d..000000000 --- a/mplabx/PIC32MZ-Putc.c +++ /dev/null @@ -1,10 +0,0 @@ - -#ifdef MICROCHIP_PIC32 -#if defined (__32MZ2048ECH144__) || defined (__32MZ2048ECM144__) -void _mon_putc (char c) -{ - while (U2STAbits.UTXBF); - U2TXREG = c; -} -#endif -#endif \ No newline at end of file diff --git a/mplabx/crypto.h b/mplabx/crypto.h deleted file mode 100644 index 76dccadff..000000000 --- a/mplabx/crypto.h +++ /dev/null @@ -1,82 +0,0 @@ -/* - * File: crypto.h - * Author: C15009 - * - * Created on July 23, 2013, 12:26 PM - */ - -#ifndef CRYPTO_H -#define CRYPTO_H - -#ifdef __cplusplus -extern "C" { -#endif - - typedef struct saCtrl { - unsigned int CRYPTOALGO : 4; - unsigned int MULTITASK : 3; - unsigned int KEYSIZE : 2; - unsigned int ENCTYPE : 1; - unsigned int ALGO : 7; - unsigned int : 3; - unsigned int FLAGS : 1; - unsigned int FB : 1; - unsigned int LOADIV : 1; - unsigned int LNC : 1; - unsigned int IRFLAG : 1; - unsigned int ICVONLY : 1; - unsigned int OR_EN : 1; - unsigned int NO_RX : 1; - unsigned int : 1; - unsigned int VERIFY : 1; - unsigned int : 2; - } saCtrl; - - typedef struct securityAssociation { - saCtrl SA_CTRL; - unsigned int SA_AUTHKEY[8]; - unsigned int SA_ENCKEY[8]; - unsigned int SA_AUTHIV[8]; - unsigned int SA_ENCIV[4]; - } securityAssociation; - - typedef struct bdCtrl { - unsigned int BUFLEN : 16; - unsigned int CBD_INT_EN : 1; - unsigned int PKT_INT_EN : 1; - unsigned int LIFM : 1; - unsigned int LAST_BD: 1; - unsigned int : 2; - unsigned int SA_FETCH_EN : 1; - unsigned int : 4; - unsigned int CRY_MODE: 3; - unsigned int : 1; - unsigned int DESC_EN : 1; - /* Naveen did this - unsigned int CRDMA_EN: 1; - unsigned int UPD_RES : 1; - unsigned int SA_FETCH_EN : 1; - unsigned int SEC_CODE : 1; - unsigned int : 7; - unsigned int DESC_EN : 1; */ - } bdCtrl; - - typedef struct bufferDescriptor { - bdCtrl BD_CTRL; -// unsigned int BD_CTRL; - unsigned int SA_ADDR; - unsigned int SRCADDR; - unsigned int DSTADDR; - unsigned int NXTPTR; - unsigned int UPDPTR; - unsigned int MSGLEN; - unsigned int ENCOFF; - } bufferDescriptor; - - -#ifdef __cplusplus -} -#endif - -#endif /* CRYPTO_H */ - diff --git a/mplabx/cryptoregs.h b/mplabx/cryptoregs.h deleted file mode 100644 index 2f551f257..000000000 --- a/mplabx/cryptoregs.h +++ /dev/null @@ -1,91 +0,0 @@ -/* - * File: cryptoregs.h - * Author: C15009 - * - * Created on August 14, 2013, 9:44 AM - */ - -#ifndef CRYPTOREGS_H -#define CRYPTOREGS_H - -#ifdef __cplusplus -extern "C" { -#endif - -extern volatile unsigned int CEVER __attribute__((section("sfrs"))); -typedef struct { - unsigned ID:16; - unsigned VERSION:8; - unsigned REVISION:8; -} __CEVERbits_t; -extern volatile __CEVERbits_t CEVERbits __asm__ ("CEVER") __attribute__((section("sfrs"))); -extern volatile unsigned int CECON __attribute__((section("sfrs"))); -typedef struct { - unsigned DMAEN:1; - unsigned BDPPLEN:1; - unsigned BDPCHST:1; - unsigned :2; - unsigned SWAPEN:1; - unsigned SWRST:1; -} __CECONbits_t; -extern volatile __CECONbits_t CECONbits __asm__ ("CECON") __attribute__((section("sfrs"))); -extern volatile unsigned int CEBDADDR __attribute__((section("sfrs"))); -typedef struct { - unsigned BDPADDR:32; -} __CEBDADDRbits_t; -extern volatile __CEBDADDRbits_t CEBDADDRbits __asm__ ("CEBDADDR") __attribute__((section("sfrs"))); -extern volatile unsigned int CEBDPADDR __attribute__((section("sfrs"))); -typedef struct { - unsigned BASEADDR:32; -} __CEBDPADDRbits_t; -extern volatile __CEBDPADDRbits_t CEBDPADDRbits __asm__ ("CEBDPADDR") __attribute__((section("sfrs"))); -extern volatile unsigned int CESTAT __attribute__((section("sfrs"))); -typedef struct { - unsigned BDCTRL:16; - unsigned ACTIVE:1; - unsigned START:1; - unsigned BDSTATE:4; - unsigned :2; - unsigned ERRPHASE:2; - unsigned ERROP:3; - unsigned ERRMODE:3; -} __CESTATbits_t; -extern volatile __CESTATbits_t CESTATbits __asm__ ("CESTAT") __attribute__((section("sfrs"))); -extern volatile unsigned int CEINTSRC __attribute__((section("sfrs"))); -typedef struct { - unsigned PENDIF:1; - unsigned CBDIF:1; - unsigned PKTIF:1; - unsigned AREIF:1; -} __CEINTSRCbits_t; -extern volatile __CEINTSRCbits_t CEINTSRCbits __asm__ ("CEINTSRC") __attribute__((section("sfrs"))); -extern volatile unsigned int CEINTEN __attribute__((section("sfrs"))); -typedef struct { - unsigned PENDIE:1; - unsigned CBDIE:1; - unsigned PKTIE:1; - unsigned AREIE:1; -} __CEINTENbits_t; -extern volatile __CEINTENbits_t CEINTENbits __asm__ ("CEINTEN") __attribute__((section("sfrs"))); -extern volatile unsigned int CEPOLLCON __attribute__((section("sfrs"))); -typedef struct { - unsigned BDPPLCON:16; -} __CEPOLLCONbits_t; -extern volatile __CEPOLLCONbits_t CEPOLLCONbits __asm__ ("CEPOLLCON") __attribute__((section("sfrs"))); -extern volatile unsigned int CEHDLEN __attribute__((section("sfrs"))); -typedef struct { - unsigned HDRLEN:8; -} __CEHDLENbits_t; -extern volatile __CEHDLENbits_t CEHDLENbits __asm__ ("CEHDLEN") __attribute__((section("sfrs"))); -extern volatile unsigned int CETRLLEN __attribute__((section("sfrs"))); -typedef struct { - unsigned TRLRLEN:8; -} __CETRLLENbits_t; -extern volatile __CETRLLENbits_t CETRLLENbits __asm__ ("CETRLLEN") __attribute__((section("sfrs"))); - -#ifdef __cplusplus -} -#endif - -#endif /* CRYPTOREGS_H */ - diff --git a/mplabx/cryptoregs.s b/mplabx/cryptoregs.s deleted file mode 100644 index 6bec06ac9..000000000 --- a/mplabx/cryptoregs.s +++ /dev/null @@ -1,21 +0,0 @@ -CECON = 0xBF8E5004 - .global CECON -CEBDADDR = 0xBF8E5008 - .global CEBDADDR -CEBDPADDR = 0xBF8E500C - .global CEBDPADDR -CESTAT = 0xBF8E5010 - .global CESTAT -CEINTSRC = 0xBF8E5014 - .global CEINTSRC -CEINTEN = 0xBF8E5018 - .global CEINTEN -CEPOLLCON = 0xBF8E501C - .global CEPOLLCON -CEHDLEN = 0xBF8E5020 - .global CEHDLEN -CETRLLEN = 0xBF8E5024 - .global CETRLLEN - - - diff --git a/mplabx/ctaocrypt_benchmark.X/main.c b/mplabx/ctaocrypt_benchmark.X/main.c deleted file mode 100644 index 587eae1e2..000000000 --- a/mplabx/ctaocrypt_benchmark.X/main.c +++ /dev/null @@ -1,116 +0,0 @@ -/* main.c - * - * Copyright (C) 2006-2013 wolfSSL Inc. - * - * This file is part of CyaSSL. - * - * CyaSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * CyaSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - -#define PIC32_STARTER_KIT - -#include -#include -#include - -void bench_des(void); -void bench_arc4(void); -void bench_hc128(void); -void bench_rabbit(void); -void bench_aes(int); -void bench_aesgcm(void); - -void bench_md5(void); -void bench_sha(void); -void bench_sha256(void); -void bench_sha512(void); -void bench_ripemd(void); - -void bench_rsa(void); -void bench_rsaKeyGen(void); -void bench_dh(void); -#ifdef HAVE_ECC -void bench_eccKeyGen(void); -void bench_eccKeyAgree(void); -#endif - -/* - * Main driver for CTaoCrypt benchmarks. - */ -int main(int argc, char** argv) { - - SYSTEMConfigPerformance(80000000); - - DBINIT(); - printf("CTaoCrypt Benchmark:\n"); - -#ifndef NO_AES - bench_aes(0); - bench_aes(1); -#endif -#ifdef HAVE_AESGCM - bench_aesgcm(); -#endif -#ifndef NO_RC4 - bench_arc4(); -#endif -#ifdef HAVE_HC128 - bench_hc128(); -#endif -#ifndef NO_RABBIT - bench_rabbit(); -#endif -#ifndef NO_DES3 - bench_des(); -#endif - - printf("\n"); - -#ifndef NO_MD5 - bench_md5(); -#endif - bench_sha(); -#ifndef NO_SHA256 - bench_sha256(); -#endif -#ifdef CYASSL_SHA512 - bench_sha512(); -#endif -#ifdef CYASSL_RIPEMD - bench_ripemd(); -#endif - - printf("\n"); - -#ifndef NO_RSA - bench_rsa(); -#endif - -#ifndef NO_DH - bench_dh(); -#endif - -#if defined(CYASSL_KEY_GEN) && !defined(NO_RSA) - bench_rsaKeyGen(); -#endif - -#ifdef HAVE_ECC - bench_eccKeyGen(); - bench_eccKeyAgree(); -#endif - - return 0; -} - diff --git a/mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-default.mk b/mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-default.mk deleted file mode 100644 index cc62c8fb1..000000000 --- a/mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-default.mk +++ /dev/null @@ -1,162 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# Edit the Makefile in the project folder instead (../Makefile). Each target -# has a -pre and a -post target defined where you can add customized code. -# -# This makefile implements configuration specific macros and targets. - - -# Include project Makefile -ifeq "${IGNORE_LOCAL}" "TRUE" -# do not include local makefile. User is passing all local related variables already -else -include Makefile -# Include makefile containing local settings -ifeq "$(wildcard nbproject/Makefile-local-default.mk)" "nbproject/Makefile-local-default.mk" -include nbproject/Makefile-local-default.mk -endif -endif - -# Environment -MKDIR=gnumkdir -p -RM=rm -f -MV=mv -CP=cp - -# Macros -CND_CONF=default -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -IMAGE_TYPE=debug -OUTPUT_SUFFIX=elf -DEBUGGABLE_SUFFIX=elf -FINAL_IMAGE=dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_benchmark.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} -else -IMAGE_TYPE=production -OUTPUT_SUFFIX=hex -DEBUGGABLE_SUFFIX=elf -FINAL_IMAGE=dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_benchmark.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} -endif - -# Object Directory -OBJECTDIR=build/${CND_CONF}/${IMAGE_TYPE} - -# Distribution Directory -DISTDIR=dist/${CND_CONF}/${IMAGE_TYPE} - -# Source Files Quoted if spaced -SOURCEFILES_QUOTED_IF_SPACED=../../ctaocrypt/benchmark/benchmark.c ../benchmark_main.c - -# Object Files Quoted if spaced -OBJECTFILES_QUOTED_IF_SPACED=${OBJECTDIR}/_ext/2132364733/benchmark.o ${OBJECTDIR}/_ext/1472/benchmark_main.o -POSSIBLE_DEPFILES=${OBJECTDIR}/_ext/2132364733/benchmark.o.d ${OBJECTDIR}/_ext/1472/benchmark_main.o.d - -# Object Files -OBJECTFILES=${OBJECTDIR}/_ext/2132364733/benchmark.o ${OBJECTDIR}/_ext/1472/benchmark_main.o - -# Source Files -SOURCEFILES=../../ctaocrypt/benchmark/benchmark.c ../benchmark_main.c - - -CFLAGS= -ASFLAGS= -LDLIBSOPTIONS= - -############# Tool locations ########################################## -# If you copy a project from one host to another, the path where the # -# compiler is installed may be different. # -# If you open this project with MPLAB X in the new host, this # -# makefile will be regenerated and the paths will be corrected. # -####################################################################### -# fixDeps replaces a bunch of sed/cat/printf statements that slow down the build -FIXDEPS=fixDeps - -.build-conf: ${BUILD_SUBPROJECTS} - ${MAKE} ${MAKE_OPTIONS} -f nbproject/Makefile-default.mk dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_benchmark.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} - -MP_PROCESSOR_OPTION=32MX795F512L -MP_LINKER_FILE_OPTION= -# ------------------------------------------------------------------------------------ -# Rules for buildStep: assemble -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -else -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: assembleWithPreprocess -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -else -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: compile -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -${OBJECTDIR}/_ext/2132364733/benchmark.o: ../../ctaocrypt/benchmark/benchmark.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/2132364733 - @${RM} ${OBJECTDIR}/_ext/2132364733/benchmark.o.d - @${RM} ${OBJECTDIR}/_ext/2132364733/benchmark.o - @${FIXDEPS} "${OBJECTDIR}/_ext/2132364733/benchmark.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PIC32MXSK=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O1 -DNO_MAIN_DRIVER -DUSE_CERT_BUFFERS_1024 -DBENCH_EMBEDDED -DHAVE_ECC -DCYASSL_SHA512 -I"../../" -MMD -MF "${OBJECTDIR}/_ext/2132364733/benchmark.o.d" -o ${OBJECTDIR}/_ext/2132364733/benchmark.o ../../ctaocrypt/benchmark/benchmark.c - -${OBJECTDIR}/_ext/1472/benchmark_main.o: ../benchmark_main.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1472 - @${RM} ${OBJECTDIR}/_ext/1472/benchmark_main.o.d - @${RM} ${OBJECTDIR}/_ext/1472/benchmark_main.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1472/benchmark_main.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PIC32MXSK=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O1 -DNO_MAIN_DRIVER -DUSE_CERT_BUFFERS_1024 -DBENCH_EMBEDDED -DHAVE_ECC -DCYASSL_SHA512 -I"../../" -MMD -MF "${OBJECTDIR}/_ext/1472/benchmark_main.o.d" -o ${OBJECTDIR}/_ext/1472/benchmark_main.o ../benchmark_main.c - -else -${OBJECTDIR}/_ext/2132364733/benchmark.o: ../../ctaocrypt/benchmark/benchmark.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/2132364733 - @${RM} ${OBJECTDIR}/_ext/2132364733/benchmark.o.d - @${RM} ${OBJECTDIR}/_ext/2132364733/benchmark.o - @${FIXDEPS} "${OBJECTDIR}/_ext/2132364733/benchmark.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O1 -DNO_MAIN_DRIVER -DUSE_CERT_BUFFERS_1024 -DBENCH_EMBEDDED -DHAVE_ECC -DCYASSL_SHA512 -I"../../" -MMD -MF "${OBJECTDIR}/_ext/2132364733/benchmark.o.d" -o ${OBJECTDIR}/_ext/2132364733/benchmark.o ../../ctaocrypt/benchmark/benchmark.c - -${OBJECTDIR}/_ext/1472/benchmark_main.o: ../benchmark_main.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1472 - @${RM} ${OBJECTDIR}/_ext/1472/benchmark_main.o.d - @${RM} ${OBJECTDIR}/_ext/1472/benchmark_main.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1472/benchmark_main.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O1 -DNO_MAIN_DRIVER -DUSE_CERT_BUFFERS_1024 -DBENCH_EMBEDDED -DHAVE_ECC -DCYASSL_SHA512 -I"../../" -MMD -MF "${OBJECTDIR}/_ext/1472/benchmark_main.o.d" -o ${OBJECTDIR}/_ext/1472/benchmark_main.o ../benchmark_main.c - -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: compileCPP -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -else -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: link -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_benchmark.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX}: ${OBJECTFILES} nbproject/Makefile-${CND_CONF}.mk ../cyassl.X/dist/default/debug/cyassl.X.a - @${MKDIR} dist/${CND_CONF}/${IMAGE_TYPE} - ${MP_CC} $(MP_EXTRA_LD_PRE) -mdebugger -D__MPLAB_DEBUGGER_PIC32MXSK=1 -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -o dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_benchmark.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} ${OBJECTFILES_QUOTED_IF_SPACED} ..\cyassl.X\dist\default\debug\cyassl.X.a -Wl,--defsym=__MPLAB_BUILD=1$(MP_EXTRA_LD_POST)$(MP_LINKER_FILE_OPTION),--defsym=__MPLAB_DEBUG=1,--defsym=__DEBUG=1,--defsym=__MPLAB_DEBUGGER_PIC32MXSK=1,--defsym=_min_heap_size=20480,--defsym=_min_stack_size=20480 - -else -dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_benchmark.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX}: ${OBJECTFILES} nbproject/Makefile-${CND_CONF}.mk ../cyassl.X/dist/default/production/cyassl.X.a - @${MKDIR} dist/${CND_CONF}/${IMAGE_TYPE} - ${MP_CC} $(MP_EXTRA_LD_PRE) -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -o dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_benchmark.X.${IMAGE_TYPE}.${DEBUGGABLE_SUFFIX} ${OBJECTFILES_QUOTED_IF_SPACED} ..\cyassl.X\dist\default\production\cyassl.X.a -Wl,--defsym=__MPLAB_BUILD=1$(MP_EXTRA_LD_POST)$(MP_LINKER_FILE_OPTION),--defsym=_min_heap_size=20480,--defsym=_min_stack_size=20480 - ${MP_CC_DIR}\\xc32-bin2hex dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_benchmark.X.${IMAGE_TYPE}.${DEBUGGABLE_SUFFIX} -endif - - -# Subprojects -.build-subprojects: - cd /D ../cyassl.X && ${MAKE} MAKE_OPTIONS="" -f Makefile CONF=default - - -# Subprojects -.clean-subprojects: - cd /D ../cyassl.X && rm -rf "build/default" "dist/default" - -# Clean Targets -.clean-conf: ${CLEAN_SUBPROJECTS} - ${RM} -r build/default - ${RM} -r dist/default - -# Enable dependency checking -.dep.inc: .depcheck-impl - -DEPFILES=$(shell mplabwildcard ${POSSIBLE_DEPFILES}) -ifneq (${DEPFILES},) -include ${DEPFILES} -endif diff --git a/mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-genesis.properties b/mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-genesis.properties deleted file mode 100644 index ceff47910..000000000 --- a/mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-genesis.properties +++ /dev/null @@ -1,8 +0,0 @@ -# -#Mon Nov 11 18:40:37 JST 2013 -default.com-microchip-mplab-nbide-toolchainXC32-XC32LanguageToolchain.md5=cd6a1e93a26f632c22d91cbbe4deaf2c -default.languagetoolchain.dir=C\:\\Program Files (x86)\\Microchip\\xc32\\v1.30\\bin -com-microchip-mplab-nbide-embedded-makeproject-MakeProject.md5=43bd1633f14a944b6e95abd1333fdfc3 -default.languagetoolchain.version=1.30 -host.platform=windows -conf.ids=default diff --git a/mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-impl.mk b/mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-impl.mk deleted file mode 100644 index 3d6aa0df3..000000000 --- a/mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-impl.mk +++ /dev/null @@ -1,69 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# Edit the Makefile in the project folder instead (../Makefile). Each target -# has a pre- and a post- target defined where you can add customization code. -# -# This makefile implements macros and targets common to all configurations. -# -# NOCDDL - - -# Building and Cleaning subprojects are done by default, but can be controlled with the SUB -# macro. If SUB=no, subprojects will not be built or cleaned. The following macro -# statements set BUILD_SUB-CONF and CLEAN_SUB-CONF to .build-reqprojects-conf -# and .clean-reqprojects-conf unless SUB has the value 'no' -SUB_no=NO -SUBPROJECTS=${SUB_${SUB}} -BUILD_SUBPROJECTS_=.build-subprojects -BUILD_SUBPROJECTS_NO= -BUILD_SUBPROJECTS=${BUILD_SUBPROJECTS_${SUBPROJECTS}} -CLEAN_SUBPROJECTS_=.clean-subprojects -CLEAN_SUBPROJECTS_NO= -CLEAN_SUBPROJECTS=${CLEAN_SUBPROJECTS_${SUBPROJECTS}} - - -# Project Name -PROJECTNAME=ctaocrypt_benchmark.X - -# Active Configuration -DEFAULTCONF=default -CONF=${DEFAULTCONF} - -# All Configurations -ALLCONFS=default - - -# build -.build-impl: .build-pre - ${MAKE} -f nbproject/Makefile-${CONF}.mk SUBPROJECTS=${SUBPROJECTS} .build-conf - - -# clean -.clean-impl: .clean-pre - ${MAKE} -f nbproject/Makefile-${CONF}.mk SUBPROJECTS=${SUBPROJECTS} .clean-conf - -# clobber -.clobber-impl: .clobber-pre .depcheck-impl - ${MAKE} SUBPROJECTS=${SUBPROJECTS} CONF=default clean - - - -# all -.all-impl: .all-pre .depcheck-impl - ${MAKE} SUBPROJECTS=${SUBPROJECTS} CONF=default build - - - -# dependency checking support -.depcheck-impl: -# @echo "# This code depends on make tool being used" >.dep.inc -# @if [ -n "${MAKE_VERSION}" ]; then \ -# echo "DEPFILES=\$$(wildcard \$$(addsuffix .d, \$${OBJECTFILES}))" >>.dep.inc; \ -# echo "ifneq (\$${DEPFILES},)" >>.dep.inc; \ -# echo "include \$${DEPFILES}" >>.dep.inc; \ -# echo "endif" >>.dep.inc; \ -# else \ -# echo ".KEEP_STATE:" >>.dep.inc; \ -# echo ".KEEP_STATE_FILE:.make.state.\$${CONF}" >>.dep.inc; \ -# fi diff --git a/mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-local-default.mk b/mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-local-default.mk deleted file mode 100644 index 3350f874d..000000000 --- a/mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-local-default.mk +++ /dev/null @@ -1,37 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# -# This file contains information about the location of compilers and other tools. -# If you commmit this file into your revision control server, you will be able to -# to checkout the project and build it from the command line with make. However, -# if more than one person works on the same project, then this file might show -# conflicts since different users are bound to have compilers in different places. -# In that case you might choose to not commit this file and let MPLAB X recreate this file -# for each user. The disadvantage of not commiting this file is that you must run MPLAB X at -# least once so the file gets created and the project can be built. Finally, you can also -# avoid using this file at all if you are only building from the command line with make. -# You can invoke make with the values of the macros: -# $ makeMP_CC="/opt/microchip/mplabc30/v3.30c/bin/pic30-gcc" ... -# -SHELL=cmd.exe -PATH_TO_IDE_BIN=C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/ -# Adding MPLAB X bin directory to path. -PATH:=C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/:$(PATH) -# Path to java used to run MPLAB X when this makefile was created -MP_JAVA_PATH="C:\Program Files (x86)\Microchip\MPLABX-v1.95.RC3\sys\java\jre1.7.0_25-windows-x64\java-windows/bin/" -OS_CURRENT="$(shell uname -s)" -MP_CC="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-gcc.exe" -MP_CPPC="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-g++.exe" -# MP_BC is not defined -MP_AS="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-as.exe" -MP_LD="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-ld.exe" -MP_AR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-ar.exe" -DEP_GEN=${MP_JAVA_PATH}java -jar "C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/extractobjectdependencies.jar" -MP_CC_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -MP_CPPC_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -# MP_BC_DIR is not defined -MP_AS_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -MP_LD_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -MP_AR_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -# MP_BC_DIR is not defined diff --git a/mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-variables.mk b/mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-variables.mk deleted file mode 100644 index 479dfc45e..000000000 --- a/mplabx/ctaocrypt_benchmark.X/nbproject/Makefile-variables.mk +++ /dev/null @@ -1,13 +0,0 @@ -# -# Generated - do not edit! -# -# NOCDDL -# -CND_BASEDIR=`pwd` -# default configuration -CND_ARTIFACT_DIR_default=dist/default/production -CND_ARTIFACT_NAME_default=ctaocrypt_benchmark.X.production.hex -CND_ARTIFACT_PATH_default=dist/default/production/ctaocrypt_benchmark.X.production.hex -CND_PACKAGE_DIR_default=${CND_DISTDIR}/default/package -CND_PACKAGE_NAME_default=ctaocryptbenchmark.x.tar -CND_PACKAGE_PATH_default=${CND_DISTDIR}/default/package/ctaocryptbenchmark.x.tar diff --git a/mplabx/ctaocrypt_benchmark.X/nbproject/Package-default.bash b/mplabx/ctaocrypt_benchmark.X/nbproject/Package-default.bash deleted file mode 100644 index 869e322bf..000000000 --- a/mplabx/ctaocrypt_benchmark.X/nbproject/Package-default.bash +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash -x - -# -# Generated - do not edit! -# - -# Macros -TOP=`pwd` -CND_CONF=default -CND_DISTDIR=dist -TMPDIR=build/${CND_CONF}/${IMAGE_TYPE}/tmp-packaging -TMPDIRNAME=tmp-packaging -OUTPUT_PATH=dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_benchmark.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} -OUTPUT_BASENAME=ctaocrypt_benchmark.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} -PACKAGE_TOP_DIR=ctaocryptbenchmark.x/ - -# Functions -function checkReturnCode -{ - rc=$? - if [ $rc != 0 ] - then - exit $rc - fi -} -function makeDirectory -# $1 directory path -# $2 permission (optional) -{ - mkdir -p "$1" - checkReturnCode - if [ "$2" != "" ] - then - chmod $2 "$1" - checkReturnCode - fi -} -function copyFileToTmpDir -# $1 from-file path -# $2 to-file path -# $3 permission -{ - cp "$1" "$2" - checkReturnCode - if [ "$3" != "" ] - then - chmod $3 "$2" - checkReturnCode - fi -} - -# Setup -cd "${TOP}" -mkdir -p ${CND_DISTDIR}/${CND_CONF}/package -rm -rf ${TMPDIR} -mkdir -p ${TMPDIR} - -# Copy files and create directories and links -cd "${TOP}" -makeDirectory ${TMPDIR}/ctaocryptbenchmark.x/bin -copyFileToTmpDir "${OUTPUT_PATH}" "${TMPDIR}/${PACKAGE_TOP_DIR}bin/${OUTPUT_BASENAME}" 0755 - - -# Generate tar file -cd "${TOP}" -rm -f ${CND_DISTDIR}/${CND_CONF}/package/ctaocryptbenchmark.x.tar -cd ${TMPDIR} -tar -vcf ../../../../${CND_DISTDIR}/${CND_CONF}/package/ctaocryptbenchmark.x.tar * -checkReturnCode - -# Cleanup -cd "${TOP}" -rm -rf ${TMPDIR} diff --git a/mplabx/ctaocrypt_benchmark.X/nbproject/configurations.xml b/mplabx/ctaocrypt_benchmark.X/nbproject/configurations.xml index 1b9409815..13faa6bc4 100644 --- a/mplabx/ctaocrypt_benchmark.X/nbproject/configurations.xml +++ b/mplabx/ctaocrypt_benchmark.X/nbproject/configurations.xml @@ -32,7 +32,7 @@ PIC32MX795F512L - SKDEPIC32PlatformTool + PKOBSKDEPlatformTool XC32 1.30 3 @@ -166,8 +166,28 @@ - - + + + + + + + + + + + + + + + + + + + + + diff --git a/mplabx/ctaocrypt_benchmark.X/nbproject/private/private.xml b/mplabx/ctaocrypt_benchmark.X/nbproject/private/private.xml deleted file mode 100644 index e39667075..000000000 --- a/mplabx/ctaocrypt_benchmark.X/nbproject/private/private.xml +++ /dev/null @@ -1,3 +0,0 @@ - - - diff --git a/mplabx/ctaocrypt_test.X/main.c b/mplabx/ctaocrypt_test.X/main.c deleted file mode 100644 index 5edccecad..000000000 --- a/mplabx/ctaocrypt_test.X/main.c +++ /dev/null @@ -1,60 +0,0 @@ -/* main.c - * - * Copyright (C) 2006-2013 wolfSSL Inc. - * - * This file is part of CyaSSL. - * - * CyaSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * CyaSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - -#define PIC32_STARTER_KIT - -#include -#include -#include -#include -#include - -/* func_args from test.h, so don't have to pull in other junk */ -typedef struct func_args { - int argc; - char** argv; - int return_code; -} func_args; - -/* - * Main driver for CTaoCrypt tests. - */ -int main(int argc, char** argv) { - - SYSTEMConfigPerformance(80000000); - - DBINIT(); - printf("CTaoCrypt Test:\n"); - - func_args args; - - args.argc = argc; - args.argv = argv; - - ctaocrypt_test(&args); - - if (args.return_code == 0) { - printf("All tests passed!\n"); - } - - return 0; -} - diff --git a/mplabx/ctaocrypt_test.X/nbproject/Makefile-default.mk b/mplabx/ctaocrypt_test.X/nbproject/Makefile-default.mk deleted file mode 100644 index 185657fc1..000000000 --- a/mplabx/ctaocrypt_test.X/nbproject/Makefile-default.mk +++ /dev/null @@ -1,170 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# Edit the Makefile in the project folder instead (../Makefile). Each target -# has a -pre and a -post target defined where you can add customized code. -# -# This makefile implements configuration specific macros and targets. - - -# Include project Makefile -ifeq "${IGNORE_LOCAL}" "TRUE" -# do not include local makefile. User is passing all local related variables already -else -include Makefile -# Include makefile containing local settings -ifeq "$(wildcard nbproject/Makefile-local-default.mk)" "nbproject/Makefile-local-default.mk" -include nbproject/Makefile-local-default.mk -endif -endif - -# Environment -MKDIR=gnumkdir -p -RM=rm -f -MV=mv -CP=cp - -# Macros -CND_CONF=default -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -IMAGE_TYPE=debug -OUTPUT_SUFFIX=elf -DEBUGGABLE_SUFFIX=elf -FINAL_IMAGE=dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} -else -IMAGE_TYPE=production -OUTPUT_SUFFIX=hex -DEBUGGABLE_SUFFIX=elf -FINAL_IMAGE=dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} -endif - -# Object Directory -OBJECTDIR=build/${CND_CONF}/${IMAGE_TYPE} - -# Distribution Directory -DISTDIR=dist/${CND_CONF}/${IMAGE_TYPE} - -# Source Files Quoted if spaced -SOURCEFILES_QUOTED_IF_SPACED=../../ctaocrypt/test/test.c ../test_main.c ../cryptoregs.s - -# Object Files Quoted if spaced -OBJECTFILES_QUOTED_IF_SPACED=${OBJECTDIR}/_ext/1679622190/test.o ${OBJECTDIR}/_ext/1472/test_main.o ${OBJECTDIR}/_ext/1472/cryptoregs.o -POSSIBLE_DEPFILES=${OBJECTDIR}/_ext/1679622190/test.o.d ${OBJECTDIR}/_ext/1472/test_main.o.d ${OBJECTDIR}/_ext/1472/cryptoregs.o.d - -# Object Files -OBJECTFILES=${OBJECTDIR}/_ext/1679622190/test.o ${OBJECTDIR}/_ext/1472/test_main.o ${OBJECTDIR}/_ext/1472/cryptoregs.o - -# Source Files -SOURCEFILES=../../ctaocrypt/test/test.c ../test_main.c ../cryptoregs.s - - -CFLAGS= -ASFLAGS= -LDLIBSOPTIONS= - -############# Tool locations ########################################## -# If you copy a project from one host to another, the path where the # -# compiler is installed may be different. # -# If you open this project with MPLAB X in the new host, this # -# makefile will be regenerated and the paths will be corrected. # -####################################################################### -# fixDeps replaces a bunch of sed/cat/printf statements that slow down the build -FIXDEPS=fixDeps - -.build-conf: ${BUILD_SUBPROJECTS} - ${MAKE} ${MAKE_OPTIONS} -f nbproject/Makefile-default.mk dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} - -MP_PROCESSOR_OPTION=32MZ2048ECM144 -MP_LINKER_FILE_OPTION= -# ------------------------------------------------------------------------------------ -# Rules for buildStep: assemble -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -${OBJECTDIR}/_ext/1472/cryptoregs.o: ../cryptoregs.s nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1472 - @${RM} ${OBJECTDIR}/_ext/1472/cryptoregs.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1472/cryptoregs.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_AS_PRE) -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -c -mprocessor=$(MP_PROCESSOR_OPTION) -o ${OBJECTDIR}/_ext/1472/cryptoregs.o ../cryptoregs.s -Wa,--defsym=__MPLAB_BUILD=1$(MP_EXTRA_AS_POST),--defsym=__ICD2RAM=1,--defsym=__MPLAB_DEBUG=1,--defsym=__DEBUG=1,--defsym=__MPLAB_DEBUGGER_PK3=1,--gdwarf-2,-MD="${OBJECTDIR}/_ext/1472/cryptoregs.o.d" -else -${OBJECTDIR}/_ext/1472/cryptoregs.o: ../cryptoregs.s nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1472 - @${RM} ${OBJECTDIR}/_ext/1472/cryptoregs.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1472/cryptoregs.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_AS_PRE) -c -mprocessor=$(MP_PROCESSOR_OPTION) -o ${OBJECTDIR}/_ext/1472/cryptoregs.o ../cryptoregs.s -Wa,--defsym=__MPLAB_BUILD=1$(MP_EXTRA_AS_POST),--gdwarf-2,-MD="${OBJECTDIR}/_ext/1472/cryptoregs.o.d" -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: assembleWithPreprocess -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -else -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: compile -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -${OBJECTDIR}/_ext/1679622190/test.o: ../../ctaocrypt/test/test.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1679622190 - @${RM} ${OBJECTDIR}/_ext/1679622190/test.o.d - @${RM} ${OBJECTDIR}/_ext/1679622190/test.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1679622190/test.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DNO_MAIN_DRIVER -DUSE_CERT_BUFFERS_1024 -DCYASSL_SHA384 -DCYASSL_SHA512 -DHAVE_ECC -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -MMD -MF "${OBJECTDIR}/_ext/1679622190/test.o.d" -o ${OBJECTDIR}/_ext/1679622190/test.o ../../ctaocrypt/test/test.c - -${OBJECTDIR}/_ext/1472/test_main.o: ../test_main.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1472 - @${RM} ${OBJECTDIR}/_ext/1472/test_main.o.d - @${RM} ${OBJECTDIR}/_ext/1472/test_main.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1472/test_main.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DNO_MAIN_DRIVER -DUSE_CERT_BUFFERS_1024 -DCYASSL_SHA384 -DCYASSL_SHA512 -DHAVE_ECC -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -MMD -MF "${OBJECTDIR}/_ext/1472/test_main.o.d" -o ${OBJECTDIR}/_ext/1472/test_main.o ../test_main.c - -else -${OBJECTDIR}/_ext/1679622190/test.o: ../../ctaocrypt/test/test.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1679622190 - @${RM} ${OBJECTDIR}/_ext/1679622190/test.o.d - @${RM} ${OBJECTDIR}/_ext/1679622190/test.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1679622190/test.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DNO_MAIN_DRIVER -DUSE_CERT_BUFFERS_1024 -DCYASSL_SHA384 -DCYASSL_SHA512 -DHAVE_ECC -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -MMD -MF "${OBJECTDIR}/_ext/1679622190/test.o.d" -o ${OBJECTDIR}/_ext/1679622190/test.o ../../ctaocrypt/test/test.c - -${OBJECTDIR}/_ext/1472/test_main.o: ../test_main.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1472 - @${RM} ${OBJECTDIR}/_ext/1472/test_main.o.d - @${RM} ${OBJECTDIR}/_ext/1472/test_main.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1472/test_main.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DNO_MAIN_DRIVER -DUSE_CERT_BUFFERS_1024 -DCYASSL_SHA384 -DCYASSL_SHA512 -DHAVE_ECC -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -MMD -MF "${OBJECTDIR}/_ext/1472/test_main.o.d" -o ${OBJECTDIR}/_ext/1472/test_main.o ../test_main.c - -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: compileCPP -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -else -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: link -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX}: ${OBJECTFILES} nbproject/Makefile-${CND_CONF}.mk ../cyassl.X/dist/default/debug/cyassl.X.a - @${MKDIR} dist/${CND_CONF}/${IMAGE_TYPE} - ${MP_CC} $(MP_EXTRA_LD_PRE) -mdebugger -D__MPLAB_DEBUGGER_PK3=1 -mprocessor=$(MP_PROCESSOR_OPTION) -Os -o dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} ${OBJECTFILES_QUOTED_IF_SPACED} ..\cyassl.X\dist\default\debug\cyassl.X.a -mreserve=data@0x0:0x27F -Wl,--defsym=__MPLAB_BUILD=1$(MP_EXTRA_LD_POST)$(MP_LINKER_FILE_OPTION),--defsym=__MPLAB_DEBUG=1,--defsym=__DEBUG=1,--defsym=__MPLAB_DEBUGGER_PK3=1,--defsym=_min_heap_size=20480,--gc-sections - -else -dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX}: ${OBJECTFILES} nbproject/Makefile-${CND_CONF}.mk ../cyassl.X/dist/default/production/cyassl.X.a - @${MKDIR} dist/${CND_CONF}/${IMAGE_TYPE} - ${MP_CC} $(MP_EXTRA_LD_PRE) -mprocessor=$(MP_PROCESSOR_OPTION) -Os -o dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${DEBUGGABLE_SUFFIX} ${OBJECTFILES_QUOTED_IF_SPACED} ..\cyassl.X\dist\default\production\cyassl.X.a -Wl,--defsym=__MPLAB_BUILD=1$(MP_EXTRA_LD_POST)$(MP_LINKER_FILE_OPTION),--defsym=_min_heap_size=20480,--gc-sections - ${MP_CC_DIR}\\xc32-bin2hex dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${DEBUGGABLE_SUFFIX} -endif - - -# Subprojects -.build-subprojects: - cd /D ../cyassl.X && ${MAKE} MAKE_OPTIONS="" -f Makefile CONF=default - - -# Subprojects -.clean-subprojects: - cd /D ../cyassl.X && rm -rf "build/default" "dist/default" - -# Clean Targets -.clean-conf: ${CLEAN_SUBPROJECTS} - ${RM} -r build/default - ${RM} -r dist/default - -# Enable dependency checking -.dep.inc: .depcheck-impl - -DEPFILES=$(shell mplabwildcard ${POSSIBLE_DEPFILES}) -ifneq (${DEPFILES},) -include ${DEPFILES} -endif diff --git a/mplabx/ctaocrypt_test.X/nbproject/Makefile-genesis.properties b/mplabx/ctaocrypt_test.X/nbproject/Makefile-genesis.properties deleted file mode 100644 index 9e23a4ab2..000000000 --- a/mplabx/ctaocrypt_test.X/nbproject/Makefile-genesis.properties +++ /dev/null @@ -1,8 +0,0 @@ -# -#Mon Nov 11 18:57:04 JST 2013 -default.com-microchip-mplab-nbide-toolchainXC32-XC32LanguageToolchain.md5=cd6a1e93a26f632c22d91cbbe4deaf2c -default.languagetoolchain.dir=C\:\\Program Files (x86)\\Microchip\\xc32\\v1.30\\bin -com-microchip-mplab-nbide-embedded-makeproject-MakeProject.md5=43bd1633f14a944b6e95abd1333fdfc3 -default.languagetoolchain.version=1.30 -host.platform=windows -conf.ids=default diff --git a/mplabx/ctaocrypt_test.X/nbproject/Makefile-impl.mk b/mplabx/ctaocrypt_test.X/nbproject/Makefile-impl.mk deleted file mode 100644 index 32630f76c..000000000 --- a/mplabx/ctaocrypt_test.X/nbproject/Makefile-impl.mk +++ /dev/null @@ -1,69 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# Edit the Makefile in the project folder instead (../Makefile). Each target -# has a pre- and a post- target defined where you can add customization code. -# -# This makefile implements macros and targets common to all configurations. -# -# NOCDDL - - -# Building and Cleaning subprojects are done by default, but can be controlled with the SUB -# macro. If SUB=no, subprojects will not be built or cleaned. The following macro -# statements set BUILD_SUB-CONF and CLEAN_SUB-CONF to .build-reqprojects-conf -# and .clean-reqprojects-conf unless SUB has the value 'no' -SUB_no=NO -SUBPROJECTS=${SUB_${SUB}} -BUILD_SUBPROJECTS_=.build-subprojects -BUILD_SUBPROJECTS_NO= -BUILD_SUBPROJECTS=${BUILD_SUBPROJECTS_${SUBPROJECTS}} -CLEAN_SUBPROJECTS_=.clean-subprojects -CLEAN_SUBPROJECTS_NO= -CLEAN_SUBPROJECTS=${CLEAN_SUBPROJECTS_${SUBPROJECTS}} - - -# Project Name -PROJECTNAME=ctaocrypt_test.X - -# Active Configuration -DEFAULTCONF=default -CONF=${DEFAULTCONF} - -# All Configurations -ALLCONFS=default - - -# build -.build-impl: .build-pre - ${MAKE} -f nbproject/Makefile-${CONF}.mk SUBPROJECTS=${SUBPROJECTS} .build-conf - - -# clean -.clean-impl: .clean-pre - ${MAKE} -f nbproject/Makefile-${CONF}.mk SUBPROJECTS=${SUBPROJECTS} .clean-conf - -# clobber -.clobber-impl: .clobber-pre .depcheck-impl - ${MAKE} SUBPROJECTS=${SUBPROJECTS} CONF=default clean - - - -# all -.all-impl: .all-pre .depcheck-impl - ${MAKE} SUBPROJECTS=${SUBPROJECTS} CONF=default build - - - -# dependency checking support -.depcheck-impl: -# @echo "# This code depends on make tool being used" >.dep.inc -# @if [ -n "${MAKE_VERSION}" ]; then \ -# echo "DEPFILES=\$$(wildcard \$$(addsuffix .d, \$${OBJECTFILES}))" >>.dep.inc; \ -# echo "ifneq (\$${DEPFILES},)" >>.dep.inc; \ -# echo "include \$${DEPFILES}" >>.dep.inc; \ -# echo "endif" >>.dep.inc; \ -# else \ -# echo ".KEEP_STATE:" >>.dep.inc; \ -# echo ".KEEP_STATE_FILE:.make.state.\$${CONF}" >>.dep.inc; \ -# fi diff --git a/mplabx/ctaocrypt_test.X/nbproject/Makefile-local-default.mk b/mplabx/ctaocrypt_test.X/nbproject/Makefile-local-default.mk deleted file mode 100644 index 3350f874d..000000000 --- a/mplabx/ctaocrypt_test.X/nbproject/Makefile-local-default.mk +++ /dev/null @@ -1,37 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# -# This file contains information about the location of compilers and other tools. -# If you commmit this file into your revision control server, you will be able to -# to checkout the project and build it from the command line with make. However, -# if more than one person works on the same project, then this file might show -# conflicts since different users are bound to have compilers in different places. -# In that case you might choose to not commit this file and let MPLAB X recreate this file -# for each user. The disadvantage of not commiting this file is that you must run MPLAB X at -# least once so the file gets created and the project can be built. Finally, you can also -# avoid using this file at all if you are only building from the command line with make. -# You can invoke make with the values of the macros: -# $ makeMP_CC="/opt/microchip/mplabc30/v3.30c/bin/pic30-gcc" ... -# -SHELL=cmd.exe -PATH_TO_IDE_BIN=C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/ -# Adding MPLAB X bin directory to path. -PATH:=C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/:$(PATH) -# Path to java used to run MPLAB X when this makefile was created -MP_JAVA_PATH="C:\Program Files (x86)\Microchip\MPLABX-v1.95.RC3\sys\java\jre1.7.0_25-windows-x64\java-windows/bin/" -OS_CURRENT="$(shell uname -s)" -MP_CC="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-gcc.exe" -MP_CPPC="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-g++.exe" -# MP_BC is not defined -MP_AS="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-as.exe" -MP_LD="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-ld.exe" -MP_AR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-ar.exe" -DEP_GEN=${MP_JAVA_PATH}java -jar "C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/extractobjectdependencies.jar" -MP_CC_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -MP_CPPC_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -# MP_BC_DIR is not defined -MP_AS_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -MP_LD_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -MP_AR_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -# MP_BC_DIR is not defined diff --git a/mplabx/ctaocrypt_test.X/nbproject/Makefile-variables.mk b/mplabx/ctaocrypt_test.X/nbproject/Makefile-variables.mk deleted file mode 100644 index 09fbeab2d..000000000 --- a/mplabx/ctaocrypt_test.X/nbproject/Makefile-variables.mk +++ /dev/null @@ -1,13 +0,0 @@ -# -# Generated - do not edit! -# -# NOCDDL -# -CND_BASEDIR=`pwd` -# default configuration -CND_ARTIFACT_DIR_default=dist/default/production -CND_ARTIFACT_NAME_default=ctaocrypt_test.X.production.hex -CND_ARTIFACT_PATH_default=dist/default/production/ctaocrypt_test.X.production.hex -CND_PACKAGE_DIR_default=${CND_DISTDIR}/default/package -CND_PACKAGE_NAME_default=ctaocrypttest.x.tar -CND_PACKAGE_PATH_default=${CND_DISTDIR}/default/package/ctaocrypttest.x.tar diff --git a/mplabx/ctaocrypt_test.X/nbproject/Package-default.bash b/mplabx/ctaocrypt_test.X/nbproject/Package-default.bash deleted file mode 100644 index 24387c9d2..000000000 --- a/mplabx/ctaocrypt_test.X/nbproject/Package-default.bash +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash -x - -# -# Generated - do not edit! -# - -# Macros -TOP=`pwd` -CND_CONF=default -CND_DISTDIR=dist -TMPDIR=build/${CND_CONF}/${IMAGE_TYPE}/tmp-packaging -TMPDIRNAME=tmp-packaging -OUTPUT_PATH=dist/${CND_CONF}/${IMAGE_TYPE}/ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} -OUTPUT_BASENAME=ctaocrypt_test.X.${IMAGE_TYPE}.${OUTPUT_SUFFIX} -PACKAGE_TOP_DIR=ctaocrypttest.x/ - -# Functions -function checkReturnCode -{ - rc=$? - if [ $rc != 0 ] - then - exit $rc - fi -} -function makeDirectory -# $1 directory path -# $2 permission (optional) -{ - mkdir -p "$1" - checkReturnCode - if [ "$2" != "" ] - then - chmod $2 "$1" - checkReturnCode - fi -} -function copyFileToTmpDir -# $1 from-file path -# $2 to-file path -# $3 permission -{ - cp "$1" "$2" - checkReturnCode - if [ "$3" != "" ] - then - chmod $3 "$2" - checkReturnCode - fi -} - -# Setup -cd "${TOP}" -mkdir -p ${CND_DISTDIR}/${CND_CONF}/package -rm -rf ${TMPDIR} -mkdir -p ${TMPDIR} - -# Copy files and create directories and links -cd "${TOP}" -makeDirectory ${TMPDIR}/ctaocrypttest.x/bin -copyFileToTmpDir "${OUTPUT_PATH}" "${TMPDIR}/${PACKAGE_TOP_DIR}bin/${OUTPUT_BASENAME}" 0755 - - -# Generate tar file -cd "${TOP}" -rm -f ${CND_DISTDIR}/${CND_CONF}/package/ctaocrypttest.x.tar -cd ${TMPDIR} -tar -vcf ../../../../${CND_DISTDIR}/${CND_CONF}/package/ctaocrypttest.x.tar * -checkReturnCode - -# Cleanup -cd "${TOP}" -rm -rf ${TMPDIR} diff --git a/mplabx/ctaocrypt_test.X/nbproject/configurations.xml b/mplabx/ctaocrypt_test.X/nbproject/configurations.xml index 09e567cbd..7ffe44c26 100644 --- a/mplabx/ctaocrypt_test.X/nbproject/configurations.xml +++ b/mplabx/ctaocrypt_test.X/nbproject/configurations.xml @@ -15,7 +15,6 @@ projectFiles="true"> ../../ctaocrypt/test/test.c ../test_main.c - ../cryptoregs.s localhost - PIC32MZ2048ECM144 + PIC32MX795F512L PKOBSKDEPlatformTool @@ -91,7 +90,7 @@ + value="NO_MAIN_DRIVER;USE_CERT_BUFFERS_1024;CYASSL_SHA384;CYASSL_SHA512;HAVE_ECC"/> diff --git a/mplabx/ctaocrypt_test.X/nbproject/private/SuppressibleMessageMemo.properties b/mplabx/ctaocrypt_test.X/nbproject/private/SuppressibleMessageMemo.properties deleted file mode 100644 index c9b1335ab..000000000 --- a/mplabx/ctaocrypt_test.X/nbproject/private/SuppressibleMessageMemo.properties +++ /dev/null @@ -1,3 +0,0 @@ -# -#Wed Nov 06 20:25:39 JST 2013 -pkobskde/DEVID_MISMATCH=true diff --git a/mplabx/ctaocrypt_test.X/nbproject/private/private.xml b/mplabx/ctaocrypt_test.X/nbproject/private/private.xml deleted file mode 100644 index e39667075..000000000 --- a/mplabx/ctaocrypt_test.X/nbproject/private/private.xml +++ /dev/null @@ -1,3 +0,0 @@ - - - diff --git a/mplabx/cyassl.X/nbproject/Makefile-default.mk b/mplabx/cyassl.X/nbproject/Makefile-default.mk deleted file mode 100644 index 30b4f2914..000000000 --- a/mplabx/cyassl.X/nbproject/Makefile-default.mk +++ /dev/null @@ -1,590 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# Edit the Makefile in the project folder instead (../Makefile). Each target -# has a -pre and a -post target defined where you can add customized code. -# -# This makefile implements configuration specific macros and targets. - - -# Include project Makefile -ifeq "${IGNORE_LOCAL}" "TRUE" -# do not include local makefile. User is passing all local related variables already -else -include Makefile -# Include makefile containing local settings -ifeq "$(wildcard nbproject/Makefile-local-default.mk)" "nbproject/Makefile-local-default.mk" -include nbproject/Makefile-local-default.mk -endif -endif - -# Environment -MKDIR=gnumkdir -p -RM=rm -f -MV=mv -CP=cp - -# Macros -CND_CONF=default -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -IMAGE_TYPE=debug -OUTPUT_SUFFIX=a -DEBUGGABLE_SUFFIX= -FINAL_IMAGE=dist/${CND_CONF}/${IMAGE_TYPE}/cyassl.X.${OUTPUT_SUFFIX} -else -IMAGE_TYPE=production -OUTPUT_SUFFIX=a -DEBUGGABLE_SUFFIX= -FINAL_IMAGE=dist/${CND_CONF}/${IMAGE_TYPE}/cyassl.X.${OUTPUT_SUFFIX} -endif - -# Object Directory -OBJECTDIR=build/${CND_CONF}/${IMAGE_TYPE} - -# Distribution Directory -DISTDIR=dist/${CND_CONF}/${IMAGE_TYPE} - -# Source Files Quoted if spaced -SOURCEFILES_QUOTED_IF_SPACED=../../src/crl.c ../../src/internal.c ../../src/io.c ../../src/keys.c ../../src/ocsp.c ../../src/sniffer.c ../../src/ssl.c ../../src/tls.c ../../ctaocrypt/src/aes.c ../../ctaocrypt/src/arc4.c ../../ctaocrypt/src/asm.c ../../ctaocrypt/src/asn.c ../../ctaocrypt/src/coding.c ../../ctaocrypt/src/des3.c ../../ctaocrypt/src/dh.c ../../ctaocrypt/src/dsa.c ../../ctaocrypt/src/ecc.c ../../ctaocrypt/src/ecc_fp.c ../../ctaocrypt/src/error.c ../../ctaocrypt/src/hc128.c ../../ctaocrypt/src/hmac.c ../../ctaocrypt/src/integer.c ../../ctaocrypt/src/logging.c ../../ctaocrypt/src/md2.c ../../ctaocrypt/src/md4.c ../../ctaocrypt/src/md5.c ../../ctaocrypt/src/memory.c ../../ctaocrypt/src/misc.c ../../ctaocrypt/src/pwdbased.c ../../ctaocrypt/src/rabbit.c ../../ctaocrypt/src/random.c ../../ctaocrypt/src/ripemd.c ../../ctaocrypt/src/rsa.c ../../ctaocrypt/src/sha.c ../../ctaocrypt/src/sha256.c ../../ctaocrypt/src/sha512.c ../../ctaocrypt/src/tfm.c ../../ctaocrypt/src/port.c - -# Object Files Quoted if spaced -OBJECTFILES_QUOTED_IF_SPACED=${OBJECTDIR}/_ext/1445274692/crl.o ${OBJECTDIR}/_ext/1445274692/internal.o ${OBJECTDIR}/_ext/1445274692/io.o ${OBJECTDIR}/_ext/1445274692/keys.o ${OBJECTDIR}/_ext/1445274692/ocsp.o ${OBJECTDIR}/_ext/1445274692/sniffer.o ${OBJECTDIR}/_ext/1445274692/ssl.o ${OBJECTDIR}/_ext/1445274692/tls.o ${OBJECTDIR}/_ext/1439655260/aes.o ${OBJECTDIR}/_ext/1439655260/arc4.o ${OBJECTDIR}/_ext/1439655260/asm.o ${OBJECTDIR}/_ext/1439655260/asn.o ${OBJECTDIR}/_ext/1439655260/coding.o ${OBJECTDIR}/_ext/1439655260/des3.o ${OBJECTDIR}/_ext/1439655260/dh.o ${OBJECTDIR}/_ext/1439655260/dsa.o ${OBJECTDIR}/_ext/1439655260/ecc.o ${OBJECTDIR}/_ext/1439655260/ecc_fp.o ${OBJECTDIR}/_ext/1439655260/error.o ${OBJECTDIR}/_ext/1439655260/hc128.o ${OBJECTDIR}/_ext/1439655260/hmac.o ${OBJECTDIR}/_ext/1439655260/integer.o ${OBJECTDIR}/_ext/1439655260/logging.o ${OBJECTDIR}/_ext/1439655260/md2.o ${OBJECTDIR}/_ext/1439655260/md4.o ${OBJECTDIR}/_ext/1439655260/md5.o ${OBJECTDIR}/_ext/1439655260/memory.o ${OBJECTDIR}/_ext/1439655260/misc.o ${OBJECTDIR}/_ext/1439655260/pwdbased.o ${OBJECTDIR}/_ext/1439655260/rabbit.o ${OBJECTDIR}/_ext/1439655260/random.o ${OBJECTDIR}/_ext/1439655260/ripemd.o ${OBJECTDIR}/_ext/1439655260/rsa.o ${OBJECTDIR}/_ext/1439655260/sha.o ${OBJECTDIR}/_ext/1439655260/sha256.o ${OBJECTDIR}/_ext/1439655260/sha512.o ${OBJECTDIR}/_ext/1439655260/tfm.o ${OBJECTDIR}/_ext/1439655260/port.o -POSSIBLE_DEPFILES=${OBJECTDIR}/_ext/1445274692/crl.o.d ${OBJECTDIR}/_ext/1445274692/internal.o.d ${OBJECTDIR}/_ext/1445274692/io.o.d ${OBJECTDIR}/_ext/1445274692/keys.o.d ${OBJECTDIR}/_ext/1445274692/ocsp.o.d ${OBJECTDIR}/_ext/1445274692/sniffer.o.d ${OBJECTDIR}/_ext/1445274692/ssl.o.d ${OBJECTDIR}/_ext/1445274692/tls.o.d ${OBJECTDIR}/_ext/1439655260/aes.o.d ${OBJECTDIR}/_ext/1439655260/arc4.o.d ${OBJECTDIR}/_ext/1439655260/asm.o.d ${OBJECTDIR}/_ext/1439655260/asn.o.d ${OBJECTDIR}/_ext/1439655260/coding.o.d ${OBJECTDIR}/_ext/1439655260/des3.o.d ${OBJECTDIR}/_ext/1439655260/dh.o.d ${OBJECTDIR}/_ext/1439655260/dsa.o.d ${OBJECTDIR}/_ext/1439655260/ecc.o.d ${OBJECTDIR}/_ext/1439655260/ecc_fp.o.d ${OBJECTDIR}/_ext/1439655260/error.o.d ${OBJECTDIR}/_ext/1439655260/hc128.o.d ${OBJECTDIR}/_ext/1439655260/hmac.o.d ${OBJECTDIR}/_ext/1439655260/integer.o.d ${OBJECTDIR}/_ext/1439655260/logging.o.d ${OBJECTDIR}/_ext/1439655260/md2.o.d ${OBJECTDIR}/_ext/1439655260/md4.o.d ${OBJECTDIR}/_ext/1439655260/md5.o.d ${OBJECTDIR}/_ext/1439655260/memory.o.d ${OBJECTDIR}/_ext/1439655260/misc.o.d ${OBJECTDIR}/_ext/1439655260/pwdbased.o.d ${OBJECTDIR}/_ext/1439655260/rabbit.o.d ${OBJECTDIR}/_ext/1439655260/random.o.d ${OBJECTDIR}/_ext/1439655260/ripemd.o.d ${OBJECTDIR}/_ext/1439655260/rsa.o.d ${OBJECTDIR}/_ext/1439655260/sha.o.d ${OBJECTDIR}/_ext/1439655260/sha256.o.d ${OBJECTDIR}/_ext/1439655260/sha512.o.d ${OBJECTDIR}/_ext/1439655260/tfm.o.d ${OBJECTDIR}/_ext/1439655260/port.o.d - -# Object Files -OBJECTFILES=${OBJECTDIR}/_ext/1445274692/crl.o ${OBJECTDIR}/_ext/1445274692/internal.o ${OBJECTDIR}/_ext/1445274692/io.o ${OBJECTDIR}/_ext/1445274692/keys.o ${OBJECTDIR}/_ext/1445274692/ocsp.o ${OBJECTDIR}/_ext/1445274692/sniffer.o ${OBJECTDIR}/_ext/1445274692/ssl.o ${OBJECTDIR}/_ext/1445274692/tls.o ${OBJECTDIR}/_ext/1439655260/aes.o ${OBJECTDIR}/_ext/1439655260/arc4.o ${OBJECTDIR}/_ext/1439655260/asm.o ${OBJECTDIR}/_ext/1439655260/asn.o ${OBJECTDIR}/_ext/1439655260/coding.o ${OBJECTDIR}/_ext/1439655260/des3.o ${OBJECTDIR}/_ext/1439655260/dh.o ${OBJECTDIR}/_ext/1439655260/dsa.o ${OBJECTDIR}/_ext/1439655260/ecc.o ${OBJECTDIR}/_ext/1439655260/ecc_fp.o ${OBJECTDIR}/_ext/1439655260/error.o ${OBJECTDIR}/_ext/1439655260/hc128.o ${OBJECTDIR}/_ext/1439655260/hmac.o ${OBJECTDIR}/_ext/1439655260/integer.o ${OBJECTDIR}/_ext/1439655260/logging.o ${OBJECTDIR}/_ext/1439655260/md2.o ${OBJECTDIR}/_ext/1439655260/md4.o ${OBJECTDIR}/_ext/1439655260/md5.o ${OBJECTDIR}/_ext/1439655260/memory.o ${OBJECTDIR}/_ext/1439655260/misc.o ${OBJECTDIR}/_ext/1439655260/pwdbased.o ${OBJECTDIR}/_ext/1439655260/rabbit.o ${OBJECTDIR}/_ext/1439655260/random.o ${OBJECTDIR}/_ext/1439655260/ripemd.o ${OBJECTDIR}/_ext/1439655260/rsa.o ${OBJECTDIR}/_ext/1439655260/sha.o ${OBJECTDIR}/_ext/1439655260/sha256.o ${OBJECTDIR}/_ext/1439655260/sha512.o ${OBJECTDIR}/_ext/1439655260/tfm.o ${OBJECTDIR}/_ext/1439655260/port.o - -# Source Files -SOURCEFILES=../../src/crl.c ../../src/internal.c ../../src/io.c ../../src/keys.c ../../src/ocsp.c ../../src/sniffer.c ../../src/ssl.c ../../src/tls.c ../../ctaocrypt/src/aes.c ../../ctaocrypt/src/arc4.c ../../ctaocrypt/src/asm.c ../../ctaocrypt/src/asn.c ../../ctaocrypt/src/coding.c ../../ctaocrypt/src/des3.c ../../ctaocrypt/src/dh.c ../../ctaocrypt/src/dsa.c ../../ctaocrypt/src/ecc.c ../../ctaocrypt/src/ecc_fp.c ../../ctaocrypt/src/error.c ../../ctaocrypt/src/hc128.c ../../ctaocrypt/src/hmac.c ../../ctaocrypt/src/integer.c ../../ctaocrypt/src/logging.c ../../ctaocrypt/src/md2.c ../../ctaocrypt/src/md4.c ../../ctaocrypt/src/md5.c ../../ctaocrypt/src/memory.c ../../ctaocrypt/src/misc.c ../../ctaocrypt/src/pwdbased.c ../../ctaocrypt/src/rabbit.c ../../ctaocrypt/src/random.c ../../ctaocrypt/src/ripemd.c ../../ctaocrypt/src/rsa.c ../../ctaocrypt/src/sha.c ../../ctaocrypt/src/sha256.c ../../ctaocrypt/src/sha512.c ../../ctaocrypt/src/tfm.c ../../ctaocrypt/src/port.c - - -CFLAGS= -ASFLAGS= -LDLIBSOPTIONS= - -############# Tool locations ########################################## -# If you copy a project from one host to another, the path where the # -# compiler is installed may be different. # -# If you open this project with MPLAB X in the new host, this # -# makefile will be regenerated and the paths will be corrected. # -####################################################################### -# fixDeps replaces a bunch of sed/cat/printf statements that slow down the build -FIXDEPS=fixDeps - -.build-conf: ${BUILD_SUBPROJECTS} - ${MAKE} ${MAKE_OPTIONS} -f nbproject/Makefile-default.mk dist/${CND_CONF}/${IMAGE_TYPE}/cyassl.X.${OUTPUT_SUFFIX} - -MP_PROCESSOR_OPTION=32MZ2048ECM144 -MP_LINKER_FILE_OPTION= -# ------------------------------------------------------------------------------------ -# Rules for buildStep: assemble -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -else -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: assembleWithPreprocess -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -else -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: compile -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -${OBJECTDIR}/_ext/1445274692/crl.o: ../../src/crl.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/crl.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/crl.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/crl.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1445274692/crl.o.d" -o ${OBJECTDIR}/_ext/1445274692/crl.o ../../src/crl.c - -${OBJECTDIR}/_ext/1445274692/internal.o: ../../src/internal.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/internal.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/internal.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/internal.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1445274692/internal.o.d" -o ${OBJECTDIR}/_ext/1445274692/internal.o ../../src/internal.c - -${OBJECTDIR}/_ext/1445274692/io.o: ../../src/io.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/io.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/io.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/io.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1445274692/io.o.d" -o ${OBJECTDIR}/_ext/1445274692/io.o ../../src/io.c - -${OBJECTDIR}/_ext/1445274692/keys.o: ../../src/keys.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/keys.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/keys.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/keys.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1445274692/keys.o.d" -o ${OBJECTDIR}/_ext/1445274692/keys.o ../../src/keys.c - -${OBJECTDIR}/_ext/1445274692/ocsp.o: ../../src/ocsp.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/ocsp.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/ocsp.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/ocsp.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1445274692/ocsp.o.d" -o ${OBJECTDIR}/_ext/1445274692/ocsp.o ../../src/ocsp.c - -${OBJECTDIR}/_ext/1445274692/sniffer.o: ../../src/sniffer.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/sniffer.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/sniffer.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/sniffer.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1445274692/sniffer.o.d" -o ${OBJECTDIR}/_ext/1445274692/sniffer.o ../../src/sniffer.c - -${OBJECTDIR}/_ext/1445274692/ssl.o: ../../src/ssl.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/ssl.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/ssl.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/ssl.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1445274692/ssl.o.d" -o ${OBJECTDIR}/_ext/1445274692/ssl.o ../../src/ssl.c - -${OBJECTDIR}/_ext/1445274692/tls.o: ../../src/tls.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/tls.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/tls.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/tls.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1445274692/tls.o.d" -o ${OBJECTDIR}/_ext/1445274692/tls.o ../../src/tls.c - -${OBJECTDIR}/_ext/1439655260/aes.o: ../../ctaocrypt/src/aes.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/aes.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/aes.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/aes.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/aes.o.d" -o ${OBJECTDIR}/_ext/1439655260/aes.o ../../ctaocrypt/src/aes.c - -${OBJECTDIR}/_ext/1439655260/arc4.o: ../../ctaocrypt/src/arc4.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/arc4.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/arc4.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/arc4.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/arc4.o.d" -o ${OBJECTDIR}/_ext/1439655260/arc4.o ../../ctaocrypt/src/arc4.c - -${OBJECTDIR}/_ext/1439655260/asm.o: ../../ctaocrypt/src/asm.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/asm.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/asm.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/asm.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/asm.o.d" -o ${OBJECTDIR}/_ext/1439655260/asm.o ../../ctaocrypt/src/asm.c - -${OBJECTDIR}/_ext/1439655260/asn.o: ../../ctaocrypt/src/asn.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/asn.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/asn.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/asn.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/asn.o.d" -o ${OBJECTDIR}/_ext/1439655260/asn.o ../../ctaocrypt/src/asn.c - -${OBJECTDIR}/_ext/1439655260/coding.o: ../../ctaocrypt/src/coding.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/coding.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/coding.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/coding.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/coding.o.d" -o ${OBJECTDIR}/_ext/1439655260/coding.o ../../ctaocrypt/src/coding.c - -${OBJECTDIR}/_ext/1439655260/des3.o: ../../ctaocrypt/src/des3.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/des3.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/des3.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/des3.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/des3.o.d" -o ${OBJECTDIR}/_ext/1439655260/des3.o ../../ctaocrypt/src/des3.c - -${OBJECTDIR}/_ext/1439655260/dh.o: ../../ctaocrypt/src/dh.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/dh.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/dh.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/dh.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/dh.o.d" -o ${OBJECTDIR}/_ext/1439655260/dh.o ../../ctaocrypt/src/dh.c - -${OBJECTDIR}/_ext/1439655260/dsa.o: ../../ctaocrypt/src/dsa.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/dsa.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/dsa.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/dsa.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/dsa.o.d" -o ${OBJECTDIR}/_ext/1439655260/dsa.o ../../ctaocrypt/src/dsa.c - -${OBJECTDIR}/_ext/1439655260/ecc.o: ../../ctaocrypt/src/ecc.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/ecc.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/ecc.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/ecc.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/ecc.o.d" -o ${OBJECTDIR}/_ext/1439655260/ecc.o ../../ctaocrypt/src/ecc.c - -${OBJECTDIR}/_ext/1439655260/ecc_fp.o: ../../ctaocrypt/src/ecc_fp.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/ecc_fp.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/ecc_fp.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/ecc_fp.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/ecc_fp.o.d" -o ${OBJECTDIR}/_ext/1439655260/ecc_fp.o ../../ctaocrypt/src/ecc_fp.c - -${OBJECTDIR}/_ext/1439655260/error.o: ../../ctaocrypt/src/error.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/error.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/error.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/error.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/error.o.d" -o ${OBJECTDIR}/_ext/1439655260/error.o ../../ctaocrypt/src/error.c - -${OBJECTDIR}/_ext/1439655260/hc128.o: ../../ctaocrypt/src/hc128.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/hc128.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/hc128.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/hc128.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/hc128.o.d" -o ${OBJECTDIR}/_ext/1439655260/hc128.o ../../ctaocrypt/src/hc128.c - -${OBJECTDIR}/_ext/1439655260/hmac.o: ../../ctaocrypt/src/hmac.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/hmac.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/hmac.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/hmac.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/hmac.o.d" -o ${OBJECTDIR}/_ext/1439655260/hmac.o ../../ctaocrypt/src/hmac.c - -${OBJECTDIR}/_ext/1439655260/integer.o: ../../ctaocrypt/src/integer.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/integer.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/integer.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/integer.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/integer.o.d" -o ${OBJECTDIR}/_ext/1439655260/integer.o ../../ctaocrypt/src/integer.c - -${OBJECTDIR}/_ext/1439655260/logging.o: ../../ctaocrypt/src/logging.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/logging.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/logging.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/logging.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/logging.o.d" -o ${OBJECTDIR}/_ext/1439655260/logging.o ../../ctaocrypt/src/logging.c - -${OBJECTDIR}/_ext/1439655260/md2.o: ../../ctaocrypt/src/md2.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/md2.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/md2.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/md2.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/md2.o.d" -o ${OBJECTDIR}/_ext/1439655260/md2.o ../../ctaocrypt/src/md2.c - -${OBJECTDIR}/_ext/1439655260/md4.o: ../../ctaocrypt/src/md4.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/md4.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/md4.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/md4.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/md4.o.d" -o ${OBJECTDIR}/_ext/1439655260/md4.o ../../ctaocrypt/src/md4.c - -${OBJECTDIR}/_ext/1439655260/md5.o: ../../ctaocrypt/src/md5.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/md5.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/md5.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/md5.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/md5.o.d" -o ${OBJECTDIR}/_ext/1439655260/md5.o ../../ctaocrypt/src/md5.c - -${OBJECTDIR}/_ext/1439655260/memory.o: ../../ctaocrypt/src/memory.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/memory.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/memory.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/memory.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/memory.o.d" -o ${OBJECTDIR}/_ext/1439655260/memory.o ../../ctaocrypt/src/memory.c - -${OBJECTDIR}/_ext/1439655260/misc.o: ../../ctaocrypt/src/misc.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/misc.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/misc.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/misc.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/misc.o.d" -o ${OBJECTDIR}/_ext/1439655260/misc.o ../../ctaocrypt/src/misc.c - -${OBJECTDIR}/_ext/1439655260/pwdbased.o: ../../ctaocrypt/src/pwdbased.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/pwdbased.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/pwdbased.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/pwdbased.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/pwdbased.o.d" -o ${OBJECTDIR}/_ext/1439655260/pwdbased.o ../../ctaocrypt/src/pwdbased.c - -${OBJECTDIR}/_ext/1439655260/rabbit.o: ../../ctaocrypt/src/rabbit.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/rabbit.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/rabbit.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/rabbit.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/rabbit.o.d" -o ${OBJECTDIR}/_ext/1439655260/rabbit.o ../../ctaocrypt/src/rabbit.c - -${OBJECTDIR}/_ext/1439655260/random.o: ../../ctaocrypt/src/random.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/random.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/random.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/random.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/random.o.d" -o ${OBJECTDIR}/_ext/1439655260/random.o ../../ctaocrypt/src/random.c - -${OBJECTDIR}/_ext/1439655260/ripemd.o: ../../ctaocrypt/src/ripemd.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/ripemd.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/ripemd.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/ripemd.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/ripemd.o.d" -o ${OBJECTDIR}/_ext/1439655260/ripemd.o ../../ctaocrypt/src/ripemd.c - -${OBJECTDIR}/_ext/1439655260/rsa.o: ../../ctaocrypt/src/rsa.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/rsa.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/rsa.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/rsa.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/rsa.o.d" -o ${OBJECTDIR}/_ext/1439655260/rsa.o ../../ctaocrypt/src/rsa.c - -${OBJECTDIR}/_ext/1439655260/sha.o: ../../ctaocrypt/src/sha.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/sha.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/sha.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/sha.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/sha.o.d" -o ${OBJECTDIR}/_ext/1439655260/sha.o ../../ctaocrypt/src/sha.c - -${OBJECTDIR}/_ext/1439655260/sha256.o: ../../ctaocrypt/src/sha256.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/sha256.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/sha256.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/sha256.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/sha256.o.d" -o ${OBJECTDIR}/_ext/1439655260/sha256.o ../../ctaocrypt/src/sha256.c - -${OBJECTDIR}/_ext/1439655260/sha512.o: ../../ctaocrypt/src/sha512.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/sha512.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/sha512.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/sha512.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/sha512.o.d" -o ${OBJECTDIR}/_ext/1439655260/sha512.o ../../ctaocrypt/src/sha512.c - -${OBJECTDIR}/_ext/1439655260/tfm.o: ../../ctaocrypt/src/tfm.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/tfm.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/tfm.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/tfm.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/tfm.o.d" -o ${OBJECTDIR}/_ext/1439655260/tfm.o ../../ctaocrypt/src/tfm.c - -${OBJECTDIR}/_ext/1439655260/port.o: ../../ctaocrypt/src/port.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/port.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/port.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/port.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -g -D__DEBUG -D__MPLAB_DEBUGGER_PK3=1 -fframe-base-loclist -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/port.o.d" -o ${OBJECTDIR}/_ext/1439655260/port.o ../../ctaocrypt/src/port.c - -else -${OBJECTDIR}/_ext/1445274692/crl.o: ../../src/crl.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/crl.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/crl.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/crl.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1445274692/crl.o.d" -o ${OBJECTDIR}/_ext/1445274692/crl.o ../../src/crl.c - -${OBJECTDIR}/_ext/1445274692/internal.o: ../../src/internal.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/internal.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/internal.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/internal.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1445274692/internal.o.d" -o ${OBJECTDIR}/_ext/1445274692/internal.o ../../src/internal.c - -${OBJECTDIR}/_ext/1445274692/io.o: ../../src/io.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/io.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/io.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/io.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1445274692/io.o.d" -o ${OBJECTDIR}/_ext/1445274692/io.o ../../src/io.c - -${OBJECTDIR}/_ext/1445274692/keys.o: ../../src/keys.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/keys.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/keys.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/keys.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1445274692/keys.o.d" -o ${OBJECTDIR}/_ext/1445274692/keys.o ../../src/keys.c - -${OBJECTDIR}/_ext/1445274692/ocsp.o: ../../src/ocsp.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/ocsp.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/ocsp.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/ocsp.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1445274692/ocsp.o.d" -o ${OBJECTDIR}/_ext/1445274692/ocsp.o ../../src/ocsp.c - -${OBJECTDIR}/_ext/1445274692/sniffer.o: ../../src/sniffer.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/sniffer.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/sniffer.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/sniffer.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1445274692/sniffer.o.d" -o ${OBJECTDIR}/_ext/1445274692/sniffer.o ../../src/sniffer.c - -${OBJECTDIR}/_ext/1445274692/ssl.o: ../../src/ssl.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/ssl.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/ssl.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/ssl.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1445274692/ssl.o.d" -o ${OBJECTDIR}/_ext/1445274692/ssl.o ../../src/ssl.c - -${OBJECTDIR}/_ext/1445274692/tls.o: ../../src/tls.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1445274692 - @${RM} ${OBJECTDIR}/_ext/1445274692/tls.o.d - @${RM} ${OBJECTDIR}/_ext/1445274692/tls.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1445274692/tls.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1445274692/tls.o.d" -o ${OBJECTDIR}/_ext/1445274692/tls.o ../../src/tls.c - -${OBJECTDIR}/_ext/1439655260/aes.o: ../../ctaocrypt/src/aes.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/aes.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/aes.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/aes.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/aes.o.d" -o ${OBJECTDIR}/_ext/1439655260/aes.o ../../ctaocrypt/src/aes.c - -${OBJECTDIR}/_ext/1439655260/arc4.o: ../../ctaocrypt/src/arc4.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/arc4.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/arc4.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/arc4.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/arc4.o.d" -o ${OBJECTDIR}/_ext/1439655260/arc4.o ../../ctaocrypt/src/arc4.c - -${OBJECTDIR}/_ext/1439655260/asm.o: ../../ctaocrypt/src/asm.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/asm.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/asm.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/asm.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/asm.o.d" -o ${OBJECTDIR}/_ext/1439655260/asm.o ../../ctaocrypt/src/asm.c - -${OBJECTDIR}/_ext/1439655260/asn.o: ../../ctaocrypt/src/asn.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/asn.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/asn.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/asn.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/asn.o.d" -o ${OBJECTDIR}/_ext/1439655260/asn.o ../../ctaocrypt/src/asn.c - -${OBJECTDIR}/_ext/1439655260/coding.o: ../../ctaocrypt/src/coding.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/coding.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/coding.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/coding.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/coding.o.d" -o ${OBJECTDIR}/_ext/1439655260/coding.o ../../ctaocrypt/src/coding.c - -${OBJECTDIR}/_ext/1439655260/des3.o: ../../ctaocrypt/src/des3.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/des3.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/des3.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/des3.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/des3.o.d" -o ${OBJECTDIR}/_ext/1439655260/des3.o ../../ctaocrypt/src/des3.c - -${OBJECTDIR}/_ext/1439655260/dh.o: ../../ctaocrypt/src/dh.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/dh.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/dh.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/dh.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/dh.o.d" -o ${OBJECTDIR}/_ext/1439655260/dh.o ../../ctaocrypt/src/dh.c - -${OBJECTDIR}/_ext/1439655260/dsa.o: ../../ctaocrypt/src/dsa.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/dsa.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/dsa.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/dsa.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/dsa.o.d" -o ${OBJECTDIR}/_ext/1439655260/dsa.o ../../ctaocrypt/src/dsa.c - -${OBJECTDIR}/_ext/1439655260/ecc.o: ../../ctaocrypt/src/ecc.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/ecc.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/ecc.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/ecc.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/ecc.o.d" -o ${OBJECTDIR}/_ext/1439655260/ecc.o ../../ctaocrypt/src/ecc.c - -${OBJECTDIR}/_ext/1439655260/ecc_fp.o: ../../ctaocrypt/src/ecc_fp.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/ecc_fp.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/ecc_fp.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/ecc_fp.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/ecc_fp.o.d" -o ${OBJECTDIR}/_ext/1439655260/ecc_fp.o ../../ctaocrypt/src/ecc_fp.c - -${OBJECTDIR}/_ext/1439655260/error.o: ../../ctaocrypt/src/error.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/error.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/error.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/error.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/error.o.d" -o ${OBJECTDIR}/_ext/1439655260/error.o ../../ctaocrypt/src/error.c - -${OBJECTDIR}/_ext/1439655260/hc128.o: ../../ctaocrypt/src/hc128.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/hc128.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/hc128.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/hc128.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/hc128.o.d" -o ${OBJECTDIR}/_ext/1439655260/hc128.o ../../ctaocrypt/src/hc128.c - -${OBJECTDIR}/_ext/1439655260/hmac.o: ../../ctaocrypt/src/hmac.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/hmac.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/hmac.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/hmac.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/hmac.o.d" -o ${OBJECTDIR}/_ext/1439655260/hmac.o ../../ctaocrypt/src/hmac.c - -${OBJECTDIR}/_ext/1439655260/integer.o: ../../ctaocrypt/src/integer.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/integer.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/integer.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/integer.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/integer.o.d" -o ${OBJECTDIR}/_ext/1439655260/integer.o ../../ctaocrypt/src/integer.c - -${OBJECTDIR}/_ext/1439655260/logging.o: ../../ctaocrypt/src/logging.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/logging.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/logging.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/logging.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/logging.o.d" -o ${OBJECTDIR}/_ext/1439655260/logging.o ../../ctaocrypt/src/logging.c - -${OBJECTDIR}/_ext/1439655260/md2.o: ../../ctaocrypt/src/md2.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/md2.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/md2.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/md2.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/md2.o.d" -o ${OBJECTDIR}/_ext/1439655260/md2.o ../../ctaocrypt/src/md2.c - -${OBJECTDIR}/_ext/1439655260/md4.o: ../../ctaocrypt/src/md4.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/md4.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/md4.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/md4.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/md4.o.d" -o ${OBJECTDIR}/_ext/1439655260/md4.o ../../ctaocrypt/src/md4.c - -${OBJECTDIR}/_ext/1439655260/md5.o: ../../ctaocrypt/src/md5.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/md5.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/md5.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/md5.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/md5.o.d" -o ${OBJECTDIR}/_ext/1439655260/md5.o ../../ctaocrypt/src/md5.c - -${OBJECTDIR}/_ext/1439655260/memory.o: ../../ctaocrypt/src/memory.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/memory.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/memory.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/memory.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/memory.o.d" -o ${OBJECTDIR}/_ext/1439655260/memory.o ../../ctaocrypt/src/memory.c - -${OBJECTDIR}/_ext/1439655260/misc.o: ../../ctaocrypt/src/misc.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/misc.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/misc.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/misc.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/misc.o.d" -o ${OBJECTDIR}/_ext/1439655260/misc.o ../../ctaocrypt/src/misc.c - -${OBJECTDIR}/_ext/1439655260/pwdbased.o: ../../ctaocrypt/src/pwdbased.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/pwdbased.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/pwdbased.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/pwdbased.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/pwdbased.o.d" -o ${OBJECTDIR}/_ext/1439655260/pwdbased.o ../../ctaocrypt/src/pwdbased.c - -${OBJECTDIR}/_ext/1439655260/rabbit.o: ../../ctaocrypt/src/rabbit.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/rabbit.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/rabbit.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/rabbit.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/rabbit.o.d" -o ${OBJECTDIR}/_ext/1439655260/rabbit.o ../../ctaocrypt/src/rabbit.c - -${OBJECTDIR}/_ext/1439655260/random.o: ../../ctaocrypt/src/random.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/random.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/random.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/random.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/random.o.d" -o ${OBJECTDIR}/_ext/1439655260/random.o ../../ctaocrypt/src/random.c - -${OBJECTDIR}/_ext/1439655260/ripemd.o: ../../ctaocrypt/src/ripemd.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/ripemd.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/ripemd.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/ripemd.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/ripemd.o.d" -o ${OBJECTDIR}/_ext/1439655260/ripemd.o ../../ctaocrypt/src/ripemd.c - -${OBJECTDIR}/_ext/1439655260/rsa.o: ../../ctaocrypt/src/rsa.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/rsa.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/rsa.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/rsa.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/rsa.o.d" -o ${OBJECTDIR}/_ext/1439655260/rsa.o ../../ctaocrypt/src/rsa.c - -${OBJECTDIR}/_ext/1439655260/sha.o: ../../ctaocrypt/src/sha.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/sha.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/sha.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/sha.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/sha.o.d" -o ${OBJECTDIR}/_ext/1439655260/sha.o ../../ctaocrypt/src/sha.c - -${OBJECTDIR}/_ext/1439655260/sha256.o: ../../ctaocrypt/src/sha256.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/sha256.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/sha256.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/sha256.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/sha256.o.d" -o ${OBJECTDIR}/_ext/1439655260/sha256.o ../../ctaocrypt/src/sha256.c - -${OBJECTDIR}/_ext/1439655260/sha512.o: ../../ctaocrypt/src/sha512.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/sha512.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/sha512.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/sha512.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/sha512.o.d" -o ${OBJECTDIR}/_ext/1439655260/sha512.o ../../ctaocrypt/src/sha512.c - -${OBJECTDIR}/_ext/1439655260/tfm.o: ../../ctaocrypt/src/tfm.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/tfm.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/tfm.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/tfm.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/tfm.o.d" -o ${OBJECTDIR}/_ext/1439655260/tfm.o ../../ctaocrypt/src/tfm.c - -${OBJECTDIR}/_ext/1439655260/port.o: ../../ctaocrypt/src/port.c nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} ${OBJECTDIR}/_ext/1439655260 - @${RM} ${OBJECTDIR}/_ext/1439655260/port.o.d - @${RM} ${OBJECTDIR}/_ext/1439655260/port.o - @${FIXDEPS} "${OBJECTDIR}/_ext/1439655260/port.o.d" $(SILENT) -rsi ${MP_CC_DIR}../ -c ${MP_CC} $(MP_EXTRA_CC_PRE) -x c -c -mprocessor=$(MP_PROCESSOR_OPTION) -O3 -DCYASSL_SHA512 -DCYASSL_SHA384 -DHAVE_ECC -DCYASSL_PIC32MZ_CRYPT -DCYASSL_MICROCHIP_PIC32MZ -I"../../" -I"../" -MMD -MF "${OBJECTDIR}/_ext/1439655260/port.o.d" -o ${OBJECTDIR}/_ext/1439655260/port.o ../../ctaocrypt/src/port.c - -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: compileCPP -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -else -endif - -# ------------------------------------------------------------------------------------ -# Rules for buildStep: archive -ifeq ($(TYPE_IMAGE), DEBUG_RUN) -dist/${CND_CONF}/${IMAGE_TYPE}/cyassl.X.${OUTPUT_SUFFIX}: ${OBJECTFILES} nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} dist/${CND_CONF}/${IMAGE_TYPE} - ${MP_AR} $(MP_EXTRA_AR_PRE) r dist/${CND_CONF}/${IMAGE_TYPE}/cyassl.X.${OUTPUT_SUFFIX} ${OBJECTFILES_QUOTED_IF_SPACED} -else -dist/${CND_CONF}/${IMAGE_TYPE}/cyassl.X.${OUTPUT_SUFFIX}: ${OBJECTFILES} nbproject/Makefile-${CND_CONF}.mk - @${MKDIR} dist/${CND_CONF}/${IMAGE_TYPE} - ${MP_AR} $(MP_EXTRA_AR_PRE) r dist/${CND_CONF}/${IMAGE_TYPE}/cyassl.X.${OUTPUT_SUFFIX} ${OBJECTFILES_QUOTED_IF_SPACED} -endif - - -# Subprojects -.build-subprojects: - - -# Subprojects -.clean-subprojects: - -# Clean Targets -.clean-conf: ${CLEAN_SUBPROJECTS} - ${RM} -r build/default - ${RM} -r dist/default - -# Enable dependency checking -.dep.inc: .depcheck-impl - -DEPFILES=$(shell mplabwildcard ${POSSIBLE_DEPFILES}) -ifneq (${DEPFILES},) -include ${DEPFILES} -endif diff --git a/mplabx/cyassl.X/nbproject/Makefile-genesis.properties b/mplabx/cyassl.X/nbproject/Makefile-genesis.properties deleted file mode 100644 index 354a175b5..000000000 --- a/mplabx/cyassl.X/nbproject/Makefile-genesis.properties +++ /dev/null @@ -1,8 +0,0 @@ -# -#Mon Nov 11 18:57:05 JST 2013 -default.com-microchip-mplab-nbide-toolchainXC32-XC32LanguageToolchain.md5=cd6a1e93a26f632c22d91cbbe4deaf2c -default.languagetoolchain.dir=C\:\\Program Files (x86)\\Microchip\\xc32\\v1.30\\bin -com-microchip-mplab-nbide-embedded-makeproject-MakeProject.md5=43bd1633f14a944b6e95abd1333fdfc3 -default.languagetoolchain.version=1.30 -host.platform=windows -conf.ids=default diff --git a/mplabx/cyassl.X/nbproject/Makefile-impl.mk b/mplabx/cyassl.X/nbproject/Makefile-impl.mk deleted file mode 100644 index 6f20c0abd..000000000 --- a/mplabx/cyassl.X/nbproject/Makefile-impl.mk +++ /dev/null @@ -1,69 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# Edit the Makefile in the project folder instead (../Makefile). Each target -# has a pre- and a post- target defined where you can add customization code. -# -# This makefile implements macros and targets common to all configurations. -# -# NOCDDL - - -# Building and Cleaning subprojects are done by default, but can be controlled with the SUB -# macro. If SUB=no, subprojects will not be built or cleaned. The following macro -# statements set BUILD_SUB-CONF and CLEAN_SUB-CONF to .build-reqprojects-conf -# and .clean-reqprojects-conf unless SUB has the value 'no' -SUB_no=NO -SUBPROJECTS=${SUB_${SUB}} -BUILD_SUBPROJECTS_=.build-subprojects -BUILD_SUBPROJECTS_NO= -BUILD_SUBPROJECTS=${BUILD_SUBPROJECTS_${SUBPROJECTS}} -CLEAN_SUBPROJECTS_=.clean-subprojects -CLEAN_SUBPROJECTS_NO= -CLEAN_SUBPROJECTS=${CLEAN_SUBPROJECTS_${SUBPROJECTS}} - - -# Project Name -PROJECTNAME=cyassl.X - -# Active Configuration -DEFAULTCONF=default -CONF=${DEFAULTCONF} - -# All Configurations -ALLCONFS=default - - -# build -.build-impl: .build-pre - ${MAKE} -f nbproject/Makefile-${CONF}.mk SUBPROJECTS=${SUBPROJECTS} .build-conf - - -# clean -.clean-impl: .clean-pre - ${MAKE} -f nbproject/Makefile-${CONF}.mk SUBPROJECTS=${SUBPROJECTS} .clean-conf - -# clobber -.clobber-impl: .clobber-pre .depcheck-impl - ${MAKE} SUBPROJECTS=${SUBPROJECTS} CONF=default clean - - - -# all -.all-impl: .all-pre .depcheck-impl - ${MAKE} SUBPROJECTS=${SUBPROJECTS} CONF=default build - - - -# dependency checking support -.depcheck-impl: -# @echo "# This code depends on make tool being used" >.dep.inc -# @if [ -n "${MAKE_VERSION}" ]; then \ -# echo "DEPFILES=\$$(wildcard \$$(addsuffix .d, \$${OBJECTFILES}))" >>.dep.inc; \ -# echo "ifneq (\$${DEPFILES},)" >>.dep.inc; \ -# echo "include \$${DEPFILES}" >>.dep.inc; \ -# echo "endif" >>.dep.inc; \ -# else \ -# echo ".KEEP_STATE:" >>.dep.inc; \ -# echo ".KEEP_STATE_FILE:.make.state.\$${CONF}" >>.dep.inc; \ -# fi diff --git a/mplabx/cyassl.X/nbproject/Makefile-local-default.mk b/mplabx/cyassl.X/nbproject/Makefile-local-default.mk deleted file mode 100644 index 3350f874d..000000000 --- a/mplabx/cyassl.X/nbproject/Makefile-local-default.mk +++ /dev/null @@ -1,37 +0,0 @@ -# -# Generated Makefile - do not edit! -# -# -# This file contains information about the location of compilers and other tools. -# If you commmit this file into your revision control server, you will be able to -# to checkout the project and build it from the command line with make. However, -# if more than one person works on the same project, then this file might show -# conflicts since different users are bound to have compilers in different places. -# In that case you might choose to not commit this file and let MPLAB X recreate this file -# for each user. The disadvantage of not commiting this file is that you must run MPLAB X at -# least once so the file gets created and the project can be built. Finally, you can also -# avoid using this file at all if you are only building from the command line with make. -# You can invoke make with the values of the macros: -# $ makeMP_CC="/opt/microchip/mplabc30/v3.30c/bin/pic30-gcc" ... -# -SHELL=cmd.exe -PATH_TO_IDE_BIN=C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/ -# Adding MPLAB X bin directory to path. -PATH:=C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/:$(PATH) -# Path to java used to run MPLAB X when this makefile was created -MP_JAVA_PATH="C:\Program Files (x86)\Microchip\MPLABX-v1.95.RC3\sys\java\jre1.7.0_25-windows-x64\java-windows/bin/" -OS_CURRENT="$(shell uname -s)" -MP_CC="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-gcc.exe" -MP_CPPC="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-g++.exe" -# MP_BC is not defined -MP_AS="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-as.exe" -MP_LD="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-ld.exe" -MP_AR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin\xc32-ar.exe" -DEP_GEN=${MP_JAVA_PATH}java -jar "C:/Program Files (x86)/Microchip/MPLABX-v1.95.RC3/mplab_ide/mplab_ide/modules/../../bin/extractobjectdependencies.jar" -MP_CC_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -MP_CPPC_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -# MP_BC_DIR is not defined -MP_AS_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -MP_LD_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -MP_AR_DIR="C:\Program Files (x86)\Microchip\xc32\v1.30\bin" -# MP_BC_DIR is not defined diff --git a/mplabx/cyassl.X/nbproject/Makefile-variables.mk b/mplabx/cyassl.X/nbproject/Makefile-variables.mk deleted file mode 100644 index b480b107d..000000000 --- a/mplabx/cyassl.X/nbproject/Makefile-variables.mk +++ /dev/null @@ -1,13 +0,0 @@ -# -# Generated - do not edit! -# -# NOCDDL -# -CND_BASEDIR=`pwd` -# default configuration -CND_ARTIFACT_DIR_default=dist/default/production -CND_ARTIFACT_NAME_default=cyassl.X.a -CND_ARTIFACT_PATH_default=dist/default/production/cyassl.X.a -CND_PACKAGE_DIR_default=${CND_DISTDIR}/default/package -CND_PACKAGE_NAME_default=cyassl.X.tar -CND_PACKAGE_PATH_default=${CND_DISTDIR}/default/package/cyassl.X.tar diff --git a/mplabx/cyassl.X/nbproject/Package-default.bash b/mplabx/cyassl.X/nbproject/Package-default.bash deleted file mode 100644 index baae5e998..000000000 --- a/mplabx/cyassl.X/nbproject/Package-default.bash +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash -x - -# -# Generated - do not edit! -# - -# Macros -TOP=`pwd` -CND_CONF=default -CND_DISTDIR=dist -TMPDIR=build/${CND_CONF}/${IMAGE_TYPE}/tmp-packaging -TMPDIRNAME=tmp-packaging -OUTPUT_PATH=dist/${CND_CONF}/${IMAGE_TYPE}/cyassl.X.${OUTPUT_SUFFIX} -OUTPUT_BASENAME=cyassl.X.${OUTPUT_SUFFIX} -PACKAGE_TOP_DIR=cyassl.X/ - -# Functions -function checkReturnCode -{ - rc=$? - if [ $rc != 0 ] - then - exit $rc - fi -} -function makeDirectory -# $1 directory path -# $2 permission (optional) -{ - mkdir -p "$1" - checkReturnCode - if [ "$2" != "" ] - then - chmod $2 "$1" - checkReturnCode - fi -} -function copyFileToTmpDir -# $1 from-file path -# $2 to-file path -# $3 permission -{ - cp "$1" "$2" - checkReturnCode - if [ "$3" != "" ] - then - chmod $3 "$2" - checkReturnCode - fi -} - -# Setup -cd "${TOP}" -mkdir -p ${CND_DISTDIR}/${CND_CONF}/package -rm -rf ${TMPDIR} -mkdir -p ${TMPDIR} - -# Copy files and create directories and links -cd "${TOP}" -makeDirectory ${TMPDIR}/cyassl.X/lib -copyFileToTmpDir "${OUTPUT_PATH}" "${TMPDIR}/${PACKAGE_TOP_DIR}lib/${OUTPUT_BASENAME}" 0644 - - -# Generate tar file -cd "${TOP}" -rm -f ${CND_DISTDIR}/${CND_CONF}/package/cyassl.X.tar -cd ${TMPDIR} -tar -vcf ../../../../${CND_DISTDIR}/${CND_CONF}/package/cyassl.X.tar * -checkReturnCode - -# Cleanup -cd "${TOP}" -rm -rf ${TMPDIR} diff --git a/mplabx/cyassl.X/nbproject/configurations.xml b/mplabx/cyassl.X/nbproject/configurations.xml index d65a4df0e..1a141bb22 100644 --- a/mplabx/cyassl.X/nbproject/configurations.xml +++ b/mplabx/cyassl.X/nbproject/configurations.xml @@ -67,7 +67,7 @@ localhost - PIC32MZ2048ECM144 + PIC32MX795F512L PKOBSKDEPlatformTool @@ -104,7 +104,7 @@ + value="CYASSL_SHA512;CYASSL_SHA384;HAVE_ECC"/> diff --git a/mplabx/cyassl.X/nbproject/private/private.xml b/mplabx/cyassl.X/nbproject/private/private.xml deleted file mode 100644 index e39667075..000000000 --- a/mplabx/cyassl.X/nbproject/private/private.xml +++ /dev/null @@ -1,3 +0,0 @@ - - - From a492be99c17856317164092b0f13f08bfc6e9e25 Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Thu, 28 Nov 2013 09:25:54 +0900 Subject: [PATCH 024/135] MDK5, eliminated unused files --- .../CyaSSL-Full/CyaSSL-Full.uvguix.kojo | 1342 ----------------- .../CyaSSL-Full/CyaSSL-Full_CyaSSL-Full.dep | 79 - .../Object/CyaSSL-Full.build_log.htm | 12 - 3 files changed, 1433 deletions(-) delete mode 100644 IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvguix.kojo delete mode 100644 IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full_CyaSSL-Full.dep delete mode 100644 IDE/MDK5-ARM/Projects/CyaSSL-Full/Object/CyaSSL-Full.build_log.htm diff --git a/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvguix.kojo b/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvguix.kojo deleted file mode 100644 index 6bb8a7870..000000000 --- a/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvguix.kojo +++ /dev/null @@ -1,1342 +0,0 @@ - - - - -4.1 - -
### uVision Project, (C) Keil Software
- - - - - - 38003 - Registers - 115 159 - - - 346 - Code Coverage - 966 160 - - - 204 - Performance Analyzer - 1126 - - - - - - 1506 - Symbols - - 133 133 133 - - - 1936 - Watch 1 - - 133 133 133 - - - 1937 - Watch 2 - - 133 133 133 - - - 1935 - Call Stack + Locals - - 133 133 133 - - - 2506 - Trace Data - - 75 135 130 95 70 230 200 - - - - - - 1 - 1 - 0 - - - - - - - 44 - 0 - 1 - - -1 - -1 - - - -1 - -1 - - - 148 - 32 - 1713 - 1071 - - - - 0 - - 60 - 010000000400000001000000010000000100000001000000000000000200000000000000010000000100000000000000280000002800000000000000 - - - - 0 - Build - - -1 - -1 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 200100004F00000090050000DF000000 - - - 16 - 8A000000A10000005203000031010000 - - - - 1005 - 1005 - 1 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03000000660000001901000048030000 - - - 16 - 8A000000A1000000A6010000E1020000 - - - - 109 - 109 - 1 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03000000660000001901000048030000 - - - 16 - 8A000000A1000000A6010000E1020000 - - - - 1465 - 1465 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 000000002D02000090050000BD020000 - - - 16 - 8A000000A10000005203000031010000 - - - - 1466 - 1466 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03000000300200008D05000090020000 - - - 16 - 8A000000A10000005203000031010000 - - - - 1467 - 1467 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03000000300200008D05000090020000 - - - 16 - 8A000000A10000005203000031010000 - - - - 1468 - 1468 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03000000300200008D05000090020000 - - - 16 - 8A000000A10000005203000031010000 - - - - 1506 - 1506 - 0 - 0 - 0 - 0 - 32767 - 0 - 16384 - 0 - - 16 - 03040000660000008D050000C6010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 1913 - 1913 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 200100006300000090050000DF000000 - - - 16 - 8A000000A10000005203000031010000 - - - - 1935 - 1935 - 0 - 0 - 0 - 0 - 32767 - 0 - 32768 - 0 - - 16 - 03000000300200008D050000A4020000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 1936 - 1936 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03000000300200008D05000090020000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 1937 - 1937 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03000000300200008D05000090020000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 1939 - 1939 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03000000300200008D05000090020000 - - - 16 - 8A000000A10000005203000031010000 - - - - 1940 - 1940 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03000000300200008D05000090020000 - - - 16 - 8A000000A10000005203000031010000 - - - - 1941 - 1941 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03000000300200008D05000090020000 - - - 16 - 8A000000A10000005203000031010000 - - - - 1942 - 1942 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03000000300200008D05000090020000 - - - 16 - 8A000000A10000005203000031010000 - - - - 195 - 195 - 1 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03000000660000001901000048030000 - - - 16 - 8A000000A1000000A6010000E1020000 - - - - 196 - 196 - 1 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03000000660000001901000048030000 - - - 16 - 8A000000A1000000A6010000E1020000 - - - - 197 - 197 - 0 - 0 - 0 - 0 - 32767 - 0 - 32768 - 0 - - 16 - 000000004102000090050000BD020000 - - - 16 - 8A000000A10000005203000031010000 - - - - 198 - 198 - 0 - 0 - 0 - 0 - 32767 - 0 - 32768 - 0 - - 16 - 000000001902000090050000BD020000 - - - 16 - 8A000000A10000005203000031010000 - - - - 199 - 199 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03000000440200008D050000A4020000 - - - 16 - 8A000000A10000005203000031010000 - - - - 203 - 203 - 0 - 0 - 0 - 0 - 32767 - 0 - 8192 - 0 - - 16 - 200100006300000090050000DF000000 - - - 16 - 8A000000A10000005203000031010000 - - - - 204 - 204 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 23010000660000008D050000C6000000 - - - 16 - 8A000000A10000005203000031010000 - - - - 221 - 221 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 00000000000000000000000000000000 - - - 16 - 0A0000000A0000006E0000006E000000 - - - - 2506 - 2506 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 00040000630000009005000029020000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 2507 - 2507 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 000000002D02000090050000A9020000 - - - 16 - 8A000000A10000005203000031010000 - - - - 343 - 343 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 23010000660000008D050000C6000000 - - - 16 - 8A000000A10000005203000031010000 - - - - 346 - 346 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 23010000660000008D050000C6000000 - - - 16 - 8A000000A10000005203000031010000 - - - - 35824 - 35824 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 23010000660000008D050000C6000000 - - - 16 - 8A000000A10000005203000031010000 - - - - 35885 - 35885 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35886 - 35886 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35887 - 35887 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35888 - 35888 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35889 - 35889 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35890 - 35890 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35891 - 35891 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35892 - 35892 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35893 - 35893 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35894 - 35894 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35895 - 35895 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35896 - 35896 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35897 - 35897 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35898 - 35898 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35899 - 35899 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35900 - 35900 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35901 - 35901 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35902 - 35902 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35903 - 35903 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35904 - 35904 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 35905 - 35905 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03040000660000008D0500007C010000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 38003 - 38003 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 030000006600000019010000A4020000 - - - 16 - 8A000000A1000000A6010000E1020000 - - - - 38007 - 38007 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 000000004102000090050000BD020000 - - - 16 - 8A000000A10000005203000031010000 - - - - 436 - 436 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03000000440200008D050000A4020000 - - - 16 - 8A000000A1000000A6010000E1020000 - - - - 437 - 437 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03000000300200008D05000090020000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 440 - 440 - 0 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 03000000300200008D05000090020000 - - - 16 - 8A000000A10000001A02000031020000 - - - - 59392 - 59392 - 1 - 0 - 0 - 0 - 32767 - 0 - 8192 - 0 - - 16 - 0000000000000000B70300001C000000 - - - 16 - 0A0000000A0000006E0000006E000000 - - - - 59393 - 0 - 1 - 0 - 0 - 0 - 32767 - 0 - 4096 - 0 - - 16 - 00000000610300008106000074030000 - - - 16 - 0A0000000A0000006E0000006E000000 - - - - 59399 - 59399 - 1 - 0 - 0 - 0 - 32767 - 0 - 8192 - 1 - - 16 - 000000001C000000C201000038000000 - - - 16 - 0A0000000A0000006E0000006E000000 - - - - 59400 - 59400 - 0 - 0 - 0 - 0 - 32767 - 0 - 8192 - 2 - - 16 - 00000000380000006F02000054000000 - - - 16 - 0A0000000A0000006E0000006E000000 - - - - 2619 - 000000000B000000000000000020000000000000FFFFFFFFFFFFFFFF20010000DF00000090050000E3000000000000000100001004000000010000000000000000000000FFFFFFFF06000000CB00000057010000CC000000F08B00005A01000079070000FFFF02000B004354616262656450616E6500200000000000008A000000A10000005203000031010000200100004F00000090050000DF0000000000000040280046060000000B446973617373656D626C7900000000CB00000001000000FFFFFFFFFFFFFFFF14506572666F726D616E636520416E616C797A6572000000005701000001000000FFFFFFFFFFFFFFFF14506572666F726D616E636520416E616C797A657200000000CC00000001000000FFFFFFFFFFFFFFFF0E4C6F67696320416E616C797A657200000000F08B000001000000FFFFFFFFFFFFFFFF0D436F646520436F766572616765000000005A01000001000000FFFFFFFFFFFFFFFF11496E737472756374696F6E205472616365000000007907000001000000FFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000000000000000000000001000000FFFFFFFFCB00000001000000FFFFFFFFCB000000000000000040000000000000FFFFFFFFFFFFFFFFFC0300004F0000000004000029020000000000000200001004000000010000000000000000000000FFFFFFFF17000000E2050000CA0900002D8C00002E8C00002F8C0000308C0000318C0000328C0000338C0000348C0000358C0000368C0000378C0000388C0000398C00003A8C00003B8C00003C8C00003D8C00003E8C00003F8C0000408C0000418C0000018000400000000000008A000000A10000001A02000031020000000400004F00000090050000290200000000000040410046170000000753796D626F6C7300000000E205000001000000FFFFFFFFFFFFFFFF0A5472616365204461746100000000CA09000001000000FFFFFFFFFFFFFFFF00000000002D8C000001000000FFFFFFFFFFFFFFFF00000000002E8C000001000000FFFFFFFFFFFFFFFF00000000002F8C000001000000FFFFFFFFFFFFFFFF0000000000308C000001000000FFFFFFFFFFFFFFFF0000000000318C000001000000FFFFFFFFFFFFFFFF0000000000328C000001000000FFFFFFFFFFFFFFFF0000000000338C000001000000FFFFFFFFFFFFFFFF0000000000348C000001000000FFFFFFFFFFFFFFFF0000000000358C000001000000FFFFFFFFFFFFFFFF0000000000368C000001000000FFFFFFFFFFFFFFFF0000000000378C000001000000FFFFFFFFFFFFFFFF0000000000388C000001000000FFFFFFFFFFFFFFFF0000000000398C000001000000FFFFFFFFFFFFFFFF00000000003A8C000001000000FFFFFFFFFFFFFFFF00000000003B8C000001000000FFFFFFFFFFFFFFFF00000000003C8C000001000000FFFFFFFFFFFFFFFF00000000003D8C000001000000FFFFFFFFFFFFFFFF00000000003E8C000001000000FFFFFFFFFFFFFFFF00000000003F8C000001000000FFFFFFFFFFFFFFFF0000000000408C000001000000FFFFFFFFFFFFFFFF0000000000418C000001000000FFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000000000000000000000001000000FFFFFFFFE205000001000000FFFFFFFFE2050000000000000010000001000000FFFFFFFFFFFFFFFF1C0100004F0000002001000061030000010000000200001004000000010000000000000000000000FFFFFFFF05000000ED0300006D000000C3000000C400000073940000018000100000010000008A000000A1000000A6010000E1020000000000004F0000001C010000610300000000000040140056050000000750726F6A65637401000000ED03000001000000FFFFFFFFFFFFFFFF05426F6F6B73010000006D00000001000000FFFFFFFFFFFFFFFF0946756E6374696F6E7301000000C300000001000000FFFFFFFFFFFFFFFF0954656D706C6174657301000000C400000001000000FFFFFFFFFFFFFFFF09526567697374657273000000007394000001000000FFFFFFFFFFFFFFFF00000000000000000000000000000000000000000000000001000000FFFFFFFFED03000001000000FFFFFFFFED030000000000000080000000000000FFFFFFFFFFFFFFFF0000000015020000900500001902000000000000010000100400000001000000000000000000000000000000000000000000000001000000C6000000FFFFFFFF0E0000008F070000930700009407000095070000960700009007000091070000B5010000B8010000B9050000BA050000BB050000BC050000CB090000018000400000000000008A000000A10000001A02000031020000000000001902000090050000BD02000000000000404100460E0000001343616C6C20537461636B202B204C6F63616C73000000008F07000001000000FFFFFFFFFFFFFFFF0755415254202331000000009307000001000000FFFFFFFFFFFFFFFF0755415254202332000000009407000001000000FFFFFFFFFFFFFFFF0755415254202333000000009507000001000000FFFFFFFFFFFFFFFF15446562756720287072696E74662920566965776572000000009607000001000000FFFFFFFFFFFFFFFF0757617463682031000000009007000001000000FFFFFFFFFFFFFFFF0757617463682032000000009107000001000000FFFFFFFFFFFFFFFF10547261636520457863657074696F6E7300000000B501000001000000FFFFFFFFFFFFFFFF0E4576656E7420436F756E7465727300000000B801000001000000FFFFFFFFFFFFFFFF084D656D6F7279203100000000B905000001000000FFFFFFFFFFFFFFFF084D656D6F7279203200000000BA05000001000000FFFFFFFFFFFFFFFF084D656D6F7279203300000000BB05000001000000FFFFFFFFFFFFFFFF084D656D6F7279203400000000BC05000001000000FFFFFFFFFFFFFFFF105472616365204E617669676174696F6E00000000CB09000001000000FFFFFFFFFFFFFFFFFFFFFFFF0000000001000000000000000000000001000000FFFFFFFFC802000019020000CC020000BD02000000000000020000000400000000000000000000000000000000000000000000000000000002000000C6000000FFFFFFFF8F07000001000000FFFFFFFF8F07000001000000C6000000000000000080000000000000FFFFFFFFFFFFFFFF0000000029020000900500002D020000000000000100001004000000010000000000000000000000FFFFFFFF04000000C5000000C7000000B401000077940000018000800000000000008A000000A10000005203000031010000000000002D02000090050000BD0200000000000040820046040000000C4275696C64204F757470757401000000C500000001000000FFFFFFFFFFFFFFFF0D46696E6420496E2046696C657300000000C700000001000000FFFFFFFFFFFFFFFF0A4572726F72204C69737400000000B401000001000000FFFFFFFFFFFFFFFF0742726F77736572000000007794000001000000FFFFFFFFFFFFFFFF00000000000000000000000000000000000000000000000001000000FFFFFFFFC500000001000000FFFFFFFFC5000000000000000000000000000000 - - - 59392 - File - - 2002 - 00200000010000002800FFFF01001100434D4643546F6F6C426172427574746F6E00E100000000000000000000000000000000000000000000000100000001000000018001E100000000000001000000000000000000000000000000000100000001000000018003E1000000000400020000000000000000000000000000000001000000010000000180CD7F0000000000000300000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF000000000000000000000000000100000001000000018023E100000000040004000000000000000000000000000000000100000001000000018022E100000000040005000000000000000000000000000000000100000001000000018025E10000000004000600000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF00000000000000000000000000010000000100000001802BE10000000004000700000000000000000000000000000000010000000100000001802CE10000000004000800000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF00000000000000000000000000010000000100000001807A8A0000000004000900000000000000000000000000000000010000000100000001807B8A0000000004000A00000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF0000000000000000000000000001000000010000000180D3B00000000004000B000000000000000000000000000000000100000001000000018015B10000000004000C0000000000000000000000000000000001000000010000000180F4B00000000004000D000000000000000000000000000000000100000001000000018036B10000000004000E00000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF0000000000000000000000000001000000010000000180FF88000000000400460000000000000000000000000000000001000000010000000180FE880000000004004500000000000000000000000000000000010000000100000001800B810000000004001300000000000000000000000000000000010000000100000001800C810000000004001400000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF0000000000000000000000000001000000010000000180F0880000020000000F000000000000000000000000000000000100000001000000FFFF0100120043555646696E64436F6D626F427574746F6EE803000000000400000000000000000000000000000000000001000000010000009600000002002050FFFFFFFF0096000000000000000000018024E10000000000001100000000000000000000000000000000010000000100000001800A810000000004001200000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF000000000000000000000000000100000001000000018022800000020000001500000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF0000000000000000000000000001000000010000000180C488000000000400160000000000000000000000000000000001000000010000000180C988000000000400180000000000000000000000000000000001000000010000000180C788000000000000190000000000000000000000000000000001000000010000000180C8880000000000001700000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF000000000000000000000000000100000001000000FFFF01001500434D4643546F6F6C4261724D656E75427574746F6E4C010000020001001A0000000F50726F6A6563742057696E646F7773000000000000000000000000010000000100000000000000000000000100000008002880DD880000000000001A0000000750726F6A656374000000000000000000000000010000000100000000000000000000000100000000002880DC8B0000000000003A00000005426F6F6B73000000000000000000000000010000000100000000000000000000000100000000002880E18B0000000000003B0000000946756E6374696F6E73000000000000000000000000010000000100000000000000000000000100000000002880E28B000000000000400000000954656D706C6174657300000000000000000000000001000000010000000000000000000000010000000000288018890000000000003D0000000E536F757263652042726F777365720000000000000000000000000100000001000000000000000000000001000000000028800000000000000400FFFFFFFF00000000000000000000000000010000000100000000000000000000000100000000002880D988000000000000390000000C4275696C64204F7574707574000000000000000000000000010000000100000000000000000000000100000000002880E38B000000000000410000000B46696E64204F75747075740000000000000000000000000100000001000000000000000000000001000000000001800000000001000000FFFFFFFF0000000000000000000000000001000000010000000180FB7F0000000000001B000000000000000000000000000000000100000001000000000000000446696C65FF7F0000 - - - 1423 - 2800FFFF01001100434D4643546F6F6C426172427574746F6E00E1000000000000FFFFFFFF000100000000000000010000000000000001000000018001E1000000000000FFFFFFFF000100000000000000010000000000000001000000018003E1000000000000FFFFFFFF0001000000000000000100000000000000010000000180CD7F000000000000FFFFFFFF00010000000000000001000000000000000100000001800000000000000000FFFFFFFF000000000000000000010000000000000001000000018023E1000000000000FFFFFFFF000100000000000000010000000000000001000000018022E1000000000000FFFFFFFF000100000000000000010000000000000001000000018025E1000000000000FFFFFFFF00010000000000000001000000000000000100000001800000000000000000FFFFFFFF00000000000000000001000000000000000100000001802BE1000000000000FFFFFFFF00010000000000000001000000000000000100000001802CE1000000000000FFFFFFFF00010000000000000001000000000000000100000001800000000000000000FFFFFFFF00000000000000000001000000000000000100000001807A8A000000000000FFFFFFFF00010000000000000001000000000000000100000001807B8A000000000000FFFFFFFF00010000000000000001000000000000000100000001800000000000000000FFFFFFFF0000000000000000000100000000000000010000000180D3B0000000000000FFFFFFFF000100000000000000010000000000000001000000018015B1000000000000FFFFFFFF0001000000000000000100000000000000010000000180F4B0000000000000FFFFFFFF000100000000000000010000000000000001000000018036B1000000000000FFFFFFFF00010000000000000001000000000000000100000001800000000000000000FFFFFFFF0000000000000000000100000000000000010000000180FF88000000000000FFFFFFFF0001000000000000000100000000000000010000000180FE88000000000000FFFFFFFF00010000000000000001000000000000000100000001800B81000000000000FFFFFFFF00010000000000000001000000000000000100000001800C81000000000000FFFFFFFF00010000000000000001000000000000000100000001800000000000000000FFFFFFFF0000000000000000000100000000000000010000000180F088000000000000FFFFFFFF0001000000000000000100000000000000010000000180EE7F000000000000FFFFFFFF000100000000000000010000000000000001000000018024E1000000000000FFFFFFFF00010000000000000001000000000000000100000001800A81000000000000FFFFFFFF00010000000000000001000000000000000100000001800000000000000000FFFFFFFF00000000000000000001000000000000000100000001802280000000000000FFFFFFFF00010000000000000001000000000000000100000001800000000000000000FFFFFFFF0000000000000000000100000000000000010000000180C488000000000000FFFFFFFF0001000000000000000100000000000000010000000180C988000000000000FFFFFFFF0001000000000000000100000000000000010000000180C788000000000000FFFFFFFF0001000000000000000100000000000000010000000180C888000000000000FFFFFFFF00010000000000000001000000000000000100000001800000000000000000FFFFFFFF0000000000000000000100000000000000010000000180DD88000000000000FFFFFFFF00010000000000000001000000000000000100000001800000000000000000FFFFFFFF0000000000000000000100000000000000010000000180FB7F000000000000FFFFFFFF000100000000000000010000000000000001000000 - - - 1423 - 2800FFFF01001100434D4643546F6F6C426172427574746F6E00E100000000000000000000000000000000000000000000000100000001000000018001E100000000000001000000000000000000000000000000000100000001000000018003E1000000000000020000000000000000000000000000000001000000010000000180CD7F0000000000000300000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF000000000000000000000000000100000001000000018023E100000000000004000000000000000000000000000000000100000001000000018022E100000000000005000000000000000000000000000000000100000001000000018025E10000000000000600000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF00000000000000000000000000010000000100000001802BE10000000000000700000000000000000000000000000000010000000100000001802CE10000000000000800000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF00000000000000000000000000010000000100000001807A8A0000000000000900000000000000000000000000000000010000000100000001807B8A0000000000000A00000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF0000000000000000000000000001000000010000000180D3B00000000000000B000000000000000000000000000000000100000001000000018015B10000000000000C0000000000000000000000000000000001000000010000000180F4B00000000000000D000000000000000000000000000000000100000001000000018036B10000000000000E00000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF0000000000000000000000000001000000010000000180FF880000000000000F0000000000000000000000000000000001000000010000000180FE880000000000001000000000000000000000000000000000010000000100000001800B810000000000001100000000000000000000000000000000010000000100000001800C810000000000001200000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF0000000000000000000000000001000000010000000180F088000000000000130000000000000000000000000000000001000000010000000180EE7F00000000000014000000000000000000000000000000000100000001000000018024E10000000000001500000000000000000000000000000000010000000100000001800A810000000000001600000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF000000000000000000000000000100000001000000018022800000000000001700000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF0000000000000000000000000001000000010000000180C488000000000000180000000000000000000000000000000001000000010000000180C988000000000000190000000000000000000000000000000001000000010000000180C7880000000000001A0000000000000000000000000000000001000000010000000180C8880000000000001B00000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF0000000000000000000000000001000000010000000180DD880000000000001C00000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF0000000000000000000000000001000000010000000180FB7F0000000000001D000000000000000000000000000000000100000001000000 - - - - 59399 - Build - - 649 - 00200000010000000F00FFFF01001100434D4643546F6F6C426172427574746F6ECF7F0000000004001C0000000000000000000000000000000001000000010000000180D07F0000000000001D000000000000000000000000000000000100000001000000018030800000000000001E00000000000000000000000000000000010000000100000001809E8A0000000004001F0000000000000000000000000000000001000000010000000180D17F0000000004002000000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF00000000000000000000000000010000000100000001804C8A0000000000002100000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF000000000000000000000000000100000001000000FFFF01001900434D4643546F6F6C426172436F6D626F426F78427574746F6EBA00000000000000000000000000000000000000000000000001000000010000009600000003002050000000000B43796153534C2D46756C6C960000000000000001000B43796153534C2D46756C6C000000000180EB880000000000002200000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF0000000000000000000000000001000000010000000180C07F000000000000230000000000000000000000000000000001000000010000000180B08A000000000400240000000000000000000000000000000001000000010000000180A8010000000000004E0000000000000000000000000000000001000000010000000180BE010000000000005000000000000000000000000000000000010000000100000000000000054275696C64FF7F0000 - - - 548 - 0F00FFFF01001100434D4643546F6F6C426172427574746F6ECF7F000000000000FFFFFFFF0001000000000000000100000000000000010000000180D07F000000000000FFFFFFFF00010000000000000001000000000000000100000001803080000000000000FFFFFFFF00010000000000000001000000000000000100000001809E8A000000000000FFFFFFFF0001000000000000000100000000000000010000000180D17F000000000000FFFFFFFF00010000000000000001000000000000000100000001800000000000000000FFFFFFFF00000000000000000001000000000000000100000001804C8A000000000000FFFFFFFF00010000000000000001000000000000000100000001800000000000000000FFFFFFFF00000000000000000001000000000000000100000001806680000000000000FFFFFFFF0001000000000000000100000000000000010000000180EB88000000000000FFFFFFFF00010000000000000001000000000000000100000001800000000000000000FFFFFFFF0000000000000000000100000000000000010000000180C07F000000000000FFFFFFFF0001000000000000000100000000000000010000000180B08A000000000000FFFFFFFF0001000000000000000100000000000000010000000180A801000000000000FFFFFFFF0001000000000000000100000000000000010000000180BE01000000000000FFFFFFFF000100000000000000010000000000000001000000 - - - 548 - 0F00FFFF01001100434D4643546F6F6C426172427574746F6ECF7F000000000000000000000000000000000000000000000001000000010000000180D07F00000000000001000000000000000000000000000000000100000001000000018030800000000000000200000000000000000000000000000000010000000100000001809E8A000000000000030000000000000000000000000000000001000000010000000180D17F0000000000000400000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF00000000000000000000000000010000000100000001804C8A0000000000000500000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF00000000000000000000000000010000000100000001806680000000000000060000000000000000000000000000000001000000010000000180EB880000000000000700000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF0000000000000000000000000001000000010000000180C07F000000000000080000000000000000000000000000000001000000010000000180B08A000000000000090000000000000000000000000000000001000000010000000180A8010000000000000A0000000000000000000000000000000001000000010000000180BE010000000000000B000000000000000000000000000000000100000001000000 - - - - 59400 - Debug - - 2220 - 00200000000000001900FFFF01001100434D4643546F6F6C426172427574746F6ECC880000000000002500000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF000000000000000000000000000100000001000000018017800000000000002600000000000000000000000000000000010000000100000001801D800000000000002700000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF00000000000000000000000000010000000100000001801A800000000000002800000000000000000000000000000000010000000100000001801B80000000000000290000000000000000000000000000000001000000010000000180E57F0000000000002A00000000000000000000000000000000010000000100000001801C800000000000002B00000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF000000000000000000000000000100000001000000018000890000000000002C00000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF0000000000000000000000000001000000010000000180E48B0000000000002D0000000000000000000000000000000001000000010000000180F07F0000000000002E0000000000000000000000000000000001000000010000000180E8880000000000003700000000000000000000000000000000010000000100000001803B010000000000002F0000000000000000000000000000000001000000010000000180BB8A00000000000030000000000000000000000000000000000100000001000000FFFF01001500434D4643546F6F6C4261724D656E75427574746F6E0E01000000000000310000000D57617463682057696E646F7773000000000000000000000000010000000100000000000000000000000100000002001380D88B000000000000310000000757617463682031000000000000000000000000010000000100000000000000000000000100000000001380D98B0000000000003100000007576174636820320000000000000000000000000100000001000000000000000000000001000000000013800F01000000000000320000000E4D656D6F72792057696E646F7773000000000000000000000000010000000100000000000000000000000100000004001380D28B00000000000032000000084D656D6F72792031000000000000000000000000010000000100000000000000000000000100000000001380D38B00000000000032000000084D656D6F72792032000000000000000000000000010000000100000000000000000000000100000000001380D48B00000000000032000000084D656D6F72792033000000000000000000000000010000000100000000000000000000000100000000001380D58B00000000000032000000084D656D6F727920340000000000000000000000000100000001000000000000000000000001000000000013801001000000000000330000000E53657269616C2057696E646F77730000000000000000000000000100000001000000000000000000000001000000040013809307000000000000330000000755415254202331000000000000000000000000010000000100000000000000000000000100000000001380940700000000000033000000075541525420233200000000000000000000000001000000010000000000000000000000010000000000138095070000000000003300000007554152542023330000000000000000000000000100000001000000000000000000000001000000000013809607000000000000330000000E49544D2F525441205669657765720000000000000000000000000100000001000000000000000000000001000000000013803C010000000000003400000010416E616C797369732057696E646F7773000000000000000000000000010000000100000000000000000000000100000003001380658A000000000000340000000E4C6F67696320416E616C797A6572000000000000000000000000010000000100000000000000000000000100000000001380DC7F0000000000003E00000014506572666F726D616E636520416E616C797A6572000000000000000000000000010000000100000000000000000000000100000000001380E788000000000000380000000D436F646520436F76657261676500000000000000000000000001000000010000000000000000000000010000000000138053010000000000003F0000000D54726163652057696E646F77730000000000000000000000000100000001000000000000000000000001000000010013805401000000000000FFFFFFFF115472616365204D656E7520416E63686F720100000000000000000000000100000001000000000000000000000001000000000013802901000000000000350000001553797374656D205669657765722057696E646F77730000000000000000000000000100000001000000000000000000000001000000010013804B01000000000000FFFFFFFF1453797374656D2056696577657220416E63686F720100000000000000000000000100000001000000000000000000000001000000000001800000000001000000FFFFFFFF000000000000000000000000000100000001000000138001890000000000003600000007546F6F6C626F7800000000000000000000000001000000010000000000000000000000010000000300138044C5000000000000FFFFFFFF0E5570646174652057696E646F77730100000000000000000000000100000001000000000000000000000001000000000013800000000000000400FFFFFFFF000000000000000000000000000100000001000000000000000000000001000000000013805B01000000000000FFFFFFFF12546F6F6C626F78204D656E75416E63686F720100000000000000000000000100000001000000000000000000000001000000000000000000054465627567FF7F0000 - - - 898 - 1900FFFF01001100434D4643546F6F6C426172427574746F6ECC88000000000000FFFFFFFF00010000000000000001000000000000000100000001800000000000000000FFFFFFFF00000000000000000001000000000000000100000001801780000000000000FFFFFFFF00010000000000000001000000000000000100000001801D80000000000000FFFFFFFF00010000000000000001000000000000000100000001800000000000000000FFFFFFFF00000000000000000001000000000000000100000001801A80000000000000FFFFFFFF00010000000000000001000000000000000100000001801B80000000000000FFFFFFFF0001000000000000000100000000000000010000000180E57F000000000000FFFFFFFF00010000000000000001000000000000000100000001801C80000000000000FFFFFFFF00010000000000000001000000000000000100000001800000000000000000FFFFFFFF00000000000000000001000000000000000100000001800089000000000000FFFFFFFF00010000000000000001000000000000000100000001800000000000000000FFFFFFFF0000000000000000000100000000000000010000000180E48B000000000000FFFFFFFF0001000000000000000100000000000000010000000180F07F000000000000FFFFFFFF0001000000000000000100000000000000010000000180E888000000000000FFFFFFFF00010000000000000001000000000000000100000001803B01000000000000FFFFFFFF0001000000000000000100000000000000010000000180BB8A000000000000FFFFFFFF0001000000000000000100000000000000010000000180D88B000000000000FFFFFFFF0001000000000000000100000000000000010000000180D28B000000000000FFFFFFFF00010000000000000001000000000000000100000001809307000000000000FFFFFFFF0001000000000000000100000000000000010000000180658A000000000000FFFFFFFF0001000000000000000100000000000000010000000180C18A000000000000FFFFFFFF0001000000000000000100000000000000010000000180EE8B000000000000FFFFFFFF00010000000000000001000000000000000100000001800000000000000000FFFFFFFF00000000000000000001000000000000000100000001800189000000000000FFFFFFFF000100000000000000010000000000000001000000 - - - 898 - 1900FFFF01001100434D4643546F6F6C426172427574746F6ECC880000000000000000000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF000000000000000000000000000100000001000000018017800000000000000100000000000000000000000000000000010000000100000001801D800000000000000200000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF00000000000000000000000000010000000100000001801A800000000000000300000000000000000000000000000000010000000100000001801B80000000000000040000000000000000000000000000000001000000010000000180E57F0000000000000500000000000000000000000000000000010000000100000001801C800000000000000600000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF000000000000000000000000000100000001000000018000890000000000000700000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF0000000000000000000000000001000000010000000180E48B000000000000080000000000000000000000000000000001000000010000000180F07F000000000000090000000000000000000000000000000001000000010000000180E8880000000000000A00000000000000000000000000000000010000000100000001803B010000000000000B0000000000000000000000000000000001000000010000000180BB8A0000000000000C0000000000000000000000000000000001000000010000000180D88B0000000000000D0000000000000000000000000000000001000000010000000180D28B0000000000000E000000000000000000000000000000000100000001000000018093070000000000000F0000000000000000000000000000000001000000010000000180658A000000000000100000000000000000000000000000000001000000010000000180C18A000000000000110000000000000000000000000000000001000000010000000180EE8B0000000000001200000000000000000000000000000000010000000100000001800000000001000000FFFFFFFF0000000000000000000000000001000000010000000180018900000000000013000000000000000000000000000000000100000001000000 - - - - 0 - 1920 - 1080 - - - - - - - diff --git a/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full_CyaSSL-Full.dep b/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full_CyaSSL-Full.dep deleted file mode 100644 index 966cbe457..000000000 --- a/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full_CyaSSL-Full.dep +++ /dev/null @@ -1,79 +0,0 @@ -Dependencies for Project 'CyaSSL-Full', Target 'CyaSSL-Full': (DO NOT MODIFY !) -F (.\main.c)(0x52675C4A)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\main.o --omf_browse .\object\main.crf --depend .\object\main.d) -F (.\shell.c)(0x523B984C)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\shell.o --omf_browse .\object\shell.crf --depend .\object\shell.d) -F (.\test.c)(0x524E6E34)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\test.o --omf_browse .\object\test.crf --depend .\object\test.d) -F (.\benchmark.c)(0x5232780E)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\benchmark.o --omf_browse .\object\benchmark.crf --depend .\object\benchmark.d) -F (.\client.c)(0x523AC4A0)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\client.o --omf_browse .\object\client.crf --depend .\object\client.d) -F (.\echoclient.c)(0x523277E2)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\echoclient.o --omf_browse .\object\echoclient.crf --depend .\object\echoclient.d) -F (.\echoserver.c)(0x523277D4)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\echoserver.o --omf_browse .\object\echoserver.crf --depend .\object\echoserver.d) -F (.\server.c)(0x523AC4BA)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\server.o --omf_browse .\object\server.crf --depend .\object\server.d) -F (.\cert_data.c)(0x523277FE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\cert_data.o --omf_browse .\object\cert_data.crf --depend .\object\cert_data.d) -F (.\RTE\wolfSSL\config-CyaSSL.h)(0x523279FE)() -F (.\RTE\wolfSSL\config-Crypt.h)(0x52327A08)() -F (.\Abstract.txt)(0x526765CD)() -F (C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\Lib\ARM\RTX_CM3.lib)(0x5244BA9A)() -F (RTE\CMSIS\RTX_Conf_CM.c)(0x522BC824)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\rtx_conf_cm.o --omf_browse .\object\rtx_conf_cm.crf --depend .\object\rtx_conf_cm.d) -F (C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver\DMA_STM32F2xx.c)(0x520AB72C)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\dma_stm32f2xx.o --omf_browse .\object\dma_stm32f2xx.crf --depend .\object\dma_stm32f2xx.d) -F (C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver\GPIO_STM32F2xx.c)(0x514117F8)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\gpio_stm32f2xx.o --omf_browse .\object\gpio_stm32f2xx.crf --depend .\object\gpio_stm32f2xx.d) -F (RTE\Device\STM32F207IG\RTE_Device.h)(0x520C57EA)() -F (RTE\Device\STM32F207IG\startup_stm32f2xx.s)(0x524C04BE)(--cpu Cortex-M3 --pd "__RTX SETA 1" -g --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL --list .\object\startup_stm32f2xx.lst --xref -o .\object\startup_stm32f2xx.o --depend .\object\startup_stm32f2xx.d) -F (RTE\Device\STM32F207IG\system_stm32f2xx.c)(0x4E640246)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\system_stm32f2xx.o --omf_browse .\object\system_stm32f2xx.crf --depend .\object\system_stm32f2xx.d) -F (C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Driver\PHY_ST802RT1.c)(0x52411D22)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\phy_st802rt1.o --omf_browse .\object\phy_st802rt1.crf --depend .\object\phy_st802rt1.d) -F (C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver\EMAC_STM32F2xx.c)(0x52328C8E)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\emac_stm32f2xx.o --omf_browse .\object\emac_stm32f2xx.crf --depend .\object\emac_stm32f2xx.d) -F (C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver\MCI_STM32F2xx.c)(0x52324BC0)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\mci_stm32f2xx.o --omf_browse .\object\mci_stm32f2xx.crf --depend .\object\mci_stm32f2xx.d) -F (C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib)(0x524362F0)() -F (RTE\File_System\FS_Config.c)(0x51CBD1D2)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\fs_config.o --omf_browse .\object\fs_config.crf --depend .\object\fs_config.d) -F (RTE\File_System\FS_Config_MC_0.h)(0x520C36F0)() -F (C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Lib\ARM\Net_Dbg_CM3_L.lib)(0x524B8A0E)() -F (RTE\Network\Net_Config.c)(0x520C5816)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\net_config.o --omf_browse .\object\net_config.crf --depend .\object\net_config.d) -F (RTE\Network\Net_Config_BSD.h)(0x52326150)() -F (RTE\Network\Net_Config_DNS_Client.h)(0x51CBD1D2)() -F (RTE\Network\Net_Config_ETH_0.h)(0x520C56DC)() -F (RTE\Network\Net_Config_TCP.h)(0x52326152)() -F (RTE\Network\Net_Config_UDP.h)(0x52326152)() -F (RTE\Network\Net_Debug.c)(0x523BA1F2)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\net_debug.o --omf_browse .\object\net_debug.crf --depend .\object\net_debug.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL\cyassl_MDK_ARM.c)(0x523AC74C)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\cyassl_mdk_arm.o --omf_browse .\object\cyassl_mdk_arm.crf --depend .\object\cyassl_mdk_arm.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\STM32F2xx_StdPeriph_Lib\time-STM32F2xx.c)(0x525754AE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\time-stm32f2xx.o --omf_browse .\object\time-stm32f2xx.crf --depend .\object\time-stm32f2xx.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\aes.c)(0x5216DBDE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\aes.o --omf_browse .\object\aes.crf --depend .\object\aes.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\arc4.c)(0x5164C8AE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\arc4.o --omf_browse .\object\arc4.crf --depend .\object\arc4.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\asm.c)(0x5164C8AE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\asm.o --omf_browse .\object\asm.crf --depend .\object\asm.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\asn.c)(0x52329E8A)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\asn.o --omf_browse .\object\asn.crf --depend .\object\asn.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\blake2b.c)(0x5164C8AE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\blake2b.o --omf_browse .\object\blake2b.crf --depend .\object\blake2b.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\camellia.c)(0x51DA2952)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\camellia.o --omf_browse .\object\camellia.crf --depend .\object\camellia.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\coding.c)(0x5164C8AE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\coding.o --omf_browse .\object\coding.crf --depend .\object\coding.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\compress.c)(0x5164C8AE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\compress.o --omf_browse .\object\compress.crf --depend .\object\compress.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\des3.c)(0x51DA2952)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\des3.o --omf_browse .\object\des3.crf --depend .\object\des3.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\dh.c)(0x5164C8AE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\dh.o --omf_browse .\object\dh.crf --depend .\object\dh.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\dsa.c)(0x5164C8AE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\dsa.o --omf_browse .\object\dsa.crf --depend .\object\dsa.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\ecc.c)(0x5215D7AC)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\ecc.o --omf_browse .\object\ecc.crf --depend .\object\ecc.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\ecc_fp.c)(0x4FBF1BB4)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\ecc_fp.o --omf_browse .\object\ecc_fp.crf --depend .\object\ecc_fp.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\error.c)(0x520063E0)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\error.o --omf_browse .\object\error.crf --depend .\object\error.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\hc128.c)(0x51DA2952)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\hc128.o --omf_browse .\object\hc128.crf --depend .\object\hc128.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\hmac.c)(0x51942D42)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\hmac.o --omf_browse .\object\hmac.crf --depend .\object\hmac.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\integer.c)(0x51F0CCBE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\integer.o --omf_browse .\object\integer.crf --depend .\object\integer.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\logging.c)(0x51942D42)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\logging.o --omf_browse .\object\logging.crf --depend .\object\logging.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\md2.c)(0x5164C8AE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\md2.o --omf_browse .\object\md2.crf --depend .\object\md2.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\md4.c)(0x5164C8AE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\md4.o --omf_browse .\object\md4.crf --depend .\object\md4.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\md5.c)(0x51942D42)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\md5.o --omf_browse .\object\md5.crf --depend .\object\md5.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\memory.c)(0x523ABC8A)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\memory.o --omf_browse .\object\memory.crf --depend .\object\memory.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\misc.c)(0x51942D42)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\misc.o --omf_browse .\object\misc.crf --depend .\object\misc.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\pwdbased.c)(0x51942D42)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\pwdbased.o --omf_browse .\object\pwdbased.crf --depend .\object\pwdbased.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\rabbit.c)(0x51DA2952)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\rabbit.o --omf_browse .\object\rabbit.crf --depend .\object\rabbit.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\random.c)(0x51BA9FE8)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\random.o --omf_browse .\object\random.crf --depend .\object\random.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\ripemd.c)(0x5164C8AE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\ripemd.o --omf_browse .\object\ripemd.crf --depend .\object\ripemd.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\rsa.c)(0x5164C8AE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\rsa.o --omf_browse .\object\rsa.crf --depend .\object\rsa.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\sha.c)(0x51942D42)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\sha.o --omf_browse .\object\sha.crf --depend .\object\sha.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\sha256.c)(0x5164C8AE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\sha256.o --omf_browse .\object\sha256.crf --depend .\object\sha256.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\sha512.c)(0x5164C8AE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\sha512.o --omf_browse .\object\sha512.crf --depend .\object\sha512.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\ctaocrypt\src\tfm.c)(0x51F0CCBE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\tfm.o --omf_browse .\object\tfm.crf --depend .\object\tfm.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\src\crl.c)(0x5164C8AE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\crl.o --omf_browse .\object\crl.crf --depend .\object\crl.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\src\internal.c)(0x52663ACA)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\internal.o --omf_browse .\object\internal.crf --depend .\object\internal.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\src\io.c)(0x5232A8CE)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\io.o --omf_browse .\object\io.crf --depend .\object\io.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\src\keys.c)(0x521C327A)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\keys.o --omf_browse .\object\keys.crf --depend .\object\keys.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\src\ocsp.c)(0x51C7D2F0)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\ocsp.o --omf_browse .\object\ocsp.crf --depend .\object\ocsp.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\src\sniffer.c)(0x5204A7E4)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\sniffer.o --omf_browse .\object\sniffer.crf --depend .\object\sniffer.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\src\ssl.c)(0x524BE6BC)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\ssl.o --omf_browse .\object\ssl.crf --depend .\object\ssl.d) -F (C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\src\tls.c)(0x524E69A6)(-c --cpu Cortex-M3 -D__RTX -g -O3 --apcs=interwork -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\Device\STM32F207IG -I C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\RTE\wolfSSL -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Driver\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS\Include -I C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.3\CMSIS_RTX\INC -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\FileSystem\Include -I C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.2\Network\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\Device\Include -I C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.4\RTE_Driver -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl -I C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.0\cyassl\IDE\MDK5-ARM\MDK-ARM\CyaSSL -D_RTE_ -DSTM32F2XX -DHAVE_CONFIG_H -D__DBG_ITM -D__RTX -DMDK_CONF_CYASSL -DCYASSL_STM32F2xx -o .\object\tls.o --omf_browse .\object\tls.crf --depend .\object\tls.d) -F (RTE\wolfSSL\config-Crypt.h)(0x52327A08)() -F (RTE\wolfSSL\config-CyaSSL.h)(0x523279FE)() -F (RTE\wolfSSL\config.h)(0x524BE316)() diff --git a/IDE/MDK5-ARM/Projects/CyaSSL-Full/Object/CyaSSL-Full.build_log.htm b/IDE/MDK5-ARM/Projects/CyaSSL-Full/Object/CyaSSL-Full.build_log.htm deleted file mode 100644 index dc05157d2..000000000 --- a/IDE/MDK5-ARM/Projects/CyaSSL-Full/Object/CyaSSL-Full.build_log.htm +++ /dev/null @@ -1,12 +0,0 @@ - - -
-
µVision Build Log

-
Project:

-C:\ROOT\CyaSSL-Release\MDK5-Pack-2.8.0\wolfSSL.CyaSSL\cyassl\IDE\MDK5-ARM\Projects\CyaSSL-Full\CyaSSL-Full.uvprojx
-Project File Date:  10/23/2013
-
-
Output:

-
- - From 234f8382cc173b4414b8ba5891908a80b06a63dd Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Thu, 28 Nov 2013 12:21:10 +0900 Subject: [PATCH 025/135] mplabx, cleaned --- mplabx/benchmark_main_save.c | 133 ----------------------------------- 1 file changed, 133 deletions(-) delete mode 100644 mplabx/benchmark_main_save.c diff --git a/mplabx/benchmark_main_save.c b/mplabx/benchmark_main_save.c deleted file mode 100644 index 9918e56c4..000000000 --- a/mplabx/benchmark_main_save.c +++ /dev/null @@ -1,133 +0,0 @@ -/* benchmark_main.c - * - * Copyright (C) 2006-2013 wolfSSL Inc. - * - * This file is part of CyaSSL. - * - * CyaSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * CyaSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ -#if defined(CYASSL_MICROCHIP_PIC32MZ) - #define MICROCHIP_PIC32 - #include - #pragma config ICESEL = ICS_PGx2 - /* ICE/ICD Comm Channel Select (Communicate on PGEC2/PGED2) */ - #include "PIC32MZ-serial.h" - #define SYSTEMConfigPerformance /* void out SYSTEMConfigPerformance(); */ -#else - #define PIC32_STARTER_KIT - #include - #include - #include - #define init_serial() /* void out init_serial() ; */ -#endif - -void bench_des(void); -void bench_arc4(void); -void bench_hc128(void); -void bench_rabbit(void); -void bench_aes(int); -void bench_aesgcm(void); - -void bench_md5(void); -void bench_sha(void); -void bench_sha256(void); -void bench_sha512(void); -void bench_ripemd(void); - -void bench_rsa(void); -void bench_rsaKeyGen(void); -void bench_dh(void); -#ifdef HAVE_ECC -void bench_eccKeyGen(void); -void bench_eccKeyAgree(void); -#endif - -/* - * Main driver for CTaoCrypt benchmarks. - */ -int main(int argc, char** argv) { - volatile int i ; - int j ; - - init_serial() ; /* initialize PIC32MZ serial I/O */ - SYSTEMConfigPerformance(80000000); - DBINIT(); - - current_time(1) ; - for(j=0; j<100; j++) { - for(i=0; i<100000; i++) ; - printf("%f\n", current_time(0)) ; - } - - printf("wolfCrypt Benchmark:\n"); - -#ifndef NO_AES - bench_aes(0); - bench_aes(1); -#endif -#ifdef HAVE_AESGCM - bench_aesgcm(); -#endif -#ifndef NO_RC4 - bench_arc4(); -#endif -#ifdef HAVE_HC128 - bench_hc128(); -#endif -#ifndef NO_RABBIT - bench_rabbit(); -#endif -#ifndef NO_DES3 - bench_des(); -#endif - - printf("\n"); - -#ifndef NO_MD5 - bench_md5(); -#endif - bench_sha(); -#ifndef NO_SHA256 - bench_sha256(); -#endif -#ifdef CYASSL_SHA512 - bench_sha512(); -#endif -#ifdef CYASSL_RIPEMD - bench_ripemd(); -#endif - - printf("\n"); - -#ifndef NO_RSA - bench_rsa(); -#endif - -#ifndef NO_DH - bench_dh(); -#endif - -#if defined(CYASSL_KEY_GEN) && !defined(NO_RSA) - bench_rsaKeyGen(); -#endif - -#ifdef HAVE_ECC - bench_eccKeyGen(); - bench_eccKeyAgree(); -#endif - printf("End of wolfCrypt Benchmark:\n"); - return 0; -} - From f8b30b3379575d75578a3bfe851bc8e2874ea4fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Mon, 2 Dec 2013 15:50:21 -0300 Subject: [PATCH 026/135] changing variable names to build on Ubuntu. --- cyassl/ssl.h | 2 +- src/ssl.c | 6 +++--- src/tls.c | 60 ++++++++++++++++++++++++++-------------------------- 3 files changed, 34 insertions(+), 34 deletions(-) diff --git a/cyassl/ssl.h b/cyassl/ssl.h index f462ab1d2..b504218d1 100644 --- a/cyassl/ssl.h +++ b/cyassl/ssl.h @@ -1188,7 +1188,7 @@ CYASSL_API unsigned short CyaSSL_SNI_GetRequest(CYASSL *ssl, unsigned char type, void** data); CYASSL_API int CyaSSL_SNI_GetFromBuffer( - const unsigned char* buffer, unsigned int bufferSz, + const unsigned char* clientHello, unsigned int helloSz, unsigned char type, unsigned char* sni, unsigned int* inOutSz); #endif /* NO_CYASSL_SERVER */ diff --git a/src/ssl.c b/src/ssl.c index fcf500e27..827369fcf 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -568,11 +568,11 @@ word16 CyaSSL_SNI_GetRequest(CYASSL* ssl, byte type, void** data) return 0; } -int CyaSSL_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, byte type, +int CyaSSL_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz, byte type, byte* sni, word32* inOutSz) { - if (buffer && bufferSz > 0 && sni && inOutSz && inOutSz > 0) - return TLSX_SNI_GetFromBuffer(buffer, bufferSz, type, sni, inOutSz); + if (clientHello && helloSz > 0 && sni && inOutSz && *inOutSz > 0) + return TLSX_SNI_GetFromBuffer(clientHello, helloSz, type, sni, inOutSz); return BAD_FUNC_ARG; } diff --git a/src/tls.c b/src/tls.c index 0b025ecef..3c07255e7 100644 --- a/src/tls.c +++ b/src/tls.c @@ -863,92 +863,92 @@ void TLSX_SNI_SetOptions(TLSX* extensions, byte type, byte options) sni->options = options; } -int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, +int TLSX_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz, byte type, byte* sni, word32* inOutSz) { word32 offset = 0; word32 len32 = 0; word16 len16 = 0; - if (bufferSz < RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ + CLIENT_HELLO_FIRST) + if (helloSz < RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ + CLIENT_HELLO_FIRST) return INCOMPLETE_DATA; /* TLS record header */ - if ((enum ContentType) buffer[offset++] != handshake) + if ((enum ContentType) clientHello[offset++] != handshake) return BUFFER_ERROR; - if (buffer[offset++] != SSLv3_MAJOR) + if (clientHello[offset++] != SSLv3_MAJOR) return BUFFER_ERROR; - if (buffer[offset++] < TLSv1_MINOR) + if (clientHello[offset++] < TLSv1_MINOR) return BUFFER_ERROR; - ato16(buffer + offset, &len16); + ato16(clientHello + offset, &len16); offset += OPAQUE16_LEN; - if (offset + len16 > bufferSz) + if (offset + len16 > helloSz) return INCOMPLETE_DATA; /* Handshake header */ - if ((enum HandShakeType) buffer[offset] != client_hello) + if ((enum HandShakeType) clientHello[offset] != client_hello) return BUFFER_ERROR; - c24to32(buffer + offset + 1, &len32); + c24to32(clientHello + offset + 1, &len32); offset += HANDSHAKE_HEADER_SZ; - if (offset + len32 > bufferSz) + if (offset + len32 > helloSz) return INCOMPLETE_DATA; /* client hello */ offset += VERSION_SZ + RAN_LEN; /* version, random */ - if (bufferSz < offset + buffer[offset]) + if (helloSz < offset + clientHello[offset]) return INCOMPLETE_DATA; - offset += ENUM_LEN + buffer[offset]; /* skip session id */ + offset += ENUM_LEN + clientHello[offset]; /* skip session id */ /* cypher suites */ - if (bufferSz < offset + OPAQUE16_LEN) + if (helloSz < offset + OPAQUE16_LEN) return INCOMPLETE_DATA; - ato16(buffer + offset, &len16); + ato16(clientHello + offset, &len16); offset += OPAQUE16_LEN; - if (bufferSz < offset + len16) + if (helloSz < offset + len16) return INCOMPLETE_DATA; offset += len16; /* skip cypher suites */ /* compression methods */ - if (bufferSz < offset + 1) + if (helloSz < offset + 1) return INCOMPLETE_DATA; - if (bufferSz < offset + buffer[offset]) + if (helloSz < offset + clientHello[offset]) return INCOMPLETE_DATA; - offset += ENUM_LEN + buffer[offset]; /* skip compression methods */ + offset += ENUM_LEN + clientHello[offset]; /* skip compression methods */ /* extensions */ - if (bufferSz < offset + OPAQUE16_LEN) + if (helloSz < offset + OPAQUE16_LEN) return 0; /* no extensions in client hello. */ - ato16(buffer + offset, &len16); + ato16(clientHello + offset, &len16); offset += OPAQUE16_LEN; - if (bufferSz < offset + len16) + if (helloSz < offset + len16) return INCOMPLETE_DATA; while (len16 > OPAQUE16_LEN + OPAQUE16_LEN) { word16 extType; word16 extLen; - ato16(buffer + offset, &extType); + ato16(clientHello + offset, &extType); offset += OPAQUE16_LEN; - ato16(buffer + offset, &extLen); + ato16(clientHello + offset, &extLen); offset += OPAQUE16_LEN; - if (bufferSz < offset + extLen) + if (helloSz < offset + extLen) return INCOMPLETE_DATA; if (extType != SERVER_NAME_INDICATION) { @@ -956,20 +956,20 @@ int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, } else { word16 listLen; - ato16(buffer + offset, &listLen); + ato16(clientHello + offset, &listLen); offset += OPAQUE16_LEN; - if (bufferSz < offset + listLen) + if (helloSz < offset + listLen) return INCOMPLETE_DATA; while (listLen > ENUM_LEN + OPAQUE16_LEN) { - byte sniType = buffer[offset++]; + byte sniType = clientHello[offset++]; word16 sniLen; - ato16(buffer + offset, &sniLen); + ato16(clientHello + offset, &sniLen); offset += OPAQUE16_LEN; - if (bufferSz < offset + sniLen) + if (helloSz < offset + sniLen) return INCOMPLETE_DATA; if (sniType != type) { @@ -979,7 +979,7 @@ int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, } *inOutSz = min(sniLen, *inOutSz); - XMEMCPY(sni, buffer + offset, *inOutSz); + XMEMCPY(sni, clientHello + offset, *inOutSz); return SSL_SUCCESS; } From 384cc9d3daa9ccedb05262c6ee181460f621d752 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Mon, 2 Dec 2013 16:01:55 -0300 Subject: [PATCH 027/135] adding truncated_hmac to tlsx --- configure.ac | 3 ++- src/tls.c | 3 --- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/configure.ac b/configure.ac index 34d37f647..d851731cf 100644 --- a/configure.ac +++ b/configure.ac @@ -1191,7 +1191,8 @@ if test "x$ENABLED_TLSX" = "xyes" then ENABLED_SNI=yes ENABLED_MAX_FRAGMENT=yes - AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT" + ENABLED_TRUNCATED_HMAC=yes + AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC" fi #valgrind diff --git a/src/tls.c b/src/tls.c index 3c07255e7..3d9a83a20 100644 --- a/src/tls.c +++ b/src/tls.c @@ -1141,9 +1141,6 @@ static int TLSX_THM_Parse(CYASSL* ssl, byte* input, word16 length, ssl->truncated_hmac = 1; -#error "TRUNCATED HMAC IS NOT FINISHED YET \ -(contact moises@wolfssl.com for more info)" - return 0; } From 0c1e02ddd04c1585c89b71919c0d5e1370e69c3e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Mon, 2 Dec 2013 16:08:17 -0300 Subject: [PATCH 028/135] added truncated_hmac handing on SanityCheckCipherText, VerifyMac and BuildMessage --- cyassl/internal.h | 1 + src/internal.c | 39 ++++++++++++++++++++++++++++++++------- 2 files changed, 33 insertions(+), 7 deletions(-) diff --git a/cyassl/internal.h b/cyassl/internal.h index 4d25bda6a..1d81f043a 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -608,6 +608,7 @@ enum Misc { CERT_HEADER_SZ = 3, /* always 3 bytes */ REQ_HEADER_SZ = 2, /* cert request header sz */ HINT_LEN_SZ = 2, /* length of hint size field */ + TRUNCATED_HMAC_SZ = 10, /* length of hmac w/ truncated hmac extension */ HELLO_EXT_TYPE_SZ = 2, /* length of a hello extension type */ HELLO_EXT_SZ = 8, /* total length of the lazy hello extensions */ HELLO_EXT_LEN = 6, /* length of the lazy hello extensions */ diff --git a/src/internal.c b/src/internal.c index 1c334794a..85e64f962 100644 --- a/src/internal.c +++ b/src/internal.c @@ -4267,23 +4267,27 @@ static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input, /* check cipher text size for sanity */ static int SanityCheckCipherText(CYASSL* ssl, word32 encryptSz) { - word32 minLength = 0; +#ifdef HAVE_TRUNCATED_HMAC + word32 minLength = ssl->truncated_hmac ? TRUNCATED_HMAC_SIZE + : ssl->specs.hash_size; +#else + word32 minLength = ssl->specs.hash_size; /* covers stream */ +#endif if (ssl->specs.cipher_type == block) { if (encryptSz % ssl->specs.block_size) { CYASSL_MSG("Block ciphertext not block size"); return SANITY_CIPHER_E; } - minLength = ssl->specs.hash_size + 1; /* pad byte */ + + minLength++; /* pad byte */ + if (ssl->specs.block_size > minLength) minLength = ssl->specs.block_size; if (ssl->options.tls1_1) minLength += ssl->specs.block_size; /* explicit IV */ } - else if (ssl->specs.cipher_type == stream) { - minLength = ssl->specs.hash_size; - } else if (ssl->specs.cipher_type == aead) { minLength = ssl->specs.block_size; /* explicit IV + implicit IV + CTR */ } @@ -4727,7 +4731,12 @@ static INLINE int VerifyMac(CYASSL* ssl, const byte* input, word32 msgSz, int ret; word32 pad = 0; word32 padByte = 0; +#ifdef HAVE_TRUNCATED_HMAC + word32 digestSz = ssl->truncated_hmac ? TRUNCATED_HMAC_SZ + : ssl->specs.hash_size; +#else word32 digestSz = ssl->specs.hash_size; +#endif byte verify[MAX_DIGEST_SIZE]; if (ssl->specs.cipher_type == block) { @@ -5312,7 +5321,12 @@ static void BuildCertHashes(CYASSL* ssl, Hashes* hashes) static int BuildMessage(CYASSL* ssl, byte* output, const byte* input, int inSz, int type) { +#ifdef HAVE_TRUNCATED_HMAC + word32 digestSz = min(ssl->specs.hash_size, + ssl->truncated_hmac ? TRUNCATED_HMAC_SZ : ssl->specs.hash_size); +#else word32 digestSz = ssl->specs.hash_size; +#endif word32 sz = RECORD_HEADER_SZ + inSz + digestSz; word32 pad = 0, i; word32 idx = RECORD_HEADER_SZ; @@ -5388,8 +5402,19 @@ static int BuildMessage(CYASSL* ssl, byte* output, const byte* input, int inSz, #endif } else { - if (ssl->specs.cipher_type != aead) - ssl->hmac(ssl, output+idx, output + headerSz + ivSz, inSz, type, 0); + if (ssl->specs.cipher_type != aead) { +#ifdef HAVE_TRUNCATED_HMAC + if (ssl->truncated_hmac && ssl->specs.hash_size > digestSz) { + byte hmac[MAX_DIGEST_SIZE]; + + ssl->hmac(ssl, hmac, output + headerSz + ivSz, inSz, type, 0); + + XMEMCPY(output + idx, hmac, digestSz); + } else +#endif + ssl->hmac(ssl, output+idx, output + headerSz + ivSz, inSz, + type, 0); + } if ( (ret = Encrypt(ssl, output + headerSz, output+headerSz,size)) != 0) return ret; From cf545ca69289e897b88283c9fcb858cd6ce0d4d7 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 2 Dec 2013 12:04:22 -0800 Subject: [PATCH 029/135] fix mcapi test on unix --- mcapi/include.am | 2 +- mcapi/mcapi_test.c | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/mcapi/include.am b/mcapi/include.am index 7486c0fd5..311fe4510 100644 --- a/mcapi/include.am +++ b/mcapi/include.am @@ -6,7 +6,7 @@ if BUILD_MCAPI check_PROGRAMS += mcapi/test noinst_PROGRAMS += mcapi/test mcapi_test_SOURCES = mcapi/crypto.c \ - mcapi/test.c + mcapi/mcapi_test.c mcapi_test_LDADD = src/libcyassl.la mcapi_test_DEPENDENCIES = src/libcyassl.la endif diff --git a/mcapi/mcapi_test.c b/mcapi/mcapi_test.c index c22618772..24e69174d 100644 --- a/mcapi/mcapi_test.c +++ b/mcapi/mcapi_test.c @@ -53,7 +53,7 @@ #include #include "PIC32MZ-serial.h" #define SYSTEMConfigPerformance /* void out SYSTEMConfigPerformance(); */ -#else +#elif defined(MICROCHIP_PIC32) #define PIC32_STARTER_KIT #include #include @@ -61,6 +61,8 @@ #include #include #define init_serial() /* void out init_serial() */ +#else + #include /* order matters above ? */ #endif #define OUR_DATA_SIZE 1024 static byte ourData[OUR_DATA_SIZE]; @@ -93,9 +95,11 @@ int main(int argc, char** argv) (void)argc; (void)argv; +#if defined(MICROCHIP_PIC32) init_serial() ; /* initialize PIC32MZ serial I/O */ SYSTEMConfigPerformance(80000000); DBINIT(); +#endif /* align key, iv pointers */ key = (byte*)XMALLOC(32, NULL, DYNAMIC_TYPE_KEY); From fc97174fb853524ff41786cc11b2dba6f8e1a5d9 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Mon, 2 Dec 2013 15:31:48 -0700 Subject: [PATCH 030/135] tie Microchip files into autoconf system --- Makefile.am | 1 + mcapi/ctaocrypt_test.X/nbproject/include.am | 3 +-- mcapi/cyassl.X/nbproject/include.am | 1 - mcapi/include.am | 5 +++++ mplabx/ctaocrypt_benchmark.X/nbproject/include.am | 3 +-- mplabx/ctaocrypt_test.X/nbproject/include.am | 3 +-- mplabx/cyassl.X/nbproject/include.am | 1 - mplabx/include.am | 10 ++++++++++ 8 files changed, 19 insertions(+), 8 deletions(-) create mode 100644 mplabx/include.am diff --git a/Makefile.am b/Makefile.am index 651b60afb..02fea25cc 100644 --- a/Makefile.am +++ b/Makefile.am @@ -62,6 +62,7 @@ include mqx/ctaocrypt_test/Sources/include.am include mqx/cyassl/include.am include mqx/cyassl_client/Sources/include.am include mqx/util_lib/Sources/include.am +include mplabx/include.am include mplabx/ctaocrypt_benchmark.X/nbproject/include.am include mplabx/ctaocrypt_test.X/nbproject/include.am include mplabx/cyassl.X/nbproject/include.am diff --git a/mcapi/ctaocrypt_test.X/nbproject/include.am b/mcapi/ctaocrypt_test.X/nbproject/include.am index ec09b769e..dc3d2f9a2 100644 --- a/mcapi/ctaocrypt_test.X/nbproject/include.am +++ b/mcapi/ctaocrypt_test.X/nbproject/include.am @@ -3,8 +3,7 @@ # EXTRA_DIST += \ - mcapi/ctaocrypt_test.X/Makefile \ - mcapi/ctaocrypt_test.X/main.c + mcapi/ctaocrypt_test.X/Makefile EXTRA_DIST += \ mcapi/ctaocrypt_test.X/nbproject/configurations.xml \ diff --git a/mcapi/cyassl.X/nbproject/include.am b/mcapi/cyassl.X/nbproject/include.am index 163090026..fc7e8d972 100644 --- a/mcapi/cyassl.X/nbproject/include.am +++ b/mcapi/cyassl.X/nbproject/include.am @@ -3,7 +3,6 @@ # EXTRA_DIST += \ - mcapi/README \ mcapi/cyassl.X/Makefile EXTRA_DIST += \ diff --git a/mcapi/include.am b/mcapi/include.am index 311fe4510..993ba29c0 100644 --- a/mcapi/include.am +++ b/mcapi/include.am @@ -12,3 +12,8 @@ mcapi_test_DEPENDENCIES = src/libcyassl.la endif noinst_HEADERS += mcapi/crypto.h + +EXTRA_DIST += \ + mcapi/README \ + mcapi/PIC32MZ-serial.h + diff --git a/mplabx/ctaocrypt_benchmark.X/nbproject/include.am b/mplabx/ctaocrypt_benchmark.X/nbproject/include.am index 567fbba38..9af74c3b8 100644 --- a/mplabx/ctaocrypt_benchmark.X/nbproject/include.am +++ b/mplabx/ctaocrypt_benchmark.X/nbproject/include.am @@ -3,8 +3,7 @@ # EXTRA_DIST += \ - mplabx/ctaocrypt_benchmark.X/Makefile \ - mplabx/ctaocrypt_benchmark.X/main.c + mplabx/ctaocrypt_benchmark.X/Makefile EXTRA_DIST += \ mplabx/ctaocrypt_benchmark.X/nbproject/configurations.xml \ diff --git a/mplabx/ctaocrypt_test.X/nbproject/include.am b/mplabx/ctaocrypt_test.X/nbproject/include.am index e7d868de8..ea0df611c 100644 --- a/mplabx/ctaocrypt_test.X/nbproject/include.am +++ b/mplabx/ctaocrypt_test.X/nbproject/include.am @@ -3,8 +3,7 @@ # EXTRA_DIST += \ - mplabx/ctaocrypt_test.X/Makefile \ - mplabx/ctaocrypt_test.X/main.c + mplabx/ctaocrypt_test.X/Makefile EXTRA_DIST += \ mplabx/ctaocrypt_test.X/nbproject/configurations.xml \ diff --git a/mplabx/cyassl.X/nbproject/include.am b/mplabx/cyassl.X/nbproject/include.am index 4db3841b2..7d0b98793 100644 --- a/mplabx/cyassl.X/nbproject/include.am +++ b/mplabx/cyassl.X/nbproject/include.am @@ -3,7 +3,6 @@ # EXTRA_DIST += \ - mplabx/README \ mplabx/cyassl.X/Makefile EXTRA_DIST += \ diff --git a/mplabx/include.am b/mplabx/include.am new file mode 100644 index 000000000..b63cdecaa --- /dev/null +++ b/mplabx/include.am @@ -0,0 +1,10 @@ +# vim:ft=automake +# All paths should be given relative to the root +# + +EXTRA_DIST += \ + mplabx/PIC32MZ-serial.h \ + mplabx/README \ + mplabx/benchmark_main.c \ + mplabx/test_main.c + From 9fe165e8f8f446abcfed9da5737379b03ce958d5 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 8 Oct 2013 14:59:59 -0700 Subject: [PATCH 031/135] 1. Added a couple missing checks for NULL pointers in DTLS code. 2. Fixed compiler warning under Windows. 3. DTLS sliding window packet filter. --- cyassl/internal.h | 36 +++++++++++--- src/internal.c | 124 ++++++++++++++++++++++++++++++++++++---------- src/tls.c | 6 +-- 3 files changed, 129 insertions(+), 37 deletions(-) diff --git a/cyassl/internal.h b/cyassl/internal.h index 1d81f043a..5c69e622a 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -1363,6 +1363,30 @@ enum ClientCertificateType { enum CipherType { stream, block, aead }; +#ifdef CYASSL_DTLS + + #ifdef WORD64_AVAILABLE + typedef word64 DtlsSeq; + #else + typedef word32 DtlsSeq; + #endif + #define DTLS_SEQ_BITS (sizeof(DtlsSeq) * CHAR_BIT) + + typedef struct DtlsState { + DtlsSeq window; /* Sliding window for current epoch */ + word16 nextEpoch; /* Expected epoch in next record */ + word32 nextSeq; /* Expected sequence in next record */ + + word16 curEpoch; /* Received epoch in current record */ + word32 curSeq; /* Received sequence in current record */ + + DtlsSeq prevWindow; /* Sliding window for old epoch */ + word32 prevSeq; /* Next sequence in allowed old epoch */ + } DtlsState; + +#endif /* CYASSL_DTLS */ + + /* keys and secrets */ typedef struct Keys { byte client_write_MAC_secret[MAX_DIGEST_SIZE]; /* max sizes */ @@ -1381,15 +1405,13 @@ typedef struct Keys { word32 sequence_number; #ifdef CYASSL_DTLS - word32 dtls_sequence_number; - word32 dtls_peer_sequence_number; - word32 dtls_expected_peer_sequence_number; - word16 dtls_handshake_number; + DtlsState dtls_state; /* Peer's state */ word16 dtls_peer_handshake_number; word16 dtls_expected_peer_handshake_number; - word16 dtls_epoch; - word16 dtls_peer_epoch; - word16 dtls_expected_peer_epoch; + + word16 dtls_epoch; /* Current tx epoch */ + word32 dtls_sequence_number; /* Current tx sequence */ + word16 dtls_handshake_number; /* Current tx handshake seq */ #endif word32 encryptSz; /* last size of encrypted data */ diff --git a/src/internal.c b/src/internal.c index 85e64f962..dfb4a79b8 100644 --- a/src/internal.c +++ b/src/internal.c @@ -87,6 +87,13 @@ CYASSL_CALLBACKS needs LARGE_STATIC_BUFFERS, please add LARGE_STATIC_BUFFERS #endif #endif + +#ifdef CYASSL_DTLS + static int DtlsCheckWindow(DtlsState* state); + static int DtlsUpdateWindow(DtlsState* state); +#endif + + typedef enum { doProcessInit = 0, #ifndef NO_CYASSL_SERVER @@ -1421,6 +1428,9 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) #ifdef CYASSL_DTLS ssl->IOCB_CookieCtx = NULL; /* we don't use for default cb */ ssl->dtls_expected_rx = MAX_MTU; + ssl->keys.dtls_state.window = 0; + ssl->keys.dtls_state.nextEpoch = 0; + ssl->keys.dtls_state.nextSeq = 0; #endif #ifndef NO_OLD_TLS @@ -1478,13 +1488,13 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) #ifdef CYASSL_DTLS ssl->keys.dtls_sequence_number = 0; - ssl->keys.dtls_peer_sequence_number = 0; - ssl->keys.dtls_expected_peer_sequence_number = 0; + ssl->keys.dtls_state.curSeq = 0; + ssl->keys.dtls_state.nextSeq = 0; ssl->keys.dtls_handshake_number = 0; ssl->keys.dtls_expected_peer_handshake_number = 0; ssl->keys.dtls_epoch = 0; - ssl->keys.dtls_peer_epoch = 0; - ssl->keys.dtls_expected_peer_epoch = 0; + ssl->keys.dtls_state.curEpoch = 0; + ssl->keys.dtls_state.nextEpoch = 0; ssl->dtls_timeout_init = DTLS_TIMEOUT_INIT; ssl->dtls_timeout_max = DTLS_TIMEOUT_MAX; ssl->dtls_timeout = ssl->dtls_timeout_init; @@ -2762,9 +2772,9 @@ static int GetRecordHeader(CYASSL* ssl, const byte* input, word32* inOutIdx, /* type and version in same sport */ XMEMCPY(rh, input + *inOutIdx, ENUM_LEN + VERSION_SZ); *inOutIdx += ENUM_LEN + VERSION_SZ; - ato16(input + *inOutIdx, &ssl->keys.dtls_peer_epoch); + ato16(input + *inOutIdx, &ssl->keys.dtls_state.curEpoch); *inOutIdx += 4; /* advance past epoch, skip first 2 seq bytes for now */ - ato32(input + *inOutIdx, &ssl->keys.dtls_peer_sequence_number); + ato32(input + *inOutIdx, &ssl->keys.dtls_state.curSeq); *inOutIdx += 4; /* advance past rest of seq */ ato16(input + *inOutIdx, size); *inOutIdx += LENGTH_SZ; @@ -2785,27 +2795,14 @@ static int GetRecordHeader(CYASSL* ssl, const byte* input, word32* inOutIdx, return VERSION_ERROR; /* only use requested version */ } } -#if 0 - /* Instead of this, check the datagram against the sliding window of - * received datagram goodness. */ + #ifdef CYASSL_DTLS - /* If DTLS, check the sequence number against expected. If out of - * order, drop the record. Allows newer records in and resets the - * expected to the next record. */ if (ssl->options.dtls) { - if ((ssl->keys.dtls_expected_peer_epoch == - ssl->keys.dtls_peer_epoch) && - (ssl->keys.dtls_peer_sequence_number >= - ssl->keys.dtls_expected_peer_sequence_number)) { - ssl->keys.dtls_expected_peer_sequence_number = - ssl->keys.dtls_peer_sequence_number + 1; - } - else { + if (DtlsCheckWindow(&ssl->keys.dtls_state) != 1) return SEQUENCE_ERROR; - } } #endif -#endif + /* record layer length check */ #ifdef HAVE_MAX_FRAGMENT if (*size > (ssl->max_fragment + MAX_COMP_EXTRA + MAX_MSG_EXTRA)) @@ -3868,6 +3865,68 @@ static int DoHandShakeMsg(CYASSL* ssl, byte* input, word32* inOutIdx, #ifdef CYASSL_DTLS + +static INLINE int DtlsCheckWindow(DtlsState* state) +{ + word32 cur; + word32 next; + DtlsSeq window; + + if (state->curEpoch == state->nextEpoch) { + next = state->nextSeq; + window = state->window; + } + else if (state->curEpoch < state->nextEpoch) { + next = state->prevSeq; + window = state->prevWindow; + } + else { + return 0; + } + + cur = state->curSeq; + + if ((next > DTLS_SEQ_BITS) && (cur < next - DTLS_SEQ_BITS)) { + return 0; + } + else if ((cur < next) && (window & (1 << (next - cur - 1)))) { + return 0; + } + + return 1; +} + + +static INLINE int DtlsUpdateWindow(DtlsState* state) +{ + word32 cur; + word32* next; + DtlsSeq* window; + + if (state->curEpoch == state->nextEpoch) { + next = &state->nextSeq; + window = &state->window; + } + else { + next = &state->prevSeq; + window = &state->prevWindow; + } + + cur = state->curSeq; + + if (cur < *next) { + *window |= (1 << (*next - cur - 1)); + } + else { + *window <<= (1 + cur - *next); + *window |= 1; + *next = cur + 1; + } + + return 1; +} + + static int DtlsMsgDrain(CYASSL* ssl) { DtlsMsg* item = ssl->dtls_msg_list; @@ -4888,8 +4947,6 @@ int ProcessReply(CYASSL* ssl) &ssl->curRL, &ssl->curSize); #ifdef CYASSL_DTLS if (ssl->options.dtls && ret == SEQUENCE_ERROR) { - /* This message is out of order. If we are handshaking, save - *it for later. Otherwise go ahead and process it. */ ssl->options.processReply = doProcessInit; ssl->buffers.inputBuffer.length = 0; ssl->buffers.inputBuffer.idx = 0; @@ -4925,7 +4982,14 @@ int ProcessReply(CYASSL* ssl) /* the record layer is here */ case runProcessingOneMessage: - if (ssl->keys.encryptionOn && ssl->keys.decryptedCur == 0) { + #ifdef CYASSL_DTLS + if (ssl->options.dtls && + ssl->keys.dtls_state.curEpoch < ssl->keys.dtls_state.nextEpoch) + ssl->keys.decryptedCur = 1; + #endif + + if (ssl->keys.encryptionOn && ssl->keys.decryptedCur == 0) + { ret = SanityCheckCipherText(ssl, ssl->curSize); if (ret < 0) return ret; @@ -4975,6 +5039,12 @@ int ProcessReply(CYASSL* ssl) ssl->keys.decryptedCur = 1; } + if (ssl->options.dtls) { + #ifdef CYASSL_DTLS + DtlsUpdateWindow(&ssl->keys.dtls_state); + #endif /* CYASSL_DTLS */ + } + CYASSL_MSG("received record layer msg"); switch (ssl->curRL.type) { @@ -5034,8 +5104,8 @@ int ProcessReply(CYASSL* ssl) #ifdef CYASSL_DTLS if (ssl->options.dtls) { DtlsPoolReset(ssl); - ssl->keys.dtls_expected_peer_epoch++; - ssl->keys.dtls_expected_peer_sequence_number = 0; + ssl->keys.dtls_state.nextEpoch++; + ssl->keys.dtls_state.nextSeq = 0; } #endif diff --git a/src/tls.c b/src/tls.c index 3d9a83a20..b8f6b1d8a 100644 --- a/src/tls.c +++ b/src/tls.c @@ -401,7 +401,7 @@ static INLINE word32 GetSEQIncrement(CYASSL* ssl, int verify) #ifdef CYASSL_DTLS if (ssl->options.dtls) { if (verify) - return ssl->keys.dtls_peer_sequence_number; /* explicit from peer */ + return ssl->keys.dtls_state.curSeq; /* explicit from peer */ else return ssl->keys.dtls_sequence_number - 1; /* already incremented */ } @@ -418,9 +418,9 @@ static INLINE word32 GetSEQIncrement(CYASSL* ssl, int verify) static INLINE word32 GetEpoch(CYASSL* ssl, int verify) { if (verify) - return ssl->keys.dtls_peer_epoch; + return ssl->keys.dtls_state.curEpoch; else - return ssl->keys.dtls_epoch; + return ssl->keys.dtls_epoch; } #endif /* CYASSL_DTLS */ From 276a9c871ec88d79789e8ee5d72ceae6d97a6414 Mon Sep 17 00:00:00 2001 From: toddouska Date: Fri, 6 Dec 2013 08:58:06 -0800 Subject: [PATCH 032/135] eccfp warning fix --- ctaocrypt/src/ecc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ctaocrypt/src/ecc.c b/ctaocrypt/src/ecc.c index 0310f8a76..609a386f8 100644 --- a/ctaocrypt/src/ecc.c +++ b/ctaocrypt/src/ecc.c @@ -3267,7 +3267,7 @@ int ecc_mul2add(ecc_point* A, mp_int* kA, ecc_point* B, mp_int* kB, ecc_point* C, mp_int* modulus) { - int idx1, idx2, err = MP_OKAY, mpInit = 0; + int idx1 = -1, idx2 = -1, err = MP_OKAY, mpInit = 0; mp_digit mp; mp_int mu; From 3051c8e900ef3302086c3a48f97ccf8b47f790e0 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 9 Dec 2013 18:21:43 -0800 Subject: [PATCH 033/135] make sure Arrays elemets all set to 0 --- src/internal.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/internal.c b/src/internal.c index dfb4a79b8..ffa120a2d 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1636,6 +1636,7 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) CYASSL_MSG("Arrays Memory error"); return MEMORY_E; } + XMEMSET(ssl->arrays, 0, sizeof(Arrays)); #ifndef NO_PSK ssl->arrays->client_identity[0] = 0; From 0d85a85d5924357f21c335b8f57b60d30c083910 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 10 Dec 2013 12:05:55 -0800 Subject: [PATCH 034/135] Bumped version for point release. --- configure.ac | 2 +- cyassl/version.h | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index d851731cf..e49e55d58 100644 --- a/configure.ac +++ b/configure.ac @@ -6,7 +6,7 @@ # # -AC_INIT([cyassl],[2.8.4],[https://github.com/cyassl/cyassl/issues],[cyassl],[http://www.yassl.com]) +AC_INIT([cyassl],[2.8.5],[https://github.com/cyassl/cyassl/issues],[cyassl],[http://www.yassl.com]) AC_CONFIG_AUX_DIR([build-aux]) diff --git a/cyassl/version.h b/cyassl/version.h index bac8ec1d4..96207f8fa 100644 --- a/cyassl/version.h +++ b/cyassl/version.h @@ -26,8 +26,8 @@ extern "C" { #endif -#define LIBCYASSL_VERSION_STRING "2.8.4" -#define LIBCYASSL_VERSION_HEX 0x02008004 +#define LIBCYASSL_VERSION_STRING "2.8.5" +#define LIBCYASSL_VERSION_HEX 0x02008005 #ifdef __cplusplus } From 9e56ad262cb587f310c45e9ee5e2f70502a892ff Mon Sep 17 00:00:00 2001 From: toddouska Date: Tue, 10 Dec 2013 16:17:43 -0800 Subject: [PATCH 035/135] fix snifftest pcap frees on file mode, close TraceFile on ssl_Free --- src/sniffer.c | 7 +++++++ sslSniffer/sslSnifferTest/snifftest.c | 24 ++++++++++++++++-------- 2 files changed, 23 insertions(+), 8 deletions(-) diff --git a/src/sniffer.c b/src/sniffer.c index 7eb272f87..8e0bff995 100644 --- a/src/sniffer.c +++ b/src/sniffer.c @@ -417,6 +417,13 @@ void ssl_FreeSniffer(void) FreeMutex(&SessionMutex); FreeMutex(&ServerListMutex); + + if (TraceFile) { + TraceOn = 0; + fclose(TraceFile); + TraceFile = NULL; + } + CyaSSL_Cleanup(); } diff --git a/sslSniffer/sslSnifferTest/snifftest.c b/sslSniffer/sslSnifferTest/snifftest.c index 7d5a7561e..2570a65bc 100755 --- a/sslSniffer/sslSnifferTest/snifftest.c +++ b/sslSniffer/sslSnifferTest/snifftest.c @@ -69,18 +69,25 @@ enum { }; -pcap_t* pcap = 0; -pcap_if_t *alldevs; +pcap_t* pcap = NULL; +pcap_if_t* alldevs = NULL; + + +static void FreeAll(void) +{ + if (pcap) + pcap_close(pcap); + if (alldevs) + pcap_freealldevs(alldevs); +#ifndef _WIN32 + ssl_FreeSniffer(); +#endif +} static void sig_handler(const int sig) { printf("SIGINT handled = %d.\n", sig); - if (pcap) - pcap_close(pcap); - pcap_freealldevs(alldevs); -#ifndef _WIN32 - ssl_FreeSniffer(); -#endif + FreeAll(); if (sig) exit(EXIT_SUCCESS); } @@ -286,6 +293,7 @@ int main(int argc, char** argv) else if (saveFile) break; /* we're done reading file */ } + FreeAll(); return EXIT_SUCCESS; } From b41d09b1a227d7beb13faf7b69c2fc23fd74d6c3 Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 11 Dec 2013 12:03:09 -0800 Subject: [PATCH 036/135] fix newer clang warnings --- ctaocrypt/src/asn.c | 2 ++ src/internal.c | 6 +++++- src/ssl.c | 4 +++- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index f19ce79b0..d2fe3f0ad 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -2563,6 +2563,7 @@ static int ConfirmSignature(const byte* buf, word32 bufSz, (void)sigSz; (void)heap; (void)ret; + (void)typeH; switch (sigOID) { #ifndef NO_MD5 @@ -3339,6 +3340,7 @@ static void DecodeCertExtensions(DecodedCert* cert) } idx += length; } + (void)critical; CYASSL_LEAVE("DecodeCertExtensions", 0); return; diff --git a/src/internal.c b/src/internal.c index ffa120a2d..037ae1372 100644 --- a/src/internal.c +++ b/src/internal.c @@ -622,6 +622,7 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK, (void)tls; /* shut up compiler */ (void)tls1_2; + (void)haveRSA; (void)haveDH; (void)havePSK; (void)haveNTRU; @@ -8118,7 +8119,7 @@ static void PickHashSigAlgo(CYASSL* ssl, case ecc_diffie_hellman_kea: { ecc_key myKey; - ecc_key* peerKey = &myKey; + ecc_key* peerKey = NULL; word32 size = sizeof(encSecret); if (ssl->specs.static_ecdh) { @@ -8133,6 +8134,9 @@ static void PickHashSigAlgo(CYASSL* ssl, peerKey = ssl->peerEccKey; } + if (peerKey == NULL) + return NO_PEER_KEY; + ecc_init(&myKey); ret = ecc_make_key(ssl->rng, peerKey->dp->size, &myKey); if (ret != 0) diff --git a/src/ssl.c b/src/ssl.c index 827369fcf..8196e46db 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1730,6 +1730,7 @@ int CyaSSL_Init(void) der.buffer = 0; (void)dynamicType; + (void)rsaKey; if (used) *used = sz; /* used bytes default to sz, PEM chain may shorten*/ @@ -1980,7 +1981,8 @@ int CyaSSL_Init(void) } ecc_free(&key); eccKey = 1; - ctx->haveStaticECC = 1; + if (ctx) + ctx->haveStaticECC = 1; if (ssl) ssl->options.haveStaticECC = 1; } From e5b0000ee46645673cdba772aa15c4b4d913b61c Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 11 Dec 2013 14:59:46 -0800 Subject: [PATCH 037/135] switch enable-sniffer w/o libpcap to error out again --- configure.ac | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/configure.ac b/configure.ac index e49e55d58..ca1f24783 100644 --- a/configure.ac +++ b/configure.ac @@ -311,14 +311,14 @@ fi # SNIFFER AC_ARG_ENABLE([sniffer], - [AS_HELP_STRING([--enable-sniffer],[ Enable CyaSSL sniffer support (default: disabled) ])],[ - AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[ - ENABLED_SNIFFER=yes - AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA" - ],[ ENABLED_SNIFFER=no ]) ]) - ],[ - ENABLED_SNIFFER=no - ]) + [AS_HELP_STRING([--enable-sniffer],[ Enable CyaSSL sniffer support (default: disabled) ])],[ + AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[ + ENABLED_SNIFFER=yes + AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA" + ],[ AC_MSG_ERROR([cannot enable sniffer without having libpcap available.]) ]) ]) + ],[ + ENABLED_SNIFFER=no + ]) AM_CONDITIONAL([BUILD_SNIFFER], [ test "x$ENABLED_SNIFFER" = "xyes" ]) From ba95c33ed45787e60f85e58f26c3c2c385a64a6d Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 11 Dec 2013 15:47:40 -0800 Subject: [PATCH 038/135] more clang warnings --- ctaocrypt/src/asn.c | 2 +- src/internal.c | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index d2fe3f0ad..8b4463229 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -2563,7 +2563,6 @@ static int ConfirmSignature(const byte* buf, word32 bufSz, (void)sigSz; (void)heap; (void)ret; - (void)typeH; switch (sigOID) { #ifndef NO_MD5 @@ -2647,6 +2646,7 @@ static int ConfirmSignature(const byte* buf, word32 bufSz, CYASSL_MSG("Verify Signautre has unsupported type"); return 0; } + (void)typeH; /* some builds won't read */ switch (keyOID) { #ifndef NO_RSA diff --git a/src/internal.c b/src/internal.c index 037ae1372..e36fb4aec 100644 --- a/src/internal.c +++ b/src/internal.c @@ -622,7 +622,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK, (void)tls; /* shut up compiler */ (void)tls1_2; - (void)haveRSA; (void)haveDH; (void)havePSK; (void)haveNTRU; @@ -636,8 +635,10 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK, if (suites->setSuites) return; /* trust user settings, don't override */ - if (side == CYASSL_SERVER_END && haveStaticECC) + if (side == CYASSL_SERVER_END && haveStaticECC) { haveRSA = 0; /* can't do RSA with ECDSA key */ + (void)haveRSA; /* some builds won't read */ + } if (side == CYASSL_SERVER_END && haveECDSAsig) { haveRSAsig = 0; /* can't have RSA sig if signed by ECDSA */ From 8c7f5817acdfd0ff6239ce177f1bb5b9f930331f Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Wed, 11 Dec 2013 16:19:09 -0800 Subject: [PATCH 039/135] NO_FILESYSTEM fix for CyaSSL_X509_load_certificate_file --- cyassl/ssl.h | 2 +- src/ssl.c | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/cyassl/ssl.h b/cyassl/ssl.h index b504218d1..6cbfc6f01 100644 --- a/cyassl/ssl.h +++ b/cyassl/ssl.h @@ -823,9 +823,9 @@ CYASSL_API CYASSL_X509* #ifndef NO_FILESYSTEM CYASSL_API CYASSL_X509* CyaSSL_X509_d2i_fp(CYASSL_X509** x509, FILE* file); -#endif CYASSL_API CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format); +#endif #ifdef CYASSL_SEP CYASSL_API unsigned char* diff --git a/src/ssl.c b/src/ssl.c index 827369fcf..d9a3950ab 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -7561,6 +7561,8 @@ CYASSL_X509* CyaSSL_X509_d2i(CYASSL_X509** x509, const byte* in, int len) } +#ifndef NO_FILESYSTEM + CYASSL_X509* CyaSSL_X509_d2i_fp(CYASSL_X509** x509, XFILE file) { CYASSL_X509* newX509 = NULL; @@ -7684,6 +7686,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) return x509; } +#endif /* NO_FILESYSTEM */ #endif /* KEEP_PEER_CERT || SESSION_CERTS */ From 26a26fa19d9d11d4051321c089c4bfb44ec7737d Mon Sep 17 00:00:00 2001 From: John Safranek Date: Thu, 12 Dec 2013 10:45:19 -0800 Subject: [PATCH 040/135] 1. Fixed a build warning. 2. Fixed an initialization bug when decoding old-style client hellos. --- src/internal.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/internal.c b/src/internal.c index ffa120a2d..a9906dad9 100644 --- a/src/internal.c +++ b/src/internal.c @@ -89,8 +89,8 @@ CYASSL_CALLBACKS needs LARGE_STATIC_BUFFERS, please add LARGE_STATIC_BUFFERS #ifdef CYASSL_DTLS - static int DtlsCheckWindow(DtlsState* state); - static int DtlsUpdateWindow(DtlsState* state); + static INLINE int DtlsCheckWindow(DtlsState* state); + static INLINE int DtlsUpdateWindow(DtlsState* state); #endif @@ -9887,6 +9887,7 @@ static void PickHashSigAlgo(CYASSL* ssl, if (clSuites.suiteSz > MAX_SUITE_SZ) return BUFFER_ERROR; + clSuites.hashSigAlgoSz = 0; /* session size */ ato16(&input[idx], &sessionSz); From 5efbf98f310ae6988a111647840c2be02277526a Mon Sep 17 00:00:00 2001 From: toddouska Date: Thu, 12 Dec 2013 14:20:56 -0800 Subject: [PATCH 041/135] separate sniffer / snifftest ./configure build --- configure.ac | 10 +++++++--- sslSniffer/sslSnifferTest/include.am | 2 +- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/configure.ac b/configure.ac index ca1f24783..0e2ee437b 100644 --- a/configure.ac +++ b/configure.ac @@ -310,17 +310,20 @@ fi # SNIFFER +ENABLED_SNIFFTEST=no AC_ARG_ENABLE([sniffer], [AS_HELP_STRING([--enable-sniffer],[ Enable CyaSSL sniffer support (default: disabled) ])],[ - AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[ ENABLED_SNIFFER=yes AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA" - ],[ AC_MSG_ERROR([cannot enable sniffer without having libpcap available.]) ]) ]) + AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[ + ENABLED_SNIFFTEST=yes + ],[ AC_MSG_WARN([cannot enable sniffer test without having libpcap available.]) ]) ]) ],[ ENABLED_SNIFFER=no ]) -AM_CONDITIONAL([BUILD_SNIFFER], [ test "x$ENABLED_SNIFFER" = "xyes" ]) +AM_CONDITIONAL([BUILD_SNIFFER], [ test "x$ENABLED_SNIFFER" = "xyes" ]) +AM_CONDITIONAL([BUILD_SNIFFTEST], [ test "x$ENABLED_SNIFFTEST" = "xyes" ]) # AES-GCM AC_ARG_ENABLE([aesgcm], @@ -1532,6 +1535,7 @@ echo " * Filesystem: $ENABLED_FILESYSTEM" echo " * OpenSSL Extra API: $ENABLED_OPENSSLEXTRA" echo " * fastmath: $ENABLED_FASTMATH" echo " * sniffer: $ENABLED_SNIFFER" +echo " * snifftest: $ENABLED_SNIFFTEST" echo " * ARC4: $ENABLED_ARC4" echo " * AES: $ENABLED_AES" echo " * AES-NI: $ENABLED_AESNI" diff --git a/sslSniffer/sslSnifferTest/include.am b/sslSniffer/sslSnifferTest/include.am index 44349f976..d4c90accc 100644 --- a/sslSniffer/sslSnifferTest/include.am +++ b/sslSniffer/sslSnifferTest/include.am @@ -2,7 +2,7 @@ # included from Top Level Makefile.am # All paths should be given relative to the root -if BUILD_SNIFFER +if BUILD_SNIFFTEST noinst_PROGRAMS += sslSniffer/sslSnifferTest/snifftest sslSniffer_sslSnifferTest_snifftest_SOURCES = sslSniffer/sslSnifferTest/snifftest.c sslSniffer_sslSnifferTest_snifftest_LDADD = src/libcyassl.la -lpcap From ffd58e27ef4d4ed1e6b16ecfeeff7a94f47e4bc9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Thu, 12 Dec 2013 21:05:31 -0300 Subject: [PATCH 042/135] removing deprecated TRUNCATED_HMAC_SIZE --- cyassl/internal.h | 2 -- src/internal.c | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/cyassl/internal.h b/cyassl/internal.h index 5c69e622a..d961fcd09 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -1169,8 +1169,6 @@ CYASSL_LOCAL int TLSX_UseMaxFragment(TLSX** extensions, byte mfl); #ifdef HAVE_TRUNCATED_HMAC -#define TRUNCATED_HMAC_SIZE 10 - CYASSL_LOCAL int TLSX_UseTruncatedHMAC(TLSX** extensions); #endif /* HAVE_TRUNCATED_HMAC */ diff --git a/src/internal.c b/src/internal.c index 0fb680359..4c24d67e8 100644 --- a/src/internal.c +++ b/src/internal.c @@ -4330,7 +4330,7 @@ static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input, static int SanityCheckCipherText(CYASSL* ssl, word32 encryptSz) { #ifdef HAVE_TRUNCATED_HMAC - word32 minLength = ssl->truncated_hmac ? TRUNCATED_HMAC_SIZE + word32 minLength = ssl->truncated_hmac ? TRUNCATED_HMAC_SZ : ssl->specs.hash_size; #else word32 minLength = ssl->specs.hash_size; /* covers stream */ From 9db9f52c9c67510cde4f31370a1dee3f6736ba95 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 16 Dec 2013 15:24:02 -0800 Subject: [PATCH 043/135] don't install internal.h, not for public consumption --- cyassl/include.am | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cyassl/include.am b/cyassl/include.am index 0cd892a37..9784ab249 100644 --- a/cyassl/include.am +++ b/cyassl/include.am @@ -9,7 +9,6 @@ EXTRA_DIST+= cyassl/sniffer_error.rc nobase_include_HEADERS+= \ cyassl/error.h \ - cyassl/internal.h \ cyassl/ssl.h \ cyassl/sniffer_error.h \ cyassl/sniffer.h \ @@ -20,3 +19,7 @@ nobase_include_HEADERS+= \ cyassl/options.h \ cyassl/ocsp.h \ cyassl/crl.h + +noinst_HEADERS+= \ + cyassl/internal.h + From c466fac59762afe8faebf6aa84d662543e3b011f Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Tue, 17 Dec 2013 16:28:08 -0700 Subject: [PATCH 044/135] add Freescale K60 mmCAU MD5, SHA, SHA256 support --- ctaocrypt/src/md5.c | 24 ++++++++++++++------ ctaocrypt/src/sha.c | 45 +++++++++++++++++++++++++++---------- ctaocrypt/src/sha256.c | 51 +++++++++++++++++++++++++++++------------- 3 files changed, 86 insertions(+), 34 deletions(-) diff --git a/ctaocrypt/src/md5.c b/ctaocrypt/src/md5.c index 176bf44cd..7d2fe1429 100644 --- a/ctaocrypt/src/md5.c +++ b/ctaocrypt/src/md5.c @@ -36,6 +36,13 @@ #include #endif +#ifdef FREESCALE_MMCAU + #include "cau_api.h" + #define XTRANSFORM(S,B) cau_md5_hash_n((B), 1, (unsigned char*)(S)->digest) +#else + #define XTRANSFORM(S,B) Transform((S)) +#endif + #ifdef STM32F2_HASH /* @@ -174,6 +181,7 @@ void InitMd5(Md5* md5) md5->hiLen = 0; } +#ifndef FREESCALE_MMCAU static void Transform(Md5* md5) { @@ -266,6 +274,8 @@ static void Transform(Md5* md5) md5->digest[3] += d; } +#endif /* FREESCALE_MMCAU */ + static INLINE void AddLength(Md5* md5, word32 len) { @@ -289,10 +299,10 @@ void Md5Update(Md5* md5, const byte* data, word32 len) len -= add; if (md5->buffLen == MD5_BLOCK_SIZE) { - #ifdef BIG_ENDIAN_ORDER + #if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU) ByteReverseBytes(local, local, MD5_BLOCK_SIZE); #endif - Transform(md5); + XTRANSFORM(md5, local); AddLength(md5, MD5_BLOCK_SIZE); md5->buffLen = 0; } @@ -304,7 +314,7 @@ void Md5Final(Md5* md5, byte* hash) { byte* local = (byte*)md5->buffer; - AddLength(md5, md5->buffLen); /* before adding pads */ + AddLength(md5, md5->buffLen); /* before adding pads */ local[md5->buffLen++] = 0x80; /* add 1 */ @@ -313,10 +323,10 @@ void Md5Final(Md5* md5, byte* hash) XMEMSET(&local[md5->buffLen], 0, MD5_BLOCK_SIZE - md5->buffLen); md5->buffLen += MD5_BLOCK_SIZE - md5->buffLen; - #ifdef BIG_ENDIAN_ORDER + #if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU) ByteReverseBytes(local, local, MD5_BLOCK_SIZE); #endif - Transform(md5); + XTRANSFORM(md5, local); md5->buffLen = 0; } XMEMSET(&local[md5->buffLen], 0, MD5_PAD_SIZE - md5->buffLen); @@ -327,14 +337,14 @@ void Md5Final(Md5* md5, byte* hash) md5->loLen = md5->loLen << 3; /* store lengths */ - #ifdef BIG_ENDIAN_ORDER + #if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU) ByteReverseBytes(local, local, MD5_BLOCK_SIZE); #endif /* ! length ordering dependent on digest endian type ! */ XMEMCPY(&local[MD5_PAD_SIZE], &md5->loLen, sizeof(word32)); XMEMCPY(&local[MD5_PAD_SIZE + sizeof(word32)], &md5->hiLen, sizeof(word32)); - Transform(md5); + XTRANSFORM(md5, local); #ifdef BIG_ENDIAN_ORDER ByteReverseWords(md5->digest, md5->digest, MD5_DIGEST_SIZE); #endif diff --git a/ctaocrypt/src/sha.c b/ctaocrypt/src/sha.c index 20d2261f5..30b669341 100644 --- a/ctaocrypt/src/sha.c +++ b/ctaocrypt/src/sha.c @@ -35,6 +35,13 @@ #include #endif +#ifdef FREESCALE_MMCAU + #include "cau_api.h" + #define XTRANSFORM(S,B) cau_sha1_hash_n((B), 1, ((S))->digest) +#else + #define XTRANSFORM(S,B) Transform((S)) +#endif + #ifdef STM32F2_HASH /* @@ -164,17 +171,23 @@ void InitSha(Sha* sha) { - sha->digest[0] = 0x67452301L; - sha->digest[1] = 0xEFCDAB89L; - sha->digest[2] = 0x98BADCFEL; - sha->digest[3] = 0x10325476L; - sha->digest[4] = 0xC3D2E1F0L; + #ifdef FREESCALE_MMCAU + cau_sha1_initialize_output(sha->digest); + #else + sha->digest[0] = 0x67452301L; + sha->digest[1] = 0xEFCDAB89L; + sha->digest[2] = 0x98BADCFEL; + sha->digest[3] = 0x10325476L; + sha->digest[4] = 0xC3D2E1F0L; + #endif sha->buffLen = 0; sha->loLen = 0; sha->hiLen = 0; } +#ifndef FREESCALE_MMCAU + #define blk0(i) (W[i] = sha->buffer[i]) #define blk1(i) (W[i&15] = \ rotlFixed(W[(i+13)&15]^W[(i+8)&15]^W[(i+2)&15]^W[i&15],1)) @@ -272,6 +285,8 @@ static void Transform(Sha* sha) sha->digest[4] += e; } +#endif /* FREESCALE_MMCAU */ + static INLINE void AddLength(Sha* sha, word32 len) { @@ -295,10 +310,10 @@ void ShaUpdate(Sha* sha, const byte* data, word32 len) len -= add; if (sha->buffLen == SHA_BLOCK_SIZE) { - #ifdef LITTLE_ENDIAN_ORDER + #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU) ByteReverseBytes(local, local, SHA_BLOCK_SIZE); #endif - Transform(sha); + XTRANSFORM(sha, local); AddLength(sha, SHA_BLOCK_SIZE); sha->buffLen = 0; } @@ -310,7 +325,7 @@ void ShaFinal(Sha* sha, byte* hash) { byte* local = (byte*)sha->buffer; - AddLength(sha, sha->buffLen); /* before adding pads */ + AddLength(sha, sha->buffLen); /* before adding pads */ local[sha->buffLen++] = 0x80; /* add 1 */ @@ -319,10 +334,10 @@ void ShaFinal(Sha* sha, byte* hash) XMEMSET(&local[sha->buffLen], 0, SHA_BLOCK_SIZE - sha->buffLen); sha->buffLen += SHA_BLOCK_SIZE - sha->buffLen; - #ifdef LITTLE_ENDIAN_ORDER + #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU) ByteReverseBytes(local, local, SHA_BLOCK_SIZE); #endif - Transform(sha); + XTRANSFORM(sha, local); sha->buffLen = 0; } XMEMSET(&local[sha->buffLen], 0, SHA_PAD_SIZE - sha->buffLen); @@ -333,14 +348,20 @@ void ShaFinal(Sha* sha, byte* hash) sha->loLen = sha->loLen << 3; /* store lengths */ - #ifdef LITTLE_ENDIAN_ORDER + #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU) ByteReverseBytes(local, local, SHA_BLOCK_SIZE); #endif /* ! length ordering dependent on digest endian type ! */ XMEMCPY(&local[SHA_PAD_SIZE], &sha->hiLen, sizeof(word32)); XMEMCPY(&local[SHA_PAD_SIZE + sizeof(word32)], &sha->loLen, sizeof(word32)); - Transform(sha); + #ifdef FREESCALE_MMCAU + /* Kinetis requires only these bytes reversed */ + ByteReverseBytes(&local[SHA_PAD_SIZE], &local[SHA_PAD_SIZE], + 2 * sizeof(word32)); + #endif + + XTRANSFORM(sha, local); #ifdef LITTLE_ENDIAN_ORDER ByteReverseWords(sha->digest, sha->digest, SHA_DIGEST_SIZE); #endif diff --git a/ctaocrypt/src/sha256.c b/ctaocrypt/src/sha256.c index baa379059..97f64a3ca 100644 --- a/ctaocrypt/src/sha256.c +++ b/ctaocrypt/src/sha256.c @@ -37,6 +37,13 @@ #include #endif +#ifdef FREESCALE_MMCAU + #include "cau_api.h" + #define XTRANSFORM(S,B) cau_sha256_hash_n((B), 1, ((S))->digest) +#else + #define XTRANSFORM(S,B) Transform((S)) +#endif + #ifndef min @@ -50,20 +57,26 @@ void InitSha256(Sha256* sha256) { - sha256->digest[0] = 0x6A09E667L; - sha256->digest[1] = 0xBB67AE85L; - sha256->digest[2] = 0x3C6EF372L; - sha256->digest[3] = 0xA54FF53AL; - sha256->digest[4] = 0x510E527FL; - sha256->digest[5] = 0x9B05688CL; - sha256->digest[6] = 0x1F83D9ABL; - sha256->digest[7] = 0x5BE0CD19L; + #ifdef FREESCALE_MMCAU + cau_sha256_initialize_output(sha256->digest); + #else + sha256->digest[0] = 0x6A09E667L; + sha256->digest[1] = 0xBB67AE85L; + sha256->digest[2] = 0x3C6EF372L; + sha256->digest[3] = 0xA54FF53AL; + sha256->digest[4] = 0x510E527FL; + sha256->digest[5] = 0x9B05688CL; + sha256->digest[6] = 0x1F83D9ABL; + sha256->digest[7] = 0x5BE0CD19L; + #endif sha256->buffLen = 0; sha256->loLen = 0; sha256->hiLen = 0; } +#ifndef FREESCALE_MMCAU + static const word32 K[64] = { 0x428A2F98L, 0x71374491L, 0xB5C0FBCFL, 0xE9B5DBA5L, 0x3956C25BL, 0x59F111F1L, 0x923F82A4L, 0xAB1C5ED5L, 0xD807AA98L, 0x12835B01L, @@ -128,6 +141,8 @@ static void Transform(Sha256* sha256) } } +#endif /* FREESCALE_MMCAU */ + static INLINE void AddLength(Sha256* sha256, word32 len) { @@ -151,10 +166,10 @@ void Sha256Update(Sha256* sha256, const byte* data, word32 len) len -= add; if (sha256->buffLen == SHA256_BLOCK_SIZE) { - #ifdef LITTLE_ENDIAN_ORDER + #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU) ByteReverseBytes(local, local, SHA256_BLOCK_SIZE); #endif - Transform(sha256); + XTRANSFORM(sha256, local); AddLength(sha256, SHA256_BLOCK_SIZE); sha256->buffLen = 0; } @@ -168,17 +183,17 @@ void Sha256Final(Sha256* sha256, byte* hash) AddLength(sha256, sha256->buffLen); /* before adding pads */ - local[sha256->buffLen++] = 0x80; /* add 1 */ + local[sha256->buffLen++] = 0x80; /* add 1 */ /* pad with zeros */ if (sha256->buffLen > SHA256_PAD_SIZE) { XMEMSET(&local[sha256->buffLen], 0, SHA256_BLOCK_SIZE - sha256->buffLen); sha256->buffLen += SHA256_BLOCK_SIZE - sha256->buffLen; - #ifdef LITTLE_ENDIAN_ORDER + #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU) ByteReverseBytes(local, local, SHA256_BLOCK_SIZE); #endif - Transform(sha256); + XTRANSFORM(sha256, local); sha256->buffLen = 0; } XMEMSET(&local[sha256->buffLen], 0, SHA256_PAD_SIZE - sha256->buffLen); @@ -189,7 +204,7 @@ void Sha256Final(Sha256* sha256, byte* hash) sha256->loLen = sha256->loLen << 3; /* store lengths */ - #ifdef LITTLE_ENDIAN_ORDER + #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU) ByteReverseBytes(local, local, SHA256_BLOCK_SIZE); #endif /* ! length ordering dependent on digest endian type ! */ @@ -197,7 +212,13 @@ void Sha256Final(Sha256* sha256, byte* hash) XMEMCPY(&local[SHA256_PAD_SIZE + sizeof(word32)], &sha256->loLen, sizeof(word32)); - Transform(sha256); + #ifdef FREESCALE_MMCAU + /* Kinetis requires only these bytes reversed */ + ByteReverseBytes(&local[SHA256_PAD_SIZE], &local[SHA256_PAD_SIZE], + 2 * sizeof(word32)); + #endif + + XTRANSFORM(sha256, local); #ifdef LITTLE_ENDIAN_ORDER ByteReverseWords(sha256->digest, sha256->digest, SHA256_DIGEST_SIZE); #endif From 8c8a1b0db8665a7497e4e76bda2df1d90345483f Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Tue, 17 Dec 2013 16:29:21 -0700 Subject: [PATCH 045/135] add Freescale K60 mmCAU AES, DES, 3DES support --- ctaocrypt/src/aes.c | 91 +++++++++++++++++++++- ctaocrypt/src/des3.c | 181 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 270 insertions(+), 2 deletions(-) diff --git a/ctaocrypt/src/aes.c b/ctaocrypt/src/aes.c index 8f5e357d7..6cb0dcd94 100644 --- a/ctaocrypt/src/aes.c +++ b/ctaocrypt/src/aes.c @@ -62,8 +62,8 @@ * document (See note in README). */ #include "stm32f2xx.h" - #include "stm32f2xx_cryp.h" - + #include "stm32f2xx_cryp.h" + int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv, int dir) { @@ -553,6 +553,93 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv, return 0; } +#elif defined FREESCALE_MMCAU + /* + * Freescale mmCAU hardware AES support through the CAU/mmCAU library. + * Documentation located in ColdFire/ColdFire+ CAU and Kinetis mmCAU + * Software Library User Guide (See note in README). + */ + #include "cau_api.h" + + int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv, + int dir) + { + byte *rk = (byte*)aes->key; + + if (!((keylen == 16) || (keylen == 24) || (keylen == 32))) + return BAD_FUNC_ARG; + + aes->rounds = keylen/4 + 6; + cau_aes_set_key(userKey, keylen*8, rk); + + return AesSetIV(aes, iv); + } + + int AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) + { + int i; + int offset = 0; + int len = sz; + + byte *iv, *enc_key; + byte temp_block[AES_BLOCK_SIZE]; + + iv = (byte*)aes->reg; + enc_key = (byte*)aes->key; + + while (len > 0) + { + XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE); + + /* XOR block with IV for CBC */ + for (i = 0; i < AES_BLOCK_SIZE; i++) + temp_block[i] ^= iv[i]; + + cau_aes_encrypt(temp_block, enc_key, aes->rounds, out + offset); + + len -= AES_BLOCK_SIZE; + offset += AES_BLOCK_SIZE; + + /* store IV for next block */ + XMEMCPY(iv, out + offset - AES_BLOCK_SIZE, AES_BLOCK_SIZE); + } + + return 0; + } + + int AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) + { + int i; + int offset = 0; + int len = sz; + + byte* iv, *dec_key; + byte temp_block[AES_BLOCK_SIZE]; + + iv = (byte*)aes->reg; + dec_key = (byte*)aes->key; + + while (len > 0) + { + XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE); + + cau_aes_decrypt(in + offset, dec_key, aes->rounds, out + offset); + + /* XOR block with IV for CBC */ + for (i = 0; i < AES_BLOCK_SIZE; i++) + (out + offset)[i] ^= iv[i]; + + /* store IV for next block */ + XMEMCPY(iv, temp_block, AES_BLOCK_SIZE); + + len -= AES_BLOCK_SIZE; + offset += AES_BLOCK_SIZE; + } + + return 0; + } + + #else /* CTaoCrypt software implementation */ static const word32 rcon[] = { diff --git a/ctaocrypt/src/des3.c b/ctaocrypt/src/des3.c index c5e7ef580..cdccaaaea 100644 --- a/ctaocrypt/src/des3.c +++ b/ctaocrypt/src/des3.c @@ -413,6 +413,187 @@ void Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir) } } +#elif defined FREESCALE_MMCAU + /* + * Freescale mmCAU hardware DES/3DES support through the CAU/mmCAU library. + * Documentation located in ColdFire/ColdFire+ CAU and Kinetis mmCAU + * Software Library User Guide (See note in README). + */ + #include "cau_api.h" + + const unsigned char parityLookup[128] = + { + 1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0, + 0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1, + 0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1, + 1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0 + }; + + void Des_SetKey(Des* des, const byte* key, const byte* iv, int dir) + { + int i = 0; + byte* dkey = (byte*)des->key; + + XMEMCPY(dkey, key, 8); + + Des_SetIV(des, iv); + + /* fix key parity, if needed */ + for (i = 0; i < 8; i++) { + dkey[i] = ((dkey[i] & 0xFE) | parityLookup[dkey[i] >> 1]); + } + } + + void Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir) + { + int i = 0; + byte* dkey1 = (byte*)des->key[0]; + byte* dkey2 = (byte*)des->key[1]; + byte* dkey3 = (byte*)des->key[2]; + + XMEMCPY(dkey1, key, 8); /* set key 1 */ + XMEMCPY(dkey2, key + 8, 8); /* set key 2 */ + XMEMCPY(dkey3, key + 16, 8); /* set key 3 */ + + Des3_SetIV(des, iv); + + /* fix key parity if needed */ + for (i = 0; i < 8; i++) + dkey1[i] = ((dkey1[i] & 0xFE) | parityLookup[dkey1[i] >> 1]); + + for (i = 0; i < 8; i++) + dkey2[i] = ((dkey2[i] & 0xFE) | parityLookup[dkey2[i] >> 1]); + + for (i = 0; i < 8; i++) + dkey3[i] = ((dkey3[i] & 0xFE) | parityLookup[dkey3[i] >> 1]); + } + + void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz) + { + int i; + int offset = 0; + int len = sz; + byte *iv; + byte temp_block[DES_BLOCK_SIZE]; + + iv = (byte*)des->reg; + + while (len > 0) + { + XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE); + + /* XOR block with IV for CBC */ + for (i = 0; i < DES_BLOCK_SIZE; i++) + temp_block[i] ^= iv[i]; + + cau_des_encrypt(temp_block, (byte*)des->key, out + offset); + + len -= DES_BLOCK_SIZE; + offset += DES_BLOCK_SIZE; + + /* store IV for next block */ + XMEMCPY(iv, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE); + } + + return; + } + + void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz) + { + int i; + int offset = 0; + int len = sz; + byte* iv; + byte temp_block[DES_BLOCK_SIZE]; + + iv = (byte*)des->reg; + + while (len > 0) + { + XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE); + + cau_des_decrypt(in + offset, (byte*)des->key, out + offset); + + /* XOR block with IV for CBC */ + for (i = 0; i < DES_BLOCK_SIZE; i++) + (out + offset)[i] ^= iv[i]; + + /* store IV for next block */ + XMEMCPY(iv, temp_block, DES_BLOCK_SIZE); + + len -= DES_BLOCK_SIZE; + offset += DES_BLOCK_SIZE; + } + + return; + } + + void Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz) + { + int i; + int offset = 0; + int len = sz; + + byte *iv; + byte temp_block[DES_BLOCK_SIZE]; + + iv = (byte*)des->reg; + + while (len > 0) + { + XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE); + + /* XOR block with IV for CBC */ + for (i = 0; i < DES_BLOCK_SIZE; i++) + temp_block[i] ^= iv[i]; + + cau_des_encrypt(temp_block , (byte*)des->key[0], out + offset); + cau_des_decrypt(out + offset, (byte*)des->key[1], out + offset); + cau_des_encrypt(out + offset, (byte*)des->key[2], out + offset); + + len -= DES_BLOCK_SIZE; + offset += DES_BLOCK_SIZE; + + /* store IV for next block */ + XMEMCPY(iv, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE); + } + + return; + } + + void Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz) + { + int i; + int offset = 0; + int len = sz; + + byte* iv; + byte temp_block[DES_BLOCK_SIZE]; + + iv = (byte*)des->reg; + + while (len > 0) + { + XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE); + + cau_des_decrypt(in + offset , (byte*)des->key[2], out + offset); + cau_des_encrypt(out + offset, (byte*)des->key[1], out + offset); + cau_des_decrypt(out + offset, (byte*)des->key[0], out + offset); + + /* XOR block with IV for CBC */ + for (i = 0; i < DES_BLOCK_SIZE; i++) + (out + offset)[i] ^= iv[i]; + + /* store IV for next block */ + XMEMCPY(iv, temp_block, DES_BLOCK_SIZE); + + len -= DES_BLOCK_SIZE; + offset += DES_BLOCK_SIZE; + } + + return; + } + #else /* CTaoCrypt software implementation */ /* permuted choice table (key) */ From 6c43a008abb24bd81c624eff3e9dab9af78c39dc Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Tue, 17 Dec 2013 16:33:56 -0700 Subject: [PATCH 046/135] update README --- README | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/README b/README index 98a59480d..f0c02b584 100644 --- a/README +++ b/README @@ -37,10 +37,19 @@ before calling SSL_new(); Though it's not recommended. CyaSSL Release 2.9.0 (X/XX/XXXX) +Release 2.9.0 CyaSSL has bug fixes and new features including: +- Freescale Kinetis RNGB support +- Freescale Kinetis mmCAU support + The Freescale Kinetis K53 RNGB documentation can be found in Chapter 33 of the K53 Sub-Family Reference Manual: http://cache.freescale.com/files/32bit/doc/ref_manual/K53P144M100SF2RM.pdf +Freescale Kinetis K60 mmCAU (AES, DES, 3DES, MD5, SHA, SHA256) documentation +can be found in the "ColdFire/ColdFire+ CAU and Kinetis mmCAU Software Library +User Guide": +http://cache.freescale.com/files/32bit/doc/user_guide/CAUAPIUG.pdf + *****************CyaSSL Release 2.8.0 (8/30/2013) From 003446a5cd194c32fd55b6a7e427b5f26492a998 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 17 Dec 2013 18:26:29 -0800 Subject: [PATCH 047/135] Using OCSP override URL should enable OCSP url overriding. --- examples/client/client.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/examples/client/client.c b/examples/client/client.c index 6c82d627c..d973de638 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -505,10 +505,14 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args) #ifdef HAVE_OCSP if (useOcsp) { - CyaSSL_CTX_OCSP_set_options(ctx, - CYASSL_OCSP_ENABLE | CYASSL_OCSP_NO_NONCE); - if (ocspUrl != NULL) + if (ocspUrl != NULL) { CyaSSL_CTX_OCSP_set_override_url(ctx, ocspUrl); + CyaSSL_CTX_OCSP_set_options(ctx, CYASSL_OCSP_URL_OVERRIDE | + CYASSL_OCSP_ENABLE | CYASSL_OCSP_NO_NONCE); + } + else + CyaSSL_CTX_OCSP_set_options(ctx, + CYASSL_OCSP_ENABLE | CYASSL_OCSP_NO_NONCE); } #endif From fe4f10418f11b9d48b2c0e726d2cb19d4dc69b6a Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 17 Dec 2013 18:30:42 -0800 Subject: [PATCH 048/135] OCSP lookups are IPv4/IPv6 agnostic. --- src/io.c | 85 +++++++++++++++++++++++++++++++++++--------------------- 1 file changed, 53 insertions(+), 32 deletions(-) diff --git a/src/io.c b/src/io.c index ca620d4ad..e216d4713 100644 --- a/src/io.c +++ b/src/io.c @@ -512,52 +512,62 @@ int EmbedGenerateCookie(CYASSL* ssl, byte *buf, int sz, void *ctx) #ifdef HAVE_OCSP -#ifdef TEST_IPV6 - typedef struct sockaddr_in6 SOCKADDR_IN_T; - #define AF_INET_V AF_INET6 -#else - typedef struct sockaddr_in SOCKADDR_IN_T; - #define AF_INET_V AF_INET -#endif - -static INLINE int tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port) +static int tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port) { - SOCKADDR_IN_T addr; - const char* host = ip; + struct sockaddr_storage addr; + int sockaddr_len = sizeof(struct sockaddr_in); + XMEMSET(&addr, 0, sizeof(addr)); - /* peer could be in human readable form */ - if (ip != INADDR_ANY && isalpha(ip[0])) { + #ifdef HAVE_GETADDRINFO + { + struct addrinfo hints; + struct addrinfo* answer = NULL; + char strPort[8]; + + XMEMSET(&hints, 0, sizeof(hints)); + hints.ai_family = AF_UNSPEC; + hints.ai_socktype = SOCK_STREAM; + hints.ai_protocol = IPPROTO_TCP; + + XSNPRINTF(strPort, sizeof(strPort), "%d", port); + strPort[7] = '\0'; + + if (getaddrinfo(ip, strPort, &hints, &answer) < 0 || answer == NULL) { + CYASSL_MSG("no addr info for OCSP responder"); + return -1; + } + + sockaddr_len = answer->ai_addrlen; + XMEMCPY(&addr, answer->ai_addr, sockaddr_len); + freeaddrinfo(answer); + + } + #else /* HAVE_GETADDRINFO */ + { struct hostent* entry = gethostbyname(ip); + struct sockaddr_in *sin = (struct sockaddr_in *)&addr; if (entry) { - struct sockaddr_in tmp; - XMEMSET(&tmp, 0, sizeof(struct sockaddr_in)); - XMEMCPY(&tmp.sin_addr.s_addr, entry->h_addr_list[0], - entry->h_length); - host = inet_ntoa(tmp.sin_addr); + sin->sin_family = AF_INET; + sin->sin_port = htons(port); + XMEMCPY(&sin->sin_addr.s_addr, entry->h_addr_list[0], + entry->h_length); } else { - CYASSL_MSG("no addr entry for OCSP responder"); + CYASSL_MSG("no addr info for OCSP responder"); return -1; } } + #endif /* HAVE_GETADDRINFO */ - *sockfd = socket(AF_INET_V, SOCK_STREAM, 0); + *sockfd = socket(addr.ss_family, SOCK_STREAM, 0); if (*sockfd < 0) { CYASSL_MSG("bad socket fd, out of fds?"); return -1; } - XMEMSET(&addr, 0, sizeof(SOCKADDR_IN_T)); - addr.sin_family = AF_INET_V; - addr.sin_port = htons(port); - if (host == INADDR_ANY) - addr.sin_addr.s_addr = INADDR_ANY; - else - addr.sin_addr.s_addr = inet_addr(host); - - if (connect(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0) { + if (connect(*sockfd, (struct sockaddr *)&addr, sockaddr_len) != 0) { CYASSL_MSG("OCSP responder tcp connect failed"); return -1; } @@ -597,15 +607,26 @@ static int decode_url(const char* url, int urlSz, int i, cur; /* need to break the url down into scheme, address, and port */ - /* "http://example.com:8080/" */ + /* "http://example.com:8080/" */ + /* "http://[::1]:443/" */ if (XSTRNCMP(url, "http://", 7) == 0) { cur = 7; } else cur = 0; i = 0; - while (url[cur] != 0 && url[cur] != ':' && + if (url[cur] == '[') { + cur++; + /* copy until ']' */ + while (url[cur] != 0 && url[cur] != ']' && cur < urlSz) { + outName[i++] = url[cur++]; + } + cur++; /* skip ']' */ + } + else { + while (url[cur] != 0 && url[cur] != ':' && url[cur] != '/' && cur < urlSz) { - outName[i++] = url[cur++]; + outName[i++] = url[cur++]; + } } outName[i] = 0; /* Need to pick out the path after the domain name */ From 75e6ac534eadc59c4cc6cdb471a1901b59f0ad24 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Wed, 18 Dec 2013 10:58:10 -0800 Subject: [PATCH 049/135] Force Cygwin to use function tolower() rather than macro version --- cyassl/ctaocrypt/types.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/cyassl/ctaocrypt/types.h b/cyassl/ctaocrypt/types.h index f873592e3..c5075c51c 100644 --- a/cyassl/ctaocrypt/types.h +++ b/cyassl/ctaocrypt/types.h @@ -217,6 +217,11 @@ enum { #define XISALPHA(c) isalpha((c)) #endif /* needed by CyaSSL_check_domain_name() */ + #ifdef __CYGWIN__ + /* Cygwin uses a macro version of tolower() by default, use the + * function version. */ + #undef tolower + #endif #define XTOLOWER(c) tolower((c)) #endif From 4ffc92a4d6736bedc3e9f4806e7d78f56423cba1 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Wed, 18 Dec 2013 12:34:40 -0800 Subject: [PATCH 050/135] Use OCSP override URL enable in both example client and server. --- examples/client/client.c | 8 ++++---- examples/server/server.c | 10 +++++++--- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/examples/client/client.c b/examples/client/client.c index d973de638..9a9c41c32 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -507,12 +507,12 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args) if (useOcsp) { if (ocspUrl != NULL) { CyaSSL_CTX_OCSP_set_override_url(ctx, ocspUrl); - CyaSSL_CTX_OCSP_set_options(ctx, CYASSL_OCSP_URL_OVERRIDE | - CYASSL_OCSP_ENABLE | CYASSL_OCSP_NO_NONCE); + CyaSSL_CTX_OCSP_set_options(ctx, CYASSL_OCSP_ENABLE | + CYASSL_OCSP_URL_OVERRIDE | CYASSL_OCSP_NO_NONCE); } else - CyaSSL_CTX_OCSP_set_options(ctx, - CYASSL_OCSP_ENABLE | CYASSL_OCSP_NO_NONCE); + CyaSSL_CTX_OCSP_set_options(ctx, CYASSL_OCSP_ENABLE | + CYASSL_OCSP_NO_NONCE); } #endif diff --git a/examples/server/server.c b/examples/server/server.c index 9be9c4802..863999c79 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -459,10 +459,14 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) #endif #ifdef HAVE_OCSP if (useOcsp) { - CyaSSL_CTX_OCSP_set_options(ctx, - CYASSL_OCSP_ENABLE | CYASSL_OCSP_NO_NONCE); - if (ocspUrl != NULL) + if (ocspUrl != NULL) { CyaSSL_CTX_OCSP_set_override_url(ctx, ocspUrl); + CyaSSL_CTX_OCSP_set_options(ctx, CYASSL_OCSP_ENABLE | + CYASSL_OCSP_URL_OVERRIDE | CYASSL_OCSP_NO_NONCE); + } + else + CyaSSL_CTX_OCSP_set_options(ctx, CYASSL_OCSP_ENABLE | + CYASSL_OCSP_NO_NONCE); } #endif #ifdef HAVE_PK_CALLBACKS From ea5b7ca9d14d64a81add26550ca20d591b1bb470 Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 18 Dec 2013 16:16:35 -0800 Subject: [PATCH 051/135] allow testsuite to run in xcode 5 if custom build location --- testsuite/testsuite.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/testsuite/testsuite.c b/testsuite/testsuite.c index 351a7471f..43f2d5300 100644 --- a/testsuite/testsuite.c +++ b/testsuite/testsuite.c @@ -81,9 +81,11 @@ int main(int argc, char** argv) if (CurrentDir("testsuite")) ChangeDirBack(1); - else if (CurrentDir("build")) /* Xcode->Preferences->Locations->Build */ - ChangeDirBack(2); /* Location "Place build product in locations - specified by targets", uses build/Debug */ + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); /* Xcode->Preferences->Locations->Locations*/ + /* Derived Data Advanced -> Custom */ + /* Relative to Workspace, Build/Products */ + /* Debug or Release */ server_args.signal = &ready; InitTcpReady(&ready); From dff54942a2be62447c6ca815ed29b2df7a6c7de4 Mon Sep 17 00:00:00 2001 From: toddouska Date: Thu, 19 Dec 2013 15:23:57 -0800 Subject: [PATCH 052/135] xcode5 paths for examples --- examples/client/client.c | 4 +++- examples/echoclient/echoclient.c | 4 +++- examples/echoserver/echoserver.c | 4 +++- examples/server/server.c | 4 +++- tests/unit.c | 4 ++-- 5 files changed, 14 insertions(+), 6 deletions(-) diff --git a/examples/client/client.c b/examples/client/client.c index 9a9c41c32..4a1ea40ac 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -807,8 +807,10 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args) #if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) && !defined(STACK_TRAP) CyaSSL_Debugging_ON(); #endif - if (CurrentDir("client") || CurrentDir("build")) + if (CurrentDir("client")) ChangeDirBack(2); + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); #ifdef HAVE_STACK_SIZE StackSizeCheck(&args, client_test); diff --git a/examples/echoclient/echoclient.c b/examples/echoclient/echoclient.c index 0c444a2a2..ee654d481 100644 --- a/examples/echoclient/echoclient.c +++ b/examples/echoclient/echoclient.c @@ -255,8 +255,10 @@ void echoclient_test(void* args) CyaSSL_Debugging_ON(); #endif - if (CurrentDir("echoclient") || CurrentDir("build")) + if (CurrentDir("echoclient")) ChangeDirBack(2); + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); echoclient_test(&args); CyaSSL_Cleanup(); diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c index cc4ed7200..1eac9b5a9 100644 --- a/examples/echoserver/echoserver.c +++ b/examples/echoserver/echoserver.c @@ -339,8 +339,10 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) #if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) CyaSSL_Debugging_ON(); #endif - if (CurrentDir("echoserver") || CurrentDir("build")) + if (CurrentDir("echoserver")) ChangeDirBack(2); + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); echoserver_test(&args); CyaSSL_Cleanup(); diff --git a/examples/server/server.c b/examples/server/server.c index 863999c79..57af48bf0 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -560,8 +560,10 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) #if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) CyaSSL_Debugging_ON(); #endif - if (CurrentDir("server") || CurrentDir("build")) + if (CurrentDir("server")) ChangeDirBack(2); + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); #ifdef HAVE_STACK_SIZE StackSizeCheck(&args, server_test); diff --git a/tests/unit.c b/tests/unit.c index 72f14ff68..8183b82ca 100644 --- a/tests/unit.c +++ b/tests/unit.c @@ -29,8 +29,8 @@ int main(int argc, char** argv) if (CurrentDir("tests")) ChangeDirBack(1); - else if (CurrentDir("build")) - ChangeDirBack(2); + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); if ( (ret = ApiTest()) != 0) { printf("api test failed with %d\n", ret); From 0ee34c961eef7478079125fc36819a4cc87cf700 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 23 Dec 2013 11:19:21 -0800 Subject: [PATCH 053/135] make sure passwd_cb called before load private key in server example --- IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c | 8 ++++---- examples/server/server.c | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c b/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c index 8e155f30a..88a6064b4 100644 --- a/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c +++ b/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c @@ -347,6 +347,10 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) usePsk = 1; #endif +#ifdef OPENSSL_EXTRA + SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); +#endif + if (fewerPackets) CyaSSL_CTX_set_group_messages(ctx); @@ -404,10 +408,6 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) } #endif -#ifdef OPENSSL_EXTRA - SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); -#endif - #if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) /* don't use EDH, can't sniff tmp keys */ if (cipherList == NULL) { diff --git a/examples/server/server.c b/examples/server/server.c index 57af48bf0..a6aaeb4ba 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -374,6 +374,10 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) if (fewerPackets) CyaSSL_CTX_set_group_messages(ctx); +#ifdef OPENSSL_EXTRA + SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); +#endif + #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) if (!usePsk) { if (SSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM) @@ -428,10 +432,6 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) } #endif -#ifdef OPENSSL_EXTRA - SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); -#endif - #if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) /* don't use EDH, can't sniff tmp keys */ if (cipherList == NULL) { From db71460bb8fb546db892dfe2fd01a5b973d13260 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 23 Dec 2013 12:07:20 -0800 Subject: [PATCH 054/135] add password functionality to CyaSSL_KeyPemToDer() --- src/ssl.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/src/ssl.c b/src/ssl.c index 49f8d5f9d..ba0021f97 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1054,6 +1054,19 @@ int CyaSSL_CertManagerUnloadCAs(CYASSL_CERT_MANAGER* cm) } +/* our KeyPemToDer password callback, password in userData */ +static INLINE int OurPasswordCb(char* passwd, int sz, int rw, void* userdata) +{ + (void)rw; + + if (userdata == NULL) + return 0; + + XSTRNCPY(passwd, (char*)userdata, sz); + return (int)XSTRLEN((char*)userdata); +} + + /* Return bytes written to buff or < 0 for error */ int CyaSSL_KeyPemToDer(const unsigned char* pem, int pemSz, unsigned char* buff, int buffSz, const char* pass) @@ -1077,6 +1090,14 @@ int CyaSSL_KeyPemToDer(const unsigned char* pem, int pemSz, unsigned char* buff, info.consumed = 0; der.buffer = NULL; +#ifdef OPENSSL_EXTRA + info.ctx = CyaSSL_CTX_new(CyaSSLv23_client_method()); + if (info.ctx == NULL) + return MEMORY_E; + CyaSSL_CTX_set_default_passwd_cb(info.ctx, OurPasswordCb); + CyaSSL_CTX_set_default_passwd_cb_userdata(info.ctx, (void*)pass); +#endif + ret = PemToDer(pem, pemSz, PRIVATEKEY_TYPE, &der, NULL, &info, &eccKey); if (ret < 0) { CYASSL_MSG("Bad Pem To Der"); @@ -1094,6 +1115,9 @@ int CyaSSL_KeyPemToDer(const unsigned char* pem, int pemSz, unsigned char* buff, XFREE(der.buffer, NULL, DYNAMIC_TYPE_KEY); + if (info.ctx) + CyaSSL_CTX_free(info.ctx); + return ret; } From 3c706b4645926ab231a0dd0a7fcfb6e766103a9f Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 23 Dec 2013 12:15:55 -0800 Subject: [PATCH 055/135] only set up tmp ctx if using password --- src/ssl.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index ba0021f97..2f54e0ebd 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1091,11 +1091,13 @@ int CyaSSL_KeyPemToDer(const unsigned char* pem, int pemSz, unsigned char* buff, der.buffer = NULL; #ifdef OPENSSL_EXTRA - info.ctx = CyaSSL_CTX_new(CyaSSLv23_client_method()); - if (info.ctx == NULL) - return MEMORY_E; - CyaSSL_CTX_set_default_passwd_cb(info.ctx, OurPasswordCb); - CyaSSL_CTX_set_default_passwd_cb_userdata(info.ctx, (void*)pass); + if (pass) { + info.ctx = CyaSSL_CTX_new(CyaSSLv23_client_method()); + if (info.ctx == NULL) + return MEMORY_E; + CyaSSL_CTX_set_default_passwd_cb(info.ctx, OurPasswordCb); + CyaSSL_CTX_set_default_passwd_cb_userdata(info.ctx, (void*)pass); + } #endif ret = PemToDer(pem, pemSz, PRIVATEKEY_TYPE, &der, NULL, &info, &eccKey); From 29c41da818f2ae327dc80dd0a1d89f859c7fd7be Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 23 Dec 2013 12:24:03 -0800 Subject: [PATCH 056/135] do size check on user password input --- src/ssl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/ssl.c b/src/ssl.c index 2f54e0ebd..d9edaa946 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1063,7 +1063,7 @@ static INLINE int OurPasswordCb(char* passwd, int sz, int rw, void* userdata) return 0; XSTRNCPY(passwd, (char*)userdata, sz); - return (int)XSTRLEN((char*)userdata); + return min((word32)sz, (word32)XSTRLEN((char*)userdata)); } From 64912b37f6a332bd106a4c55923df4742a2edb49 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Mon, 23 Dec 2013 14:07:58 -0700 Subject: [PATCH 057/135] adjust key buffer length when using ToTraditional() or ToTraditionalEnc() --- ctaocrypt/src/asn.c | 2 +- src/ssl.c | 22 ++++++++++++++++++---- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index 8b4463229..fa3080a34 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -764,7 +764,7 @@ int ToTraditional(byte* input, word32 sz) XMEMMOVE(input, input + inOutIdx, length); - return 0; + return length; } diff --git a/src/ssl.c b/src/ssl.c index d9edaa946..e2ca23d6a 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1563,6 +1563,7 @@ int CyaSSL_Init(void) char* consumedEnd; char* bufferEnd = (char*)(buff + longSz); long neededSz; + int ret = 0; int pkcs8 = 0; int pkcs8Enc = 0; int dynamicType = 0; @@ -1714,8 +1715,15 @@ int CyaSSL_Init(void) &der->length) < 0) return SSL_BAD_FILE; - if (pkcs8) - return ToTraditional(der->buffer, der->length); + if (pkcs8) { + /* convert and adjust length */ + if ( (ret = ToTraditional(der->buffer, der->length)) < 0 ) { + return ret; + } else { + der->length = ret; + return 0; + } + } #if defined(OPENSSL_EXTRA) && !defined(NO_PWDBASED) if (pkcs8Enc) { @@ -1726,8 +1734,14 @@ int CyaSSL_Init(void) return SSL_BAD_FILE; /* no callback error */ passwordSz = info->ctx->passwd_cb(password, sizeof(password), 0, info->ctx->userdata); - return ToTraditionalEnc(der->buffer, der->length, password, - passwordSz); + /* convert and adjust length */ + if ( (ret = ToTraditionalEnc(der->buffer, der->length, password, + passwordSz)) < 0 ) { + return ret; + } else { + der->length = ret; + return 0; + } } #endif From 14aa114854cec49388b36d27072d919db7bd76e4 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Mon, 23 Dec 2013 14:33:44 -0800 Subject: [PATCH 058/135] Trimmed unused includes and defines from OCSP source. --- src/ocsp.c | 31 ------------------------------- 1 file changed, 31 deletions(-) diff --git a/src/ocsp.c b/src/ocsp.c index 6933e9748..f36233a45 100644 --- a/src/ocsp.c +++ b/src/ocsp.c @@ -27,41 +27,10 @@ #ifdef HAVE_OCSP -#ifdef EBSNET - #include "rtip.h" - #include "socket.h" -#endif - #include #include #include -#include -#include - -#ifndef EBSNET - #include - #include - #include - #include - #include - #include - #include - #include - #include -#endif - - -CYASSL_API int ocsp_test(unsigned char* buf, int sz); -#define CYASSL_OCSP_ENABLE 0x0001 /* Enable OCSP lookups */ -#define CYASSL_OCSP_URL_OVERRIDE 0x0002 /* Use the override URL instead of URL - * in certificate */ -#define CYASSL_OCSP_NO_NONCE 0x0004 /* Disables the request nonce */ - -typedef struct sockaddr_in SOCKADDR_IN_T; -#define AF_INET_V AF_INET -#define SOCKET_T unsigned int - int CyaSSL_OCSP_Init(CYASSL_OCSP* ocsp) { From 4ce2e59adf21652cb0c9585c72b816bb27ca5cce Mon Sep 17 00:00:00 2001 From: John Safranek Date: Mon, 23 Dec 2013 22:32:08 -0800 Subject: [PATCH 059/135] For Atomic user: 1. Added a getter for the session's IV size. 2. The HMAC size getter should return 0 for AEAD ciphers and the hash length for the others. --- cyassl/ssl.h | 1 + src/ssl.c | 12 +++++++++++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/cyassl/ssl.h b/cyassl/ssl.h index 6cbfc6f01..fc118b419 100644 --- a/cyassl/ssl.h +++ b/cyassl/ssl.h @@ -1007,6 +1007,7 @@ CYASSL_API const unsigned char* CyaSSL_GetClientWriteIV(CYASSL*); CYASSL_API const unsigned char* CyaSSL_GetServerWriteKey(CYASSL*); CYASSL_API const unsigned char* CyaSSL_GetServerWriteIV(CYASSL*); CYASSL_API int CyaSSL_GetKeySize(CYASSL*); +CYASSL_API int CyaSSL_GetIVSize(CYASSL*); CYASSL_API int CyaSSL_GetSide(CYASSL*); CYASSL_API int CyaSSL_IsTLSv1_1(CYASSL*); CYASSL_API int CyaSSL_GetBulkCipher(CYASSL*); diff --git a/src/ssl.c b/src/ssl.c index e2ca23d6a..c7f5b255f 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -910,6 +910,15 @@ int CyaSSL_GetKeySize(CYASSL* ssl) } +int CyaSSL_GetIVSize(CYASSL* ssl) +{ + if (ssl) + return ssl->specs.iv_size; + + return BAD_FUNC_ARG; +} + + int CyaSSL_GetBulkCipher(CYASSL* ssl) { if (ssl) @@ -976,8 +985,9 @@ int CyaSSL_GetSide(CYASSL* ssl) int CyaSSL_GetHmacSize(CYASSL* ssl) { + /* AEAD ciphers don't have HMAC keys */ if (ssl) - return ssl->specs.hash_size; + return (ssl->specs.cipher_type != aead) ? ssl->specs.hash_size : 0; return BAD_FUNC_ARG; } From 3e24a446b9c5a472369906bd94b3484f24fd12b9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Tue, 24 Dec 2013 15:34:17 -0300 Subject: [PATCH 060/135] fixing SNI_GetFromBuffer return code on success. --- src/tls.c | 2 +- tests/api.c | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/tls.c b/src/tls.c index b8f6b1d8a..5acc8e648 100644 --- a/src/tls.c +++ b/src/tls.c @@ -988,7 +988,7 @@ int TLSX_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz, len16 -= MIN(2 * OPAQUE16_LEN + extLen, len16); } - return len16 ? BUFFER_ERROR : 0; + return len16 ? BUFFER_ERROR : SSL_SUCCESS; } #endif diff --git a/tests/api.c b/tests/api.c index 677cfd3f7..e37d5e686 100644 --- a/tests/api.c +++ b/tests/api.c @@ -379,11 +379,11 @@ static void test_CyaSSL_SNI_GetFromBuffer(void) byte result[32] = {0}; word32 length = 32; - AssertIntEQ(0, CyaSSL_SNI_GetFromBuffer(buffer3, sizeof(buffer3), 0, - result, &length)); + AssertIntEQ(SSL_SUCCESS, CyaSSL_SNI_GetFromBuffer(buffer3, sizeof(buffer3), + 0, result, &length)); - AssertIntEQ(0, CyaSSL_SNI_GetFromBuffer(buffer2, sizeof(buffer2), 1, - result, &length)); + AssertIntEQ(SSL_SUCCESS, CyaSSL_SNI_GetFromBuffer(buffer2, sizeof(buffer2), + 1, result, &length)); AssertIntEQ(-228, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0, result, &length)); From d46c68ba1004d8ef79668437a999c129b100530f Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 27 Dec 2013 12:11:47 -0800 Subject: [PATCH 061/135] Moved OCSP into the CertManager like the CRL. --- cyassl/ctaocrypt/types.h | 3 +- cyassl/internal.h | 28 ++-- cyassl/ocsp.h | 8 +- cyassl/ssl.h | 43 ++++--- examples/client/client.c | 9 +- examples/server/server.c | 9 +- src/internal.c | 12 +- src/io.c | 21 --- src/ocsp.c | 90 +++++-------- src/ssl.c | 268 +++++++++++++++++++++++++++++++++------ 10 files changed, 318 insertions(+), 173 deletions(-) diff --git a/cyassl/ctaocrypt/types.h b/cyassl/ctaocrypt/types.h index c5075c51c..ea9cf8c11 100644 --- a/cyassl/ctaocrypt/types.h +++ b/cyassl/ctaocrypt/types.h @@ -270,7 +270,8 @@ enum { DYNAMIC_TYPE_CAVIUM_TMP = 40, DYNAMIC_TYPE_CAVIUM_RSA = 41, DYNAMIC_TYPE_X509 = 42, - DYNAMIC_TYPE_TLSX = 43 + DYNAMIC_TYPE_TLSX = 43, + DYNAMIC_TYPE_OCSP = 44 }; /* max error buffer string size */ diff --git a/cyassl/internal.h b/cyassl/internal.h index d961fcd09..4adbfd1ed 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -982,24 +982,22 @@ typedef struct OCSP_Entry OCSP_Entry; #endif struct OCSP_Entry { - OCSP_Entry* next; /* next entry */ + OCSP_Entry* next; /* next entry */ byte issuerHash[OCSP_DIGEST_SIZE]; /* issuer hash */ byte issuerKeyHash[OCSP_DIGEST_SIZE]; /* issuer public key hash */ - CertStatus* status; /* OCSP response list */ - int totalStatus; /* number on list */ + CertStatus* status; /* OCSP response list */ + int totalStatus; /* number on list */ }; +#ifndef HAVE_OCSP + typedef struct CYASSL_OCSP CYASSL_OCSP; +#endif + /* CyaSSL OCSP controller */ struct CYASSL_OCSP { - byte enabled; - byte useOverrideUrl; - byte useNonce; - char overrideUrl[80]; - OCSP_Entry* ocspList; - void* IOCB_OcspCtx; - CallbackIOOcsp CBIOOcsp; - CallbackIOOcspRespFree CBIOOcspRespFree; + CYASSL_CERT_MANAGER* cm; /* pointer back to cert manager */ + OCSP_Entry* ocspList; /* OCSP response list */ }; #ifndef MAX_DATE_SIZE @@ -1077,6 +1075,14 @@ struct CYASSL_CERT_MANAGER { byte crlEnabled; /* is CRL on ? */ byte crlCheckAll; /* always leaf, but all ? */ CbMissingCRL cbMissingCRL; /* notify through cb of missing crl */ + CYASSL_OCSP* ocsp; /* OCSP checker */ + byte ocspEnabled; /* is OCSP on ? */ + byte ocspSendNonce; /* send the OCSP nonce ? */ + byte ocspUseOverrideURL; /* ignore cert's responder, override */ + char* ocspOverrideURL; /* use this responder */ + void* ocspIOCtx; /* I/O callback CTX */ + CbOCSPIO ocspIOCb; /* I/O callback for OCSP lookup */ + CbOCSPRespFree ocspRespFreeCb; /* Frees OCSP Response from IO Cb */ }; CYASSL_LOCAL int CM_SaveCertCache(CYASSL_CERT_MANAGER*, const char*); diff --git a/cyassl/ocsp.h b/cyassl/ocsp.h index f47f671b1..f6931bd98 100644 --- a/cyassl/ocsp.h +++ b/cyassl/ocsp.h @@ -36,12 +36,10 @@ typedef struct CYASSL_OCSP CYASSL_OCSP; -CYASSL_LOCAL int CyaSSL_OCSP_Init(CYASSL_OCSP*); -CYASSL_LOCAL void CyaSSL_OCSP_Cleanup(CYASSL_OCSP*); - -CYASSL_LOCAL int CyaSSL_OCSP_set_override_url(CYASSL_OCSP*, const char*); -CYASSL_LOCAL int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP*, DecodedCert*); +CYASSL_LOCAL int InitOCSP(CYASSL_OCSP*, CYASSL_CERT_MANAGER*); +CYASSL_LOCAL void FreeOCSP(CYASSL_OCSP*, int dynamic); +CYASSL_LOCAL int CheckCertOCSP(CYASSL_OCSP*, DecodedCert*); #ifdef __cplusplus } /* extern "C" */ diff --git a/cyassl/ssl.h b/cyassl/ssl.h index fc118b419..19db2aba1 100644 --- a/cyassl/ssl.h +++ b/cyassl/ssl.h @@ -543,6 +543,9 @@ enum { OCSP_RESPONSE = 8, OCSP_BASICRESP = 16, + CYASSL_OCSP_URL_OVERRIDE = 1, + CYASSL_OCSP_NO_NONCE = 2, + CYASSL_CRL_CHECKALL = 1, ASN1_GENERALIZEDTIME = 4, @@ -943,15 +946,6 @@ CYASSL_API void CyaSSL_CTX_SetGenCookie(CYASSL_CTX*, CallbackGenCookie); CYASSL_API void CyaSSL_SetCookieCtx(CYASSL* ssl, void *ctx); CYASSL_API void* CyaSSL_GetCookieCtx(CYASSL* ssl); -typedef int (*CallbackIOOcsp)(void*, const char*, int, - unsigned char*, int, unsigned char**); -typedef void (*CallbackIOOcspRespFree)(void*,unsigned char*); -#ifdef HAVE_OCSP -CYASSL_API void CyaSSL_SetIOOcsp(CYASSL_CTX *ocsp, CallbackIOOcsp cb); -CYASSL_API void CyaSSL_SetIOOcspRespFree(CYASSL_CTX *ocsp, - CallbackIOOcspRespFree cb); -CYASSL_API void CyaSSL_SetIOOcspCtx(CYASSL_CTX *ocsp, void *octx); -#endif /* I/O Callback default errors */ enum IOerrors { @@ -982,6 +976,9 @@ CYASSL_API int CyaSSL_KeyPemToDer(const unsigned char*, int sz, unsigned char*, typedef void (*CallbackCACache)(unsigned char* der, int sz, int type); typedef void (*CbMissingCRL)(const char* url); +typedef int (*CbOCSPIO)(void*, const char*, int, + unsigned char*, int, unsigned char**); +typedef void (*CbOCSPRespFree)(void*,unsigned char*); /* User Atomic Record Layer CallBacks */ typedef int (*CallbackMacEncrypt)(CYASSL* ssl, unsigned char* macOut, @@ -1127,16 +1124,34 @@ CYASSL_API void* CyaSSL_GetRsaDecCtx(CYASSL* ssl); int, int); CYASSL_API int CyaSSL_CertManagerSetCRL_Cb(CYASSL_CERT_MANAGER*, CbMissingCRL); + CYASSL_API int CyaSSL_CertManagerCheckOCSP(CYASSL_CERT_MANAGER*, + unsigned char*, int sz); + CYASSL_API int CyaSSL_CertManagerEnableOCSP(CYASSL_CERT_MANAGER*, + int options); + CYASSL_API int CyaSSL_CertManagerDisableOCSP(CYASSL_CERT_MANAGER*); + CYASSL_API int CyaSSL_CertManagerSetOCSPOverrideURL(CYASSL_CERT_MANAGER*, + const char*); + CYASSL_API int CyaSSL_CertManagerSetOCSP_Cb(CYASSL_CERT_MANAGER*, + CbOCSPIO, CbOCSPRespFree, void*); CYASSL_API int CyaSSL_EnableCRL(CYASSL* ssl, int options); CYASSL_API int CyaSSL_DisableCRL(CYASSL* ssl); CYASSL_API int CyaSSL_LoadCRL(CYASSL*, const char*, int, int); CYASSL_API int CyaSSL_SetCRL_Cb(CYASSL*, CbMissingCRL); + CYASSL_API int CyaSSL_EnableOCSP(CYASSL*, int options); + CYASSL_API int CyaSSL_DisableOCSP(CYASSL*); + CYASSL_API int CyaSSL_SetOCSP_OverrideURL(CYASSL*, const char*); + CYASSL_API int CyaSSL_SetOCSP_Cb(CYASSL*, CbOCSPIO, CbOCSPRespFree, void*); CYASSL_API int CyaSSL_CTX_EnableCRL(CYASSL_CTX* ctx, int options); CYASSL_API int CyaSSL_CTX_DisableCRL(CYASSL_CTX* ctx); CYASSL_API int CyaSSL_CTX_LoadCRL(CYASSL_CTX*, const char*, int, int); CYASSL_API int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX*, CbMissingCRL); + CYASSL_API int CyaSSL_CTX_EnableOCSP(CYASSL_CTX*, int options); + CYASSL_API int CyaSSL_CTX_DisableOCSP(CYASSL_CTX*); + CYASSL_API int CyaSSL_CTX_SetOCSP_OverrideURL(CYASSL_CTX*, const char*); + CYASSL_API int CyaSSL_CTX_SetOCSP_Cb(CYASSL_CTX*, + CbOCSPIO, CbOCSPRespFree, void*); #endif /* !NO_CERTS */ /* end of handshake frees temporary arrays, if user needs for get_keys or @@ -1245,16 +1260,6 @@ CYASSL_API int CyaSSL_accept_ex(CYASSL*, HandShakeCallBack, TimeoutCallBack, #endif /* CYASSL_CALLBACKS */ -CYASSL_API int CyaSSL_CTX_OCSP_set_options(CYASSL_CTX*, int); -CYASSL_API int CyaSSL_CTX_OCSP_set_override_url(CYASSL_CTX*, const char*); - -/* OCSP Options */ -#define CYASSL_OCSP_ENABLE 0x0001 /* Enable OCSP lookups */ -#define CYASSL_OCSP_URL_OVERRIDE 0x0002 /* Use the override URL instead of URL - * in certificate */ -#define CYASSL_OCSP_NO_NONCE 0x0004 /* Disables the request nonce. */ - - #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/examples/client/client.c b/examples/client/client.c index 4a1ea40ac..ff0e9848f 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -506,13 +506,12 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args) #ifdef HAVE_OCSP if (useOcsp) { if (ocspUrl != NULL) { - CyaSSL_CTX_OCSP_set_override_url(ctx, ocspUrl); - CyaSSL_CTX_OCSP_set_options(ctx, CYASSL_OCSP_ENABLE | - CYASSL_OCSP_URL_OVERRIDE | CYASSL_OCSP_NO_NONCE); + CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl); + CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE + | CYASSL_OCSP_URL_OVERRIDE); } else - CyaSSL_CTX_OCSP_set_options(ctx, CYASSL_OCSP_ENABLE | - CYASSL_OCSP_NO_NONCE); + CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE); } #endif diff --git a/examples/server/server.c b/examples/server/server.c index a6aaeb4ba..365418d5d 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -460,13 +460,12 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) #ifdef HAVE_OCSP if (useOcsp) { if (ocspUrl != NULL) { - CyaSSL_CTX_OCSP_set_override_url(ctx, ocspUrl); - CyaSSL_CTX_OCSP_set_options(ctx, CYASSL_OCSP_ENABLE | - CYASSL_OCSP_URL_OVERRIDE | CYASSL_OCSP_NO_NONCE); + CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl); + CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE + | CYASSL_OCSP_URL_OVERRIDE); } else - CyaSSL_CTX_OCSP_set_options(ctx, CYASSL_OCSP_ENABLE | - CYASSL_OCSP_NO_NONCE); + CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE); } #endif #ifdef HAVE_PK_CALLBACKS diff --git a/src/internal.c b/src/internal.c index 4c24d67e8..3aecbfe32 100644 --- a/src/internal.c +++ b/src/internal.c @@ -426,9 +426,6 @@ int InitSSL_Ctx(CYASSL_CTX* ctx, CYASSL_METHOD* method) ctx->sendVerify = 0; ctx->quietShutdown = 0; ctx->groupMessages = 0; -#ifdef HAVE_OCSP - CyaSSL_OCSP_Init(&ctx->ocsp); -#endif #ifdef HAVE_CAVIUM ctx->devId = NO_CAVIUM_DEVICE; #endif @@ -479,9 +476,6 @@ void SSL_CtxResourceFree(CYASSL_CTX* ctx) XFREE(ctx->certChain.buffer, ctx->heap, DYNAMIC_TYPE_CERT); CyaSSL_CertManagerFree(ctx->cm); #endif -#ifdef HAVE_OCSP - CyaSSL_OCSP_Cleanup(&ctx->ocsp); -#endif #ifdef HAVE_TLS_EXTENSIONS TLSX_FreeAll(ctx->extensions); #endif @@ -3393,8 +3387,8 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx) } #ifdef HAVE_OCSP - if (fatal == 0) { - ret = CyaSSL_OCSP_Lookup_Cert(&ssl->ctx->ocsp, &dCert); + if (fatal == 0 && ssl->ctx->cm->ocspEnabled) { + ret = CheckCertOCSP(ssl->ctx->cm->ocsp, &dCert); if (ret != 0) { CYASSL_MSG("\tOCSP Lookup not ok"); fatal = 0; @@ -3407,7 +3401,7 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx) int doCrlLookup = 1; #ifdef HAVE_OCSP - if (ssl->ctx->ocsp.enabled) { + if (ssl->ctx->cm->ocspEnabled) { doCrlLookup = (ret == OCSP_CERT_UNKNOWN); } #endif /* HAVE_OCSP */ diff --git a/src/io.c b/src/io.c index e216d4713..c023d00d7 100644 --- a/src/io.c +++ b/src/io.c @@ -950,27 +950,6 @@ CYASSL_API void* CyaSSL_GetCookieCtx(CYASSL* ssl) #endif /* CYASSL_DTLS */ -#ifdef HAVE_OCSP - -CYASSL_API void CyaSSL_SetIOOcsp(CYASSL_CTX* ctx, CallbackIOOcsp cb) -{ - ctx->ocsp.CBIOOcsp = cb; -} - -CYASSL_API void CyaSSL_SetIOOcspRespFree(CYASSL_CTX* ctx, - CallbackIOOcspRespFree cb) -{ - ctx->ocsp.CBIOOcspRespFree = cb; -} - -CYASSL_API void CyaSSL_SetIOOcspCtx(CYASSL_CTX* ctx, void *octx) -{ - ctx->ocsp.IOCB_OcspCtx = octx; -} - -#endif - - #ifdef HAVE_NETX /* The NetX receive callback diff --git a/src/ocsp.c b/src/ocsp.c index f36233a45..f24fc48b5 100644 --- a/src/ocsp.c +++ b/src/ocsp.c @@ -32,19 +32,27 @@ #include -int CyaSSL_OCSP_Init(CYASSL_OCSP* ocsp) +int InitOCSP(CYASSL_OCSP* ocsp, CYASSL_CERT_MANAGER* cm) { - if (ocsp != NULL) { - XMEMSET(ocsp, 0, sizeof(*ocsp)); - ocsp->useNonce = 1; - #ifndef CYASSL_USER_IO - ocsp->CBIOOcsp = EmbedOcspLookup; - ocsp->CBIOOcspRespFree = EmbedOcspRespFree; - #endif - return 0; - } + CYASSL_ENTER("InitOCSP"); + XMEMSET(ocsp, 0, sizeof(*ocsp)); + ocsp->cm = cm; - return -1; + return 0; +} + + +static int InitOCSP_Entry(OCSP_Entry* ocspe, DecodedCert* cert) +{ + CYASSL_ENTER("InitOCSP_Entry"); + + ocspe->next = NULL; + XMEMCPY(ocspe->issuerHash, cert->issuerHash, SHA_DIGEST_SIZE); + XMEMCPY(ocspe->issuerKeyHash, cert->issuerKeyHash, SHA_DIGEST_SIZE); + ocspe->status = NULL; + ocspe->totalStatus = 0; + + return 0; } @@ -62,45 +70,21 @@ static void FreeOCSP_Entry(OCSP_Entry* ocspe) } -void CyaSSL_OCSP_Cleanup(CYASSL_OCSP* ocsp) +void FreeOCSP(CYASSL_OCSP* ocsp, int dynamic) { OCSP_Entry* tmp = ocsp->ocspList; - ocsp->enabled = 0; + CYASSL_ENTER("FreeOCSP"); + while (tmp) { OCSP_Entry* next = tmp->next; FreeOCSP_Entry(tmp); XFREE(tmp, NULL, DYNAMIC_TYPE_OCSP_ENTRY); tmp = next; } -} - -int CyaSSL_OCSP_set_override_url(CYASSL_OCSP* ocsp, const char* url) -{ - if (ocsp != NULL) { - int urlSz = (int)XSTRLEN(url); - if (urlSz < (int)sizeof(ocsp->overrideUrl)) { - XSTRNCPY(ocsp->overrideUrl, url, urlSz); - return 1; - } - } - - return 0; -} - - -static int InitOCSP_Entry(OCSP_Entry* ocspe, DecodedCert* cert) -{ - CYASSL_ENTER("InitOCSP_Entry"); - - ocspe->next = NULL; - XMEMCPY(ocspe->issuerHash, cert->issuerHash, SHA_DIGEST_SIZE); - XMEMCPY(ocspe->issuerKeyHash, cert->issuerKeyHash, SHA_DIGEST_SIZE); - ocspe->status = NULL; - ocspe->totalStatus = 0; - - return 0; + if (dynamic) + XFREE(ocsp, NULL, DYNAMIC_TYPE_OCSP); } @@ -193,7 +177,7 @@ static int xstat2err(int stat) } -int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP* ocsp, DecodedCert* cert) +int CheckCertOCSP(CYASSL_OCSP* ocsp, DecodedCert* cert) { byte* ocspReqBuf = NULL; int ocspReqSz = 2048; @@ -206,11 +190,7 @@ int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP* ocsp, DecodedCert* cert) const char *url; int urlSz; - /* If OCSP lookups are disabled, return success. */ - if (!ocsp->enabled) { - CYASSL_MSG("OCSP lookup disabled, assuming CERT_GOOD"); - return 0; - } + CYASSL_ENTER("CheckCertOCSP"); ocspe = find_ocsp_entry(ocsp, cert); if (ocspe == NULL) { @@ -244,11 +224,10 @@ int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP* ocsp, DecodedCert* cert) } } - if (ocsp->useOverrideUrl) { - if (ocsp->overrideUrl[0] != '\0') { - url = ocsp->overrideUrl; + if (ocsp->cm->ocspUseOverrideURL) { + url = ocsp->cm->ocspOverrideURL; + if (url != NULL && url[0] != '\0') urlSz = (int)XSTRLEN(url); - } else return OCSP_NEED_URL; } @@ -266,11 +245,12 @@ int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP* ocsp, DecodedCert* cert) CYASSL_MSG("\talloc OCSP request buffer failed"); return MEMORY_ERROR; } - InitOcspRequest(&ocspRequest, cert, ocsp->useNonce, ocspReqBuf, ocspReqSz); + InitOcspRequest(&ocspRequest, cert, ocsp->cm->ocspSendNonce, + ocspReqBuf, ocspReqSz); ocspReqSz = EncodeOcspRequest(&ocspRequest); - if (ocsp->CBIOOcsp) { - result = ocsp->CBIOOcsp(ocsp->IOCB_OcspCtx, url, urlSz, + if (ocsp->cm->ocspIOCb) { + result = ocsp->cm->ocspIOCb(ocsp->cm->ocspIOCtx, url, urlSz, ocspReqBuf, ocspReqSz, &ocspRespBuf); } @@ -300,8 +280,8 @@ int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP* ocsp, DecodedCert* cert) if (ocspReqBuf != NULL) { XFREE(ocspReqBuf, NULL, DYNAMIC_TYPE_IN_BUFFER); } - if (ocspRespBuf != NULL && ocsp->CBIOOcspRespFree) { - ocsp->CBIOOcspRespFree(ocsp->IOCB_OcspCtx, ocspRespBuf); + if (ocspRespBuf != NULL && ocsp->cm->ocspRespFreeCb) { + ocsp->cm->ocspRespFreeCb(ocsp->cm->ocspIOCtx, ocspRespBuf); } return result; diff --git a/src/ssl.c b/src/ssl.c index c7f5b255f..37c9313a6 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1005,16 +1005,7 @@ CYASSL_CERT_MANAGER* CyaSSL_CertManagerNew(void) cm = (CYASSL_CERT_MANAGER*) XMALLOC(sizeof(CYASSL_CERT_MANAGER), 0, DYNAMIC_TYPE_CERT_MANAGER); if (cm) { - int i; - - for (i = 0; i < CA_TABLE_SIZE; i++) - cm->caTable[i] = NULL; - cm->heap = NULL; - cm->caCacheCallback = NULL; - cm->crl = NULL; - cm->crlEnabled = 0; - cm->crlCheckAll = 0; - cm->cbMissingCRL = NULL; + XMEMSET(cm, 0, sizeof(CYASSL_CERT_MANAGER)); if (InitMutex(&cm->caLock) != 0) { CYASSL_MSG("Bad mutex init"); @@ -1036,6 +1027,10 @@ void CyaSSL_CertManagerFree(CYASSL_CERT_MANAGER* cm) if (cm->crl) FreeCRL(cm->crl, 1); #endif + #ifdef HAVE_OCSP + if (cm->ocsp) + FreeOCSP(cm->ocsp, 1); + #endif FreeSignerTable(cm->caTable, CA_TABLE_SIZE, NULL); FreeMutex(&cm->caLock); XFREE(cm, NULL, DYNAMIC_TYPE_CERT_MANAGER); @@ -2504,6 +2499,62 @@ int CyaSSL_CertManagerDisableCRL(CYASSL_CERT_MANAGER* cm) } +/* turn on OCSP if off and compiled in, set options */ +int CyaSSL_CertManagerEnableOCSP(CYASSL_CERT_MANAGER* cm, int options) +{ + int ret = SSL_SUCCESS; + + (void)options; + + CYASSL_ENTER("CyaSSL_CertManagerEnableOCSP"); + if (cm == NULL) + return BAD_FUNC_ARG; + + #ifdef HAVE_OCSP + if (cm->ocsp == NULL) { + cm->ocsp = (CYASSL_OCSP*)XMALLOC(sizeof(CYASSL_OCSP), cm->heap, + DYNAMIC_TYPE_OCSP); + if (cm->ocsp == NULL) + return MEMORY_E; + + if (InitOCSP(cm->ocsp, cm) != 0) { + CYASSL_MSG("Init OCSP failed"); + FreeOCSP(cm->ocsp, 1); + cm->ocsp = NULL; + return SSL_FAILURE; + } + } + cm->ocspEnabled = 1; + if (options & CYASSL_OCSP_URL_OVERRIDE) + cm->ocspUseOverrideURL = 1; + if (options & CYASSL_OCSP_NO_NONCE) + cm->ocspSendNonce = 0; + else + cm->ocspSendNonce = 1; + #ifndef CYASSL_USER_IO + cm->ocspIOCb = EmbedOcspLookup; + cm->ocspRespFreeCb = EmbedOcspRespFree; + #endif /* CYASSL_USER_IO */ + #else + ret = NOT_COMPILED_IN; + #endif + + return ret; +} + + +int CyaSSL_CertManagerDisableOCSP(CYASSL_CERT_MANAGER* cm) +{ + CYASSL_ENTER("CyaSSL_CertManagerDisableOCSP"); + if (cm == NULL) + return BAD_FUNC_ARG; + + cm->ocspEnabled = 0; + + return SSL_SUCCESS; +} + + int CyaSSL_CTX_check_private_key(CYASSL_CTX* ctx) { /* TODO: check private against public for RSA match */ @@ -2666,6 +2717,171 @@ int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX* ctx, CbMissingCRL cb) #endif /* HAVE_CRL */ +#ifdef HAVE_OCSP + + +/* check CRL if enabled, SSL_SUCCESS */ +int CyaSSL_CertManagerCheckOCSP(CYASSL_CERT_MANAGER* cm, byte* der, int sz) +{ + int ret; + DecodedCert cert; + + CYASSL_ENTER("CyaSSL_CertManagerCheckOCSP"); + + if (cm == NULL) + return BAD_FUNC_ARG; + + if (cm->ocspEnabled == 0) + return SSL_SUCCESS; + + InitDecodedCert(&cert, der, sz, NULL); + + ret = ParseCertRelative(&cert, CERT_TYPE, NO_VERIFY, cm); + if (ret != 0) { + CYASSL_MSG("ParseCert failed"); + return ret; + } + else { + ret = CheckCertOCSP(cm->ocsp, &cert); + if (ret != 0) { + CYASSL_MSG("CheckCertOCSP failed"); + } + } + + FreeDecodedCert(&cert); + + if (ret == 0) + return SSL_SUCCESS; /* convert */ + + return ret; +} + + +int CyaSSL_CertManagerSetOCSPOverrideURL(CYASSL_CERT_MANAGER* cm, + const char* url) +{ + CYASSL_ENTER("CyaSSL_CertManagerSetOCSPOverrideURL"); + if (cm == NULL) + return BAD_FUNC_ARG; + + XFREE(cm->ocspOverrideURL, cm->heap, 0); + if (url != NULL) { + int urlSz = (int)XSTRLEN(url) + 1; + cm->ocspOverrideURL = (char*)XMALLOC(urlSz, cm->heap, 0); + if (cm->ocspOverrideURL != NULL) { + XMEMCPY(cm->ocspOverrideURL, url, urlSz); + } + else + return MEMORY_E; + } + else + cm->ocspOverrideURL = NULL; + + return SSL_SUCCESS; +} + + +int CyaSSL_CertManagerSetOCSP_Cb(CYASSL_CERT_MANAGER* cm, + CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx) +{ + CYASSL_ENTER("CyaSSL_CertManagerSetOCSP_Cb"); + if (cm == NULL) + return BAD_FUNC_ARG; + + cm->ocspIOCb = ioCb; + cm->ocspRespFreeCb = respFreeCb; + cm->ocspIOCtx = ioCbCtx; + + return SSL_SUCCESS; +} + + +int CyaSSL_EnableOCSP(CYASSL* ssl, int options) +{ + CYASSL_ENTER("CyaSSL_EnableOCSP"); + if (ssl) + return CyaSSL_CertManagerEnableOCSP(ssl->ctx->cm, options); + else + return BAD_FUNC_ARG; +} + + +int CyaSSL_DisableOCSP(CYASSL* ssl) +{ + CYASSL_ENTER("CyaSSL_DisableOCSP"); + if (ssl) + return CyaSSL_CertManagerDisableOCSP(ssl->ctx->cm); + else + return BAD_FUNC_ARG; +} + + +int CyaSSL_SetOCSP_OverrideURL(CYASSL* ssl, const char* url) +{ + CYASSL_ENTER("CyaSSL_SetOCSP_OverrideURL"); + if (ssl) + return CyaSSL_CertManagerSetOCSPOverrideURL(ssl->ctx->cm, url); + else + return BAD_FUNC_ARG; +} + + +int CyaSSL_SetOCSP_Cb(CYASSL* ssl, + CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx) +{ + CYASSL_ENTER("CyaSSL_SetOCSP_Cb"); + if (ssl) + return CyaSSL_CertManagerSetOCSP_Cb(ssl->ctx->cm, + ioCb, respFreeCb, ioCbCtx); + else + return BAD_FUNC_ARG; +} + + +int CyaSSL_CTX_EnableOCSP(CYASSL_CTX* ctx, int options) +{ + CYASSL_ENTER("CyaSSL_CTX_EnableOCSP"); + if (ctx) + return CyaSSL_CertManagerEnableOCSP(ctx->cm, options); + else + return BAD_FUNC_ARG; +} + + +int CyaSSL_CTX_DisableOCSP(CYASSL_CTX* ctx) +{ + CYASSL_ENTER("CyaSSL_CTX_DisableOCSP"); + if (ctx) + return CyaSSL_CertManagerDisableOCSP(ctx->cm); + else + return BAD_FUNC_ARG; +} + + +int CyaSSL_CTX_SetOCSP_OverrideURL(CYASSL_CTX* ctx, const char* url) +{ + CYASSL_ENTER("CyaSSL_SetOCSP_OverrideURL"); + if (ctx) + return CyaSSL_CertManagerSetOCSPOverrideURL(ctx->cm, url); + else + return BAD_FUNC_ARG; +} + + +int CyaSSL_CTX_SetOCSP_Cb(CYASSL_CTX* ctx, + CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx) +{ + CYASSL_ENTER("CyaSSL_CTX_SetOCSP_Cb"); + if (ctx) + return CyaSSL_CertManagerSetOCSP_Cb(ctx->cm, ioCb, respFreeCb, ioCbCtx); + else + return BAD_FUNC_ARG; +} + + +#endif /* HAVE_OCSP */ + + #ifdef CYASSL_DER_LOAD /* Add format parameter to allow DER load of CA files */ @@ -10921,38 +11137,6 @@ const byte* CyaSSL_get_sessionID(const CYASSL_SESSION* session) #endif /* SESSION_CERTS */ -int CyaSSL_CTX_OCSP_set_options(CYASSL_CTX* ctx, int options) -{ - CYASSL_ENTER("CyaSSL_CTX_OCSP_set_options"); -#ifdef HAVE_OCSP - if (ctx != NULL) { - ctx->ocsp.enabled = (options & CYASSL_OCSP_ENABLE) != 0; - ctx->ocsp.useOverrideUrl = (options & CYASSL_OCSP_URL_OVERRIDE) != 0; - ctx->ocsp.useNonce = (options & CYASSL_OCSP_NO_NONCE) == 0; - return SSL_SUCCESS; - } - return SSL_FAILURE; -#else - (void)ctx; - (void)options; - return NOT_COMPILED_IN; -#endif -} - - -int CyaSSL_CTX_OCSP_set_override_url(CYASSL_CTX* ctx, const char* url) -{ - CYASSL_ENTER("CyaSSL_CTX_OCSP_set_override_url"); -#ifdef HAVE_OCSP - return CyaSSL_OCSP_set_override_url(&ctx->ocsp, url); -#else - (void)ctx; - (void)url; - return NOT_COMPILED_IN; -#endif -} - - #ifndef NO_CERTS #ifdef HAVE_PK_CALLBACKS From 896b16a7df1f32488cbc1706d557965a8005a152 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 27 Dec 2013 16:13:52 -0800 Subject: [PATCH 062/135] Fixed off-by-one error in OCSP --- src/io.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/io.c b/src/io.c index c023d00d7..d71200d99 100644 --- a/src/io.c +++ b/src/io.c @@ -691,7 +691,7 @@ static int process_http_response(int sfd, byte** respBuf, if (result > 0) { len += result; start = (char*)httpBuf; - start[len+1] = 0; + start[len] = 0; } else { CYASSL_MSG("process_http_response recv http from peer failed"); From 7b04b7ab84647930132f05d3259d4641e7539a08 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Mon, 30 Dec 2013 10:39:12 -0800 Subject: [PATCH 063/135] DTLS IO and cookie callbacks are IPv4/IPv6 agnostic. --- src/io.c | 21 ++++----------------- 1 file changed, 4 insertions(+), 17 deletions(-) diff --git a/src/io.c b/src/io.c index d71200d99..55f28eed3 100644 --- a/src/io.c +++ b/src/io.c @@ -352,7 +352,7 @@ int EmbedReceiveFrom(CYASSL *ssl, char *buf, int sz, void *ctx) int err; int sd = dtlsCtx->fd; int dtls_timeout = CyaSSL_dtls_get_current_timeout(ssl); - struct sockaddr_in6 peer; + struct sockaddr_storage peer; XSOCKLENT peerSz = sizeof(peer); CYASSL_ENTER("EmbedReceiveFrom()"); @@ -471,34 +471,21 @@ int EmbedSendTo(CYASSL* ssl, char *buf, int sz, void *ctx) int EmbedGenerateCookie(CYASSL* ssl, byte *buf, int sz, void *ctx) { int sd = ssl->wfd; - struct sockaddr_in6 peer; + struct sockaddr_storage peer; XSOCKLENT peerSz = sizeof(peer); Sha sha; byte digest[SHA_DIGEST_SIZE]; (void)ctx; + XMEMSET(&peer, 0, sizeof(peer)); if (getpeername(sd, (struct sockaddr*)&peer, &peerSz) != 0) { CYASSL_MSG("getpeername failed in EmbedGenerateCookie"); return GEN_COOKIE_E; } InitSha(&sha); - - if (peer.sin6_family == AF_INET6) { - ShaUpdate(&sha, (byte*)&peer.sin6_port, sizeof(peer.sin6_port)); - ShaUpdate(&sha, (byte*)&peer.sin6_addr, sizeof(peer.sin6_addr)); - } - else if (peer.sin6_family == AF_INET) { - struct sockaddr_in *s = (struct sockaddr_in*)&peer; - ShaUpdate(&sha, (byte*)&s->sin_port, sizeof(s->sin_port)); - ShaUpdate(&sha, (byte*)&s->sin_addr, sizeof(s->sin_addr)); - } - else { - CYASSL_MSG("peer sin_family unknown type in EmbedGenerateCookie"); - return GEN_COOKIE_E; - } - + ShaUpdate(&sha, (byte*)&peer, peerSz); ShaFinal(&sha, digest); if (sz > SHA_DIGEST_SIZE) From 7cc9ab3d6f19228dabb674ebeae5c64a0854a455 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Thu, 2 Jan 2014 13:11:27 -0700 Subject: [PATCH 064/135] use lower case variables, prevent conflict with some toolchain defines --- cyassl/ctaocrypt/tfm.h | 66 +++++++++++++++++++++--------------------- 1 file changed, 33 insertions(+), 33 deletions(-) diff --git a/cyassl/ctaocrypt/tfm.h b/cyassl/ctaocrypt/tfm.h index 2495f67ab..d6653a606 100644 --- a/cyassl/ctaocrypt/tfm.h +++ b/cyassl/ctaocrypt/tfm.h @@ -510,104 +510,104 @@ void s_fp_add(fp_int *a, fp_int *b, fp_int *c); void s_fp_sub(fp_int *a, fp_int *b, fp_int *c); void fp_reverse(unsigned char *s, int len); -void fp_mul_comba(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba(fp_int *a, fp_int *b, fp_int *c); #ifdef TFM_SMALL_SET -void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba_small(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL3 -void fp_mul_comba3(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba3(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL4 -void fp_mul_comba4(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba4(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL6 -void fp_mul_comba6(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba6(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL7 -void fp_mul_comba7(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba7(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL8 -void fp_mul_comba8(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba8(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL9 -void fp_mul_comba9(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba9(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL12 -void fp_mul_comba12(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba12(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL17 -void fp_mul_comba17(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba17(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL20 -void fp_mul_comba20(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba20(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL24 -void fp_mul_comba24(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba24(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL28 -void fp_mul_comba28(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba28(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL32 -void fp_mul_comba32(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba32(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL48 -void fp_mul_comba48(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba48(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL64 -void fp_mul_comba64(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba64(fp_int *a, fp_int *b, fp_int *c); #endif -void fp_sqr_comba(fp_int *A, fp_int *B); +void fp_sqr_comba(fp_int *a, fp_int *b); #ifdef TFM_SMALL_SET -void fp_sqr_comba_small(fp_int *A, fp_int *B); +void fp_sqr_comba_small(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR3 -void fp_sqr_comba3(fp_int *A, fp_int *B); +void fp_sqr_comba3(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR4 -void fp_sqr_comba4(fp_int *A, fp_int *B); +void fp_sqr_comba4(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR6 -void fp_sqr_comba6(fp_int *A, fp_int *B); +void fp_sqr_comba6(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR7 -void fp_sqr_comba7(fp_int *A, fp_int *B); +void fp_sqr_comba7(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR8 -void fp_sqr_comba8(fp_int *A, fp_int *B); +void fp_sqr_comba8(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR9 -void fp_sqr_comba9(fp_int *A, fp_int *B); +void fp_sqr_comba9(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR12 -void fp_sqr_comba12(fp_int *A, fp_int *B); +void fp_sqr_comba12(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR17 -void fp_sqr_comba17(fp_int *A, fp_int *B); +void fp_sqr_comba17(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR20 -void fp_sqr_comba20(fp_int *A, fp_int *B); +void fp_sqr_comba20(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR24 -void fp_sqr_comba24(fp_int *A, fp_int *B); +void fp_sqr_comba24(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR28 -void fp_sqr_comba28(fp_int *A, fp_int *B); +void fp_sqr_comba28(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR32 -void fp_sqr_comba32(fp_int *A, fp_int *B); +void fp_sqr_comba32(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR48 -void fp_sqr_comba48(fp_int *A, fp_int *B); +void fp_sqr_comba48(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR64 -void fp_sqr_comba64(fp_int *A, fp_int *B); +void fp_sqr_comba64(fp_int *a, fp_int *b); #endif /*extern const char *fp_s_rmap;*/ @@ -642,7 +642,7 @@ int mp_mul (mp_int * a, mp_int * b, mp_int * c); int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d); int mp_mod(mp_int *a, mp_int *b, mp_int *c); int mp_invmod(mp_int *a, mp_int *b, mp_int *c); -int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y); +int mp_exptmod (mp_int * g, mp_int * x, mp_int * p, mp_int * y); int mp_cmp(mp_int *a, mp_int *b); int mp_cmp_d(mp_int *a, mp_digit b); From 9f4ea7d05989e6bf62511311e8489f86e81e1a76 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Thu, 2 Jan 2014 13:13:18 -0700 Subject: [PATCH 065/135] update TYTO settings, FREESCALE_MMCAU AES check for NULL --- ctaocrypt/src/aes.c | 3 +++ cyassl/ctaocrypt/settings.h | 16 ++++++++++++++++ 2 files changed, 19 insertions(+) diff --git a/ctaocrypt/src/aes.c b/ctaocrypt/src/aes.c index 6cb0dcd94..1aea29f8c 100644 --- a/ctaocrypt/src/aes.c +++ b/ctaocrypt/src/aes.c @@ -569,6 +569,9 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv, if (!((keylen == 16) || (keylen == 24) || (keylen == 32))) return BAD_FUNC_ARG; + if (rk == NULL) + return BAD_FUNC_ARG; + aes->rounds = keylen/4 + 6; cau_aes_set_key(userKey, keylen*8, rk); diff --git a/cyassl/ctaocrypt/settings.h b/cyassl/ctaocrypt/settings.h index 6f5a3d70a..0ca3f350e 100644 --- a/cyassl/ctaocrypt/settings.h +++ b/cyassl/ctaocrypt/settings.h @@ -152,10 +152,26 @@ #endif /* MBED */ #ifdef CYASSL_TYTO + #include "rand.h" #define FREERTOS #define NO_FILESYSTEM #define CYASSL_USER_IO #define NO_DEV_RANDOM + #define HAVE_ECC + #define HAVE_ECC_ENCRYPT + #define ECC_SHAMIR + #define HAVE_HKDF + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define FP_MAX_BITS 512 + #define NO_OLD_TLS + #define NO_MD4 + #define NO_RABBIT + #define NO_HC128 + #define NO_RSA + #define NO_DSA + #define NO_PWDBASED + #define NO_PSK #endif #ifdef FREERTOS_WINSIM From 99ac08cf3d40b1ba8491125acd4c936fcbae03c4 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Thu, 2 Jan 2014 13:37:11 -0700 Subject: [PATCH 066/135] lower case mp_sqr() parameters, missed in previous commit --- cyassl/ctaocrypt/tfm.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cyassl/ctaocrypt/tfm.h b/cyassl/ctaocrypt/tfm.h index d6653a606..e1b16e2d3 100644 --- a/cyassl/ctaocrypt/tfm.h +++ b/cyassl/ctaocrypt/tfm.h @@ -663,7 +663,7 @@ void mp_rshb(mp_int *a, int x); #ifdef HAVE_ECC int mp_read_radix(mp_int* a, const char* str, int radix); int mp_set(fp_int *a, fp_digit b); - int mp_sqr(fp_int *A, fp_int *B); + int mp_sqr(fp_int *a, fp_int *b); int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp); int mp_montgomery_setup(fp_int *a, fp_digit *rho); int mp_div_2(fp_int * a, fp_int * b); From 9d0e991e415f2187fb1cc9e34c09863ae62dd341 Mon Sep 17 00:00:00 2001 From: toddouska Date: Thu, 2 Jan 2014 16:58:54 -0800 Subject: [PATCH 067/135] fix 32bit no asm combos --- ctaocrypt/src/asm.c | 12 +++++++----- ctaocrypt/src/fp_sqr_comba_12.i | 4 +++- ctaocrypt/src/fp_sqr_comba_17.i | 3 +++ ctaocrypt/src/fp_sqr_comba_3.i | 3 +++ ctaocrypt/src/fp_sqr_comba_4.i | 3 +++ ctaocrypt/src/fp_sqr_comba_6.i | 3 +++ ctaocrypt/src/fp_sqr_comba_7.i | 3 +++ ctaocrypt/src/fp_sqr_comba_8.i | 3 +++ ctaocrypt/src/fp_sqr_comba_9.i | 3 +++ 9 files changed, 31 insertions(+), 6 deletions(-) diff --git a/ctaocrypt/src/asm.c b/ctaocrypt/src/asm.c index e19410e8a..941478a42 100644 --- a/ctaocrypt/src/asm.c +++ b/ctaocrypt/src/asm.c @@ -1004,15 +1004,17 @@ __asm__( \ #define SQRADDAC(i, j) \ do { fp_word t; \ - t = sc0 + ((fp_word)i) * ((fp_word)j); sc0 = t; \ - t = sc1 + (t >> DIGIT_BIT); sc1 = t; sc2 += t >> DIGIT_BIT; \ + t = sc0 + ((fp_word)i) * ((fp_word)j); sc0 = (fp_digit)t; \ + t = sc1 + (t >> DIGIT_BIT); sc1 = (fp_digit)t; \ + sc2 += (fp_digit)(t >> DIGIT_BIT); \ } while (0); #define SQRADDDB \ do { fp_word t; \ - t = ((fp_word)sc0) + ((fp_word)sc0) + c0; c0 = t; \ - t = ((fp_word)sc1) + ((fp_word)sc1) + c1 + (t >> DIGIT_BIT); c1 = t; \ - c2 = c2 + ((fp_word)sc2) + ((fp_word)sc2) + (t >> DIGIT_BIT); \ + t = ((fp_word)sc0) + ((fp_word)sc0) + c0; c0 = (fp_digit)t; \ + t = ((fp_word)sc1) + ((fp_word)sc1) + c1 + (t >> DIGIT_BIT); \ + c1 = (fp_digit)t; \ + c2 = c2 + (fp_digit)(((fp_word)sc2) + ((fp_word)sc2) + (t >> DIGIT_BIT)); \ } while (0); #endif diff --git a/ctaocrypt/src/fp_sqr_comba_12.i b/ctaocrypt/src/fp_sqr_comba_12.i index 7ecb7c9e1..2f068c7d9 100644 --- a/ctaocrypt/src/fp_sqr_comba_12.i +++ b/ctaocrypt/src/fp_sqr_comba_12.i @@ -24,7 +24,9 @@ void fp_sqr_comba12(fp_int *A, fp_int *B) { fp_digit *a, b[24], c0, c1, c2, sc0, sc1, sc2; - +#ifdef TFM_ISO + fp_word tt; +#endif a = A->dp; COMBA_START; diff --git a/ctaocrypt/src/fp_sqr_comba_17.i b/ctaocrypt/src/fp_sqr_comba_17.i index fcd4daa5e..db34b1a78 100644 --- a/ctaocrypt/src/fp_sqr_comba_17.i +++ b/ctaocrypt/src/fp_sqr_comba_17.i @@ -24,6 +24,9 @@ void fp_sqr_comba17(fp_int *A, fp_int *B) { fp_digit *a, b[34], c0, c1, c2, sc0, sc1, sc2; +#ifdef TFM_ISO + fp_word tt; +#endif a = A->dp; COMBA_START; diff --git a/ctaocrypt/src/fp_sqr_comba_3.i b/ctaocrypt/src/fp_sqr_comba_3.i index 6cf7faf1a..fea21d183 100644 --- a/ctaocrypt/src/fp_sqr_comba_3.i +++ b/ctaocrypt/src/fp_sqr_comba_3.i @@ -24,6 +24,9 @@ void fp_sqr_comba3(fp_int *A, fp_int *B) { fp_digit *a, b[6], c0, c1, c2; +#ifdef TFM_ISO + fp_word tt; +#endif a = A->dp; COMBA_START; diff --git a/ctaocrypt/src/fp_sqr_comba_4.i b/ctaocrypt/src/fp_sqr_comba_4.i index 71c3c87af..7b7eefa6f 100644 --- a/ctaocrypt/src/fp_sqr_comba_4.i +++ b/ctaocrypt/src/fp_sqr_comba_4.i @@ -24,6 +24,9 @@ void fp_sqr_comba4(fp_int *A, fp_int *B) { fp_digit *a, b[8], c0, c1, c2; +#ifdef TFM_ISO + fp_word tt; +#endif a = A->dp; COMBA_START; diff --git a/ctaocrypt/src/fp_sqr_comba_6.i b/ctaocrypt/src/fp_sqr_comba_6.i index 189f339a4..dc7028138 100644 --- a/ctaocrypt/src/fp_sqr_comba_6.i +++ b/ctaocrypt/src/fp_sqr_comba_6.i @@ -24,6 +24,9 @@ void fp_sqr_comba6(fp_int *A, fp_int *B) { fp_digit *a, b[12], c0, c1, c2, sc0, sc1, sc2; +#ifdef TFM_ISO + fp_word tt; +#endif a = A->dp; COMBA_START; diff --git a/ctaocrypt/src/fp_sqr_comba_7.i b/ctaocrypt/src/fp_sqr_comba_7.i index 1a0cd2c19..7ba664e2f 100644 --- a/ctaocrypt/src/fp_sqr_comba_7.i +++ b/ctaocrypt/src/fp_sqr_comba_7.i @@ -24,6 +24,9 @@ void fp_sqr_comba7(fp_int *A, fp_int *B) { fp_digit *a, b[14], c0, c1, c2, sc0, sc1, sc2; +#ifdef TFM_ISO + fp_word tt; +#endif a = A->dp; COMBA_START; diff --git a/ctaocrypt/src/fp_sqr_comba_8.i b/ctaocrypt/src/fp_sqr_comba_8.i index b71feae3b..24efa52cb 100644 --- a/ctaocrypt/src/fp_sqr_comba_8.i +++ b/ctaocrypt/src/fp_sqr_comba_8.i @@ -24,6 +24,9 @@ void fp_sqr_comba8(fp_int *A, fp_int *B) { fp_digit *a, b[16], c0, c1, c2, sc0, sc1, sc2; +#ifdef TFM_ISO + fp_word tt; +#endif a = A->dp; COMBA_START; diff --git a/ctaocrypt/src/fp_sqr_comba_9.i b/ctaocrypt/src/fp_sqr_comba_9.i index 1db06de22..e9cc21665 100644 --- a/ctaocrypt/src/fp_sqr_comba_9.i +++ b/ctaocrypt/src/fp_sqr_comba_9.i @@ -24,6 +24,9 @@ void fp_sqr_comba9(fp_int *A, fp_int *B) { fp_digit *a, b[18], c0, c1, c2, sc0, sc1, sc2; +#ifdef TFM_ISO + fp_word tt; +#endif a = A->dp; COMBA_START; From d6ad10f0276edac1533f77fcc5e518d6da100b20 Mon Sep 17 00:00:00 2001 From: toddouska Date: Fri, 3 Jan 2014 12:32:14 -0800 Subject: [PATCH 068/135] add USE_SLOW_SHA2 for sha384 and sha512, over twice as small code but over 50% slower too --- ctaocrypt/src/sha512.c | 26 ++++++++++++++++++++++++-- 1 file changed, 24 insertions(+), 2 deletions(-) diff --git a/ctaocrypt/src/sha512.c b/ctaocrypt/src/sha512.c index b8d57085f..2766f0a0a 100644 --- a/ctaocrypt/src/sha512.c +++ b/ctaocrypt/src/sha512.c @@ -146,13 +146,24 @@ static void Transform(Sha512* sha512) /* Copy digest to working vars */ XMEMCPY(T, sha512->digest, sizeof(T)); - /* 64 operations, partially loop unrolled */ +#ifdef USE_SLOW_SHA2 + /* over twice as small, but 50% slower */ + /* 80 operations, not unrolled */ + for (j = 0; j < 80; j += 16) { + int m; + for (m = 0; m < 16; m++) { /* braces needed here for macros {} */ + R(m); + } + } +#else + /* 80 operations, partially loop unrolled */ for (j = 0; j < 80; j += 16) { R( 0); R( 1); R( 2); R( 3); R( 4); R( 5); R( 6); R( 7); R( 8); R( 9); R(10); R(11); R(12); R(13); R(14); R(15); } +#endif /* USE_SLOW_SHA2 */ /* Add the working vars back into digest */ @@ -280,13 +291,24 @@ static void Transform384(Sha384* sha384) /* Copy digest to working vars */ XMEMCPY(T, sha384->digest, sizeof(T)); - /* 64 operations, partially loop unrolled */ +#ifdef USE_SLOW_SHA2 + /* over twice as small, but 50% slower */ + /* 80 operations, not unrolled */ + for (j = 0; j < 80; j += 16) { + int m; + for (m = 0; m < 16; m++) { /* braces needed for macros {} */ + R2(m); + } + } +#else + /* 80 operations, partially loop unrolled */ for (j = 0; j < 80; j += 16) { R2( 0); R2( 1); R2( 2); R2( 3); R2( 4); R2( 5); R2( 6); R2( 7); R2( 8); R2( 9); R2(10); R2(11); R2(12); R2(13); R2(14); R2(15); } +#endif /* USE_SLOW_SHA2 */ /* Add the working vars back into digest */ From 4de6a6d902cd13fd4bf7610c33de400c35464961 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 7 Jan 2014 17:25:46 -0800 Subject: [PATCH 069/135] Cert Request 1. Added function to make simple DER format cert reqs. 2. Added cert req type to DerToPem. --- ctaocrypt/src/asn.c | 101 +++++++++++++++++++++++++++++++++- cyassl/ctaocrypt/asn_public.h | 7 ++- 2 files changed, 106 insertions(+), 2 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index fa3080a34..14210b593 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -3583,6 +3583,14 @@ int DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz, XSTRNCPY(footer, "-----END EC PRIVATE KEY-----\n", sizeof(footer)); } #endif + #ifdef CYASSL_CERT_REQ + else if (type == CERTREQ_TYPE) + { + XSTRNCPY(header, + "-----BEGIN CERTIFICATE REQUEST-----\n", sizeof(header)); + XSTRNCPY(footer, "-----END CERTIFICATE REQUEST-----\n", sizeof(footer)); + } + #endif else return BAD_FUNC_ARG; @@ -4311,7 +4319,7 @@ static int SetName(byte* output, CertName* name) return totalBytes; } -/* encode info from cert into DER enocder format */ +/* encode info from cert into DER encoded format */ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey, RNG* rng, const byte* ntruKey, word16 ntruSz) { @@ -4605,6 +4613,97 @@ int MakeNtruCert(Cert* cert, byte* derBuffer, word32 derSz, #endif /* HAVE_NTRU */ +#ifdef CYASSL_CERT_REQ + +/* encode info from cert into DER encoded format */ +static int EncodeCertReq(Cert* cert, DerCert* der, + RsaKey* rsaKey, ecc_key* eccKey) +{ + (void)eccKey; + + /* init */ + XMEMSET(der, 0, sizeof(DerCert)); + + /* version */ + der->versionSz = SetMyVersion(0, der->version, FALSE); + + /* subject name */ + der->subjectSz = SetName(der->subject, &cert->subject); + if (der->subjectSz == 0) + return SUBJECT_E; + + /* public key */ + if (cert->keyType == RSA_KEY) { + if (rsaKey == NULL) + return PUBLIC_KEY_E; + der->publicKeySz = SetRsaPublicKey(der->publicKey, rsaKey); + if (der->publicKeySz <= 0) + return PUBLIC_KEY_E; + } + +#ifdef HAVE_ECC + if (cert->keyType == ECC_KEY) { + if (eccKey == NULL) + return PUBLIC_KEY_E; + der->publicKeySz = SetEccPublicKey(der->publicKey, eccKey); + if (der->publicKeySz <= 0) + return PUBLIC_KEY_E; + } +#endif /* HAVE_ECC */ + + der->total = der->versionSz + der->subjectSz + der->publicKeySz + 2; + // The 2 is for the empty "attributes". Use der->attributesSz + // when that exists, eventually. + + return 0; +} + + +/* write DER encoded cert req to buffer, size already checked */ +static int WriteCertReqBody(DerCert* der, byte* buffer) +{ + int idx; + const byte att[2] = {0xa0, 0x00}; + + /* signed part header */ + idx = SetSequence(der->total, buffer); + /* version */ + XMEMCPY(buffer + idx, der->version, der->versionSz); + idx += der->versionSz; + /* subject */ + XMEMCPY(buffer + idx, der->subject, der->subjectSz); + idx += der->subjectSz; + /* public key */ + XMEMCPY(buffer + idx, der->publicKey, der->publicKeySz); + idx += der->publicKeySz; + /* attributes, empty set */ + XMEMCPY(buffer + idx, att, sizeof(att)); + idx += sizeof(att); + + return idx; +} + + +int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, + RsaKey* rsaKey, ecc_key* eccKey) +{ + DerCert der; + int ret; + + cert->keyType = (eccKey != NULL) ? ECC_KEY : RSA_KEY; + ret = EncodeCertReq(cert, &der, rsaKey, eccKey); + if (ret != 0) + return ret; + + if (der.total + MAX_SEQ_SZ * 2 > (int)derSz) + return BUFFER_E; + + return cert->bodySz = WriteCertReqBody(&der, derBuffer); +} + +#endif /* CYASSL_CERT_REQ */ + + int SignCert(int requestSz, int sType, byte* buffer, word32 buffSz, RsaKey* rsaKey, ecc_key* eccKey, RNG* rng) { diff --git a/cyassl/ctaocrypt/asn_public.h b/cyassl/ctaocrypt/asn_public.h index 17fafc3fa..4cf3e30bb 100644 --- a/cyassl/ctaocrypt/asn_public.h +++ b/cyassl/ctaocrypt/asn_public.h @@ -42,7 +42,8 @@ enum CertType { DH_PARAM_TYPE, CRL_TYPE, CA_TYPE, - ECC_PRIVATEKEY_TYPE + ECC_PRIVATEKEY_TYPE, + CERTREQ_TYPE }; @@ -127,6 +128,10 @@ typedef struct Cert { CYASSL_API void InitCert(Cert*); CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, ecc_key*, RNG*); +#ifdef CYASSL_CERT_REQ + CYASSL_API int MakeCertReq(Cert*, byte* derBuffer, word32 derSz, RsaKey*, + ecc_key*); +#endif CYASSL_API int SignCert(int requestSz, int sigType, byte* derBuffer, word32 derSz, RsaKey*, ecc_key*, RNG*); CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, From f0a7d94c482dbf7b6f4a372b5897cb9446a56b3b Mon Sep 17 00:00:00 2001 From: John Safranek Date: Wed, 8 Jan 2014 10:57:46 -0800 Subject: [PATCH 070/135] Cert Request 1. Added setting the request's version. 2. Added certreq test code to the ctaocrypt test. 3. Added the certreq test outputs to gitignore. --- .gitignore | 2 ++ ctaocrypt/src/asn.c | 2 +- ctaocrypt/test/test.c | 74 +++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 77 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 9ef608923..ebfc8c475 100644 --- a/.gitignore +++ b/.gitignore @@ -52,6 +52,8 @@ othercert.der othercert.pem key.der key.pem +certreq.der +certreq.pem diff sslSniffer/sslSnifferTest/tracefile.txt *.gz diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index 14210b593..2b12844d6 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -4625,7 +4625,7 @@ static int EncodeCertReq(Cert* cert, DerCert* der, XMEMSET(der, 0, sizeof(DerCert)); /* version */ - der->versionSz = SetMyVersion(0, der->version, FALSE); + der->versionSz = SetMyVersion(cert->version, der->version, FALSE); /* subject name */ der->subjectSz = SetName(der->subject, &cert->subject); diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index b213ddd39..b8c7261b4 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -3043,6 +3043,80 @@ int rsa_test(void) FreeRsaKey(&caKey); } #endif /* HAVE_NTRU */ +#ifdef CYASSL_CERT_REQ + { + RsaKey caKey; + Cert myCert; + byte* derCert; + byte* pem; + FILE* ioFile; + int certSz; + int pemSz; + word32 idx3 = 0; + + derCert = (byte*)malloc(FOURK_BUF); + if (derCert == NULL) + return -463; + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) + return -464; + + ioFile = fopen(caKeyFile, "rb"); + + if (!ioFile) + return -465; + + pemSz = (int)fread(pem, 1, FOURK_BUF, ioFile); + fclose(ioFile); + + InitRsaKey(&caKey, 0); + ret = RsaPrivateKeyDecode(pem, &idx3, &caKey, (word32)pemSz); + if (ret != 0) + return -466; + + InitCert(&myCert); + + myCert.version = 0; + strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); + strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); + strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); + strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE); + strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); + strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); + strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE); + myCert.sigType = CTC_SHA256wRSA; + + certSz = MakeCertReq(&myCert, derCert, FOURK_BUF, &key, NULL); + if (certSz < 0) + return -467; + + certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, + &caKey, NULL, &rng); + if (certSz < 0) + return -468; + + ioFile = fopen("./certreq.der", "wb"); + if (!ioFile) + return -469; + + ret = (int)fwrite(derCert, certSz, 1, ioFile); + fclose(ioFile); + + pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERTREQ_TYPE); + if (pemSz < 0) + return -470; + + ioFile = fopen("./certreq.pem", "wb"); + if (!ioFile) + return -471; + ret = (int)fwrite(pem, pemSz, 1, ioFile); + fclose(ioFile); + + free(pem); + free(derCert); + FreeRsaKey(&caKey); + } +#endif /* CYASSL_CERT_REQ */ #endif /* CYASSL_CERT_GEN */ FreeRsaKey(&key); From 7b4cf370d0eb67fb9953b6b23df549a076f5bc5c Mon Sep 17 00:00:00 2001 From: John Safranek Date: Wed, 8 Jan 2014 11:47:59 -0800 Subject: [PATCH 071/135] In test: Cert req now signed by correct key. Removed loading of CA key. --- ctaocrypt/test/test.c | 84 ++++++++++++++++++------------------------- 1 file changed, 34 insertions(+), 50 deletions(-) diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index b8c7261b4..b76d0385c 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -3045,76 +3045,60 @@ int rsa_test(void) #endif /* HAVE_NTRU */ #ifdef CYASSL_CERT_REQ { - RsaKey caKey; - Cert myCert; - byte* derCert; + Cert req; + byte* der; byte* pem; - FILE* ioFile; - int certSz; + int derSz; int pemSz; - word32 idx3 = 0; + FILE* reqFile; - derCert = (byte*)malloc(FOURK_BUF); - if (derCert == NULL) + der = (byte*)malloc(FOURK_BUF); + if (der == NULL) return -463; pem = (byte*)malloc(FOURK_BUF); if (pem == NULL) return -464; - ioFile = fopen(caKeyFile, "rb"); + InitCert(&req); - if (!ioFile) + req.version = 0; + strncpy(req.subject.country, "US", CTC_NAME_SIZE); + strncpy(req.subject.state, "OR", CTC_NAME_SIZE); + strncpy(req.subject.locality, "Portland", CTC_NAME_SIZE); + strncpy(req.subject.org, "yaSSL", CTC_NAME_SIZE); + strncpy(req.subject.unit, "Development", CTC_NAME_SIZE); + strncpy(req.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); + strncpy(req.subject.email, "info@yassl.com", CTC_NAME_SIZE); + req.sigType = CTC_SHA256wRSA; + + derSz = MakeCertReq(&req, der, FOURK_BUF, &key, NULL); + if (derSz < 0) return -465; - pemSz = (int)fread(pem, 1, FOURK_BUF, ioFile); - fclose(ioFile); - - InitRsaKey(&caKey, 0); - ret = RsaPrivateKeyDecode(pem, &idx3, &caKey, (word32)pemSz); - if (ret != 0) + derSz = SignCert(req.bodySz, req.sigType, der, FOURK_BUF, + &key, NULL, &rng); + if (derSz < 0) return -466; - InitCert(&myCert); - - myCert.version = 0; - strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); - strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); - strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); - strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE); - strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); - strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); - strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE); - myCert.sigType = CTC_SHA256wRSA; - - certSz = MakeCertReq(&myCert, derCert, FOURK_BUF, &key, NULL); - if (certSz < 0) + pemSz = DerToPem(der, derSz, pem, FOURK_BUF, CERTREQ_TYPE); + if (pemSz < 0) return -467; - certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, - &caKey, NULL, &rng); - if (certSz < 0) + reqFile = fopen("./certreq.der", "wb"); + if (!reqFile) return -468; - ioFile = fopen("./certreq.der", "wb"); - if (!ioFile) + ret = (int)fwrite(der, derSz, 1, reqFile); + fclose(reqFile); + + reqFile = fopen("./certreq.pem", "wb"); + if (!reqFile) return -469; - - ret = (int)fwrite(derCert, certSz, 1, ioFile); - fclose(ioFile); - - pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERTREQ_TYPE); - if (pemSz < 0) - return -470; - - ioFile = fopen("./certreq.pem", "wb"); - if (!ioFile) - return -471; - ret = (int)fwrite(pem, pemSz, 1, ioFile); - fclose(ioFile); + ret = (int)fwrite(pem, pemSz, 1, reqFile); + fclose(reqFile); free(pem); - free(derCert); - FreeRsaKey(&caKey); + free(der); } #endif /* CYASSL_CERT_REQ */ #endif /* CYASSL_CERT_GEN */ From f545a33e77da42f28d8ff6a72a5d886518140cf1 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Wed, 8 Jan 2014 16:26:42 -0800 Subject: [PATCH 072/135] Cert Req 1. Added support for the cert req attributes. 2. Added setting the Basic Constraints extenstion request. 3. Added error checking for the cert req attribs. --- ctaocrypt/src/asn.c | 103 +++++++++++++++++++++++++++++++++------ ctaocrypt/src/error.c | 4 ++ ctaocrypt/test/test.c | 1 + cyassl/ctaocrypt/asn.h | 3 ++ cyassl/ctaocrypt/error.h | 2 + 5 files changed, 98 insertions(+), 15 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index 2b12844d6..a0f1516ff 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -3817,6 +3817,9 @@ typedef struct DerCert { byte publicKey[MAX_PUBLIC_KEY_SZ]; /* rsa / ntru public key encoded */ byte ca[MAX_CA_SZ]; /* basic constraint CA true size */ byte extensions[MAX_EXTENSIONS_SZ]; /* all extensions */ +#ifdef CYASSL_CERT_REQ + byte attrib[MAX_ATTRIB_SZ]; /* Cert req attributes encoded */ +#endif int sizeSz; /* encoded size length */ int versionSz; /* encoded version length */ int serialSz; /* encoded serial length */ @@ -3828,6 +3831,9 @@ typedef struct DerCert { int caSz; /* encoded CA extension length */ int extensionsSz; /* encoded extensions total length */ int total; /* total encoded lengths */ +#ifdef CYASSL_CERT_REQ + int attribSz; +#endif } DerCert; @@ -4173,19 +4179,21 @@ static byte GetNameId(int idx) /* encode all extensions, return total bytes written */ -static int SetExtensions(byte* output, const byte* ext, int extSz) +static int SetExtensions(byte* output, const byte* ext, int extSz, int header) { byte sequence[MAX_SEQ_SZ]; byte len[MAX_LENGTH_SZ]; int sz = 0; int seqSz = SetSequence(extSz, sequence); - int lenSz = SetLength(seqSz + extSz, len); - output[0] = ASN_EXTENSIONS; /* extensions id */ - sz++; - XMEMCPY(&output[sz], len, lenSz); /* length */ - sz += lenSz; + if (header) { + int lenSz = SetLength(seqSz + extSz, len); + output[0] = ASN_EXTENSIONS; /* extensions id */ + sz++; + XMEMCPY(&output[sz], len, lenSz); /* length */ + sz += lenSz; + } XMEMCPY(&output[sz], sequence, seqSz); /* sequence */ sz += seqSz; XMEMCPY(&output[sz], ext, extSz); /* extensions */ @@ -4422,7 +4430,8 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey, /* extensions, just CA now */ if (cert->isCA) { - der->extensionsSz = SetExtensions(der->extensions, der->ca, der->caSz); + der->extensionsSz = SetExtensions(der->extensions, + der->ca, der->caSz, TRUE); if (der->extensionsSz == 0) return EXTENSIONS_E; } @@ -4432,7 +4441,7 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey, #ifdef CYASSL_ALT_NAMES if (der->extensionsSz == 0 && cert->altNamesSz) { der->extensionsSz = SetExtensions(der->extensions, cert->altNames, - cert->altNamesSz); + cert->altNamesSz, TRUE); if (der->extensionsSz == 0) return EXTENSIONS_E; } @@ -4615,6 +4624,43 @@ int MakeNtruCert(Cert* cert, byte* derBuffer, word32 derSz, #ifdef CYASSL_CERT_REQ +static int SetReqAttrib(byte* output, int extSz) +{ + int sz = 0; + + output[0] = 0xa0; + sz++; + + if (extSz) { + byte extSet[MAX_SET_SZ]; + byte extSeq[MAX_SEQ_SZ]; + int extSetSz; + int extSeqSz; + static const byte extReqOid[] = { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, + 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x0e }; + + extSetSz = SetSet(extSz, extSet); + extSeqSz = SetSequence(extSetSz + sizeof(extReqOid) + extSz, extSeq); + + sz += SetLength(extSeqSz + extSeqSz + sizeof(extReqOid) + extSz, + &output[sz]); + XMEMCPY(&output[sz], extSeq, extSeqSz); + sz += extSeqSz; + XMEMCPY(&output[sz], extReqOid, sizeof(extReqOid)); + sz += sizeof(extReqOid); + XMEMCPY(&output[sz], extSet, extSetSz); + sz += extSetSz; + /* The actual extension data will be tacked onto the output later. */ + } + else { + output[sz] = 0x00; + sz++; + } + + return sz; +} + + /* encode info from cert into DER encoded format */ static int EncodeCertReq(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey) @@ -4651,9 +4697,31 @@ static int EncodeCertReq(Cert* cert, DerCert* der, } #endif /* HAVE_ECC */ - der->total = der->versionSz + der->subjectSz + der->publicKeySz + 2; - // The 2 is for the empty "attributes". Use der->attributesSz - // when that exists, eventually. + /* CA */ + if (cert->isCA) { + der->caSz = SetCa(der->ca); + if (der->caSz == 0) + return CA_TRUE_E; + } + else + der->caSz = 0; + + /* extensions, just CA now */ + if (cert->isCA) { + der->extensionsSz = SetExtensions(der->extensions, + der->ca, der->caSz, FALSE); + if (der->extensionsSz == 0) + return EXTENSIONS_E; + } + else + der->extensionsSz = 0; + + der->attribSz = SetReqAttrib(der->attrib, der->extensionsSz); + if (der->attribSz == 0) + return REQ_ATTRIBUTE_E; + + der->total = der->versionSz + der->subjectSz + der->publicKeySz + + der->extensionsSz + der->attribSz; return 0; } @@ -4663,7 +4731,6 @@ static int EncodeCertReq(Cert* cert, DerCert* der, static int WriteCertReqBody(DerCert* der, byte* buffer) { int idx; - const byte att[2] = {0xa0, 0x00}; /* signed part header */ idx = SetSequence(der->total, buffer); @@ -4676,9 +4743,15 @@ static int WriteCertReqBody(DerCert* der, byte* buffer) /* public key */ XMEMCPY(buffer + idx, der->publicKey, der->publicKeySz); idx += der->publicKeySz; - /* attributes, empty set */ - XMEMCPY(buffer + idx, att, sizeof(att)); - idx += sizeof(att); + /* attributes */ + XMEMCPY(buffer + idx, der->attrib, der->attribSz); + idx += der->attribSz; + /* extensions */ + if (der->extensionsSz) { + XMEMCPY(buffer + idx, der->extensions, min(der->extensionsSz, + sizeof(der->extensions))); + idx += der->extensionsSz; + } return idx; } diff --git a/ctaocrypt/src/error.c b/ctaocrypt/src/error.c index 07bba8358..449a9b583 100644 --- a/ctaocrypt/src/error.c +++ b/ctaocrypt/src/error.c @@ -331,6 +331,10 @@ void CTaoCryptErrorString(int error, char* buffer) XSTRNCPY(buffer, "Bad padding, message wrong length", max); break; + case REQ_ATTRIBUTE_E: + XSTRNCPY(buffer, "Setting cert request attributes error", max); + break; + default: XSTRNCPY(buffer, "unknown error number", max); diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index b76d0385c..4269c2c76 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -3062,6 +3062,7 @@ int rsa_test(void) InitCert(&req); req.version = 0; + req.isCA = 1; strncpy(req.subject.country, "US", CTC_NAME_SIZE); strncpy(req.subject.state, "OR", CTC_NAME_SIZE); strncpy(req.subject.locality, "Portland", CTC_NAME_SIZE); diff --git a/cyassl/ctaocrypt/asn.h b/cyassl/ctaocrypt/asn.h index 4fa7e2b63..8454a40fb 100644 --- a/cyassl/ctaocrypt/asn.h +++ b/cyassl/ctaocrypt/asn.h @@ -135,6 +135,9 @@ enum Misc_ASN { MAX_CA_SZ = 32, /* Max encoded CA basic constraint length */ MAX_SN_SZ = 35, /* Max encoded serial number (INT) length */ #ifdef CYASSL_CERT_GEN + #ifdef CYASSL_CERT_REQ + MAX_ATTRIB_SZ = 24, /* Max encoded cert req attributes length */ + #endif #ifdef CYASSL_ALT_NAMES MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + CTC_MAX_ALT_SIZE, #else diff --git a/cyassl/ctaocrypt/error.h b/cyassl/ctaocrypt/error.h index 2d6cbfae4..d99ac3d72 100644 --- a/cyassl/ctaocrypt/error.h +++ b/cyassl/ctaocrypt/error.h @@ -117,6 +117,8 @@ enum { BAD_ENC_STATE_E = -192, /* Bad ecc enc state operation */ BAD_PADDING_E = -193, /* Bad padding, msg not correct length */ + REQ_ATTRIBUTE_E = -194, /* setting cert request attributes error */ + MIN_CODE_E = -200 /* errors -101 - -199 */ }; From f9e73a8aeb328681a80909ded9ca5444702de86f Mon Sep 17 00:00:00 2001 From: John Safranek Date: Thu, 9 Jan 2014 14:17:55 -0800 Subject: [PATCH 073/135] Added setting the cert req challenge password. --- ctaocrypt/src/asn.c | 99 ++++++++++++++++++++++++++--------- ctaocrypt/test/test.c | 1 + cyassl/ctaocrypt/asn.h | 6 ++- cyassl/ctaocrypt/asn_public.h | 3 ++ 4 files changed, 82 insertions(+), 27 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index a0f1516ff..bc4cd815c 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -3845,6 +3845,18 @@ static word32 SetSet(word32 len, byte* output) } +#ifdef CYASSL_CERT_REQ + +/* Write a set header to output */ +static word32 SetUTF8String(word32 len, byte* output) +{ + output[0] = ASN_UTF8STRING; + return SetLength(len, output + 1) + 1; +} + +#endif /* CYASSL_CERT_REQ */ + + /* Write a serial number to output */ static int SetSerial(const byte* serial, byte* output) { @@ -4624,37 +4636,71 @@ int MakeNtruCert(Cert* cert, byte* derBuffer, word32 derSz, #ifdef CYASSL_CERT_REQ -static int SetReqAttrib(byte* output, int extSz) +static int SetReqAttrib(byte* output, char* pw, int extSz) { - int sz = 0; + static const byte cpOid[] = + { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, + 0x09, 0x07 }; + static const byte erOid[] = + { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, + 0x09, 0x0e }; + + int sz = 0; /* overall size */ + int cpSz = 0; /* Challenge Password section size */ + int cpSeqSz = 0; + int cpSetSz = 0; + int cpStrSz = 0; + int pwSz = 0; + int erSz = 0; /* Extension Request section size */ + int erSeqSz = 0; + int erSetSz = 0; + byte cpSeq[MAX_SEQ_SZ]; + byte cpSet[MAX_SET_SZ]; + byte cpStr[MAX_PRSTR_SZ]; + byte erSeq[MAX_SEQ_SZ]; + byte erSet[MAX_SET_SZ]; output[0] = 0xa0; sz++; - if (extSz) { - byte extSet[MAX_SET_SZ]; - byte extSeq[MAX_SEQ_SZ]; - int extSetSz; - int extSeqSz; - static const byte extReqOid[] = { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, - 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x0e }; - - extSetSz = SetSet(extSz, extSet); - extSeqSz = SetSequence(extSetSz + sizeof(extReqOid) + extSz, extSeq); - - sz += SetLength(extSeqSz + extSeqSz + sizeof(extReqOid) + extSz, - &output[sz]); - XMEMCPY(&output[sz], extSeq, extSeqSz); - sz += extSeqSz; - XMEMCPY(&output[sz], extReqOid, sizeof(extReqOid)); - sz += sizeof(extReqOid); - XMEMCPY(&output[sz], extSet, extSetSz); - sz += extSetSz; - /* The actual extension data will be tacked onto the output later. */ + if (pw && pw[0]) { + pwSz = (int)XSTRLEN(pw); + cpStrSz = SetUTF8String(pwSz, cpStr); + cpSetSz = SetSet(cpStrSz + pwSz, cpSet); + cpSeqSz = SetSequence(sizeof(cpOid) + cpSetSz + cpStrSz + pwSz, cpSeq); + cpSz = cpSeqSz + sizeof(cpOid) + cpSetSz + cpStrSz + pwSz; } - else { - output[sz] = 0x00; - sz++; + + if (extSz) { + erSetSz = SetSet(extSz, erSet); + erSeqSz = SetSequence(erSetSz + sizeof(erOid) + extSz, erSeq); + erSz = extSz + erSetSz + erSeqSz + sizeof(erOid); + } + + /* Put the pieces together. */ + sz += SetLength(cpSz + erSz, &output[sz]); + + if (cpSz) { + XMEMCPY(&output[sz], cpSeq, cpSeqSz); + sz += cpSeqSz; + XMEMCPY(&output[sz], cpOid, sizeof(cpOid)); + sz += sizeof(cpOid); + XMEMCPY(&output[sz], cpSet, cpSetSz); + sz += cpSetSz; + XMEMCPY(&output[sz], cpStr, cpStrSz); + sz += cpStrSz; + XMEMCPY(&output[sz], pw, pwSz); + sz += pwSz; + } + + if (erSz) { + XMEMCPY(&output[sz], erSeq, erSeqSz); + sz += erSeqSz; + XMEMCPY(&output[sz], erOid, sizeof(erOid)); + sz += sizeof(erOid); + XMEMCPY(&output[sz], erSet, erSetSz); + sz += erSetSz; + /* The actual extension data will be tacked onto the output later. */ } return sz; @@ -4716,7 +4762,8 @@ static int EncodeCertReq(Cert* cert, DerCert* der, else der->extensionsSz = 0; - der->attribSz = SetReqAttrib(der->attrib, der->extensionsSz); + der->attribSz = SetReqAttrib(der->attrib, + cert->challengePw, der->extensionsSz); if (der->attribSz == 0) return REQ_ATTRIBUTE_E; diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index 4269c2c76..3d0f52ae3 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -3063,6 +3063,7 @@ int rsa_test(void) req.version = 0; req.isCA = 1; + strncpy(req.challengePw, "yassl123", CTC_NAME_SIZE); strncpy(req.subject.country, "US", CTC_NAME_SIZE); strncpy(req.subject.state, "OR", CTC_NAME_SIZE); strncpy(req.subject.locality, "Portland", CTC_NAME_SIZE); diff --git a/cyassl/ctaocrypt/asn.h b/cyassl/ctaocrypt/asn.h index 8454a40fb..febef2432 100644 --- a/cyassl/ctaocrypt/asn.h +++ b/cyassl/ctaocrypt/asn.h @@ -59,6 +59,7 @@ enum ASN_Tags { ASN_TAG_NULL = 0x05, ASN_OBJECT_ID = 0x06, ASN_ENUMERATED = 0x0a, + ASN_UTF8STRING = 0x0c, ASN_SEQUENCE = 0x10, ASN_SET = 0x11, ASN_UTC_TIME = 0x17, @@ -125,6 +126,7 @@ enum Misc_ASN { MAX_ALGO_SZ = 20, MAX_SEQ_SZ = 5, /* enum(seq | con) + length(4) */ MAX_SET_SZ = 5, /* enum(set | con) + length(4) */ + MAX_PRSTR_SZ = 5, /* enum(prstr) + length(4) */ MAX_VERSION_SZ = 5, /* enum + id + version(byte) + (header(2))*/ MAX_ENCODED_DIG_SZ = 73, /* sha512 + enum(bit or octet) + legnth(4) */ MAX_RSA_INT_SZ = 517, /* RSA raw sz 4096 for bits + tag + len(4) */ @@ -136,7 +138,9 @@ enum Misc_ASN { MAX_SN_SZ = 35, /* Max encoded serial number (INT) length */ #ifdef CYASSL_CERT_GEN #ifdef CYASSL_CERT_REQ - MAX_ATTRIB_SZ = 24, /* Max encoded cert req attributes length */ + /* Max encoded cert req attributes length */ + MAX_ATTRIB_SZ = MAX_SEQ_SZ * 3 + (11 + MAX_SEQ_SZ) * 2 + + MAX_PRSTR_SZ + CTC_NAME_SIZE, /* 11 is the OID size */ #endif #ifdef CYASSL_ALT_NAMES MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + CTC_MAX_ALT_SIZE, diff --git a/cyassl/ctaocrypt/asn_public.h b/cyassl/ctaocrypt/asn_public.h index 4cf3e30bb..24c6a79e5 100644 --- a/cyassl/ctaocrypt/asn_public.h +++ b/cyassl/ctaocrypt/asn_public.h @@ -109,6 +109,9 @@ typedef struct Cert { byte afterDate[CTC_DATE_SIZE]; /* after date copy */ int afterDateSz; /* size of copy */ #endif +#ifdef CYASSL_CERT_REQ + char challengePw[CTC_NAME_SIZE]; +#endif } Cert; From 4a975e8d00a43d7c3e8e37ae188a71c08f750516 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 10 Jan 2014 11:29:08 -0800 Subject: [PATCH 074/135] SetRsaPublicKey() to support ASN.1 unsigned intergers correctly. --- ctaocrypt/src/asn.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index bc4cd815c..0ef6ceaa9 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -3936,14 +3936,16 @@ static int SetRsaPublicKey(byte* output, RsaKey* key) int lenSz; int idx; int rawLen; + int leadingBit; /* n */ - rawLen = mp_unsigned_bin_size(&key->n); + leadingBit = mp_leading_bit(&key->n); + rawLen = mp_unsigned_bin_size(&key->n) + leadingBit; n[0] = ASN_INTEGER; nSz = SetLength(rawLen, n + 1) + 1; /* int tag */ if ( (nSz + rawLen) < (int)sizeof(n)) { - int err = mp_to_unsigned_bin(&key->n, n + nSz); + int err = mp_to_unsigned_bin(&key->n, n + nSz + leadingBit); if (err == MP_OKAY) nSz += rawLen; else @@ -3953,12 +3955,13 @@ static int SetRsaPublicKey(byte* output, RsaKey* key) return BUFFER_E; /* e */ - rawLen = mp_unsigned_bin_size(&key->e); + leadingBit = mp_leading_bit(&key->e); + rawLen = mp_unsigned_bin_size(&key->e) + leadingBit; e[0] = ASN_INTEGER; eSz = SetLength(rawLen, e + 1) + 1; /* int tag */ if ( (eSz + rawLen) < (int)sizeof(e)) { - int err = mp_to_unsigned_bin(&key->e, e + eSz); + int err = mp_to_unsigned_bin(&key->e, e + eSz + leadingBit); if (err == MP_OKAY) eSz += rawLen; else From 9e55d71ccca2331f200801c71e851b9c3bb15a73 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 10 Jan 2014 11:50:55 -0800 Subject: [PATCH 075/135] Added enable-certgen to configure.ac. --- configure.ac | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/configure.ac b/configure.ac index 0e2ee437b..c4b6c9be2 100644 --- a/configure.ac +++ b/configure.ac @@ -531,6 +531,23 @@ then fi +# CERT REQUEST GENERATION +AC_ARG_ENABLE([certreq], + [ --enable-certreq Enable cert request generation (default: disabled)], + [ ENABLED_CERTREQ=$enableval ], + [ ENABLED_CERTREQ=no ] + ) + +if test "$ENABLED_CERTREQ" = "yes" +then + if test "$ENABLED_CERTGEN" = "no" + then + AC_MSG_ERROR([cannot enable certreq without enabling certgen.]) + fi + AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_REQ" +fi + + # SEP AC_ARG_ENABLE([sep], [ --enable-sep Enable sep extensions (default: disabled)], @@ -1551,6 +1568,7 @@ echo " * SHA-512: $ENABLED_SHA512" echo " * BLAKE2: $ENABLED_BLAKE2" echo " * keygen: $ENABLED_KEYGEN" echo " * certgen: $ENABLED_CERTGEN" +echo " * certreq: $ENABLED_CERTREQ" echo " * HC-128: $ENABLED_HC128" echo " * RABBIT: $ENABLED_RABBIT" echo " * PWDBASED: $ENABLED_PWDBASED" From 1d67d9217e772491499eca4fed5a7c8ed196ea00 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Fri, 10 Jan 2014 15:17:03 -0700 Subject: [PATCH 076/135] initial PKCS#7 stubs, tie into ./configure --- configure.ac | 15 ++++ ctaocrypt/src/pkcs7.c | 135 ++++++++++++++++++++++++++++++++++++ cyassl/ctaocrypt/include.am | 1 + cyassl/ctaocrypt/pkcs7.h | 70 +++++++++++++++++++ src/include.am | 4 ++ 5 files changed, 225 insertions(+) create mode 100644 ctaocrypt/src/pkcs7.c create mode 100644 cyassl/ctaocrypt/pkcs7.h diff --git a/configure.ac b/configure.ac index c4b6c9be2..e2a570e0c 100644 --- a/configure.ac +++ b/configure.ac @@ -1215,6 +1215,20 @@ then AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC" fi +# PKCS#7 +AC_ARG_ENABLE([pkcs7], + [ --enable-pkcs7 Enable PKCS7 (default: disabled)], + [ ENABLED_PKCS7=$enableval ], + [ ENABLED_PKCS7=no ] + ) + +if test "ENABLED_PKCS7" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7" +fi + +AM_CONDITIONAL([BUILD_PKCS7], [test "x$ENABLED_PKCS7" = "xyes"]) + #valgrind AC_ARG_ENABLE([valgrind], [ --enable-valgrind Enable valgrind for unit tests (default: disabled)], @@ -1600,6 +1614,7 @@ echo " * SNI: $ENABLED_SNI" echo " * Maximum Fragment Length: $ENABLED_MAX_FRAGMENT" echo " * Truncated HMAC: $ENABLED_TRUNCATED_HMAC" echo " * All TLS Extensions: $ENABLED_TLSX" +echo " * PKCS#7 $ENABLED_PKCS7" echo " * valgrind unit tests: $ENABLED_VALGRIND" echo " * LIBZ: $ENABLED_LIBZ" echo " * Examples: $ENABLED_EXAMPLES" diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c new file mode 100644 index 000000000..269686609 --- /dev/null +++ b/ctaocrypt/src/pkcs7.c @@ -0,0 +1,135 @@ +/* pkcs7.c + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#ifdef HAVE_PKCS7 + +#include +#include +#include + +CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output) +{ + /* PKCS#7 content types */ + static const byte pkcs7[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x07 }; + static const byte data[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x07, 0x01 }; + static const byte signedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x07, 0x02}; + static const byte envelopedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x07, 0x03 }; + static const byte signedAndEnveloped[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x07, 0x04 }; + static const byte digestedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x07, 0x05 }; + static const byte encryptedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x07, 0x06 }; + + int idSz; + int typeSz = 0, idx = 0; + const byte* typeName = 0; + byte ID_Length[MAX_LENGTH_SZ]; + + switch (pkcs7TypeOID) { + case PKCS7: + typeSz = sizeof(pkcs7); + typeName = pkcs7; + break; + + case DATA: + typeSz = sizeof(data); + typeName = data; + break; + + case SIGNED_DATA: + typeSz = sizeof(signedData); + typeName = signedData; + break; + + case ENVELOPED_DATA: + typeSz = sizeof(envelopedData); + typeName = envelopedData; + break; + + case SIGNED_AND_ENVELOPED_DATA: + typeSz = sizeof(signedAndEnveloped); + typeName = signedAndEnveloped; + break; + + case DIGESTED_DATA: + typeSz = sizeof(digestedData); + typeName = digestedData; + break; + + case ENCRYPTED_DATA: + typeSz = sizeof(encryptedData); + typeName = encryptedData; + break; + + default: + CYASSL_MSG("Unknown PKCS#7 Type"); + return 0; + }; + + idSz = SetLength(typeSz, ID_Length); + output[idx++] = ASN_OBJECT_ID; + XMEMCPY(output + idx, ID_Length, idSz); + idx += idSz; + XMEMCPY(output + idx, typeName, typeSz); + idx += typeSz; + + return idx; + +} + +/* Create PKCS#7 envelopedData structure */ +int Pkcs7_encrypt(const byte* certs, word32 certSz, byte* data, word32 dataSz, + int cipher, byte* out, word32* outSz, word32 flags) +{ + (void)certs; + (void)certSz; + (void)data; + (void)dataSz; + (void)cipher; + (void)out; + (void)outSz; + (void)flags; + + return 0; +} + +#else /* HAVE_PKCS7 */ + + +#ifdef _MSC_VER + /* 4206 warning for blank file */ + #pragma warning(disable: 4206) +#endif + + +#endif /* HAVE_PKCS7 */ + diff --git a/cyassl/ctaocrypt/include.am b/cyassl/ctaocrypt/include.am index 8be43c5e1..5c38659ef 100644 --- a/cyassl/ctaocrypt/include.am +++ b/cyassl/ctaocrypt/include.am @@ -21,6 +21,7 @@ nobase_include_HEADERS+= \ cyassl/ctaocrypt/md4.h \ cyassl/ctaocrypt/md5.h \ cyassl/ctaocrypt/misc.h \ + cyassl/ctaocrypt/pkcs7.h \ cyassl/ctaocrypt/port.h \ cyassl/ctaocrypt/pwdbased.h \ cyassl/ctaocrypt/rabbit.h \ diff --git a/cyassl/ctaocrypt/pkcs7.h b/cyassl/ctaocrypt/pkcs7.h new file mode 100644 index 000000000..ceb7cdb5e --- /dev/null +++ b/cyassl/ctaocrypt/pkcs7.h @@ -0,0 +1,70 @@ +/* pkcs7.h + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +#ifdef HAVE_PKCS7 + +#ifndef CTAO_CRYPT_PKCS7_H +#define CTAO_CRYPT_PKCS7_H + +#include +#include +#include +#include +#include + +#ifdef __cplusplus + extern "C" { +#endif + +enum PKCS7_TYPES { + PKCS7 = 650, /* 1.2.840.113549.1.7 */ + DATA = 651, /* 1.2.840.113549.1.7.1 */ + SIGNED_DATA = 652, /* 1.2.840.113549.1.7.2 */ + ENVELOPED_DATA = 653, /* 1.2.840.113549.1.7.3 */ + SIGNED_AND_ENVELOPED_DATA = 654, /* 1.2.840.113549.1.7.4 */ + DIGESTED_DATA = 655, /* 1.2.840.113549.1.7.5 */ + ENCRYPTED_DATA = 656 /* 1.2.840.113549.1.7.6 */ +}; + +enum Pkcs7_Misc { + MAX_RECIP_SZ = MAX_VERSION_SZ + + MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ + + MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + + MAX_ENCRYPTED_KEY_SZ + MAX_CONTENT_KEY_LEN = DES3_KEYLEN, + MAX_ENCRYPTED_KEY_SZ = 512, /* max enc. key size, RSA <= 4096 */ +}; + +CYASSL_API int Pkcs7_encrypt(const byte* certs, word32 certSz, byte* data, + word32 dataSz, int cipher, byte* out, + word32* outSz, word32 flags); + +CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output); + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* CTAO_CRYPT_PKCS7_H */ + +#endif /* HAVE_PKCS7 */ + diff --git a/src/include.am b/src/include.am index d187ab0d6..e57f0f6fc 100644 --- a/src/include.am +++ b/src/include.am @@ -136,3 +136,7 @@ if BUILD_LIBZ src_libcyassl_la_SOURCES += ctaocrypt/src/compress.c endif +if BUILD_PKCS7 +src_libcyassl_la_SOURCES += ctaocrypt/src/pkcs7.c +endif + From 0024db221f8525f34690aee9deec2508707ca9df Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Fri, 10 Jan 2014 16:11:17 -0700 Subject: [PATCH 077/135] fix --enable-pkcs7 configure.ac --- configure.ac | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index e2a570e0c..69e3efa21 100644 --- a/configure.ac +++ b/configure.ac @@ -1215,14 +1215,14 @@ then AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC" fi -# PKCS#7 +# PKCS7 AC_ARG_ENABLE([pkcs7], [ --enable-pkcs7 Enable PKCS7 (default: disabled)], [ ENABLED_PKCS7=$enableval ], - [ ENABLED_PKCS7=no ] + [ ENABLED_PKCS7=no ], ) -if test "ENABLED_PKCS7" = "yes" +if test "$ENABLED_PKCS7" = "yes" then AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7" fi From 71e13a3c3a119d4f0734d2755f571e7ec4f6f8c3 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Fri, 10 Jan 2014 16:13:56 -0700 Subject: [PATCH 078/135] expose ASN.1 helper fns, add blkType --- ctaocrypt/src/asn.c | 124 +++++++++++++++++++++++++++-------------- cyassl/ctaocrypt/asn.h | 25 ++++++++- 2 files changed, 105 insertions(+), 44 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index 0ef6ceaa9..1874e36c8 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -398,8 +398,8 @@ CPU_INT32S NetSecure_ValidateDateHandler(CPU_INT08U *date, CPU_INT08U format, #endif /* MICRIUM */ -static int GetLength(const byte* input, word32* inOutIdx, int* len, - word32 maxIdx) +CYASSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len, + word32 maxIdx) { int length = 0; word32 i = *inOutIdx; @@ -1280,6 +1280,10 @@ void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap) XMEMSET(cert->extAuthKeyId, 0, SHA_SIZE); cert->extAuthKeyIdSet = 0; cert->isCA = 0; +#ifdef HAVE_PKCS7 + cert->issuerRaw = NULL; + cert->issuerRawLen = 0; +#endif #ifdef CYASSL_CERT_GEN cert->subjectSN = 0; cert->subjectSNLen = 0; @@ -1611,6 +1615,12 @@ static int GetName(DecodedCert* cert, int nameType) length += cert->srcIdx; idx = 0; +#ifdef HAVE_PKCS7 + /* store pointer to raw issuer */ + cert->issuerRaw = &cert->source[cert->srcIdx]; + cert->issuerRawLen = length - cert->srcIdx; +#endif + while (cert->srcIdx < (word32)length) { byte b; byte joint[2]; @@ -2230,7 +2240,7 @@ static word32 BytePrecision(word32 value) } -static word32 SetLength(word32 length, byte* output) +CYASSL_LOCAL word32 SetLength(word32 length, byte* output) { word32 i = 0, j; @@ -2249,12 +2259,25 @@ static word32 SetLength(word32 length, byte* output) } -static word32 SetSequence(word32 len, byte* output) +CYASSL_LOCAL word32 SetSequence(word32 len, byte* output) { output[0] = ASN_SEQUENCE | ASN_CONSTRUCTED; return SetLength(len, output + 1) + 1; } +CYASSL_LOCAL word32 SetOctetString(word32 len, byte* output) +{ + output[0] = ASN_OCTET_STRING; + return SetLength(len, output + 1) + 1; +} + +/* Write a set header to output */ +CYASSL_LOCAL word32 SetSet(word32 len, byte* output) +{ + output[0] = ASN_SET | ASN_CONSTRUCTED; + return SetLength(len, output + 1) + 1; +} + #if defined(HAVE_ECC) && defined(CYASSL_CERT_GEN) @@ -2329,7 +2352,7 @@ static word32 SetCurve(ecc_key* key, byte* output) #endif /* HAVE_ECC && CYASSL_CERT_GEN */ -static word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz) +CYASSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz) { /* adding TAG_NULL and 0 to end */ @@ -2347,6 +2370,12 @@ static word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz) static const byte md2AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x02, 0x05, 0x00}; + /* blkTypes */ + static const byte desCbcAlgoID[] = { 0x2B, 0x0E, 0x03, 0x02, 0x07, + 0x05, 0x00 }; + static const byte des3CbcAlgoID[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x03, 0x07, 0x05, 0x00}; + /* RSA sigTypes */ #ifndef NO_RSA static const byte md5wRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, @@ -2430,6 +2459,21 @@ static word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz) return 0; /* UNKOWN_HASH_E; */ } } + else if (type == blkType) { + switch (algoOID) { + case DESb: + algoSz = sizeof(desCbcAlgoID); + algoName = desCbcAlgoID; + break; + case DES3b: + algoSz = sizeof(des3CbcAlgoID); + algoName = des3CbcAlgoID; + break; + default: + CYASSL_MSG("Unknown Block Algo"); + return 0; + } + } else if (type == sigType) { /* sigType */ switch (algoOID) { #ifndef NO_RSA @@ -3534,9 +3578,7 @@ void FreeSignerTable(Signer** table, int rows, void* heap) } -#if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) - -static int SetMyVersion(word32 version, byte* output, int header) +CYASSL_LOCAL int SetMyVersion(word32 version, byte* output, int header) { int i = 0; @@ -3552,6 +3594,37 @@ static int SetMyVersion(word32 version, byte* output, int header) } +CYASSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output) +{ + int result = 0; + + CYASSL_ENTER("SetSerialNumber"); + + if (snSz <= EXTERNAL_SERIAL_SIZE) { + output[0] = ASN_INTEGER; + /* The serial number is always positive. When encoding the + * INTEGER, if the MSB is 1, add a padding zero to keep the + * number positive. */ + if (sn[0] & 0x80) { + output[1] = (byte)snSz + 1; + output[2] = 0; + XMEMCPY(&output[3], sn, snSz); + result = snSz + 3; + } + else { + output[1] = (byte)snSz; + XMEMCPY(&output[2], sn, snSz); + result = snSz + 2; + } + } + return result; +} + + + + +#if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) + /* convert der buffer to pem into output, can't do inplace, der and output need to be different */ int DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz, @@ -3837,14 +3910,6 @@ typedef struct DerCert { } DerCert; -/* Write a set header to output */ -static word32 SetSet(word32 len, byte* output) -{ - output[0] = ASN_SET | ASN_CONSTRUCTED; - return SetLength(len, output + 1) + 1; -} - - #ifdef CYASSL_CERT_REQ /* Write a set header to output */ @@ -5785,33 +5850,6 @@ int OcspResponseDecode(OcspResponse* resp) } -static int SetSerialNumber(const byte* sn, word32 snSz, byte* output) -{ - int result = 0; - - CYASSL_ENTER("SetSerialNumber"); - - if (snSz <= EXTERNAL_SERIAL_SIZE) { - output[0] = ASN_INTEGER; - /* The serial number is always positive. When encoding the - * INTEGER, if the MSB is 1, add a padding zero to keep the - * number positive. */ - if (sn[0] & 0x80) { - output[1] = (byte)snSz + 1; - output[2] = 0; - XMEMCPY(&output[3], sn, snSz); - result = snSz + 3; - } - else { - output[1] = (byte)snSz; - XMEMCPY(&output[2], sn, snSz); - result = snSz + 2; - } - } - return result; -} - - static word32 SetOcspReqExtensions(word32 extSz, byte* output, const byte* nonce, word32 nonceSz) { diff --git a/cyassl/ctaocrypt/asn.h b/cyassl/ctaocrypt/asn.h index febef2432..121af0aef 100644 --- a/cyassl/ctaocrypt/asn.h +++ b/cyassl/ctaocrypt/asn.h @@ -126,6 +126,7 @@ enum Misc_ASN { MAX_ALGO_SZ = 20, MAX_SEQ_SZ = 5, /* enum(seq | con) + length(4) */ MAX_SET_SZ = 5, /* enum(set | con) + length(4) */ + MAX_OCTET_STR_SZ = 5, /* enum(set | con) + length(4) */ MAX_PRSTR_SZ = 5, /* enum(prstr) + length(4) */ MAX_VERSION_SZ = 5, /* enum + id + version(byte) + (header(2))*/ MAX_ENCODED_DIG_SZ = 73, /* sha512 + enum(bit or octet) + legnth(4) */ @@ -161,7 +162,8 @@ enum Oid_Types { hashType = 0, sigType = 1, keyType = 2, - curveType = 3 + curveType = 3, + blkType = 4 }; @@ -175,6 +177,12 @@ enum Hash_Sum { }; +enum Block_Sum { + DESb = 69, + DES3b = 652 +}; + + enum Key_Sum { DSAk = 515, RSAk = 645, @@ -342,6 +350,10 @@ struct DecodedCert { int beforeDateLen; byte* afterDate; int afterDateLen; +#ifdef HAVE_PKCS7 + byte* issuerRaw; /* pointer to issuer inside source */ + int issuerRawLen; +#endif #if defined(CYASSL_CERT_GEN) /* easy access to subject info for other sign */ char* subjectSN; @@ -430,6 +442,17 @@ CYASSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*, int); CYASSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType); +/* ASN.1 helper functions */ +CYASSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len, + word32 maxIdx); +CYASSL_LOCAL word32 SetLength(word32 length, byte* output); +CYASSL_LOCAL word32 SetSequence(word32 len, byte* output); +CYASSL_LOCAL word32 SetOctetString(word32 len, byte* output); +CYASSL_LOCAL word32 SetSet(word32 len, byte* output); +CYASSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz); +CYASSL_LOCAL int SetMyVersion(word32 version, byte* output, int header); +CYASSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output); + #ifdef HAVE_ECC /* ASN sig helpers */ CYASSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, From 3a984990c2398055734e8113cedf37c6d3c6a17e Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Fri, 10 Jan 2014 16:17:02 -0700 Subject: [PATCH 079/135] update pkcs7.h --- cyassl/ctaocrypt/pkcs7.h | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/cyassl/ctaocrypt/pkcs7.h b/cyassl/ctaocrypt/pkcs7.h index ceb7cdb5e..72acf14c2 100644 --- a/cyassl/ctaocrypt/pkcs7.h +++ b/cyassl/ctaocrypt/pkcs7.h @@ -46,12 +46,11 @@ enum PKCS7_TYPES { }; enum Pkcs7_Misc { + MAX_ENCRYPTED_KEY_SZ = 512, /* max enc. key size, RSA <= 4096 */ + MAX_CONTENT_KEY_LEN = DES3_KEYLEN, MAX_RECIP_SZ = MAX_VERSION_SZ + MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ + - MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + - MAX_ENCRYPTED_KEY_SZ - MAX_CONTENT_KEY_LEN = DES3_KEYLEN, - MAX_ENCRYPTED_KEY_SZ = 512, /* max enc. key size, RSA <= 4096 */ + MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ }; CYASSL_API int Pkcs7_encrypt(const byte* certs, word32 certSz, byte* data, @@ -59,6 +58,11 @@ CYASSL_API int Pkcs7_encrypt(const byte* certs, word32 certSz, byte* data, word32* outSz, word32 flags); CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output); +CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz, + int keyEncAlgo, int blockKeySz, + RNG* rng, byte* contentKeyPlain, + byte* contentKeyEnc, + int* keyEncSz, byte* out, word32 outSz); #ifdef __cplusplus } /* extern "C" */ From ef9cfc2172df08ed40cca12dc41f2804f8033955 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Mon, 13 Jan 2014 10:58:01 -0800 Subject: [PATCH 080/135] Added method to encode PKCS7 data type messages. --- ctaocrypt/src/pkcs7.c | 61 +++++++++++++++++++++++++++++++++++++++- cyassl/ctaocrypt/pkcs7.h | 36 +++++++++++++++++++++++- 2 files changed, 95 insertions(+), 2 deletions(-) diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index 269686609..7f4cee04c 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -55,7 +55,7 @@ CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output) byte ID_Length[MAX_LENGTH_SZ]; switch (pkcs7TypeOID) { - case PKCS7: + case PKCS7_MSG: typeSz = sizeof(pkcs7); typeName = pkcs7; break; @@ -122,6 +122,65 @@ int Pkcs7_encrypt(const byte* certs, word32 certSz, byte* data, word32 dataSz, return 0; } + +int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz) +{ + XMEMSET(pkcs7, 0, sizeof(PKCS7)); + pkcs7->singleCert = cert; + pkcs7->singleCertSz = certSz; + + return 0; +} + + +int PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz) +{ + static const byte oid[] = + { ASN_OBJECT_ID, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x07, 0x01 }; + byte seq[MAX_SEQ_SZ]; + byte octetStr[MAX_OCTET_STR_SZ]; + word32 seqSz; + word32 octetStrSz; + int idx = 0; + + octetStrSz = SetOctetString(pkcs7->contentSz, octetStr); + seqSz = SetSequence(pkcs7->contentSz + octetStrSz + sizeof(oid), seq); + + if (outputSz < pkcs7->contentSz + octetStrSz + sizeof(oid) + seqSz) + return BUFFER_E; + + XMEMCPY(output, seq, seqSz); + idx += seqSz; + XMEMCPY(output + idx, oid, sizeof(oid)); + idx += sizeof(oid); + XMEMCPY(output + idx, octetStr, octetStrSz); + idx += octetStrSz; + XMEMCPY(output + idx, pkcs7->content, pkcs7->contentSz); + idx += pkcs7->contentSz; + + return idx; +} + + +int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) +{ + (void)pkcs7; + (void)output; + (void)outputSz; + return 0; +} + + +int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) +{ + (void)pkcs7; + (void)output; + (void)outputSz; + return 0; +} + + #else /* HAVE_PKCS7 */ diff --git a/cyassl/ctaocrypt/pkcs7.h b/cyassl/ctaocrypt/pkcs7.h index 72acf14c2..d5f23ee58 100644 --- a/cyassl/ctaocrypt/pkcs7.h +++ b/cyassl/ctaocrypt/pkcs7.h @@ -36,7 +36,7 @@ #endif enum PKCS7_TYPES { - PKCS7 = 650, /* 1.2.840.113549.1.7 */ + PKCS7_MSG = 650, /* 1.2.840.113549.1.7 */ DATA = 651, /* 1.2.840.113549.1.7.1 */ SIGNED_DATA = 652, /* 1.2.840.113549.1.7.2 */ ENVELOPED_DATA = 653, /* 1.2.840.113549.1.7.3 */ @@ -53,6 +53,33 @@ enum Pkcs7_Misc { MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ }; + +typedef struct PKCS7Attrib { + byte* oid; + word32 oidSz; + byte* value; + word32 valueSz; +} PKCS7Attrib; + + +typedef struct PKCS7 { + byte* content; + word32 contentSz; + int contentOID; + + int hashOID; + int encryptOID; + + byte* singleCert; + word32 singleCertSz; + byte* issuer; + word32 issuerSz; + + PKCS7Attrib** signedAttribs; + word32 signedAttribsSz; /* Number of attribs in list */ +} PKCS7; + + CYASSL_API int Pkcs7_encrypt(const byte* certs, word32 certSz, byte* data, word32 dataSz, int cipher, byte* out, word32* outSz, word32 flags); @@ -64,6 +91,13 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz, byte* contentKeyEnc, int* keyEncSz, byte* out, word32 outSz); +CYASSL_API int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz); +CYASSL_API int PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz); +CYASSL_API int PKCS7_EncodeSignedData(PKCS7* pkcs7, + byte* output, word32 outputSz); +CYASSL_API int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, + byte* output, word32 outputSz); + #ifdef __cplusplus } /* extern "C" */ #endif From bb6b2e86c6905936037d41d91b07b58734e15303 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 13 Jan 2014 12:17:12 -0800 Subject: [PATCH 081/135] add base64 encode with esacped line ending, keep existing api intact --- ctaocrypt/src/coding.c | 45 +++++++++++++++++++++++++++++++++------ cyassl/ctaocrypt/coding.h | 3 +++ 2 files changed, 42 insertions(+), 6 deletions(-) diff --git a/ctaocrypt/src/coding.c b/ctaocrypt/src/coding.c index 78286faae..26a884a9b 100644 --- a/ctaocrypt/src/coding.c +++ b/ctaocrypt/src/coding.c @@ -147,15 +147,21 @@ const byte base64Encode[] = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', }; -/* porting assistance from yaSSL by Raphael HUCK */ -int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen) +/* internal worker, handles both escaped and normal line endings */ +static int DoBase64_Encode(const byte* in, word32 inLen, byte* out, + word32* outLen, int escaped) { word32 i = 0, j = 0, n = 0; /* new line counter */ word32 outSz = (inLen + 3 - 1) / 3 * 4; - outSz += (outSz + PEM_LINE_SZ - 1) / PEM_LINE_SZ; /* new lines */ + word32 addSz = (outSz + PEM_LINE_SZ - 1) / PEM_LINE_SZ; /* new lines */ + + if (escaped) + addSz *= 3; /* instead of just \n, we're doing %0A triplet */ + + outSz += addSz; if (outSz > *outLen) return BAD_FUNC_ARG; @@ -178,8 +184,15 @@ int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen) inLen -= 3; - if ((++n % (PEM_LINE_SZ / 4)) == 0 && inLen) - out[i++] = '\n'; + if ((++n % (PEM_LINE_SZ / 4)) == 0 && inLen) { + if (escaped) { + out[i++] = '%'; + out[i++] = '0'; + out[i++] = 'A'; + } + else + out[i++] = '\n'; + } } /* last integral */ @@ -199,7 +212,13 @@ int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen) out[i++] = PAD; } - out[i++] = '\n'; + if (escaped) { + out[i++] = '%'; + out[i++] = '0'; + out[i++] = 'A'; + } + else + out[i++] = '\n'; if (i != outSz) return ASN_INPUT_E; *outLen = outSz; @@ -208,6 +227,20 @@ int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen) } +/* Base64 Encode, PEM style, with \n line endings */ +int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen) +{ + return DoBase64_Encode(in, inLen, out, outLen, 0); +} + + +/* Base64 Encode, with %0A esacped line endings instead of \n */ +int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out, word32* outLen) +{ + return DoBase64_Encode(in, inLen, out, outLen, 1); +} + + static const byte hexDecode[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, BAD, BAD, BAD, BAD, BAD, BAD, BAD, diff --git a/cyassl/ctaocrypt/coding.h b/cyassl/ctaocrypt/coding.h index a22cd3801..911163794 100644 --- a/cyassl/ctaocrypt/coding.h +++ b/cyassl/ctaocrypt/coding.h @@ -39,6 +39,9 @@ CYASSL_LOCAL int Base64_Decode(const byte* in, word32 inLen, byte* out, CYASSL_API int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen); + CYASSL_API + int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out, + word32* outLen); CYASSL_LOCAL int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen); #endif From 69ffa3a48129e89b417139295c7849497035f06d Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Mon, 13 Jan 2014 13:19:44 -0700 Subject: [PATCH 082/135] add PKCS7_EncodeEnvelopeData() --- ctaocrypt/src/pkcs7.c | 309 ++++++++++++++++++++++++++++++++++++--- cyassl/ctaocrypt/pkcs7.h | 4 - 2 files changed, 289 insertions(+), 24 deletions(-) diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index 7f4cee04c..c23e2b39a 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -106,22 +106,6 @@ CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output) } -/* Create PKCS#7 envelopedData structure */ -int Pkcs7_encrypt(const byte* certs, word32 certSz, byte* data, word32 dataSz, - int cipher, byte* out, word32* outSz, word32 flags) -{ - (void)certs; - (void)certSz; - (void)data; - (void)dataSz; - (void)cipher; - (void)out; - (void)outSz; - (void)flags; - - return 0; -} - int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz) { @@ -172,12 +156,297 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) } +/* create ASN.1 fomatted RecipientInfo structure, returns sequence size */ +CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz, + int keyEncAlgo, int blockKeySz, + RNG* rng, byte* contentKeyPlain, + byte* contentKeyEnc, + int* keyEncSz, byte* out, word32 outSz) +{ + word32 idx = 0; + int ret = 0, totalSz = 0; + int verSz, issuerSz, snSz, keyEncAlgSz; + int issuerSeqSz, recipSeqSz, issuerSerialSeqSz; + int encKeyOctetStrSz; + + byte ver[MAX_VERSION_SZ]; + byte serial[MAX_SN_SZ]; + byte issuerSerialSeq[MAX_SEQ_SZ]; + byte recipSeq[MAX_SEQ_SZ]; + byte issuerSeq[MAX_SEQ_SZ]; + byte keyAlgArray[MAX_ALGO_SZ]; + byte encKeyOctetStr[MAX_OCTET_STR_SZ]; + + RsaKey pubKey; + DecodedCert decoded; + + InitDecodedCert(&decoded, (byte*)cert, certSz, 0); + ret = ParseCert(&decoded, CA_TYPE, NO_VERIFY, 0); + if (ret < 0) { + FreeDecodedCert(&decoded); + return ret; + } + + /* version */ + verSz = SetMyVersion(0, ver, 0); + + /* IssuerAndSerialNumber */ + if (decoded.issuerRaw == NULL || decoded.issuerRawLen == 0) { + CYASSL_MSG("DecodedCert lacks raw issuer pointer and length"); + FreeDecodedCert(&decoded); + return -1; + } + issuerSz = decoded.issuerRawLen; + issuerSeqSz = SetSequence(issuerSz, issuerSeq); + + if (decoded.serial == NULL || decoded.serialSz == 0) { + CYASSL_MSG("DecodedCert missing serial number"); + FreeDecodedCert(&decoded); + return -1; + } + snSz = SetSerialNumber(decoded.serial, decoded.serialSz, serial); + + issuerSerialSeqSz = SetSequence(issuerSeqSz + issuerSz + snSz, + issuerSerialSeq); + + /* KeyEncryptionAlgorithmIdentifier, only support RSA now */ + if (keyEncAlgo != RSAk) + return ALGO_ID_E; + + keyEncAlgSz = SetAlgoID(keyEncAlgo, keyAlgArray, keyType, 0); + + /* EncryptedKey */ + InitRsaKey(&pubKey, 0); + if (RsaPublicKeyDecode(decoded.publicKey, &idx, &pubKey, + decoded.pubKeySize) < 0) { + CYASSL_MSG("ASN RSA key decode error"); + return PUBLIC_KEY_E; + } + + *keyEncSz = RsaPublicEncrypt(contentKeyPlain, blockKeySz, contentKeyEnc, + MAX_ENCRYPTED_KEY_SZ, &pubKey, rng); + if (*keyEncSz < 0) { + CYASSL_MSG("RSA Public Encrypt failed"); + return *keyEncSz; + } + + encKeyOctetStrSz = SetOctetString(*keyEncSz, encKeyOctetStr); + + /* RecipientInfo */ + recipSeqSz = SetSequence(verSz + issuerSerialSeqSz + issuerSeqSz + + issuerSz + snSz + keyEncAlgSz + encKeyOctetStrSz + + *keyEncSz, recipSeq); + + if (recipSeqSz + verSz + issuerSerialSeqSz + issuerSeqSz + snSz + + keyEncAlgSz + encKeyOctetStrSz + *keyEncSz > (int)outSz) { + CYASSL_MSG("RecipientInfo output buffer too small"); + return BUFFER_E; + } + + XMEMCPY(out + totalSz, recipSeq, recipSeqSz); + totalSz += recipSeqSz; + XMEMCPY(out + totalSz, ver, verSz); + totalSz += verSz; + XMEMCPY(out + totalSz, issuerSerialSeq, issuerSerialSeqSz); + totalSz += issuerSerialSeqSz; + XMEMCPY(out + totalSz, issuerSeq, issuerSeqSz); + totalSz += issuerSeqSz; + XMEMCPY(out + totalSz, decoded.issuerRaw, issuerSz); + totalSz += issuerSz; + XMEMCPY(out + totalSz, serial, snSz); + totalSz += snSz; + XMEMCPY(out + totalSz, keyAlgArray, keyEncAlgSz); + totalSz += keyEncAlgSz; + XMEMCPY(out + totalSz, encKeyOctetStr, encKeyOctetStrSz); + totalSz += encKeyOctetStrSz; + XMEMCPY(out + totalSz, contentKeyEnc, *keyEncSz); + totalSz += *keyEncSz; + + FreeDecodedCert(&decoded); + + return totalSz; +} + + int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) { - (void)pkcs7; - (void)output; - (void)outputSz; - return 0; + int i, idx = 0; + int totalSz = 0, padSz = 0, desOutSz = 0; + + int contentInfoSeqSz, outerContentTypeSz, outerContentSz; + byte contentInfoSeq[MAX_SEQ_SZ]; + byte outerContentType[MAX_ALGO_SZ]; + byte outerContent[MAX_SEQ_SZ]; + + int envDataSeqSz, verSz; + byte envDataSeq[MAX_SEQ_SZ]; + byte ver[MAX_VERSION_SZ]; + + RNG rng; + int contentKeyEncSz, blockKeySz; + int dynamicFlag = 0; + byte contentKeyPlain[MAX_CONTENT_KEY_LEN]; + byte contentKeyEnc[MAX_ENCRYPTED_KEY_SZ]; + byte* plain; + byte* encryptedContent; + + int recipSz, recipSetSz; + byte recip[MAX_RECIP_SZ]; + byte recipSet[MAX_SET_SZ]; + + int encContentOctetSz, encContentSeqSz, contentTypeSz, contentEncAlgoSz; + byte encContentSeq[MAX_SEQ_SZ]; + byte contentType[MAX_ALGO_SZ]; + byte contentEncAlgo[MAX_ALGO_SZ]; + byte encContentOctet[MAX_OCTET_STR_SZ]; + + switch (pkcs7->encryptOID) { + case DESb: + blockKeySz = DES_KEYLEN; + break; + + case DES3b: + blockKeySz = DES3_KEYLEN; + break; + + default: + CYASSL_MSG("Unsupported content cipher type"); + return ALGO_ID_E; + }; + + /* outer content type */ + outerContentTypeSz = SetContentType(ENVELOPED_DATA, outerContentType); + + /* version */ + verSz = SetMyVersion(0, ver, 0); + + /* generate random content enc key */ + InitRng(&rng); + RNG_GenerateBlock(&rng, contentKeyPlain, blockKeySz); + + /* build RecipientInfo, only handle 1 for now */ + recipSz = CreateRecipientInfo(pkcs7->singleCert, pkcs7->singleCertSz, RSAk, + blockKeySz, &rng, contentKeyPlain, + contentKeyEnc, &contentKeyEncSz, recip, + MAX_RECIP_SZ); + + if (recipSz < 0) { + CYASSL_MSG("Failed to create RecipientInfo"); + return recipSz; + } + recipSetSz = SetSet(recipSz, recipSet); + + /* EncryptedContentInfo */ + contentTypeSz = SetContentType(pkcs7->contentOID, contentType); + contentEncAlgoSz = SetAlgoID(pkcs7->encryptOID, contentEncAlgo, + blkType, 0); + + /* allocate memory for encrypted content, pad if necessary */ + padSz = DES_BLOCK_SIZE - (pkcs7->contentSz % DES_BLOCK_SIZE); + desOutSz = pkcs7->contentSz + padSz; + + if (padSz != 0) { + plain = XMALLOC(desOutSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (plain == NULL) { + return MEMORY_E; + } + XMEMCPY(plain, pkcs7->content, pkcs7->contentSz); + dynamicFlag = 1; + + for (i = 0; i < padSz; i++) { + plain[pkcs7->contentSz + i + 1] = padSz; + } + + } else { + plain = pkcs7->content; + desOutSz = pkcs7->contentSz; + } + + encryptedContent = XMALLOC(desOutSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (encryptedContent == NULL) { + if (dynamicFlag) + XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } + + byte tmpIv[blockKeySz]; + if (pkcs7->encryptOID == DESb) { + Des des; + RNG_GenerateBlock(&rng, tmpIv, (word32)sizeof(tmpIv)); + Des_SetKey(&des, contentKeyPlain, tmpIv, DES_ENCRYPTION); + Des_CbcEncrypt(&des, encryptedContent, plain, desOutSz); + + } else if (pkcs7->encryptOID == DES3b) { + Des3 des3; + RNG_GenerateBlock(&rng, tmpIv, (word32)sizeof(tmpIv)); + Des3_SetKey(&des3, contentKeyPlain, tmpIv, DES_ENCRYPTION); + Des3_CbcEncrypt(&des3, encryptedContent, plain, desOutSz); + } + + encContentOctetSz = SetOctetString(desOutSz, encContentOctet); + + encContentSeqSz = SetSequence(contentTypeSz + contentEncAlgoSz + + encContentOctetSz + desOutSz, encContentSeq); + + /* keep track of sizes for outer wrapper layering */ + totalSz = verSz + recipSetSz + recipSz + encContentSeqSz + contentTypeSz + + contentEncAlgoSz + encContentOctetSz + desOutSz; + + /* EnvelopedData */ + envDataSeqSz = SetSequence(totalSz, envDataSeq); + totalSz += envDataSeqSz; + + /* outer content */ + outerContent[0] = (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0); + outerContentSz = 1 + SetLength(totalSz, outerContent + 1); + totalSz += outerContentTypeSz; + totalSz += outerContentSz; + + /* ContentInfo */ + contentInfoSeqSz = SetSequence(totalSz, contentInfoSeq); + totalSz += contentInfoSeqSz; + + if (totalSz > (int)outputSz) { + CYASSL_MSG("Pkcs7_encrypt output buffer too small"); + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (dynamicFlag) + XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return BUFFER_E; + } + + XMEMCPY(output + idx, contentInfoSeq, contentInfoSeqSz); + idx += contentInfoSeqSz; + XMEMCPY(output + idx, outerContentType, outerContentTypeSz); + idx += outerContentTypeSz; + XMEMCPY(output + idx, outerContent, outerContentSz); + idx += outerContentSz; + XMEMCPY(output + idx, envDataSeq, envDataSeqSz); + idx += envDataSeqSz; + XMEMCPY(output + idx, ver, verSz); + idx += verSz; + XMEMCPY(output + idx, recipSet, recipSetSz); + idx += recipSetSz; + XMEMCPY(output + idx, recip, recipSz); + idx += recipSz; + XMEMCPY(output + idx, encContentSeq, encContentSeqSz); + idx += encContentSeqSz; + XMEMCPY(output + idx, contentType, contentTypeSz); + idx += contentTypeSz; + XMEMCPY(output + idx, contentEncAlgo, contentEncAlgoSz); + idx += contentEncAlgoSz; + XMEMCPY(output + idx, encContentOctet, encContentOctetSz); + idx += encContentOctetSz; + XMEMCPY(output + idx, encryptedContent, desOutSz); + idx += desOutSz; + +#ifdef NO_RC4 + FreeRng(&rng); +#endif + if (dynamicFlag) + XFREE(plain, NULL, DYNAMMIC_TYPE_TMP_BUFFER); + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + return idx; } diff --git a/cyassl/ctaocrypt/pkcs7.h b/cyassl/ctaocrypt/pkcs7.h index d5f23ee58..496c7321f 100644 --- a/cyassl/ctaocrypt/pkcs7.h +++ b/cyassl/ctaocrypt/pkcs7.h @@ -80,10 +80,6 @@ typedef struct PKCS7 { } PKCS7; -CYASSL_API int Pkcs7_encrypt(const byte* certs, word32 certSz, byte* data, - word32 dataSz, int cipher, byte* out, - word32* outSz, word32 flags); - CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output); CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz, int keyEncAlgo, int blockKeySz, From 3152c286504ac1be49c7ab82bf4c1336156d333e Mon Sep 17 00:00:00 2001 From: toddouska Date: Tue, 14 Jan 2014 09:36:21 -0800 Subject: [PATCH 083/135] add escape for 64encdoe + and = too --- ctaocrypt/src/coding.c | 137 +++++++++++++++++++++++++++++++++-------- 1 file changed, 110 insertions(+), 27 deletions(-) diff --git a/ctaocrypt/src/coding.c b/ctaocrypt/src/coding.c index 26a884a9b..ed7a54c5e 100644 --- a/ctaocrypt/src/coding.c +++ b/ctaocrypt/src/coding.c @@ -147,10 +147,87 @@ const byte base64Encode[] = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', }; +/* make sure *i (idx) won't exceed max, store and possibly escape to out, + * raw means use e w/o decode, 0 on success */ +static int Escape(int escaped, byte e, byte* out, word32* i, word32 max, + int raw) +{ + int doEscape = 0; + word32 needed = 1; + word32 idx = *i; + + byte basic; + byte plus = 0; + byte equals = 0; + byte newline = 0; + + if (raw) + basic = e; + else + basic = base64Encode[e]; + + /* check whether to escape */ + if (escaped) { + switch ((char)basic) { + case '+' : + plus = 1; + doEscape = 1; + needed += 2; + break; + case '=' : + equals = 1; + doEscape = 1; + needed += 2; + break; + case '\n' : + newline = 1; + doEscape = 1; + needed += 2; + break; + default: + /* do nothing */ + break; + } + } + + /* check size */ + if ( (idx+needed) > max) { + CYASSL_MSG("Escape buffer max too small"); + return BUFFER_E; + } + + /* store it */ + if (doEscape == 0) { + out[idx++] = basic; + } + else { + out[idx++] = '%'; /* start escape */ + + if (plus) { + out[idx++] = '2'; + out[idx++] = 'B'; + } + else if (equals) { + out[idx++] = '3'; + out[idx++] = 'D'; + } + else if (newline) { + out[idx++] = '0'; + out[idx++] = 'A'; + } + + } + *i = idx; + + return 0; +} + + /* internal worker, handles both escaped and normal line endings */ static int DoBase64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen, int escaped) { + int ret = 0; word32 i = 0, j = 0, n = 0; /* new line counter */ @@ -163,6 +240,8 @@ static int DoBase64_Encode(const byte* in, word32 inLen, byte* out, outSz += addSz; + /* if escaped we can't predetermine size for one pass encoding, but + * make sure we have enough if no escapes are in input */ if (outSz > *outLen) return BAD_FUNC_ARG; while (inLen > 2) { @@ -177,26 +256,25 @@ static int DoBase64_Encode(const byte* in, word32 inLen, byte* out, byte e4 = b3 & 0x3F; /* store */ - out[i++] = base64Encode[e1]; - out[i++] = base64Encode[e2]; - out[i++] = base64Encode[e3]; - out[i++] = base64Encode[e4]; + ret = Escape(escaped, e1, out, &i, *outLen, 0); + if (ret != 0) break; + ret = Escape(escaped, e2, out, &i, *outLen, 0); + if (ret != 0) break; + ret = Escape(escaped, e3, out, &i, *outLen, 0); + if (ret != 0) break; + ret = Escape(escaped, e4, out, &i, *outLen, 0); + if (ret != 0) break; inLen -= 3; if ((++n % (PEM_LINE_SZ / 4)) == 0 && inLen) { - if (escaped) { - out[i++] = '%'; - out[i++] = '0'; - out[i++] = 'A'; - } - else - out[i++] = '\n'; + ret = Escape(escaped, '\n', out, &i, *outLen, 1); + if (ret != 0) break; } } /* last integral */ - if (inLen) { + if (inLen && ret == 0) { int twoBytes = (inLen == 2); byte b1 = in[j++]; @@ -206,24 +284,29 @@ static int DoBase64_Encode(const byte* in, word32 inLen, byte* out, byte e2 = ((b1 & 0x3) << 4) | (b2 >> 4); byte e3 = (b2 & 0xF) << 2; - out[i++] = base64Encode[e1]; - out[i++] = base64Encode[e2]; - out[i++] = (twoBytes) ? base64Encode[e3] : PAD; - out[i++] = PAD; + ret = Escape(escaped, e1, out, &i, *outLen, 0); + if (ret == 0) + ret = Escape(escaped, e2, out, &i, *outLen, 0); + if (ret == 0) { + /* third */ + if (twoBytes) + ret = Escape(escaped, e3, out, &i, *outLen, 0); + else + ret = Escape(escaped, '=', out, &i, *outLen, 1); + } + /* fourth always pad */ + if (ret == 0) + ret = Escape(escaped, '=', out, &i, *outLen, 1); } - if (escaped) { - out[i++] = '%'; - out[i++] = '0'; - out[i++] = 'A'; - } - else - out[i++] = '\n'; - if (i != outSz) - return ASN_INPUT_E; - *outLen = outSz; + if (ret == 0) + ret = Escape(escaped, '\n', out, &i, *outLen, 1); - return 0; + if (i != outSz && escaped == 0 && ret == 0) + return ASN_INPUT_E; + + *outLen = i; + return ret; } From 8a1971d52b43cee2bb2cf584e6ee0934820348ac Mon Sep 17 00:00:00 2001 From: toddouska Date: Tue, 14 Jan 2014 15:13:43 -0800 Subject: [PATCH 084/135] add CyaSSL_CertPemToDer for certs, ca certs, and cert reqs --- cyassl/ssl.h | 2 ++ src/ssl.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+) diff --git a/cyassl/ssl.h b/cyassl/ssl.h index 19db2aba1..2b5f44273 100644 --- a/cyassl/ssl.h +++ b/cyassl/ssl.h @@ -973,6 +973,8 @@ CYASSL_API int CyaSSL_GetObjectSize(void); /* object size based on build */ CYASSL_API int CyaSSL_SetVersion(CYASSL* ssl, int version); CYASSL_API int CyaSSL_KeyPemToDer(const unsigned char*, int sz, unsigned char*, int, const char*); +CYASSL_API int CyaSSL_CertPemToDer(const unsigned char*, int sz, unsigned char*, + int, int); typedef void (*CallbackCACache)(unsigned char* der, int sz, int type); typedef void (*CbMissingCRL)(const char* url); diff --git a/src/ssl.c b/src/ssl.c index 37c9313a6..3b5230619 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1059,6 +1059,54 @@ int CyaSSL_CertManagerUnloadCAs(CYASSL_CERT_MANAGER* cm) } +/* Return bytes written to buff or < 0 for error */ +int CyaSSL_CertPemToDer(const unsigned char* pem, int pemSz, + unsigned char* buff, int buffSz, + int type) +{ + EncryptedInfo info; + int eccKey = 0; + int ret; + buffer der; + + CYASSL_ENTER("CyaSSL_CertPemToDer"); + + if (pem == NULL || buff == NULL || buffSz <= 0) { + CYASSL_MSG("Bad pem der args"); + return BAD_FUNC_ARG; + } + + if (type != CERT_TYPE && type != CA_TYPE && type != CERTREQ_TYPE) { + CYASSL_MSG("Bad cert type"); + return BAD_FUNC_ARG; + } + + info.set = 0; + info.ctx = NULL; + info.consumed = 0; + der.buffer = NULL; + + ret = PemToDer(pem, pemSz, type, &der, NULL, &info, &eccKey); + if (ret < 0) { + CYASSL_MSG("Bad Pem To Der"); + } + else { + if (der.length <= (word32)buffSz) { + XMEMCPY(buff, der.buffer, der.length); + ret = der.length; + } + else { + CYASSL_MSG("Bad der length"); + ret = BAD_FUNC_ARG; + } + } + + XFREE(der.buffer, NULL, DYNAMIC_TYPE_KEY); + + return ret; +} + + /* our KeyPemToDer password callback, password in userData */ static INLINE int OurPasswordCb(char* passwd, int sz, int rw, void* userdata) { @@ -1582,6 +1630,12 @@ int CyaSSL_Init(void) XSTRNCPY(footer, "-----END CERTIFICATE-----", sizeof(footer)); dynamicType = (type == CA_TYPE) ? DYNAMIC_TYPE_CA : DYNAMIC_TYPE_CERT; + } else if (type == CERTREQ_TYPE) { + XSTRNCPY(header, "-----BEGIN CERTIFICATE REQUEST-----", + sizeof(header)); + XSTRNCPY(footer, "-----END CERTIFICATE REQUEST-----", + sizeof(footer)); + dynamicType = DYNAMIC_TYPE_KEY; } else if (type == DH_PARAM_TYPE) { XSTRNCPY(header, "-----BEGIN DH PARAMETERS-----", sizeof(header)); XSTRNCPY(footer, "-----END DH PARAMETERS-----", sizeof(footer)); From 80c19aaf334de0b8fbec5b6b677ef36a5064d501 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Tue, 14 Jan 2014 22:46:54 -0700 Subject: [PATCH 085/135] add PKCS7 error codes --- ctaocrypt/src/error.c | 8 ++++++++ cyassl/ctaocrypt/error.h | 3 +++ 2 files changed, 11 insertions(+) diff --git a/ctaocrypt/src/error.c b/ctaocrypt/src/error.c index 449a9b583..d7ed45194 100644 --- a/ctaocrypt/src/error.c +++ b/ctaocrypt/src/error.c @@ -335,6 +335,14 @@ void CTaoCryptErrorString(int error, char* buffer) XSTRNCPY(buffer, "Setting cert request attributes error", max); break; + case PKCS7_OID_E: + XSTRNCPY(buffer, "PKCS#7 error: mismatched OID value", max); + break; + + case PKCS7_RECIP_E: + XSTRNCPY(buffer, "PKCS#7 error: no matching recipient found", max); + break; + default: XSTRNCPY(buffer, "unknown error number", max); diff --git a/cyassl/ctaocrypt/error.h b/cyassl/ctaocrypt/error.h index d99ac3d72..af4d8e9c8 100644 --- a/cyassl/ctaocrypt/error.h +++ b/cyassl/ctaocrypt/error.h @@ -119,6 +119,9 @@ enum { REQ_ATTRIBUTE_E = -194, /* setting cert request attributes error */ + PKCS7_OID_E = -195, /* PKCS#7, mismatched OID error */ + PKCS7_RECIP_E = -196, /* PKCS#7, recipient error */ + MIN_CODE_E = -200 /* errors -101 - -199 */ }; From d63c58864f8af5b1945c6db42bd43dcf002257f3 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Tue, 14 Jan 2014 22:48:55 -0700 Subject: [PATCH 086/135] expose more ASN.1 helper functions with CYASSL_LOCAL --- ctaocrypt/src/asn.c | 78 ++++++++++++++++++++++-------------------- cyassl/ctaocrypt/asn.h | 12 +++++++ 2 files changed, 52 insertions(+), 38 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index 1874e36c8..9c773be00 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -439,8 +439,8 @@ CYASSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len, } -static int GetSequence(const byte* input, word32* inOutIdx, int* len, - word32 maxIdx) +CYASSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len, + word32 maxIdx) { int length = -1; word32 idx = *inOutIdx; @@ -456,7 +456,8 @@ static int GetSequence(const byte* input, word32* inOutIdx, int* len, } -static int GetSet(const byte* input, word32* inOutIdx, int* len, word32 maxIdx) +CYASSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len, + word32 maxIdx) { int length = -1; word32 idx = *inOutIdx; @@ -473,7 +474,7 @@ static int GetSet(const byte* input, word32* inOutIdx, int* len, word32 maxIdx) /* winodws header clash for WinCE using GetVersion */ -static int GetMyVersion(const byte* input, word32* inOutIdx, int* version) +CYASSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx, int* version) { word32 idx = *inOutIdx; @@ -537,7 +538,7 @@ static int GetExplicitVersion(const byte* input, word32* inOutIdx, int* version) } -static int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx, +CYASSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx, word32 maxIdx) { word32 i = *inOutIdx; @@ -593,7 +594,7 @@ static int GetObjectId(const byte* input, word32* inOutIdx, word32* oid, } -static int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid, +CYASSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid, word32 maxIdx) { int length; @@ -6058,39 +6059,9 @@ int CompareOcspReqResp(OcspRequest* req, OcspResponse* resp) #endif -#ifdef HAVE_CRL - -/* initialize decoded CRL */ -void InitDecodedCRL(DecodedCRL* dcrl) -{ - CYASSL_MSG("InitDecodedCRL"); - - dcrl->certBegin = 0; - dcrl->sigIndex = 0; - dcrl->sigLength = 0; - dcrl->signatureOID = 0; - dcrl->certs = NULL; - dcrl->totalCerts = 0; -} - - -/* free decoded CRL resources */ -void FreeDecodedCRL(DecodedCRL* dcrl) -{ - RevokedCert* tmp = dcrl->certs; - - CYASSL_MSG("FreeDecodedCRL"); - - while(tmp) { - RevokedCert* next = tmp->next; - XFREE(tmp, NULL, DYNAMIC_TYPE_REVOKED); - tmp = next; - } -} - - /* store SHA1 hash of NAME */ -static int GetNameHash(const byte* source, word32* idx, byte* hash, int maxIdx) +CYASSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash, + int maxIdx) { Sha sha; int length; /* length of all distinguished names */ @@ -6125,6 +6096,37 @@ static int GetNameHash(const byte* source, word32* idx, byte* hash, int maxIdx) } +#ifdef HAVE_CRL + +/* initialize decoded CRL */ +void InitDecodedCRL(DecodedCRL* dcrl) +{ + CYASSL_MSG("InitDecodedCRL"); + + dcrl->certBegin = 0; + dcrl->sigIndex = 0; + dcrl->sigLength = 0; + dcrl->signatureOID = 0; + dcrl->certs = NULL; + dcrl->totalCerts = 0; +} + + +/* free decoded CRL resources */ +void FreeDecodedCRL(DecodedCRL* dcrl) +{ + RevokedCert* tmp = dcrl->certs; + + CYASSL_MSG("FreeDecodedCRL"); + + while(tmp) { + RevokedCert* next = tmp->next; + XFREE(tmp, NULL, DYNAMIC_TYPE_REVOKED); + tmp = next; + } +} + + /* Get Revoked Cert list, 0 on success */ static int GetRevoked(const byte* buff, word32* idx, DecodedCRL* dcrl, int maxIdx) diff --git a/cyassl/ctaocrypt/asn.h b/cyassl/ctaocrypt/asn.h index 121af0aef..72d2bfda6 100644 --- a/cyassl/ctaocrypt/asn.h +++ b/cyassl/ctaocrypt/asn.h @@ -445,6 +445,16 @@ CYASSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType); /* ASN.1 helper functions */ CYASSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len, word32 maxIdx); +CYASSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len, + word32 maxIdx); +CYASSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len, + word32 maxIdx); +CYASSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx, + int* version); +CYASSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx, + word32 maxIdx); +CYASSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid, + word32 maxIdx); CYASSL_LOCAL word32 SetLength(word32 length, byte* output); CYASSL_LOCAL word32 SetSequence(word32 len, byte* output); CYASSL_LOCAL word32 SetOctetString(word32 len, byte* output); @@ -452,6 +462,8 @@ CYASSL_LOCAL word32 SetSet(word32 len, byte* output); CYASSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz); CYASSL_LOCAL int SetMyVersion(word32 version, byte* output, int header); CYASSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output); +CYASSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash, + int maxIdx); #ifdef HAVE_ECC /* ASN sig helpers */ From 9f7e33e7e118f9244fa1155b54b803fc714113cc Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Tue, 14 Jan 2014 22:57:55 -0700 Subject: [PATCH 087/135] add PKCS7_DecodeEnvelopedData() --- ctaocrypt/src/pkcs7.c | 267 ++++++++++++++++++++++++++++++++++++++- cyassl/ctaocrypt/pkcs7.h | 23 ++-- 2 files changed, 278 insertions(+), 12 deletions(-) diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index c23e2b39a..801fa48ad 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -106,6 +106,33 @@ CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output) } +int GetContentType(const byte* input, word32* inOutIdx, word32* oid, + word32 maxIdx) +{ + int length; + word32 i = *inOutIdx; + byte b; + *oid = 0; + + CYASSL_ENTER("GetContentType"); + + b = input[i++]; + if (b != ASN_OBJECT_ID) + return ASN_OBJECT_ID_E; + + if (GetLength(input, &i, &length, maxIdx) < 0) + return ASN_PARSE_E; + + while(length--) { + *oid += input[i]; + i++; + } + + *inOutIdx = i; + + return 0; +} + int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz) { @@ -214,6 +241,8 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz, return ALGO_ID_E; keyEncAlgSz = SetAlgoID(keyEncAlgo, keyAlgArray, keyType, 0); + if (keyEncAlgSz == 0) + return BAD_FUNC_ARG; /* EncryptedKey */ InitRsaKey(&pubKey, 0); @@ -300,6 +329,13 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) byte contentEncAlgo[MAX_ALGO_SZ]; byte encContentOctet[MAX_OCTET_STR_SZ]; + if (pkcs7 == NULL || pkcs7->content == NULL || pkcs7->contentSz == 0 || + pkcs7->encryptOID == 0 || pkcs7->singleCert == NULL) + return BAD_FUNC_ARG; + + if (output == NULL || outputSz == 0) + return BAD_FUNC_ARG; + switch (pkcs7->encryptOID) { case DESb: blockKeySz = DES_KEYLEN; @@ -320,7 +356,7 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) /* version */ verSz = SetMyVersion(0, ver, 0); - /* generate random content enc key */ + /* generate random content encryption key */ InitRng(&rng); RNG_GenerateBlock(&rng, contentKeyPlain, blockKeySz); @@ -338,8 +374,13 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) /* EncryptedContentInfo */ contentTypeSz = SetContentType(pkcs7->contentOID, contentType); + if (contentTypeSz == 0) + return BAD_FUNC_ARG; + contentEncAlgoSz = SetAlgoID(pkcs7->encryptOID, contentEncAlgo, blkType, 0); + if (contentEncAlgoSz == 0) + return BAD_FUNC_ARG; /* allocate memory for encrypted content, pad if necessary */ padSz = DES_BLOCK_SIZE - (pkcs7->contentSz % DES_BLOCK_SIZE); @@ -354,7 +395,7 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) dynamicFlag = 1; for (i = 0; i < padSz; i++) { - plain[pkcs7->contentSz + i + 1] = padSz; + plain[pkcs7->contentSz + i] = padSz; } } else { @@ -369,16 +410,17 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) return MEMORY_E; } + /* use NULL iv for now */ byte tmpIv[blockKeySz]; + XMEMSET(tmpIv, 0, sizeof(tmpIv)); + if (pkcs7->encryptOID == DESb) { Des des; - RNG_GenerateBlock(&rng, tmpIv, (word32)sizeof(tmpIv)); Des_SetKey(&des, contentKeyPlain, tmpIv, DES_ENCRYPTION); Des_CbcEncrypt(&des, encryptedContent, plain, desOutSz); } else if (pkcs7->encryptOID == DES3b) { Des3 des3; - RNG_GenerateBlock(&rng, tmpIv, (word32)sizeof(tmpIv)); Des3_SetKey(&des3, contentKeyPlain, tmpIv, DES_ENCRYPTION); Des3_CbcEncrypt(&des3, encryptedContent, plain, desOutSz); } @@ -442,6 +484,10 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) #ifdef NO_RC4 FreeRng(&rng); #endif + + XMEMSET(contentKeyPlain, 0, MAX_CONTENT_KEY_LEN); + XMEMSET(contentKeyEnc, 0, MAX_ENCRYPTED_KEY_SZ); + if (dynamicFlag) XFREE(plain, NULL, DYNAMMIC_TYPE_TMP_BUFFER); XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); @@ -449,6 +495,219 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) return idx; } +CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, + word32 pkiMsgSz, byte* output, + word32 outputSz) +{ + int recipFound = 0; + int ret, version, length; + word32 savedIdx = 0, idx = 0; + word32 contentType, encOID; + byte issuerHash[SHA_DIGEST_SIZE]; + mp_int serialNum; + + DecodedCert decoded; + + int encryptedKeySz, keySz; + byte tmpIv[DES3_KEYLEN]; + byte encryptedKey[MAX_ENCRYPTED_KEY_SZ]; + byte* decryptedKey = NULL; + + RsaKey privKey; + int encryptedContentSz; + byte padLen; + byte* encryptedContent = NULL; + + if (pkcs7 == NULL || pkcs7->singleCert == NULL || + pkcs7->singleCertSz == 0 || pkcs7->privateKey == NULL || + pkcs7->privKeySize == 0) + return BAD_FUNC_ARG; + + if (pkiMsg == NULL || pkiMsgSz == 0 || + output == NULL || outputSz == 0) + return BAD_FUNC_ARG; + + /* parse recipient cert */ + InitDecodedCert(&decoded, pkcs7->singleCert, pkcs7->singleCertSz, 0); + ret = ParseCert(&decoded, CA_TYPE, NO_VERIFY, 0); + if (ret < 0) { + FreeDecodedCert(&decoded); + return ret; + } + + /* load private key */ + InitRsaKey(&privKey, 0); + ret = RsaPrivateKeyDecode(pkcs7->privateKey, &idx, &privKey, + pkcs7->privKeySize); + if (ret != 0) { + CYASSL_MSG("Failed to decode RSA private key"); + return ret; + } + + idx = 0; + + /* read past ContentInfo, verify type */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (contentType != ENVELOPED_DATA) { + CYASSL_MSG("PKCS#7 input not of type EnvelopedData"); + return PKCS7_OID_E; + } + + if (pkiMsg[idx++] != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) + return ASN_PARSE_E; + + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* remove EnvelopedData */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (GetMyVersion(pkiMsg, &idx, &version) < 0) + return ASN_PARSE_E; + + if (version != 0) { + CYASSL_MSG("PKCS#7 envelopedData needs to be of version 0"); + return ASN_VERSION_E; + } + + /* walk through RecipientInfo set, find correct recipient */ + if (GetSet(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + savedIdx = idx; + recipFound = 0; + + /* when looking for next recipient, use first sequence and version to + * indicate there is another, if not, move on */ + while(recipFound == 0) { + + /* remove RecipientInfo */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) { + if (recipFound == 0) { + return ASN_PARSE_E; + } else { + idx = savedIdx; + break; + } + } + + if (GetMyVersion(pkiMsg, &idx, &version) < 0) { + if (recipFound == 0) { + return ASN_PARSE_E; + } else { + idx = savedIdx; + break; + } + } + + if (version != 0) + return ASN_VERSION_E; + + /* remove IssuerAndSerialNumber */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (GetNameHash(pkiMsg, &idx, issuerHash, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (XMEMCMP(issuerHash, decoded.issuerHash, SHA_DIGEST_SIZE) == 0) { + recipFound = 1; + } + + if (GetInt(&serialNum, pkiMsg, &idx, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (GetAlgoId(pkiMsg, &idx, &encOID, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (encOID != RSAk) + return ALGO_ID_E; + + /* read encryptedKey */ + if (pkiMsg[idx++] != ASN_OCTET_STRING) + return ASN_PARSE_E; + + if (GetLength(pkiMsg, &idx, &encryptedKeySz, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (recipFound == 1) + XMEMCPY(encryptedKey, &pkiMsg[idx], encryptedKeySz); + idx += encryptedKeySz; + + /* update good idx */ + savedIdx = idx; + } + + if (recipFound == 0) { + CYASSL_MSG("No recipient found in envelopedData that matches input"); + return PKCS7_RECIP_E; + } + + /* remove EncryptedContentInfo */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (GetAlgoId(pkiMsg, &idx, &encOID, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* read encryptedContent */ + if (pkiMsg[idx++] != ASN_OCTET_STRING) + return ASN_PARSE_E; + + if (GetLength(pkiMsg, &idx, &encryptedContentSz, pkiMsgSz) < 0) + return ASN_PARSE_E; + + encryptedContent = XMALLOC(encryptedContentSz, NULL, + DYNAMIC_TYPE_TMP_BUFFER); + + XMEMCPY(encryptedContent, &pkiMsg[idx], encryptedContentSz); + + /* decrypt encryptedKey */ + keySz = RsaPrivateDecryptInline(encryptedKey, encryptedKeySz, + &decryptedKey, &privKey); + if (keySz < 0) + return keySz; + + /* decrypt encryptedContent, using NULL iv for now */ + XMEMSET(tmpIv, 0, sizeof(tmpIv)); + + if (encOID == DESb) { + Des des; + Des_SetKey(&des, decryptedKey, tmpIv, DES_DECRYPTION); + Des_CbcDecrypt(&des, encryptedContent, encryptedContent, + encryptedContentSz); + } else if (encOID == DES3b) { + Des3 des; + Des3_SetKey(&des, decryptedKey, tmpIv, DES_DECRYPTION); + Des3_CbcDecrypt(&des, encryptedContent, encryptedContent, + encryptedContentSz); + } else { + CYASSL_MSG("Unsupported content encryption OID type"); + return ALGO_ID_E; + } + + padLen = encryptedContent[encryptedContentSz-1]; + + /* copy plaintext to output */ + XMEMCPY(output, encryptedContent, encryptedContentSz - padLen); + + /* free memory, zero out keys */ + XMEMSET(encryptedKey, 0, MAX_ENCRYPTED_KEY_SZ); + XMEMSET(encryptedContent, 0, encryptedContentSz); + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + return encryptedContentSz - padLen; +} + #else /* HAVE_PKCS7 */ diff --git a/cyassl/ctaocrypt/pkcs7.h b/cyassl/ctaocrypt/pkcs7.h index 496c7321f..ef96c8172 100644 --- a/cyassl/ctaocrypt/pkcs7.h +++ b/cyassl/ctaocrypt/pkcs7.h @@ -63,24 +63,28 @@ typedef struct PKCS7Attrib { typedef struct PKCS7 { - byte* content; - word32 contentSz; - int contentOID; + byte* content; /* inner content, not owner */ + word32 contentSz; /* content size */ + int contentOID; /* PKCS#7 content type OID sum */ int hashOID; - int encryptOID; + int encryptOID; /* key encryption algorithm OID */ - byte* singleCert; - word32 singleCertSz; - byte* issuer; + byte* singleCert; /* recipient cert, DER, not owner */ + word32 singleCertSz; /* size of recipient cert buffer, bytes */ + byte* issuer; word32 issuerSz; + byte* privateKey; /* recipient private key, DER, not owner */ + word32 privKeySize; /* size of private key buffer, bytes */ PKCS7Attrib** signedAttribs; - word32 signedAttribsSz; /* Number of attribs in list */ + word32 signedAttribsSz; /* Number of attribs in list */ } PKCS7; CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output); +CYASSL_LOCAL int GetContentType(const byte* input, word32* inOutIdx, + word32* oid, word32 maxIdx); CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz, int keyEncAlgo, int blockKeySz, RNG* rng, byte* contentKeyPlain, @@ -93,6 +97,9 @@ CYASSL_API int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz); CYASSL_API int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz); +CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, + word32 pkiMsgSz, byte* output, + word32 outputSz); #ifdef __cplusplus } /* extern "C" */ From d58add7e97ca4da72474762b439f1b0456ab067f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Wed, 15 Jan 2014 10:56:49 -0300 Subject: [PATCH 088/135] added protection to test_CyaSSL_client_server fixed min macro --- src/tls.c | 4 ++-- tests/api.c | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/src/tls.c b/src/tls.c index 5acc8e648..482271ba6 100644 --- a/src/tls.c +++ b/src/tls.c @@ -974,7 +974,7 @@ int TLSX_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz, if (sniType != type) { offset += sniLen; - listLen -= MIN(ENUM_LEN + OPAQUE16_LEN + sniLen, listLen); + listLen -= min(ENUM_LEN + OPAQUE16_LEN + sniLen, listLen); continue; } @@ -985,7 +985,7 @@ int TLSX_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz, } } - len16 -= MIN(2 * OPAQUE16_LEN + extLen, len16); + len16 -= min(2 * OPAQUE16_LEN + extLen, len16); } return len16 ? BUFFER_ERROR : SSL_SUCCESS; diff --git a/tests/api.c b/tests/api.c index e37d5e686..3dadad7a1 100644 --- a/tests/api.c +++ b/tests/api.c @@ -440,6 +440,8 @@ void test_CyaSSL_UseSNI(void) CyaSSL_free(ssl); CyaSSL_CTX_free(ctx); +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) + /* Testing success case at ctx */ client_callbacks.ctx_ready = server_callbacks.ctx_ready = use_SNI_at_ctx; server_callbacks.on_result = verify_SNI_real_matching; @@ -473,6 +475,8 @@ void test_CyaSSL_UseSNI(void) test_CyaSSL_client_server(&client_callbacks, &server_callbacks); +#endif + test_CyaSSL_SNI_GetFromBuffer(); } #endif /* HAVE_SNI */ From 46a03daf5f81fbb6dbf8bf615335ba9b35ede021 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Wed, 15 Jan 2014 11:05:18 -0700 Subject: [PATCH 089/135] initial PKCS#7 crypto test --- ctaocrypt/test/test.c | 106 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 106 insertions(+) diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index 3d0f52ae3..96468b62b 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -61,6 +61,9 @@ #ifdef HAVE_LIBZ #include #endif +#ifdef HAVE_PKCS7 + #include +#endif #ifdef _MSC_VER /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ @@ -174,6 +177,9 @@ int pbkdf2_test(void); #ifdef HAVE_LIBZ int compress_test(void); #endif +#ifdef HAVE_PKCS7 + int pkcs7_test(void); +#endif @@ -458,6 +464,13 @@ void ctaocrypt_test(void* args) printf( "COMPRESS test passed!\n"); #endif +#ifdef HAVE_PKCS7 + if ( (ret = pkcs7_test()) != 0) + err_sys("PKCS7 test failed!\n", ret); + else + printf( "PKCS7 test passed!\n"); +#endif + ((func_args*)args)->return_code = ret; } @@ -4009,4 +4022,97 @@ int compress_test(void) #endif /* HAVE_LIBZ */ +#ifdef HAVE_PKCS7 + +int pkcs7_test(void) +{ + int cipher = DES3b; + int ret, envelopedSz, decodedSz; + PKCS7 pkcs7; + byte* cert; + byte* privKey; + byte enveloped[2048]; + byte decoded[2048]; + + size_t certSz; + size_t privKeySz; + FILE* certFile; + FILE* keyFile; + FILE* pkcs7File; + const char* pkcs7OutFile = "pkcs7envelopedData.der"; + + const byte data[] = { /* Hello World */ + 0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f, + 0x72,0x6c,0x64 + }; + + /* read client cert and key in DER format */ + cert = (byte*)malloc(FOURK_BUF); + if (cert == NULL) + return -201; + + privKey = (byte*)malloc(FOURK_BUF); + if (privKey == NULL) + return -202; + + certFile = fopen(clientCert, "rb"); + if (!certFile) + err_sys("can't open ./certs/client-cert.der, " + "Please run from CyaSSL home dir", -42); + + certSz = fread(cert, 1, FOURK_BUF, certFile); + fclose(certFile); + + keyFile = fopen(clientKey, "rb"); + if (!keyFile) + err_sys("can't open ./certs/client-key.der, " + "Please run from CyaSSL home dir", -43); + + privKeySz = fread(privKey, 1, FOURK_BUF, keyFile); + fclose(keyFile); + + PKCS7_InitWithCert(&pkcs7, cert, (word32)certSz); + pkcs7.content = (byte*)data; + pkcs7.contentSz = (word32)sizeof(data); + pkcs7.contentOID = DATA; + pkcs7.encryptOID = cipher; + pkcs7.privateKey = privKey; + pkcs7.privKeySize = (word32)privKeySz; + + /* encode envelopedData */ + envelopedSz = PKCS7_EncodeEnvelopeData(&pkcs7, enveloped, + sizeof(enveloped)); + if (envelopedSz <= 0) + return -203; + + /* decode envelopedData */ + decodedSz = PKCS7_DecodeEnvelopedData(&pkcs7, enveloped, envelopedSz, + decoded, sizeof(decoded)); + if (decodedSz <= 0) + return -204; + + /* test decode result */ + if (memcmp(decoded, data, sizeof(data)) != 0) { + return -205; + } + + /* output pkcs7 envelopedData for external testing */ + pkcs7File = fopen(pkcs7OutFile, "wb"); + if (!pkcs7File) + return -206; + + ret = (int)fwrite(enveloped, envelopedSz, 1, pkcs7File); + fclose(pkcs7File); + + free(cert); + free(privKey); + + if (ret > 0) + return 0; + + return ret; +} + +#endif /* HAVE_PKCS7 */ + #endif /* NO_CRYPT_TEST */ From c33a8a890e983bf69104e880e8e208d01441f864 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Wed, 15 Jan 2014 12:31:51 -0800 Subject: [PATCH 090/135] Added encoding PKCS#7 signed data messages. --- .gitignore | 2 + ctaocrypt/src/asn.c | 6 + ctaocrypt/src/pkcs7.c | 366 +++++++++++++++++++++++++++++++++++++-- ctaocrypt/test/test.c | 127 ++++++++++++++ cyassl/ctaocrypt/asn.h | 2 + cyassl/ctaocrypt/pkcs7.h | 10 +- 6 files changed, 499 insertions(+), 14 deletions(-) diff --git a/.gitignore b/.gitignore index ebfc8c475..c9629d289 100644 --- a/.gitignore +++ b/.gitignore @@ -54,6 +54,8 @@ key.der key.pem certreq.der certreq.pem +pkcs7test.der +pkcs7test.pem diff sslSniffer/sslSnifferTest/tracefile.txt *.gz diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index 1874e36c8..af42451d3 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -2278,6 +2278,12 @@ CYASSL_LOCAL word32 SetSet(word32 len, byte* output) return SetLength(len, output + 1) + 1; } +CYASSL_LOCAL word32 SetTagged(byte tag, word32 len, byte* output) +{ + output[0] = ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | tag; + return SetLength(len, output + 1) + 1; +} + #if defined(HAVE_ECC) && defined(CYASSL_CERT_GEN) diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index c23e2b39a..960389309 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -30,6 +30,14 @@ #include #include #include +#include + +#ifndef min + static INLINE word32 min(word32 a, word32 b) + { + return a > b ? b : a; + } +#endif CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output) { @@ -109,11 +117,31 @@ CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output) int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz) { - XMEMSET(pkcs7, 0, sizeof(PKCS7)); - pkcs7->singleCert = cert; - pkcs7->singleCertSz = certSz; + int ret = 0; - return 0; + XMEMSET(pkcs7, 0, sizeof(PKCS7)); + if (cert != NULL && certSz > 0) { + DecodedCert dCert; + + pkcs7->singleCert = cert; + pkcs7->singleCertSz = certSz; + InitDecodedCert(&dCert, cert, certSz, 0); + + ret = ParseCert(&dCert, CA_TYPE, NO_VERIFY, 0); + if (ret < 0) { + FreeDecodedCert(&dCert); + return ret; + } + XMEMCPY(pkcs7->publicKey, dCert.publicKey, dCert.pubKeySize); + pkcs7->publicKeySz = dCert.pubKeySize; + pkcs7->issuer = dCert.issuerRaw; + pkcs7->issuerSz = dCert.issuerRawLen; + XMEMCPY(pkcs7->issuerSn, dCert.serial, dCert.serialSz); + pkcs7->issuerSnSz = dCert.serialSz; + FreeDecodedCert(&dCert); + } + + return ret; } @@ -126,18 +154,19 @@ int PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz) byte octetStr[MAX_OCTET_STR_SZ]; word32 seqSz; word32 octetStrSz; + word32 oidSz = (word32)sizeof(oid); int idx = 0; octetStrSz = SetOctetString(pkcs7->contentSz, octetStr); - seqSz = SetSequence(pkcs7->contentSz + octetStrSz + sizeof(oid), seq); + seqSz = SetSequence(pkcs7->contentSz + octetStrSz + oidSz, seq); - if (outputSz < pkcs7->contentSz + octetStrSz + sizeof(oid) + seqSz) + if (outputSz < pkcs7->contentSz + octetStrSz + oidSz + seqSz) return BUFFER_E; XMEMCPY(output, seq, seqSz); idx += seqSz; - XMEMCPY(output + idx, oid, sizeof(oid)); - idx += sizeof(oid); + XMEMCPY(output + idx, oid, oidSz); + idx += oidSz; XMEMCPY(output + idx, octetStr, octetStrSz); idx += octetStrSz; XMEMCPY(output + idx, pkcs7->content, pkcs7->contentSz); @@ -147,12 +176,325 @@ int PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz) } +typedef struct EncodedAttrib { + byte valueSeq[MAX_SEQ_SZ]; + const byte* oid; + byte valueSet[MAX_SET_SZ]; + const byte* value; + word32 valueSeqSz, oidSz, idSz, valueSetSz, valueSz, totalSz; +} EncodedAttrib; + + +typedef struct ESD { + Sha sha; + byte contentDigest[SHA_DIGEST_SIZE + 2]; /* content only + ASN.1 heading */ + byte contentAttribsDigest[SHA_DIGEST_SIZE]; /* content + attribs */ + byte encContentDigest[512]; + + byte outerSeq[MAX_SEQ_SZ]; + byte outerContent[MAX_EXP_SZ]; + byte innerSeq[MAX_SEQ_SZ]; + byte version[MAX_VERSION_SZ]; + byte digAlgoIdSet[MAX_SET_SZ]; + byte singleDigAlgoId[MAX_ALGO_SZ]; + + byte contentInfoSeq[MAX_SEQ_SZ]; + byte innerContSeq[MAX_EXP_SZ]; + byte innerOctets[MAX_OCTET_STR_SZ]; + + byte certsSet[MAX_SET_SZ]; + + byte signerInfoSet[MAX_SET_SZ]; + byte signerInfoSeq[MAX_SEQ_SZ]; + byte signerVersion[MAX_VERSION_SZ]; + byte issuerSnSeq[MAX_SEQ_SZ]; + byte issuerName[MAX_SEQ_SZ]; + byte issuerSn[MAX_SN_SZ]; + byte signerDigAlgoId[MAX_ALGO_SZ]; + byte digEncAlgoId[MAX_ALGO_SZ]; + byte signedAttribSet[MAX_SET_SZ]; + EncodedAttrib signedAttribs[6]; + byte signerDigest[MAX_OCTET_STR_SZ]; + word32 innerOctetsSz, innerContSeqSz, contentInfoSeqSz; + word32 outerSeqSz, outerContentSz, innerSeqSz, versionSz, digAlgoIdSetSz, + singleDigAlgoIdSz, certsSetSz; + word32 signerInfoSetSz, signerInfoSeqSz, signerVersionSz, + issuerSnSeqSz, issuerNameSz, issuerSnSz, + signerDigAlgoIdSz, digEncAlgoIdSz, signerDigestSz; + word32 encContentDigestSz, signedAttribsSz, signedAttribsCount, + signedAttribSetSz; +} ESD; + + +static int EncodeAttributes(EncodedAttrib* ea, int eaSz, + PKCS7Attrib* attribs, int attribsSz) +{ + int i; + int maxSz = min(eaSz, attribsSz); + int allAttribsSz = 0; + + for (i = 0; i < maxSz; i++) + { + int attribSz = 0; + + ea[i].value = attribs[i].value; + ea[i].valueSz = attribs[i].valueSz; + attribSz += ea[i].valueSz; + ea[i].valueSetSz = SetSet(attribSz, ea[i].valueSet); + attribSz += ea[i].valueSetSz; + ea[i].oid = attribs[i].oid; + ea[i].oidSz = attribs[i].oidSz; + attribSz += ea[i].oidSz; + ea[i].valueSeqSz = SetSequence(attribSz, ea[i].valueSeq); + attribSz += ea[i].valueSeqSz; + ea[i].totalSz = attribSz; + + allAttribsSz += attribSz; + } + return allAttribsSz; +} + + +static int FlattenAttributes(byte* output, EncodedAttrib* ea, int eaSz) +{ + int i, idx; + + idx = 0; + for (i = 0; i < eaSz; i++) { + XMEMCPY(output + idx, ea[i].valueSeq, ea[i].valueSeqSz); + idx += ea[i].valueSeqSz; + XMEMCPY(output + idx, ea[i].oid, ea[i].oidSz); + idx += ea[i].oidSz; + XMEMCPY(output + idx, ea[i].valueSet, ea[i].valueSetSz); + idx += ea[i].valueSetSz; + XMEMCPY(output + idx, ea[i].value, ea[i].valueSz); + idx += ea[i].valueSz; + } + return 0; +} + + int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) { - (void)pkcs7; - (void)output; - (void)outputSz; - return 0; + static const byte outerOid[] = + { ASN_OBJECT_ID, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x07, 0x02 }; + static const byte innerOid[] = + { ASN_OBJECT_ID, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x07, 0x01 }; + + ESD esd; + word32 signerInfoSz = 0; + word32 totalSz = 0; + int idx = 0; + byte* flatSignedAttribs = NULL; + word32 flatSignedAttribsSz = 0; + + XMEMSET(&esd, 0, sizeof(esd)); + InitSha(&esd.sha); + + if (pkcs7->contentSz != 0) + { + ShaUpdate(&esd.sha, pkcs7->content, pkcs7->contentSz); + esd.contentDigest[0] = ASN_OCTET_STRING; + esd.contentDigest[1] = SHA_DIGEST_SIZE; + ShaFinal(&esd.sha, &esd.contentDigest[2]); + } + + esd.innerOctetsSz = SetOctetString(pkcs7->contentSz, esd.innerOctets); + esd.innerContSeqSz = SetTagged(0, esd.innerOctetsSz + pkcs7->contentSz, + esd.innerContSeq); + esd.contentInfoSeqSz = SetSequence(pkcs7->contentSz + esd.innerOctetsSz + + sizeof(innerOid) + esd.innerContSeqSz, + esd.contentInfoSeq); + + esd.issuerSnSz = SetSerialNumber(pkcs7->issuerSn, pkcs7->issuerSnSz, + esd.issuerSn); + signerInfoSz += esd.issuerSnSz; + esd.issuerNameSz = SetSequence(pkcs7->issuerSz, esd.issuerName); + signerInfoSz += esd.issuerNameSz + pkcs7->issuerSz; + esd.issuerSnSeqSz = SetSequence(signerInfoSz, esd.issuerSnSeq); + signerInfoSz += esd.issuerSnSeqSz; + esd.signerVersionSz = SetMyVersion(1, esd.signerVersion, 0); + signerInfoSz += esd.signerVersionSz; + esd.signerDigAlgoIdSz = SetAlgoID(pkcs7->hashOID, esd.signerDigAlgoId, + hashType, 0); + signerInfoSz += esd.signerDigAlgoIdSz; + esd.digEncAlgoIdSz = SetAlgoID(pkcs7->encryptOID, esd.digEncAlgoId, + keyType, 0); + signerInfoSz += esd.digEncAlgoIdSz; + + if (pkcs7->signedAttribsSz != 0) { + byte contentTypeOid[] = + { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xF7, 0x0d, 0x01, + 0x09, 0x03 }; + byte contentType[] = + { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, + 0x07, 0x01 }; + byte messageDigestOid[] = + { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, + 0x09, 0x04 }; + + PKCS7Attrib cannedAttribs[2] = + { + { contentTypeOid, sizeof(contentTypeOid), + contentType, sizeof(contentType) }, + { messageDigestOid, sizeof(messageDigestOid), + esd.contentDigest, sizeof(esd.contentDigest) } + }; + word32 cannedAttribsCount = sizeof(cannedAttribs)/sizeof(PKCS7Attrib); + + esd.signedAttribsCount += cannedAttribsCount; + esd.signedAttribsSz += EncodeAttributes(&esd.signedAttribs[0], 2, + cannedAttribs, cannedAttribsCount); + + esd.signedAttribsCount += pkcs7->signedAttribsSz; + esd.signedAttribsSz += EncodeAttributes(&esd.signedAttribs[2], 4, + pkcs7->signedAttribs, pkcs7->signedAttribsSz); + + flatSignedAttribs = (byte*)XMALLOC(esd.signedAttribsSz, 0, NULL); + flatSignedAttribsSz = esd.signedAttribsSz; + if (flatSignedAttribs == NULL) + return MEMORY_E; + FlattenAttributes(flatSignedAttribs, + esd.signedAttribs, esd.signedAttribsCount); + esd.signedAttribSetSz = SetTagged(0, esd.signedAttribsSz, + esd.signedAttribSet); + } + /* Calculate the final hash and encrypt it. */ + { + RsaKey pubKey; + int result; + word32 scratch = 0; + + if (pkcs7->signedAttribsSz != 0) { + byte attribSet[MAX_SET_SZ]; + word32 attribSetSz; + + attribSetSz = SetSet(flatSignedAttribsSz, attribSet); + + ShaUpdate(&esd.sha, attribSet, attribSetSz); + ShaUpdate(&esd.sha, flatSignedAttribs, flatSignedAttribsSz); + } + ShaFinal(&esd.sha, esd.contentAttribsDigest); + + InitRsaKey(&pubKey, NULL); + result = RsaPublicKeyDecode(pkcs7->publicKey, &scratch, &pubKey, + pkcs7->publicKeySz); + if (result < 0) { + XFREE(flatSignedAttribs, 0, NULL); + return PUBLIC_KEY_E; + } + result = RsaPublicEncrypt(esd.contentAttribsDigest, + sizeof(esd.contentAttribsDigest), + esd.encContentDigest, + sizeof(esd.encContentDigest), &pubKey, + pkcs7->rng); + FreeRsaKey(&pubKey); + if (result < 0) { + XFREE(flatSignedAttribs, 0, NULL); + return result; + } + esd.encContentDigestSz = (word32)result; + } + signerInfoSz += flatSignedAttribsSz + esd.signedAttribSetSz; + + esd.signerDigestSz = SetOctetString(esd.encContentDigestSz, + esd.signerDigest); + signerInfoSz += esd.signerDigestSz + esd.encContentDigestSz; + + esd.signerInfoSeqSz = SetSequence(signerInfoSz, esd.signerInfoSeq); + signerInfoSz += esd.signerInfoSeqSz; + esd.signerInfoSetSz = SetSet(signerInfoSz, esd.signerInfoSet); + signerInfoSz += esd.signerInfoSetSz; + + esd.certsSetSz = SetTagged(0, pkcs7->singleCertSz, esd.certsSet); + + esd.singleDigAlgoIdSz = SetAlgoID(pkcs7->hashOID, esd.singleDigAlgoId, + hashType, 0); + esd.digAlgoIdSetSz = SetSet(esd.singleDigAlgoIdSz, esd.digAlgoIdSet); + + + esd.versionSz = SetMyVersion(1, esd.version, 0); + + totalSz = esd.versionSz + esd.singleDigAlgoIdSz + esd.digAlgoIdSetSz + + esd.contentInfoSeqSz + esd.certsSetSz + pkcs7->singleCertSz + + esd.innerOctetsSz + esd.innerContSeqSz + + sizeof(innerOid) + pkcs7->contentSz + + signerInfoSz; + esd.innerSeqSz = SetSequence(totalSz, esd.innerSeq); + totalSz += esd.innerSeqSz; + esd.outerContentSz = SetTagged(0, totalSz, esd.outerContent); + totalSz += esd.outerContentSz + sizeof(outerOid); + esd.outerSeqSz = SetSequence(totalSz, esd.outerSeq); + totalSz += esd.outerSeqSz; + + if (outputSz < totalSz) + return BUFFER_E; + + idx = 0; + XMEMCPY(output + idx, esd.outerSeq, esd.outerSeqSz); + idx += esd.outerSeqSz; + XMEMCPY(output + idx, outerOid, sizeof(outerOid)); + idx += sizeof(outerOid); + XMEMCPY(output + idx, esd.outerContent, esd.outerContentSz); + idx += esd.outerContentSz; + XMEMCPY(output + idx, esd.innerSeq, esd.innerSeqSz); + idx += esd.innerSeqSz; + XMEMCPY(output + idx, esd.version, esd.versionSz); + idx += esd.versionSz; + XMEMCPY(output + idx, esd.digAlgoIdSet, esd.digAlgoIdSetSz); + idx += esd.digAlgoIdSetSz; + XMEMCPY(output + idx, esd.singleDigAlgoId, esd.singleDigAlgoIdSz); + idx += esd.singleDigAlgoIdSz; + XMEMCPY(output + idx, esd.contentInfoSeq, esd.contentInfoSeqSz); + idx += esd.contentInfoSeqSz; + XMEMCPY(output + idx, innerOid, sizeof(innerOid)); + idx += sizeof(innerOid); + XMEMCPY(output + idx, esd.innerContSeq, esd.innerContSeqSz); + idx += esd.innerContSeqSz; + XMEMCPY(output + idx, esd.innerOctets, esd.innerOctetsSz); + idx += esd.innerOctetsSz; + XMEMCPY(output + idx, pkcs7->content, pkcs7->contentSz); + idx += pkcs7->contentSz; + XMEMCPY(output + idx, esd.certsSet, esd.certsSetSz); + idx += esd.certsSetSz; + XMEMCPY(output + idx, pkcs7->singleCert, pkcs7->singleCertSz); + idx += pkcs7->singleCertSz; + XMEMCPY(output + idx, esd.signerInfoSet, esd.signerInfoSetSz); + idx += esd.signerInfoSetSz; + XMEMCPY(output + idx, esd.signerInfoSeq, esd.signerInfoSeqSz); + idx += esd.signerInfoSeqSz; + XMEMCPY(output + idx, esd.signerVersion, esd.signerVersionSz); + idx += esd.signerVersionSz; + XMEMCPY(output + idx, esd.issuerSnSeq, esd.issuerSnSeqSz); + idx += esd.issuerSnSeqSz; + XMEMCPY(output + idx, esd.issuerName, esd.issuerNameSz); + idx += esd.issuerNameSz; + XMEMCPY(output + idx, pkcs7->issuer, pkcs7->issuerSz); + idx += pkcs7->issuerSz; + XMEMCPY(output + idx, esd.issuerSn, esd.issuerSnSz); + idx += esd.issuerSnSz; + XMEMCPY(output + idx, esd.signerDigAlgoId, esd.signerDigAlgoIdSz); + idx += esd.signerDigAlgoIdSz; + + /* SignerInfo:Attributes */ + if (pkcs7->signedAttribsSz != 0) { + XMEMCPY(output + idx, esd.signedAttribSet, esd.signedAttribSetSz); + idx += esd.signedAttribSetSz; + XMEMCPY(output + idx, flatSignedAttribs, flatSignedAttribsSz); + idx += flatSignedAttribsSz; + XFREE(flatSignedAttribs, 0, NULL); + } + + XMEMCPY(output + idx, esd.digEncAlgoId, esd.digEncAlgoIdSz); + idx += esd.digEncAlgoIdSz; + XMEMCPY(output + idx, esd.signerDigest, esd.signerDigestSz); + idx += esd.signerDigestSz; + XMEMCPY(output + idx, esd.encContentDigest, esd.encContentDigestSz); + idx += esd.encContentDigestSz; + + return idx; } diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index 3d0f52ae3..16588da4b 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -61,6 +61,9 @@ #ifdef HAVE_LIBZ #include #endif +#ifdef HAVE_PKCS7 + #include +#endif #ifdef _MSC_VER /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ @@ -174,6 +177,9 @@ int pbkdf2_test(void); #ifdef HAVE_LIBZ int compress_test(void); #endif +#ifdef HAVE_PKCS7 + int pkcs7_test(void); +#endif @@ -458,6 +464,13 @@ void ctaocrypt_test(void* args) printf( "COMPRESS test passed!\n"); #endif +#ifdef HAVE_PKCS7 + if ( (ret = pkcs7_test()) != 0) + err_sys("PKCS7 test failed!\n", ret); + else + printf( "PKCS7 test passed!\n"); +#endif + ((func_args*)args)->return_code = ret; } @@ -4009,4 +4022,118 @@ int compress_test(void) #endif /* HAVE_LIBZ */ +#ifdef HAVE_PKCS7 + +int pkcs7_test(void) +{ + int ret = 0; + byte* cert; + byte out[2048]; + char data[] = "Hello World"; + word32 dataSz, outSz; + PKCS7 msg; + RNG rng; + + word32 certSz; + FILE* file; + FILE* pkcs7File; + + byte transIdOid[] = + { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, + 0x09, 0x07 }; + byte messageTypeOid[] = + { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, + 0x09, 0x02 }; + byte senderNonceOid[] = + { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, + 0x09, 0x05 }; + byte pkiStatusOid[] = + { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, + 0x09, 0x03 }; + byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1]; + byte messageType[] = { 0x13, 2, '1', '9' }; + byte senderNonce[34]; + byte pkiStatus[] = { 0x13, 1, '0' }; + + PKCS7Attrib attribs[] = + { + { transIdOid, sizeof(transIdOid), + transId, sizeof(transId) - 1 }, /* take off the null */ + { messageTypeOid, sizeof(messageTypeOid), + messageType, sizeof(messageType) }, + { senderNonceOid, sizeof(senderNonceOid), + senderNonce, sizeof(senderNonce) }, + { pkiStatusOid, sizeof(pkiStatusOid), + pkiStatus, sizeof(pkiStatus) } + }; + + dataSz = (word32) strlen(data); + outSz = sizeof(out); + + cert = (byte*)malloc(FOURK_BUF); + if (cert == NULL) + return -40; + + /* read in DER cert of recipient, into cert of size certSz */ + file = fopen(clientCert, "rb"); + + if (!file) + err_sys("can't open ./certs/client-cert.der, " + "Please run from CyaSSL home dir", -40); + + certSz = (word32)fread(cert, 1, FOURK_BUF, file); + fclose(file); + + ret = InitRng(&rng); + senderNonce[0] = 0x04; + senderNonce[1] = 0x20; + RNG_GenerateBlock(&rng, &senderNonce[2], 32); + + PKCS7_InitWithCert(&msg, cert, certSz); + msg.content = (byte*)data; + msg.contentSz = dataSz; + msg.hashOID = SHAh; + msg.encryptOID = RSAk; + msg.signedAttribs = attribs; + msg.signedAttribsSz = sizeof(attribs)/sizeof(PKCS7Attrib); + msg.rng = &rng; + { + Sha sha; + byte digest[SHA_DIGEST_SIZE]; + int i,j; + + transId[0] = 0x13; + transId[1] = SHA_DIGEST_SIZE * 2; + + InitSha(&sha); + ShaUpdate(&sha, msg.publicKey, msg.publicKeySz); + ShaFinal(&sha, digest); + + for (i = 0, j = 2; i < SHA_DIGEST_SIZE; i++, j += 2) { + snprintf((char*)&transId[j], 3, "%02x", digest[i]); + } + } + ret = PKCS7_EncodeSignedData(&msg, out, outSz); + if (ret < 0) { + printf("Pkcs7_encrypt failed\n"); + return -42; + } + else + outSz = ret; + + /* write PKCS#7 to output file for more testing */ + pkcs7File = fopen("./pkcs7test.der", "wb"); + if (!pkcs7File) + return -43; + ret = (int)fwrite(out, outSz, 1, pkcs7File); + fclose(pkcs7File); + + if (ret > 0) + return 0; + + return ret; +} + +#endif /* HAVE_PKCS7 */ + #endif /* NO_CRYPT_TEST */ diff --git a/cyassl/ctaocrypt/asn.h b/cyassl/ctaocrypt/asn.h index 121af0aef..1373c46e4 100644 --- a/cyassl/ctaocrypt/asn.h +++ b/cyassl/ctaocrypt/asn.h @@ -127,6 +127,7 @@ enum Misc_ASN { MAX_SEQ_SZ = 5, /* enum(seq | con) + length(4) */ MAX_SET_SZ = 5, /* enum(set | con) + length(4) */ MAX_OCTET_STR_SZ = 5, /* enum(set | con) + length(4) */ + MAX_EXP_SZ = 5, /* enum(contextspec|con|exp) + length(4) */ MAX_PRSTR_SZ = 5, /* enum(prstr) + length(4) */ MAX_VERSION_SZ = 5, /* enum + id + version(byte) + (header(2))*/ MAX_ENCODED_DIG_SZ = 73, /* sha512 + enum(bit or octet) + legnth(4) */ @@ -448,6 +449,7 @@ CYASSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len, CYASSL_LOCAL word32 SetLength(word32 length, byte* output); CYASSL_LOCAL word32 SetSequence(word32 len, byte* output); CYASSL_LOCAL word32 SetOctetString(word32 len, byte* output); +CYASSL_LOCAL word32 SetTagged(byte tag, word32 len, byte* output); CYASSL_LOCAL word32 SetSet(word32 len, byte* output); CYASSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz); CYASSL_LOCAL int SetMyVersion(word32 version, byte* output, int header); diff --git a/cyassl/ctaocrypt/pkcs7.h b/cyassl/ctaocrypt/pkcs7.h index 496c7321f..4cd984b12 100644 --- a/cyassl/ctaocrypt/pkcs7.h +++ b/cyassl/ctaocrypt/pkcs7.h @@ -67,6 +67,8 @@ typedef struct PKCS7 { word32 contentSz; int contentOID; + RNG* rng; + int hashOID; int encryptOID; @@ -74,9 +76,13 @@ typedef struct PKCS7 { word32 singleCertSz; byte* issuer; word32 issuerSz; + byte issuerSn[MAX_SN_SZ]; + word32 issuerSnSz; + byte publicKey[512]; + word32 publicKeySz; - PKCS7Attrib** signedAttribs; - word32 signedAttribsSz; /* Number of attribs in list */ + PKCS7Attrib* signedAttribs; + word32 signedAttribsSz; } PKCS7; From cd4422794510af57013257d71de96d2d07ad4c30 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Wed, 15 Jan 2014 14:25:15 -0800 Subject: [PATCH 091/135] Cleaned up warnings when using sizeof() in math. --- ctaocrypt/src/pkcs7.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index bc6f80e12..e47971a2f 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -316,6 +316,8 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) int idx = 0; byte* flatSignedAttribs = NULL; word32 flatSignedAttribsSz = 0; + word32 innerOidSz = sizeof(innerOid); + word32 outerOidSz = sizeof(outerOidSz); XMEMSET(&esd, 0, sizeof(esd)); InitSha(&esd.sha); @@ -332,7 +334,7 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) esd.innerContSeqSz = SetTagged(0, esd.innerOctetsSz + pkcs7->contentSz, esd.innerContSeq); esd.contentInfoSeqSz = SetSequence(pkcs7->contentSz + esd.innerOctetsSz + - sizeof(innerOid) + esd.innerContSeqSz, + innerOidSz + esd.innerContSeqSz, esd.contentInfoSeq); esd.issuerSnSz = SetSerialNumber(pkcs7->issuerSn, pkcs7->issuerSnSz, @@ -447,12 +449,12 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) totalSz = esd.versionSz + esd.singleDigAlgoIdSz + esd.digAlgoIdSetSz + esd.contentInfoSeqSz + esd.certsSetSz + pkcs7->singleCertSz + esd.innerOctetsSz + esd.innerContSeqSz + - sizeof(innerOid) + pkcs7->contentSz + + innerOidSz + pkcs7->contentSz + signerInfoSz; esd.innerSeqSz = SetSequence(totalSz, esd.innerSeq); totalSz += esd.innerSeqSz; esd.outerContentSz = SetTagged(0, totalSz, esd.outerContent); - totalSz += esd.outerContentSz + sizeof(outerOid); + totalSz += esd.outerContentSz + outerOidSz; esd.outerSeqSz = SetSequence(totalSz, esd.outerSeq); totalSz += esd.outerSeqSz; @@ -462,8 +464,8 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) idx = 0; XMEMCPY(output + idx, esd.outerSeq, esd.outerSeqSz); idx += esd.outerSeqSz; - XMEMCPY(output + idx, outerOid, sizeof(outerOid)); - idx += sizeof(outerOid); + XMEMCPY(output + idx, outerOid, outerOidSz); + idx += outerOidSz; XMEMCPY(output + idx, esd.outerContent, esd.outerContentSz); idx += esd.outerContentSz; XMEMCPY(output + idx, esd.innerSeq, esd.innerSeqSz); @@ -476,8 +478,8 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) idx += esd.singleDigAlgoIdSz; XMEMCPY(output + idx, esd.contentInfoSeq, esd.contentInfoSeqSz); idx += esd.contentInfoSeqSz; - XMEMCPY(output + idx, innerOid, sizeof(innerOid)); - idx += sizeof(innerOid); + XMEMCPY(output + idx, innerOid, innerOidSz); + idx += innerOidSz; XMEMCPY(output + idx, esd.innerContSeq, esd.innerContSeqSz); idx += esd.innerContSeqSz; XMEMCPY(output + idx, esd.innerOctets, esd.innerOctetsSz); From 36f78c5e1d533d548c900ba675ad4e5729a10726 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Wed, 15 Jan 2014 15:42:27 -0800 Subject: [PATCH 092/135] 1. Bug fix for taking the size of something. (Used wrong variable name.) 2. Renamed PKCS7 signed data test output file. 3. Added PKCS7 data test output files to gitignore. --- .gitignore | 4 ++-- ctaocrypt/src/pkcs7.c | 2 +- ctaocrypt/test/test.c | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index c9629d289..d5d705070 100644 --- a/.gitignore +++ b/.gitignore @@ -54,8 +54,8 @@ key.der key.pem certreq.der certreq.pem -pkcs7test.der -pkcs7test.pem +pkcs7signedData.der +pkcs7envelopedData.der diff sslSniffer/sslSnifferTest/tracefile.txt *.gz diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index e47971a2f..2dc3bcd3c 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -317,7 +317,7 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) byte* flatSignedAttribs = NULL; word32 flatSignedAttribsSz = 0; word32 innerOidSz = sizeof(innerOid); - word32 outerOidSz = sizeof(outerOidSz); + word32 outerOidSz = sizeof(outerOid); XMEMSET(&esd, 0, sizeof(esd)); InitSha(&esd.sha); diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index 2ac13908f..b55ed6d13 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -4125,7 +4125,7 @@ int pkcs7_test(void) outSz = ret; /* write PKCS#7 to output file for more testing */ - pkcs7File = fopen("./pkcs7test.der", "wb"); + pkcs7File = fopen("./pkcs7signedData.der", "wb"); if (!pkcs7File) return -43; ret = (int)fwrite(out, outSz, 1, pkcs7File); From 590dde753a907e3473fe3d807fb5c872fc0e566a Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Thu, 16 Jan 2014 10:45:52 -0700 Subject: [PATCH 093/135] only store issuer into issuerRaw --- ctaocrypt/src/asn.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index a7d0bc45a..ecdd932c8 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -1618,8 +1618,10 @@ static int GetName(DecodedCert* cert, int nameType) #ifdef HAVE_PKCS7 /* store pointer to raw issuer */ - cert->issuerRaw = &cert->source[cert->srcIdx]; - cert->issuerRawLen = length - cert->srcIdx; + if (nameType == ISSUER) { + cert->issuerRaw = &cert->source[cert->srcIdx]; + cert->issuerRawLen = length - cert->srcIdx; + } #endif while (cert->srcIdx < (word32)length) { From a75b95facc280245df54f553e6df70ec9bdd9653 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Thu, 16 Jan 2014 13:29:37 -0700 Subject: [PATCH 094/135] more comments to PKCS#7 files --- ctaocrypt/src/pkcs7.c | 23 ++++++++++++++++++----- cyassl/ctaocrypt/pkcs7.h | 7 ++++--- 2 files changed, 22 insertions(+), 8 deletions(-) diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index 2dc3bcd3c..7705a92be 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -39,9 +39,12 @@ } #endif + +/* placed ASN.1 contentType OID into *output, return idx on success, + * 0 upon failure */ CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output) { - /* PKCS#7 content types */ + /* PKCS#7 content types, RFC 2315, section 14 */ static const byte pkcs7[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07 }; static const byte data[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, @@ -114,6 +117,8 @@ CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output) } + +/* get ASN.1 contentType OID sum, return 0 on success, <0 on failure */ int GetContentType(const byte* input, word32* inOutIdx, word32* oid, word32 maxIdx) { @@ -142,6 +147,7 @@ int GetContentType(const byte* input, word32* inOutIdx, word32* oid, } +/* init PKCS7 struct with recipient cert, decode into DecodedCert */ int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz) { int ret = 0; @@ -172,6 +178,7 @@ int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz) } +/* build PKCS#7 data content type */ int PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz) { static const byte oid[] = @@ -301,6 +308,7 @@ static int FlattenAttributes(byte* output, EncodedAttrib* ea, int eaSz) } +/* build PKCS#7 signedData content type */ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) { static const byte outerOid[] = @@ -641,6 +649,7 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz, } +/* build PKCS#7 envelopedData content type, return enveloped size */ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) { int i, idx = 0; @@ -680,6 +689,7 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) if (output == NULL || outputSz == 0) return BAD_FUNC_ARG; + /* PKCS#7 only supports DES, 3DES for now */ switch (pkcs7->encryptOID) { case DESb: blockKeySz = DES_KEYLEN; @@ -697,7 +707,7 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) /* outer content type */ outerContentTypeSz = SetContentType(ENVELOPED_DATA, outerContentType); - /* version */ + /* version, defined as 0 in RFC 2315 */ verSz = SetMyVersion(0, ver, 0); /* generate random content encryption key */ @@ -726,7 +736,7 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) if (contentEncAlgoSz == 0) return BAD_FUNC_ARG; - /* allocate memory for encrypted content, pad if necessary */ + /* allocate encrypted content buffer, pad if necessary, PKCS#7 padding */ padSz = DES_BLOCK_SIZE - (pkcs7->contentSz % DES_BLOCK_SIZE); desOutSz = pkcs7->contentSz + padSz; @@ -839,6 +849,7 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) return idx; } +/* unwrap and decrypt PKCS#7 envelopedData object, return decoded size */ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz, byte* output, word32 outputSz) @@ -890,7 +901,7 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, idx = 0; - /* read past ContentInfo, verify type */ + /* read past ContentInfo, verify type is envelopedData */ if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) return ASN_PARSE_E; @@ -908,7 +919,7 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) return ASN_PARSE_E; - /* remove EnvelopedData */ + /* remove EnvelopedData and version */ if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) return ASN_PARSE_E; @@ -960,6 +971,7 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, if (GetNameHash(pkiMsg, &idx, issuerHash, pkiMsgSz) < 0) return ASN_PARSE_E; + /* if we found correct recipient, issuer hashes will match */ if (XMEMCMP(issuerHash, decoded.issuerHash, SHA_DIGEST_SIZE) == 0) { recipFound = 1; } @@ -970,6 +982,7 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, if (GetAlgoId(pkiMsg, &idx, &encOID, pkiMsgSz) < 0) return ASN_PARSE_E; + /* key encryption algorithm must be RSA for now */ if (encOID != RSAk) return ALGO_ID_E; diff --git a/cyassl/ctaocrypt/pkcs7.h b/cyassl/ctaocrypt/pkcs7.h index 73fc96b4e..8dad31748 100644 --- a/cyassl/ctaocrypt/pkcs7.h +++ b/cyassl/ctaocrypt/pkcs7.h @@ -35,8 +35,9 @@ extern "C" { #endif +/* PKCS#7 content types, ref RFC 2315 (Section 14) */ enum PKCS7_TYPES { - PKCS7_MSG = 650, /* 1.2.840.113549.1.7 */ + PKCS7_MSG = 650, /* 1.2.840.113549.1.7 */ DATA = 651, /* 1.2.840.113549.1.7.1 */ SIGNED_DATA = 652, /* 1.2.840.113549.1.7.2 */ ENVELOPED_DATA = 653, /* 1.2.840.113549.1.7.3 */ @@ -46,8 +47,8 @@ enum PKCS7_TYPES { }; enum Pkcs7_Misc { - MAX_ENCRYPTED_KEY_SZ = 512, /* max enc. key size, RSA <= 4096 */ - MAX_CONTENT_KEY_LEN = DES3_KEYLEN, + MAX_ENCRYPTED_KEY_SZ = 512, /* max enc. key size, RSA <= 4096 */ + MAX_CONTENT_KEY_LEN = DES3_KEYLEN, /* highest current cipher is 3DES */ MAX_RECIP_SZ = MAX_VERSION_SZ + MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ + MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ From 264ce75041431b060f5ef2eb340523f881cdc97f Mon Sep 17 00:00:00 2001 From: John Safranek Date: Thu, 16 Jan 2014 16:17:17 -0800 Subject: [PATCH 095/135] 1. Split SetTagged into SetExplicit and SetImplicit. 2. Updated code using SetTagged to use new functions. --- ctaocrypt/src/asn.c | 12 ++++++++++-- ctaocrypt/src/pkcs7.c | 19 +++++++++---------- cyassl/ctaocrypt/asn.h | 3 ++- 3 files changed, 21 insertions(+), 13 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index a7d0bc45a..c76ee571e 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -2279,9 +2279,17 @@ CYASSL_LOCAL word32 SetSet(word32 len, byte* output) return SetLength(len, output + 1) + 1; } -CYASSL_LOCAL word32 SetTagged(byte tag, word32 len, byte* output) +CYASSL_LOCAL word32 SetImplicit(byte tag, byte number, word32 len, byte* output) { - output[0] = ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | tag; + + output[0] = ((tag == ASN_SEQUENCE || tag == ASN_SET) ? ASN_CONSTRUCTED : 0) + | ASN_CONTEXT_SPECIFIC | number; + return SetLength(len, output + 1) + 1; +} + +CYASSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output) +{ + output[0] = ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | number; return SetLength(len, output + 1) + 1; } diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index 2dc3bcd3c..5afa96138 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -30,7 +30,6 @@ #include #include #include -#include #ifndef min static INLINE word32 min(word32 a, word32 b) @@ -331,7 +330,7 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) } esd.innerOctetsSz = SetOctetString(pkcs7->contentSz, esd.innerOctets); - esd.innerContSeqSz = SetTagged(0, esd.innerOctetsSz + pkcs7->contentSz, + esd.innerContSeqSz = SetExplicit(0, esd.innerOctetsSz + pkcs7->contentSz, esd.innerContSeq); esd.contentInfoSeqSz = SetSequence(pkcs7->contentSz + esd.innerOctetsSz + innerOidSz + esd.innerContSeqSz, @@ -387,7 +386,7 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) return MEMORY_E; FlattenAttributes(flatSignedAttribs, esd.signedAttribs, esd.signedAttribsCount); - esd.signedAttribSetSz = SetTagged(0, esd.signedAttribsSz, + esd.signedAttribSetSz = SetImplicit(ASN_SET, 0, esd.signedAttribsSz, esd.signedAttribSet); } /* Calculate the final hash and encrypt it. */ @@ -437,7 +436,7 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) esd.signerInfoSetSz = SetSet(signerInfoSz, esd.signerInfoSet); signerInfoSz += esd.signerInfoSetSz; - esd.certsSetSz = SetTagged(0, pkcs7->singleCertSz, esd.certsSet); + esd.certsSetSz = SetImplicit(ASN_SET, 0, pkcs7->singleCertSz, esd.certsSet); esd.singleDigAlgoIdSz = SetAlgoID(pkcs7->hashOID, esd.singleDigAlgoId, hashType, 0); @@ -453,7 +452,7 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) signerInfoSz; esd.innerSeqSz = SetSequence(totalSz, esd.innerSeq); totalSz += esd.innerSeqSz; - esd.outerContentSz = SetTagged(0, totalSz, esd.outerContent); + esd.outerContentSz = SetExplicit(0, totalSz, esd.outerContent); totalSz += esd.outerContentSz + outerOidSz; esd.outerSeqSz = SetSequence(totalSz, esd.outerSeq); totalSz += esd.outerSeqSz; @@ -769,7 +768,8 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) Des3_CbcEncrypt(&des3, encryptedContent, plain, desOutSz); } - encContentOctetSz = SetOctetString(desOutSz, encContentOctet); + encContentOctetSz = SetImplicit(ASN_OCTET_STRING, 0, + desOutSz, encContentOctet); encContentSeqSz = SetSequence(contentTypeSz + contentEncAlgoSz + encContentOctetSz + desOutSz, encContentSeq); @@ -783,8 +783,7 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) totalSz += envDataSeqSz; /* outer content */ - outerContent[0] = (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0); - outerContentSz = 1 + SetLength(totalSz, outerContent + 1); + outerContentSz = SetExplicit(0, totalSz, outerContent); totalSz += outerContentTypeSz; totalSz += outerContentSz; @@ -1003,8 +1002,8 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, if (GetAlgoId(pkiMsg, &idx, &encOID, pkiMsgSz) < 0) return ASN_PARSE_E; - /* read encryptedContent */ - if (pkiMsg[idx++] != ASN_OCTET_STRING) + /* read encryptedContent, cont[0] */ + if (pkiMsg[idx++] != (ASN_CONTEXT_SPECIFIC | 0)) return ASN_PARSE_E; if (GetLength(pkiMsg, &idx, &encryptedContentSz, pkiMsgSz) < 0) diff --git a/cyassl/ctaocrypt/asn.h b/cyassl/ctaocrypt/asn.h index e5c153295..90ba8c7a1 100644 --- a/cyassl/ctaocrypt/asn.h +++ b/cyassl/ctaocrypt/asn.h @@ -459,7 +459,8 @@ CYASSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid, CYASSL_LOCAL word32 SetLength(word32 length, byte* output); CYASSL_LOCAL word32 SetSequence(word32 len, byte* output); CYASSL_LOCAL word32 SetOctetString(word32 len, byte* output); -CYASSL_LOCAL word32 SetTagged(byte tag, word32 len, byte* output); +CYASSL_LOCAL word32 SetImplicit(byte tag, byte number, word32 len,byte* output); +CYASSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output); CYASSL_LOCAL word32 SetSet(word32 len, byte* output); CYASSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz); CYASSL_LOCAL int SetMyVersion(word32 version, byte* output, int header); From eb2e987a293ee0452faca2b2e981db613056d8c4 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Thu, 16 Jan 2014 16:29:33 -0800 Subject: [PATCH 096/135] Split two PKCS7 tests into two functions. --- ctaocrypt/test/test.c | 340 ++++++++++++++++++++++-------------------- 1 file changed, 175 insertions(+), 165 deletions(-) diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index b55ed6d13..010b62e12 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -178,7 +178,8 @@ int pbkdf2_test(void); int compress_test(void); #endif #ifdef HAVE_PKCS7 - int pkcs7_test(void); + int pkcs7enveloped_test(void); + int pkcs7signed_test(void); #endif @@ -465,10 +466,15 @@ void ctaocrypt_test(void* args) #endif #ifdef HAVE_PKCS7 - if ( (ret = pkcs7_test()) != 0) - err_sys("PKCS7 test failed!\n", ret); + if ( (ret = pkcs7enveloped_test()) != 0) + err_sys("PKCS7enveloped test failed!\n", ret); else - printf( "PKCS7 test passed!\n"); + printf( "PKCS7enveloped test passed!\n"); + + if ( (ret = pkcs7signed_test()) != 0) + err_sys("PKCS7signed test failed!\n", ret); + else + printf( "PKCS7signed test passed!\n"); #endif ((func_args*)args)->return_code = ret; @@ -4024,196 +4030,200 @@ int compress_test(void) #ifdef HAVE_PKCS7 -int pkcs7_test(void) +int pkcs7enveloped_test(void) { int ret = 0; - /* Test the PKCS7 Signed-Data */ - { - byte* cert; - byte out[2048]; - char data[] = "Hello World"; - word32 dataSz, outSz; - PKCS7 msg; - RNG rng; + int cipher = DES3b; + int envelopedSz, decodedSz; + PKCS7 pkcs7; + byte* cert; + byte* privKey; + byte enveloped[2048]; + byte decoded[2048]; - word32 certSz; - FILE* file; - FILE* pkcs7File; + size_t certSz; + size_t privKeySz; + FILE* certFile; + FILE* keyFile; + FILE* pkcs7File; + const char* pkcs7OutFile = "pkcs7envelopedData.der"; - byte transIdOid[] = - { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, - 0x09, 0x07 }; - byte messageTypeOid[] = - { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, - 0x09, 0x02 }; - byte senderNonceOid[] = - { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, - 0x09, 0x05 }; - byte pkiStatusOid[] = - { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, - 0x09, 0x03 }; - byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1]; - byte messageType[] = { 0x13, 2, '1', '9' }; - byte senderNonce[34]; - byte pkiStatus[] = { 0x13, 1, '0' }; + const byte data[] = { /* Hello World */ + 0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f, + 0x72,0x6c,0x64 + }; - PKCS7Attrib attribs[] = - { - { transIdOid, sizeof(transIdOid), - transId, sizeof(transId) - 1 }, /* take off the null */ - { messageTypeOid, sizeof(messageTypeOid), - messageType, sizeof(messageType) }, - { senderNonceOid, sizeof(senderNonceOid), - senderNonce, sizeof(senderNonce) }, - { pkiStatusOid, sizeof(pkiStatusOid), - pkiStatus, sizeof(pkiStatus) } - }; + /* read client cert and key in DER format */ + cert = (byte*)malloc(FOURK_BUF); + if (cert == NULL) + return -201; - dataSz = (word32) strlen(data); - outSz = sizeof(out); + privKey = (byte*)malloc(FOURK_BUF); + if (privKey == NULL) + return -202; - cert = (byte*)malloc(FOURK_BUF); - if (cert == NULL) - return -40; + certFile = fopen(clientCert, "rb"); + if (!certFile) + err_sys("can't open ./certs/client-cert.der, " + "Please run from CyaSSL home dir", -42); - /* read in DER cert of recipient, into cert of size certSz */ - file = fopen(clientCert, "rb"); + certSz = fread(cert, 1, FOURK_BUF, certFile); + fclose(certFile); - if (!file) - err_sys("can't open ./certs/client-cert.der, " - "Please run from CyaSSL home dir", -40); + keyFile = fopen(clientKey, "rb"); + if (!keyFile) + err_sys("can't open ./certs/client-key.der, " + "Please run from CyaSSL home dir", -43); - certSz = (word32)fread(cert, 1, FOURK_BUF, file); - fclose(file); + privKeySz = fread(privKey, 1, FOURK_BUF, keyFile); + fclose(keyFile); - ret = InitRng(&rng); - senderNonce[0] = 0x04; - senderNonce[1] = 0x20; - RNG_GenerateBlock(&rng, &senderNonce[2], 32); + PKCS7_InitWithCert(&pkcs7, cert, (word32)certSz); + pkcs7.content = (byte*)data; + pkcs7.contentSz = (word32)sizeof(data); + pkcs7.contentOID = DATA; + pkcs7.encryptOID = cipher; + pkcs7.privateKey = privKey; + pkcs7.privKeySize = (word32)privKeySz; - PKCS7_InitWithCert(&msg, cert, certSz); - msg.content = (byte*)data; - msg.contentSz = dataSz; - msg.hashOID = SHAh; - msg.encryptOID = RSAk; - msg.signedAttribs = attribs; - msg.signedAttribsSz = sizeof(attribs)/sizeof(PKCS7Attrib); - msg.rng = &rng; - { - Sha sha; - byte digest[SHA_DIGEST_SIZE]; - int i,j; + /* encode envelopedData */ + envelopedSz = PKCS7_EncodeEnvelopeData(&pkcs7, enveloped, + sizeof(enveloped)); + if (envelopedSz <= 0) + return -203; - transId[0] = 0x13; - transId[1] = SHA_DIGEST_SIZE * 2; + /* decode envelopedData */ + decodedSz = PKCS7_DecodeEnvelopedData(&pkcs7, enveloped, envelopedSz, + decoded, sizeof(decoded)); + if (decodedSz <= 0) + return -204; - InitSha(&sha); - ShaUpdate(&sha, msg.publicKey, msg.publicKeySz); - ShaFinal(&sha, digest); - - for (i = 0, j = 2; i < SHA_DIGEST_SIZE; i++, j += 2) { - snprintf((char*)&transId[j], 3, "%02x", digest[i]); - } - } - ret = PKCS7_EncodeSignedData(&msg, out, outSz); - if (ret < 0) { - printf("Pkcs7_encrypt failed\n"); - return -42; - } - else - outSz = ret; - - /* write PKCS#7 to output file for more testing */ - pkcs7File = fopen("./pkcs7signedData.der", "wb"); - if (!pkcs7File) - return -43; - ret = (int)fwrite(out, outSz, 1, pkcs7File); - fclose(pkcs7File); + /* test decode result */ + if (memcmp(decoded, data, sizeof(data)) != 0) { + return -205; } - /* Test the PKCS7 Enveloped-Data */ + + /* output pkcs7 envelopedData for external testing */ + pkcs7File = fopen(pkcs7OutFile, "wb"); + if (!pkcs7File) + return -206; + + ret = (int)fwrite(enveloped, envelopedSz, 1, pkcs7File); + fclose(pkcs7File); + + free(cert); + free(privKey); + + if (ret > 0) + return 0; + + return ret; +} + +int pkcs7signed_test(void) +{ + int ret = 0; + + byte* cert; + byte out[2048]; + char data[] = "Hello World"; + word32 dataSz, outSz; + PKCS7 msg; + RNG rng; + + word32 certSz; + FILE* file; + FILE* pkcs7File; + + byte transIdOid[] = + { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, + 0x09, 0x07 }; + byte messageTypeOid[] = + { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, + 0x09, 0x02 }; + byte senderNonceOid[] = + { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, + 0x09, 0x05 }; + byte pkiStatusOid[] = + { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, + 0x09, 0x03 }; + byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1]; + byte messageType[] = { 0x13, 2, '1', '9' }; + byte senderNonce[34]; + byte pkiStatus[] = { 0x13, 1, '0' }; + + PKCS7Attrib attribs[] = { - int cipher = DES3b; - int envelopedSz, decodedSz; - PKCS7 pkcs7; - byte* cert; - byte* privKey; - byte enveloped[2048]; - byte decoded[2048]; + { transIdOid, sizeof(transIdOid), + transId, sizeof(transId) - 1 }, /* take off the null */ + { messageTypeOid, sizeof(messageTypeOid), + messageType, sizeof(messageType) }, + { senderNonceOid, sizeof(senderNonceOid), + senderNonce, sizeof(senderNonce) }, + { pkiStatusOid, sizeof(pkiStatusOid), + pkiStatus, sizeof(pkiStatus) } + }; - size_t certSz; - size_t privKeySz; - FILE* certFile; - FILE* keyFile; - FILE* pkcs7File; - const char* pkcs7OutFile = "pkcs7envelopedData.der"; + dataSz = (word32) strlen(data); + outSz = sizeof(out); - const byte data[] = { /* Hello World */ - 0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f, - 0x72,0x6c,0x64 - }; + cert = (byte*)malloc(FOURK_BUF); + if (cert == NULL) + return -207; - /* read client cert and key in DER format */ - cert = (byte*)malloc(FOURK_BUF); - if (cert == NULL) - return -201; + /* read in DER cert of recipient, into cert of size certSz */ + file = fopen(clientCert, "rb"); - privKey = (byte*)malloc(FOURK_BUF); - if (privKey == NULL) - return -202; + if (!file) + err_sys("can't open ./certs/client-cert.der, " + "Please run from CyaSSL home dir", -44); - certFile = fopen(clientCert, "rb"); - if (!certFile) - err_sys("can't open ./certs/client-cert.der, " - "Please run from CyaSSL home dir", -42); + certSz = (word32)fread(cert, 1, FOURK_BUF, file); + fclose(file); - certSz = fread(cert, 1, FOURK_BUF, certFile); - fclose(certFile); + ret = InitRng(&rng); + senderNonce[0] = 0x04; + senderNonce[1] = 0x20; + RNG_GenerateBlock(&rng, &senderNonce[2], 32); - keyFile = fopen(clientKey, "rb"); - if (!keyFile) - err_sys("can't open ./certs/client-key.der, " - "Please run from CyaSSL home dir", -43); + PKCS7_InitWithCert(&msg, cert, certSz); + msg.content = (byte*)data; + msg.contentSz = dataSz; + msg.hashOID = SHAh; + msg.encryptOID = RSAk; + msg.signedAttribs = attribs; + msg.signedAttribsSz = sizeof(attribs)/sizeof(PKCS7Attrib); + msg.rng = &rng; + { + Sha sha; + byte digest[SHA_DIGEST_SIZE]; + int i,j; - privKeySz = fread(privKey, 1, FOURK_BUF, keyFile); - fclose(keyFile); + transId[0] = 0x13; + transId[1] = SHA_DIGEST_SIZE * 2; - PKCS7_InitWithCert(&pkcs7, cert, (word32)certSz); - pkcs7.content = (byte*)data; - pkcs7.contentSz = (word32)sizeof(data); - pkcs7.contentOID = DATA; - pkcs7.encryptOID = cipher; - pkcs7.privateKey = privKey; - pkcs7.privKeySize = (word32)privKeySz; + InitSha(&sha); + ShaUpdate(&sha, msg.publicKey, msg.publicKeySz); + ShaFinal(&sha, digest); - /* encode envelopedData */ - envelopedSz = PKCS7_EncodeEnvelopeData(&pkcs7, enveloped, - sizeof(enveloped)); - if (envelopedSz <= 0) - return -203; - - /* decode envelopedData */ - decodedSz = PKCS7_DecodeEnvelopedData(&pkcs7, enveloped, envelopedSz, - decoded, sizeof(decoded)); - if (decodedSz <= 0) - return -204; - - /* test decode result */ - if (memcmp(decoded, data, sizeof(data)) != 0) { - return -205; + for (i = 0, j = 2; i < SHA_DIGEST_SIZE; i++, j += 2) { + snprintf((char*)&transId[j], 3, "%02x", digest[i]); } - - /* output pkcs7 envelopedData for external testing */ - pkcs7File = fopen(pkcs7OutFile, "wb"); - if (!pkcs7File) - return -206; - - ret = (int)fwrite(enveloped, envelopedSz, 1, pkcs7File); - fclose(pkcs7File); - - free(cert); - free(privKey); } + ret = PKCS7_EncodeSignedData(&msg, out, outSz); + if (ret < 0) { + return -208; + } + else + outSz = ret; + + /* write PKCS#7 to output file for more testing */ + pkcs7File = fopen("./pkcs7signedData.der", "wb"); + if (!pkcs7File) + return -209; + ret = (int)fwrite(out, outSz, 1, pkcs7File); + fclose(pkcs7File); if (ret > 0) return 0; From 366f42a91befa27fb8cd00dc2187605a0204d046 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Thu, 16 Jan 2014 17:45:10 -0700 Subject: [PATCH 097/135] remove NULL tag from block cipher AlgoId, IV there instead --- ctaocrypt/src/asn.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index 7e73db492..29c54fc1c 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -2387,11 +2387,10 @@ CYASSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz) static const byte md2AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x02, 0x05, 0x00}; - /* blkTypes */ - static const byte desCbcAlgoID[] = { 0x2B, 0x0E, 0x03, 0x02, 0x07, - 0x05, 0x00 }; + /* blkTypes, no NULL tags because IV is there instead */ + static const byte desCbcAlgoID[] = { 0x2B, 0x0E, 0x03, 0x02, 0x07 }; static const byte des3CbcAlgoID[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, - 0x0D, 0x03, 0x07, 0x05, 0x00}; + 0x0D, 0x03, 0x07 }; /* RSA sigTypes */ #ifndef NO_RSA @@ -2481,10 +2480,12 @@ CYASSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz) case DESb: algoSz = sizeof(desCbcAlgoID); algoName = desCbcAlgoID; + tagSz = 0; break; case DES3b: algoSz = sizeof(des3CbcAlgoID); algoName = des3CbcAlgoID; + tagSz = 0; break; default: CYASSL_MSG("Unknown Block Algo"); From e9b82d817460fb390cab510c395b4681baa81808 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Thu, 16 Jan 2014 17:46:28 -0700 Subject: [PATCH 098/135] place PKCS#7 IV in AlgoID optional params, resolve merge conflicts --- ctaocrypt/src/pkcs7.c | 57 +++++++++++++++++++++++++++++++------------ 1 file changed, 42 insertions(+), 15 deletions(-) diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index 8bd76c1dd..6a92aaa13 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -675,10 +675,13 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) byte recip[MAX_RECIP_SZ]; byte recipSet[MAX_SET_SZ]; - int encContentOctetSz, encContentSeqSz, contentTypeSz, contentEncAlgoSz; + int encContentOctetSz, encContentSeqSz, contentTypeSz; + int contentEncAlgoSz, ivOctetStringSz; byte encContentSeq[MAX_SEQ_SZ]; byte contentType[MAX_ALGO_SZ]; byte contentEncAlgo[MAX_ALGO_SZ]; + byte tmpIv[DES_BLOCK_SIZE]; + byte ivOctetString[MAX_OCTET_STR_SZ]; byte encContentOctet[MAX_OCTET_STR_SZ]; if (pkcs7 == NULL || pkcs7->content == NULL || pkcs7->contentSz == 0 || @@ -730,11 +733,6 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) if (contentTypeSz == 0) return BAD_FUNC_ARG; - contentEncAlgoSz = SetAlgoID(pkcs7->encryptOID, contentEncAlgo, - blkType, 0); - if (contentEncAlgoSz == 0) - return BAD_FUNC_ARG; - /* allocate encrypted content buffer, pad if necessary, PKCS#7 padding */ padSz = DES_BLOCK_SIZE - (pkcs7->contentSz % DES_BLOCK_SIZE); desOutSz = pkcs7->contentSz + padSz; @@ -763,10 +761,20 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) return MEMORY_E; } - /* use NULL iv for now */ - byte tmpIv[blockKeySz]; - XMEMSET(tmpIv, 0, sizeof(tmpIv)); + /* generate IV for block cipher */ + RNG_GenerateBlock(&rng, tmpIv, DES_BLOCK_SIZE); + /* put together IV OCTET STRING */ + ivOctetStringSz = SetOctetString(DES_BLOCK_SIZE, ivOctetString); + + /* build up our ContentEncryptionAlgorithmIdentifier sequence, + * adding (ivOctetStringSz + DES_BLOCK_SIZE) for IV OCTET STRING */ + contentEncAlgoSz = SetAlgoID(pkcs7->encryptOID, contentEncAlgo, + blkType, ivOctetStringSz + DES_BLOCK_SIZE); + if (contentEncAlgoSz == 0) + return BAD_FUNC_ARG; + + /* encrypt content */ if (pkcs7->encryptOID == DESb) { Des des; Des_SetKey(&des, contentKeyPlain, tmpIv, DES_ENCRYPTION); @@ -779,14 +787,16 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) } encContentOctetSz = SetImplicit(ASN_OCTET_STRING, 0, - desOutSz, encContentOctet); + desOutSz, encContentOctet); encContentSeqSz = SetSequence(contentTypeSz + contentEncAlgoSz + + ivOctetStringSz + DES_BLOCK_SIZE + encContentOctetSz + desOutSz, encContentSeq); /* keep track of sizes for outer wrapper layering */ totalSz = verSz + recipSetSz + recipSz + encContentSeqSz + contentTypeSz + - contentEncAlgoSz + encContentOctetSz + desOutSz; + contentEncAlgoSz + ivOctetStringSz + DES_BLOCK_SIZE + + encContentOctetSz + desOutSz; /* EnvelopedData */ envDataSeqSz = SetSequence(totalSz, envDataSeq); @@ -829,6 +839,10 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) idx += contentTypeSz; XMEMCPY(output + idx, contentEncAlgo, contentEncAlgoSz); idx += contentEncAlgoSz; + XMEMCPY(output + idx, ivOctetString, ivOctetStringSz); + idx += ivOctetStringSz; + XMEMCPY(output + idx, tmpIv, DES_BLOCK_SIZE); + idx += DES_BLOCK_SIZE; XMEMCPY(output + idx, encContentOctet, encContentOctetSz); idx += encContentOctetSz; XMEMCPY(output + idx, encryptedContent, desOutSz); @@ -863,7 +877,7 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, DecodedCert decoded; int encryptedKeySz, keySz; - byte tmpIv[DES3_KEYLEN]; + byte tmpIv[DES_BLOCK_SIZE]; byte encryptedKey[MAX_ENCRYPTED_KEY_SZ]; byte* decryptedKey = NULL; @@ -1015,6 +1029,21 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, if (GetAlgoId(pkiMsg, &idx, &encOID, pkiMsgSz) < 0) return ASN_PARSE_E; + /* get block cipher IV, stored in OPTIONAL parameter of AlgoID */ + if (pkiMsg[idx++] != ASN_OCTET_STRING) + return ASN_PARSE_E; + + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (length != DES_BLOCK_SIZE) { + CYASSL_MSG("Incorrect IV length, must be of DES_BLOCK_SIZE"); + return ASN_PARSE_E; + } + + XMEMCPY(tmpIv, &pkiMsg[idx], length); + idx += length; + /* read encryptedContent, cont[0] */ if (pkiMsg[idx++] != (ASN_CONTEXT_SPECIFIC | 0)) return ASN_PARSE_E; @@ -1033,9 +1062,7 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, if (keySz < 0) return keySz; - /* decrypt encryptedContent, using NULL iv for now */ - XMEMSET(tmpIv, 0, sizeof(tmpIv)); - + /* decrypt encryptedContent */ if (encOID == DESb) { Des des; Des_SetKey(&des, decryptedKey, tmpIv, DES_DECRYPTION); From c4eb5642b15830ae67790b35f609aabfeedf7c89 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 17 Jan 2014 14:07:40 -0800 Subject: [PATCH 099/135] 1. Sign the PKCS#7 with a supplied private key, not the single cert's public key. 2. Rename PKCS7 Envelope Data function as `PKCS7_EncodeEnvelopedData()`. 3. Encode signed data to check input parameters. --- ctaocrypt/src/pkcs7.c | 27 +++++++++------ ctaocrypt/test/test.c | 74 +++++++++++++++++++++++++++------------- cyassl/ctaocrypt/pkcs7.h | 16 ++++----- 3 files changed, 76 insertions(+), 41 deletions(-) diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index 6a92aaa13..48b5adf5f 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -326,6 +326,13 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) word32 innerOidSz = sizeof(innerOid); word32 outerOidSz = sizeof(outerOid); + if (pkcs7 == NULL || pkcs7->content == NULL || pkcs7->contentSz == 0 || + pkcs7->encryptOID == 0 || pkcs7->hashOID == 0 || pkcs7->rng == 0 || + pkcs7->singleCert == NULL || pkcs7->singleCertSz == 0 || + pkcs7->privateKey == NULL || pkcs7->privateKeySz == 0 || + output == NULL || outputSz == 0) + return BAD_FUNC_ARG; + XMEMSET(&esd, 0, sizeof(esd)); InitSha(&esd.sha); @@ -399,7 +406,7 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) } /* Calculate the final hash and encrypt it. */ { - RsaKey pubKey; + RsaKey privKey; int result; word32 scratch = 0; @@ -414,19 +421,19 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) } ShaFinal(&esd.sha, esd.contentAttribsDigest); - InitRsaKey(&pubKey, NULL); - result = RsaPublicKeyDecode(pkcs7->publicKey, &scratch, &pubKey, - pkcs7->publicKeySz); + InitRsaKey(&privKey, NULL); + result = RsaPrivateKeyDecode(pkcs7->privateKey, &scratch, &privKey, + pkcs7->privateKeySz); if (result < 0) { XFREE(flatSignedAttribs, 0, NULL); return PUBLIC_KEY_E; } - result = RsaPublicEncrypt(esd.contentAttribsDigest, + result = RsaSSL_Sign(esd.contentAttribsDigest, sizeof(esd.contentAttribsDigest), esd.encContentDigest, - sizeof(esd.encContentDigest), &pubKey, + sizeof(esd.encContentDigest), &privKey, pkcs7->rng); - FreeRsaKey(&pubKey); + FreeRsaKey(&privKey); if (result < 0) { XFREE(flatSignedAttribs, 0, NULL); return result; @@ -649,7 +656,7 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz, /* build PKCS#7 envelopedData content type, return enveloped size */ -int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) +int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz) { int i, idx = 0; int totalSz = 0, padSz = 0, desOutSz = 0; @@ -888,7 +895,7 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, if (pkcs7 == NULL || pkcs7->singleCert == NULL || pkcs7->singleCertSz == 0 || pkcs7->privateKey == NULL || - pkcs7->privKeySize == 0) + pkcs7->privateKeySz == 0) return BAD_FUNC_ARG; if (pkiMsg == NULL || pkiMsgSz == 0 || @@ -906,7 +913,7 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, /* load private key */ InitRsaKey(&privKey, 0); ret = RsaPrivateKeyDecode(pkcs7->privateKey, &idx, &privKey, - pkcs7->privKeySize); + pkcs7->privateKeySz); if (ret != 0) { CYASSL_MSG("Failed to decode RSA private key"); return ret; diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index 010b62e12..80fb90e06 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -4085,11 +4085,11 @@ int pkcs7enveloped_test(void) pkcs7.contentOID = DATA; pkcs7.encryptOID = cipher; pkcs7.privateKey = privKey; - pkcs7.privKeySize = (word32)privKeySz; + pkcs7.privateKeySz = (word32)privKeySz; /* encode envelopedData */ - envelopedSz = PKCS7_EncodeEnvelopeData(&pkcs7, enveloped, - sizeof(enveloped)); + envelopedSz = PKCS7_EncodeEnvelopedData(&pkcs7, enveloped, + sizeof(enveloped)); if (envelopedSz <= 0) return -203; @@ -4125,17 +4125,15 @@ int pkcs7signed_test(void) { int ret = 0; - byte* cert; - byte out[2048]; + FILE* file; + byte* certDer; + byte* keyDer; + byte* out; char data[] = "Hello World"; - word32 dataSz, outSz; + word32 dataSz, outSz, certDerSz, keyDerSz; PKCS7 msg; RNG rng; - word32 certSz; - FILE* file; - FILE* pkcs7File; - byte transIdOid[] = { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x07 }; @@ -4166,20 +4164,40 @@ int pkcs7signed_test(void) }; dataSz = (word32) strlen(data); - outSz = sizeof(out); + outSz = FOURK_BUF; - cert = (byte*)malloc(FOURK_BUF); - if (cert == NULL) + certDer = (byte*)malloc(FOURK_BUF); + keyDer = (byte*)malloc(FOURK_BUF); + out = (byte*)malloc(FOURK_BUF); + + if (certDer == NULL) return -207; + if (keyDer == NULL) + return -208; + if (out == NULL) + return -209; /* read in DER cert of recipient, into cert of size certSz */ file = fopen(clientCert, "rb"); - - if (!file) + if (!file) { + free(certDer); + free(keyDer); + free(out); err_sys("can't open ./certs/client-cert.der, " "Please run from CyaSSL home dir", -44); + } + certDerSz = (word32)fread(certDer, 1, FOURK_BUF, file); + fclose(file); - certSz = (word32)fread(cert, 1, FOURK_BUF, file); + file = fopen(clientKey, "rb"); + if (!file) { + free(certDer); + free(keyDer); + free(out); + err_sys("can't open ./certs/client-key.der, " + "Please run from CyaSSL home dir", -45); + } + keyDerSz = (word32)fread(keyDer, 1, FOURK_BUF, file); fclose(file); ret = InitRng(&rng); @@ -4187,7 +4205,9 @@ int pkcs7signed_test(void) senderNonce[1] = 0x20; RNG_GenerateBlock(&rng, &senderNonce[2], 32); - PKCS7_InitWithCert(&msg, cert, certSz); + PKCS7_InitWithCert(&msg, certDer, certDerSz); + msg.privateKey = keyDer; + msg.privateKeySz = keyDerSz; msg.content = (byte*)data; msg.contentSz = dataSz; msg.hashOID = SHAh; @@ -4213,17 +4233,25 @@ int pkcs7signed_test(void) } ret = PKCS7_EncodeSignedData(&msg, out, outSz); if (ret < 0) { - return -208; + return -210; } else outSz = ret; /* write PKCS#7 to output file for more testing */ - pkcs7File = fopen("./pkcs7signedData.der", "wb"); - if (!pkcs7File) - return -209; - ret = (int)fwrite(out, outSz, 1, pkcs7File); - fclose(pkcs7File); + file = fopen("./pkcs7signedData.der", "wb"); + if (!file) { + free(certDer); + free(keyDer); + free(out); + return -211; + } + ret = (int)fwrite(out, outSz, 1, file); + fclose(file); + + free(certDer); + free(keyDer); + free(out); if (ret > 0) return 0; diff --git a/cyassl/ctaocrypt/pkcs7.h b/cyassl/ctaocrypt/pkcs7.h index 8dad31748..f060dc11d 100644 --- a/cyassl/ctaocrypt/pkcs7.h +++ b/cyassl/ctaocrypt/pkcs7.h @@ -75,14 +75,14 @@ typedef struct PKCS7 { byte* singleCert; /* recipient cert, DER, not owner */ word32 singleCertSz; /* size of recipient cert buffer, bytes */ - byte* issuer; - word32 issuerSz; - byte* privateKey; /* recipient private key, DER, not owner */ - word32 privKeySize; /* size of private key buffer, bytes */ - byte issuerSn[MAX_SN_SZ]; - word32 issuerSnSz; + byte* issuer; /* issuer name of singleCert */ + word32 issuerSz; /* length of issuer name */ + byte issuerSn[MAX_SN_SZ]; /* singleCert's serial number */ + word32 issuerSnSz; /* length of serial number */ byte publicKey[512]; word32 publicKeySz; + byte* privateKey; /* private key, DER, not owner */ + word32 privateKeySz; /* size of private key buffer, bytes */ PKCS7Attrib* signedAttribs; word32 signedAttribsSz; @@ -102,8 +102,8 @@ CYASSL_API int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz); CYASSL_API int PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz); CYASSL_API int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz); -CYASSL_API int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, - byte* output, word32 outputSz); +CYASSL_API int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, + byte* output, word32 outputSz); CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz, byte* output, word32 outputSz); From ce7fe56de51ec4853873a24b29a891b7a1c388a1 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Mon, 20 Jan 2014 11:42:45 -0700 Subject: [PATCH 100/135] adjust next PKCS#7 envelopedData recipient check --- ctaocrypt/src/pkcs7.c | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index 48b5adf5f..6495ee110 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -962,23 +962,16 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, * indicate there is another, if not, move on */ while(recipFound == 0) { - /* remove RecipientInfo */ + /* remove RecipientInfo, if we don't have a SEQUENCE, back up idx to + * last good saved one */ if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) { - if (recipFound == 0) { - return ASN_PARSE_E; - } else { - idx = savedIdx; - break; - } + idx = savedIdx; + break; } if (GetMyVersion(pkiMsg, &idx, &version) < 0) { - if (recipFound == 0) { - return ASN_PARSE_E; - } else { - idx = savedIdx; - break; - } + idx = savedIdx; + break; } if (version != 0) From 28f3a2dc217df3fadaaac5c82a7d5cb6a005f4f9 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Mon, 20 Jan 2014 10:51:26 -0800 Subject: [PATCH 101/135] Added deallocator function for PKCS7 initializer data. --- ctaocrypt/src/pkcs7.c | 7 +++++++ ctaocrypt/test/test.c | 7 +++++++ cyassl/ctaocrypt/pkcs7.h | 1 + 3 files changed, 15 insertions(+) diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index 48b5adf5f..b442dce30 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -177,6 +177,13 @@ int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz) } +/* releases any memory allocated by a PKCS7 initializer */ +void PKCS7_Free(PKCS7* pkcs7) +{ + (void)pkcs7; +} + + /* build PKCS#7 data content type */ int PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz) { diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index 80fb90e06..b1fbaa6b5 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -4114,6 +4114,7 @@ int pkcs7enveloped_test(void) free(cert); free(privKey); + PKCS7_Free(&pkcs7); if (ret > 0) return 0; @@ -4233,6 +4234,10 @@ int pkcs7signed_test(void) } ret = PKCS7_EncodeSignedData(&msg, out, outSz); if (ret < 0) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); return -210; } else @@ -4244,6 +4249,7 @@ int pkcs7signed_test(void) free(certDer); free(keyDer); free(out); + PKCS7_Free(&msg); return -211; } ret = (int)fwrite(out, outSz, 1, file); @@ -4252,6 +4258,7 @@ int pkcs7signed_test(void) free(certDer); free(keyDer); free(out); + PKCS7_Free(&msg); if (ret > 0) return 0; diff --git a/cyassl/ctaocrypt/pkcs7.h b/cyassl/ctaocrypt/pkcs7.h index f060dc11d..0ea781774 100644 --- a/cyassl/ctaocrypt/pkcs7.h +++ b/cyassl/ctaocrypt/pkcs7.h @@ -99,6 +99,7 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz, int* keyEncSz, byte* out, word32 outSz); CYASSL_API int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz); +CYASSL_API void PKCS7_Free(PKCS7* pkcs7); CYASSL_API int PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz); CYASSL_API int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz); From c35a635fd73ee4107fed534f64f950c6822e6607 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Mon, 20 Jan 2014 15:52:41 -0800 Subject: [PATCH 102/135] Added initial PKCS7_VerifySignedData(). Only saves the first included certificate if available. --- .gitignore | 1 + ctaocrypt/src/pkcs7.c | 93 ++++++++++++++++++++++++++++++++++++++++ ctaocrypt/test/test.c | 33 +++++++++++++- cyassl/ctaocrypt/pkcs7.h | 2 + 4 files changed, 128 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index d5d705070..ee2053048 100644 --- a/.gitignore +++ b/.gitignore @@ -54,6 +54,7 @@ key.der key.pem certreq.der certreq.pem +pkcs7cert.der pkcs7signedData.der pkcs7envelopedData.der diff diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index d7fe5eee9..67db28ad4 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -548,6 +548,99 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) } +/* Finds the certificates in the message and saves it. */ +int PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) +{ + word32 idx, contentType; + int length, version; + byte b; + + if (pkcs7 == NULL || pkiMsg == NULL || pkiMsgSz == 0) + return BAD_FUNC_ARG; + + idx = 0; + + /* Get the contentInfo sequence */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Get the contentInfo contentType */ + if (GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (contentType != SIGNED_DATA) { + CYASSL_MSG("PKCS#7 input not of type SignedData"); + return PKCS7_OID_E; + } + + /* get the ContentInfo content */ + if (pkiMsg[idx++] != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) + return ASN_PARSE_E; + + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Get the signedData sequence */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Get the version */ + if (GetMyVersion(pkiMsg, &idx, &version) < 0) + return ASN_PARSE_E; + + if (version != 1) { + CYASSL_MSG("PKCS#7 signedData needs to be of version 1"); + return ASN_VERSION_E; + } + + /* Get the set of DigestAlgorithmIdentifiers */ + if (GetSet(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Skip the set. */ + idx += length; + + /* Get the inner ContentInfo sequence */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Skip the seqeunce. */ + idx += length; + + b = pkiMsg[idx]; + /* Get the implicit[0] set of certificates */ + if (b == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) { + idx++; + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (length > 0) { + /* At this point, idx is at the first certificate in + * a set of certificates. There may be more than one, + * or none, or they may be a PKCS 6 extended + * certificate. We want to save the first cert if it + * is X.509. */ + + word32 certIdx = idx; + + b = pkiMsg[certIdx++]; + if (b == (ASN_CONSTRUCTED | ASN_SEQUENCE)) { + int certSz; + + if (GetLength(pkiMsg, &certIdx, &certSz, pkiMsgSz) < 0) + return ASN_PARSE_E; + + pkcs7->singleCert = &pkiMsg[idx]; + pkcs7->singleCertSz = certSz + (certIdx - idx); + return 1; + } + } + } + + return 0; +} + + /* create ASN.1 fomatted RecipientInfo structure, returns sequence size */ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz, int keyEncAlgo, int blockKeySz, diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index b1fbaa6b5..9bd1ffa2b 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -4252,7 +4252,38 @@ int pkcs7signed_test(void) PKCS7_Free(&msg); return -211; } - ret = (int)fwrite(out, outSz, 1, file); + ret = (int)fwrite(out, 1, outSz, file); + fclose(file); + + PKCS7_Free(&msg); + PKCS7_InitWithCert(&msg, NULL, 0); + + ret = PKCS7_VerifySignedData(&msg, out, outSz); + if (ret < 0) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -212; + } + + if (msg.singleCert == NULL || msg.singleCertSz == 0) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -213; + } + + file = fopen("./pkcs7cert.der", "wb"); + if (!file) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -214; + } + ret = (int)fwrite(msg.singleCert, 1, msg.singleCertSz, file); fclose(file); free(certDer); diff --git a/cyassl/ctaocrypt/pkcs7.h b/cyassl/ctaocrypt/pkcs7.h index 0ea781774..5d5d801d6 100644 --- a/cyassl/ctaocrypt/pkcs7.h +++ b/cyassl/ctaocrypt/pkcs7.h @@ -103,6 +103,8 @@ CYASSL_API void PKCS7_Free(PKCS7* pkcs7); CYASSL_API int PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz); CYASSL_API int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz); +CYASSL_API int PKCS7_VerifySignedData(PKCS7* pkcs7, + byte* pkiMsg, word32 pkiMsgSz); CYASSL_API int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz); CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, From 8541c2cc97733f8360a84e4741dfed809929e85c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Tue, 21 Jan 2014 11:36:06 -0300 Subject: [PATCH 103/135] added renegotiation indication SCSV sending on client hello. --- configure.ac | 16 +++++++++++++++- cyassl/internal.h | 5 +++-- src/internal.c | 7 +++++++ 3 files changed, 25 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 69e3efa21..20c4253f3 100644 --- a/configure.ac +++ b/configure.ac @@ -1200,6 +1200,18 @@ then AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_TRUNCATED_HMAC" fi +# Renegotiation Indication +AC_ARG_ENABLE([renegotiation-indication], + [ --enable-renegotiation-indication Enable Renegotiation Indication (default: disabled)], + [ ENABLED_RENEGOTIATION_INDICATION=$enableval ], + [ ENABLED_RENEGOTIATION_INDICATION=no ] + ) + +if test "x$ENABLED_RENEGOTIATION_INDICATION" = "xyes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_RENEGOTIATION_INDICATION" +fi + # TLS Extensions AC_ARG_ENABLE([tlsx], [ --enable-tlsx Enable all TLS Extensions (default: disabled)], @@ -1212,7 +1224,8 @@ then ENABLED_SNI=yes ENABLED_MAX_FRAGMENT=yes ENABLED_TRUNCATED_HMAC=yes - AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC" + ENABLED_RENEGOTIATION_INDICATION=yes + AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC -DHAVE_RENEGOTIATION_INDICATION" fi # PKCS7 @@ -1613,6 +1626,7 @@ echo " * NTRU: $ENABLED_NTRU" echo " * SNI: $ENABLED_SNI" echo " * Maximum Fragment Length: $ENABLED_MAX_FRAGMENT" echo " * Truncated HMAC: $ENABLED_TRUNCATED_HMAC" +echo " * Renegotiation Indication: $ENABLED_RENEGOTIATION_INDICATION" echo " * All TLS Extensions: $ENABLED_TLSX" echo " * PKCS#7 $ENABLED_PKCS7" echo " * valgrind unit tests: $ENABLED_VALGRIND" diff --git a/cyassl/internal.h b/cyassl/internal.h index 4adbfd1ed..085d2a393 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -483,7 +483,6 @@ enum { TLS_RSA_WITH_AES_256_CBC_B2B256 = 0xF9, TLS_RSA_WITH_HC_128_B2B256 = 0xFA, /* eSTREAM too */ - /* CyaSSL extension - NTRU */ TLS_NTRU_RSA_WITH_RC4_128_SHA = 0xe5, TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA = 0xe6, @@ -533,8 +532,10 @@ enum { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x45, TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x88, TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xbe, - TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc4 + TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc4, + /* Renegotiation Indication Extension Special Suite */ + TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0xff }; diff --git a/src/internal.c b/src/internal.c index 3aecbfe32..0f438dd1b 100644 --- a/src/internal.c +++ b/src/internal.c @@ -646,6 +646,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK, } #endif +#ifdef HAVE_RENEGOTIATION_INDICATION + if (side == CYASSL_CLIENT_END) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_EMPTY_RENEGOTIATION_INFO_SCSV; + } +#endif + #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA if (tls && haveNTRU && haveRSA) { suites->suites[idx++] = 0; From 15f94b2f988771f00077af4abca1365345fc1861 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 21 Jan 2014 11:45:15 -0800 Subject: [PATCH 104/135] 1. Resized sample PKCS7 signed data attribute. 2. Removed unnecessary PKCS7 signed data attribute. --- ctaocrypt/test/test.c | 14 ++++---------- cyassl/ctaocrypt/pkcs7.h | 1 + 2 files changed, 5 insertions(+), 10 deletions(-) diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index 9bd1ffa2b..92099ba24 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -4144,13 +4144,9 @@ int pkcs7signed_test(void) byte senderNonceOid[] = { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x05 }; - byte pkiStatusOid[] = - { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, - 0x09, 0x03 }; byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1]; byte messageType[] = { 0x13, 2, '1', '9' }; - byte senderNonce[34]; - byte pkiStatus[] = { 0x13, 1, '0' }; + byte senderNonce[PKCS7_NONCE_SZ + 2]; PKCS7Attrib attribs[] = { @@ -4159,9 +4155,7 @@ int pkcs7signed_test(void) { messageTypeOid, sizeof(messageTypeOid), messageType, sizeof(messageType) }, { senderNonceOid, sizeof(senderNonceOid), - senderNonce, sizeof(senderNonce) }, - { pkiStatusOid, sizeof(pkiStatusOid), - pkiStatus, sizeof(pkiStatus) } + senderNonce, sizeof(senderNonce) } }; dataSz = (word32) strlen(data); @@ -4203,8 +4197,8 @@ int pkcs7signed_test(void) ret = InitRng(&rng); senderNonce[0] = 0x04; - senderNonce[1] = 0x20; - RNG_GenerateBlock(&rng, &senderNonce[2], 32); + senderNonce[1] = PKCS7_NONCE_SZ; + RNG_GenerateBlock(&rng, &senderNonce[2], PKCS7_NONCE_SZ); PKCS7_InitWithCert(&msg, certDer, certDerSz); msg.privateKey = keyDer; diff --git a/cyassl/ctaocrypt/pkcs7.h b/cyassl/ctaocrypt/pkcs7.h index 5d5d801d6..8ff9c281f 100644 --- a/cyassl/ctaocrypt/pkcs7.h +++ b/cyassl/ctaocrypt/pkcs7.h @@ -47,6 +47,7 @@ enum PKCS7_TYPES { }; enum Pkcs7_Misc { + PKCS7_NONCE_SZ = 16, MAX_ENCRYPTED_KEY_SZ = 512, /* max enc. key size, RSA <= 4096 */ MAX_CONTENT_KEY_LEN = DES3_KEYLEN, /* highest current cipher is 3DES */ MAX_RECIP_SZ = MAX_VERSION_SZ + From 38c2373c4f2aa7163cbb7c219d4b290b761e7862 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 21 Jan 2014 22:11:21 -0800 Subject: [PATCH 105/135] PKCS7_VerifySignedData() also saves pointer to signed data. --- ctaocrypt/src/pkcs7.c | 28 ++++++++++++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index 67db28ad4..edf986c30 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -604,8 +604,32 @@ int PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) return ASN_PARSE_E; - /* Skip the seqeunce. */ - idx += length; + /* Get the inner ContentInfo contentType */ + if (GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (contentType != DATA) { + CYASSL_MSG("PKCS#7 inner input not of type Data"); + return PKCS7_OID_E; + } + + b = pkiMsg[idx++]; + if (b != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) + return ASN_PARSE_E; + + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + b = pkiMsg[idx++]; + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Save the inner data as the content. */ + if (length > 0) { + pkcs7->content = &pkiMsg[idx]; + pkcs7->contentSz = length; + idx += length; + } b = pkiMsg[idx]; /* Get the implicit[0] set of certificates */ From 9f8dcccc610ef7e9ff521c49b0414d27ae8f9ea1 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Wed, 22 Jan 2014 15:26:43 -0700 Subject: [PATCH 106/135] PKCS7_DecodeEnvelopedData, RsaPrivateDecryptInline can return 0 upon error --- ctaocrypt/src/pkcs7.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index edf986c30..8db8c5f97 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -1183,7 +1183,7 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, /* decrypt encryptedKey */ keySz = RsaPrivateDecryptInline(encryptedKey, encryptedKeySz, &decryptedKey, &privKey); - if (keySz < 0) + if (keySz <= 0) return keySz; /* decrypt encryptedContent */ From 0972fbbf9d384c0e4651849fa595364961a32288 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Thu, 23 Jan 2014 11:24:50 -0800 Subject: [PATCH 107/135] PKCS7_VerifySignedMessage() decodes more of the message and performs an RSA verify on it. --- ctaocrypt/src/pkcs7.c | 163 ++++++++++++++++++++++++++++++++++++------ 1 file changed, 142 insertions(+), 21 deletions(-) diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index edf986c30..e9a797491 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -228,7 +228,7 @@ typedef struct EncodedAttrib { typedef struct ESD { Sha sha; byte contentDigest[SHA_DIGEST_SIZE + 2]; /* content only + ASN.1 heading */ - byte contentAttribsDigest[SHA_DIGEST_SIZE]; /* content + attribs */ + byte contentAttribsDigest[SHA_DIGEST_SIZE]; byte encContentDigest[512]; byte outerSeq[MAX_SEQ_SZ]; @@ -417,17 +417,40 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) int result; word32 scratch = 0; + byte digestInfo[MAX_SEQ_SZ + MAX_ALGO_SZ + + MAX_OCTET_STR_SZ + SHA_DIGEST_SIZE]; + byte digestInfoSeq[MAX_SEQ_SZ]; + byte digestStr[MAX_OCTET_STR_SZ]; + word32 digestInfoSeqSz, digestStrSz; + int digIdx = 0; + if (pkcs7->signedAttribsSz != 0) { byte attribSet[MAX_SET_SZ]; word32 attribSetSz; attribSetSz = SetSet(flatSignedAttribsSz, attribSet); + InitSha(&esd.sha); ShaUpdate(&esd.sha, attribSet, attribSetSz); ShaUpdate(&esd.sha, flatSignedAttribs, flatSignedAttribsSz); } ShaFinal(&esd.sha, esd.contentAttribsDigest); + digestStrSz = SetOctetString(SHA_DIGEST_SIZE, digestStr); + digestInfoSeqSz = SetSequence(esd.signerDigAlgoIdSz + + digestStrSz + SHA_DIGEST_SIZE, + digestInfoSeq); + + XMEMCPY(digestInfo + digIdx, digestInfoSeq, digestInfoSeqSz); + digIdx += digestInfoSeqSz; + XMEMCPY(digestInfo + digIdx, + esd.signerDigAlgoId, esd.signerDigAlgoIdSz); + digIdx += esd.signerDigAlgoIdSz; + XMEMCPY(digestInfo + digIdx, digestStr, digestStrSz); + digIdx += digestStrSz; + XMEMCPY(digestInfo + digIdx, esd.contentAttribsDigest, SHA_DIGEST_SIZE); + digIdx += SHA_DIGEST_SIZE; + InitRsaKey(&privKey, NULL); result = RsaPrivateKeyDecode(pkcs7->privateKey, &scratch, &privKey, pkcs7->privateKeySz); @@ -435,11 +458,9 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) XFREE(flatSignedAttribs, 0, NULL); return PUBLIC_KEY_E; } - result = RsaSSL_Sign(esd.contentAttribsDigest, - sizeof(esd.contentAttribsDigest), - esd.encContentDigest, - sizeof(esd.encContentDigest), &privKey, - pkcs7->rng); + result = RsaSSL_Sign(digestInfo, digIdx, + esd.encContentDigest, sizeof(esd.encContentDigest), + &privKey, pkcs7->rng); FreeRsaKey(&privKey); if (result < 0) { XFREE(flatSignedAttribs, 0, NULL); @@ -553,7 +574,11 @@ int PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) { word32 idx, contentType; int length, version; - byte b; + byte* content = NULL; + byte* sig = NULL; + byte* cert = NULL; + byte* signedAttr = NULL; + int contentSz = 0, sigSz = 0, certSz = 0, signedAttrSz = 0; if (pkcs7 == NULL || pkiMsg == NULL || pkiMsgSz == 0) return BAD_FUNC_ARG; @@ -613,27 +638,27 @@ int PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) return PKCS7_OID_E; } - b = pkiMsg[idx++]; - if (b != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) + if (pkiMsg[idx++] != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) return ASN_PARSE_E; if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) return ASN_PARSE_E; - b = pkiMsg[idx++]; + if (pkiMsg[idx++] != ASN_OCTET_STRING) + return ASN_PARSE_E; + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) return ASN_PARSE_E; /* Save the inner data as the content. */ if (length > 0) { - pkcs7->content = &pkiMsg[idx]; - pkcs7->contentSz = length; + content = &pkiMsg[idx]; + contentSz = length; idx += length; } - b = pkiMsg[idx]; /* Get the implicit[0] set of certificates */ - if (b == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) { + if (pkiMsg[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) { idx++; if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) return ASN_PARSE_E; @@ -647,18 +672,114 @@ int PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) word32 certIdx = idx; - b = pkiMsg[certIdx++]; - if (b == (ASN_CONSTRUCTED | ASN_SEQUENCE)) { - int certSz; - + if (pkiMsg[certIdx++] == (ASN_CONSTRUCTED | ASN_SEQUENCE)) { if (GetLength(pkiMsg, &certIdx, &certSz, pkiMsgSz) < 0) return ASN_PARSE_E; - pkcs7->singleCert = &pkiMsg[idx]; - pkcs7->singleCertSz = certSz + (certIdx - idx); - return 1; + cert = &pkiMsg[idx]; + certSz += (certIdx - idx); } } + idx += length; + } + + /* Get the implicit[1] set of crls */ + if (pkiMsg[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1)) { + idx++; + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Skip the set */ + idx += length; + } + + /* Get the set of signerInfos */ + if (GetSet(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Get the sequence of the first signerInfo */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Get the version */ + if (GetMyVersion(pkiMsg, &idx, &version) < 0) + return ASN_PARSE_E; + + if (version != 1) { + CYASSL_MSG("PKCS#7 signerInfo needs to be of version 1"); + return ASN_VERSION_E; + } + + /* Get the sequence of IssuerAndSerialNumber */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Skip it */ + idx += length; + + /* Get the sequence of digestAlgorithm */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Skip it */ + idx += length; + + /* Get the IMPLICIT[0] SET OF signedAttributes */ + if (pkiMsg[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) { + idx++; + + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* save pointer and length */ + signedAttr = &pkiMsg[idx]; + signedAttrSz = length; + + idx += length; + } + + /* Get the sequence of digestEncryptionAlgorithm */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Skip it */ + idx += length; + + /* Get the signature */ + if (pkiMsg[idx] == ASN_OCTET_STRING) { + idx++; + + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* save pointer and length */ + sig = &pkiMsg[idx]; + sigSz = length; + + idx += length; + } + + { + RsaKey key; + word32 scratch = 0; + int plainSz = 0; + byte digest[MAX_SEQ_SZ+MAX_ALGO_SZ+MAX_OCTET_STR_SZ+SHA_DIGEST_SIZE]; + + XMEMSET(digest, 0, sizeof(digest)); + PKCS7_InitWithCert(pkcs7, cert, certSz); + pkcs7->content = content; + pkcs7->contentSz = contentSz; + + InitRsaKey(&key, NULL); + if (RsaPublicKeyDecode(pkcs7->publicKey, &scratch, &key, + pkcs7->publicKeySz) < 0) { + CYASSL_MSG("ASN RSA key decode error"); + return PUBLIC_KEY_E; + } + plainSz = RsaSSL_Verify(sig, sigSz, digest, sizeof(digest), &key); + FreeRsaKey(&key); + if (plainSz < 0) + return plainSz; } return 0; From 45c05ffd3009e8416b71a1dd0f88b5fe3ac81f95 Mon Sep 17 00:00:00 2001 From: toddouska Date: Thu, 23 Jan 2014 12:34:27 -0800 Subject: [PATCH 108/135] add non block size AesCtr support --- ctaocrypt/src/aes.c | 34 +++++++++++++++++++++++++++++++--- cyassl/ctaocrypt/aes.h | 3 +++ 2 files changed, 34 insertions(+), 3 deletions(-) diff --git a/ctaocrypt/src/aes.c b/ctaocrypt/src/aes.c index 1aea29f8c..4cb723d31 100644 --- a/ctaocrypt/src/aes.c +++ b/ctaocrypt/src/aes.c @@ -1476,6 +1476,10 @@ static int AesSetKeyLocal(Aes* aes, const byte* userKey, word32 keylen, #ifdef CYASSL_AESNI aes->use_aesni = 0; #endif /* CYASSL_AESNI */ + #ifdef CYASSL_AES_COUNTER + aes->left = 0; + #endif /* CYASSL_AES_COUNTER */ + aes->rounds = keylen/4 + 6; XMEMCPY(rk, userKey, keylen); @@ -2129,15 +2133,39 @@ static INLINE void IncrementAesCounter(byte* inOutCtr) void AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) { - word32 blocks = sz / AES_BLOCK_SIZE; + byte* tmp = (byte*)aes->tmp + AES_BLOCK_SIZE - aes->left; - while (blocks--) { + /* consume any unused bytes left in aes->tmp */ + while (aes->left && sz) { + *(out++) = *(in++) ^ *(tmp++); + aes->left--; + sz--; + } + + /* do as many block size ops as possible */ + while (sz >= AES_BLOCK_SIZE) { AesEncrypt(aes, (byte*)aes->reg, out); IncrementAesCounter((byte*)aes->reg); xorbuf(out, in, AES_BLOCK_SIZE); out += AES_BLOCK_SIZE; - in += AES_BLOCK_SIZE; + in += AES_BLOCK_SIZE; + sz -= AES_BLOCK_SIZE; + aes->left = 0; + } + + /* handle non block size remaining and sotre unused byte count in left */ + if (sz) { + AesEncrypt(aes, (byte*)aes->reg, (byte*)aes->tmp); + IncrementAesCounter((byte*)aes->reg); + + aes->left = AES_BLOCK_SIZE; + tmp = (byte*)aes->tmp; + + while (sz--) { + *(out++) = *(in++) ^ *(tmp++); + aes->left--; + } } } diff --git a/cyassl/ctaocrypt/aes.h b/cyassl/ctaocrypt/aes.h index 37861903e..e280e006b 100644 --- a/cyassl/ctaocrypt/aes.h +++ b/cyassl/ctaocrypt/aes.h @@ -92,6 +92,9 @@ typedef struct Aes { word32 magic; /* using cavium magic */ word64 contextHandle; /* nitrox context memory handle */ #endif +#ifdef CYASSL_AES_COUNTER + word32 left; /* unsued bytes left from last call */ +#endif } Aes; From 43199cd573b992351b0676a5f4414807a67404ba Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Thu, 23 Jan 2014 14:48:18 -0700 Subject: [PATCH 109/135] PKCS7_DecodeEnvelopedData, only do ParseCert once in PKCS7_InitWithCert --- ctaocrypt/src/pkcs7.c | 13 ++----------- cyassl/ctaocrypt/pkcs7.h | 23 ++++++++++++----------- 2 files changed, 14 insertions(+), 22 deletions(-) diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index 8db8c5f97..96904c392 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -166,6 +166,7 @@ int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz) } XMEMCPY(pkcs7->publicKey, dCert.publicKey, dCert.pubKeySize); pkcs7->publicKeySz = dCert.pubKeySize; + XMEMCPY(pkcs7->issuerHash, dCert.issuerHash, SHA_SIZE); pkcs7->issuer = dCert.issuerRaw; pkcs7->issuerSz = dCert.issuerRawLen; XMEMCPY(pkcs7->issuerSn, dCert.serial, dCert.serialSz); @@ -1005,8 +1006,6 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, byte issuerHash[SHA_DIGEST_SIZE]; mp_int serialNum; - DecodedCert decoded; - int encryptedKeySz, keySz; byte tmpIv[DES_BLOCK_SIZE]; byte encryptedKey[MAX_ENCRYPTED_KEY_SZ]; @@ -1026,14 +1025,6 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, output == NULL || outputSz == 0) return BAD_FUNC_ARG; - /* parse recipient cert */ - InitDecodedCert(&decoded, pkcs7->singleCert, pkcs7->singleCertSz, 0); - ret = ParseCert(&decoded, CA_TYPE, NO_VERIFY, 0); - if (ret < 0) { - FreeDecodedCert(&decoded); - return ret; - } - /* load private key */ InitRsaKey(&privKey, 0); ret = RsaPrivateKeyDecode(pkcs7->privateKey, &idx, &privKey, @@ -1109,7 +1100,7 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, return ASN_PARSE_E; /* if we found correct recipient, issuer hashes will match */ - if (XMEMCMP(issuerHash, decoded.issuerHash, SHA_DIGEST_SIZE) == 0) { + if (XMEMCMP(issuerHash, pkcs7->issuerHash, SHA_DIGEST_SIZE) == 0) { recipFound = 1; } diff --git a/cyassl/ctaocrypt/pkcs7.h b/cyassl/ctaocrypt/pkcs7.h index 8ff9c281f..b4313f399 100644 --- a/cyassl/ctaocrypt/pkcs7.h +++ b/cyassl/ctaocrypt/pkcs7.h @@ -65,25 +65,26 @@ typedef struct PKCS7Attrib { typedef struct PKCS7 { - byte* content; /* inner content, not owner */ - word32 contentSz; /* content size */ - int contentOID; /* PKCS#7 content type OID sum */ + byte* content; /* inner content, not owner */ + word32 contentSz; /* content size */ + int contentOID; /* PKCS#7 content type OID sum */ RNG* rng; int hashOID; - int encryptOID; /* key encryption algorithm OID */ + int encryptOID; /* key encryption algorithm OID */ - byte* singleCert; /* recipient cert, DER, not owner */ + byte* singleCert; /* recipient cert, DER, not owner */ word32 singleCertSz; /* size of recipient cert buffer, bytes */ - byte* issuer; /* issuer name of singleCert */ - word32 issuerSz; /* length of issuer name */ - byte issuerSn[MAX_SN_SZ]; /* singleCert's serial number */ - word32 issuerSnSz; /* length of serial number */ + byte issuerHash[SHA_SIZE]; /* hash of all alt Names */ + byte* issuer; /* issuer name of singleCert */ + word32 issuerSz; /* length of issuer name */ + byte issuerSn[MAX_SN_SZ]; /* singleCert's serial number */ + word32 issuerSnSz; /* length of serial number */ byte publicKey[512]; word32 publicKeySz; - byte* privateKey; /* private key, DER, not owner */ - word32 privateKeySz; /* size of private key buffer, bytes */ + byte* privateKey; /* private key, DER, not owner */ + word32 privateKeySz; /* size of private key buffer, bytes */ PKCS7Attrib* signedAttribs; word32 signedAttribsSz; From 18365df209b15a7ebb3090c79f8423403a582d20 Mon Sep 17 00:00:00 2001 From: toddouska Date: Thu, 23 Jan 2014 15:18:42 -0800 Subject: [PATCH 110/135] add non block length test case, including test again, to aes ctr --- ctaocrypt/test/test.c | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index 92099ba24..293879c03 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -1916,6 +1916,12 @@ int aes_test(void) 0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee }; + const byte oddCipher[] = + { + 0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0, + 0xc2 + }; + AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); /* Ctr only uses encrypt, even on key setup */ AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); @@ -1928,6 +1934,30 @@ int aes_test(void) if (memcmp(cipher, ctrCipher, AES_BLOCK_SIZE*4)) return -67; + + /* let's try with just 9 bytes, non block size test */ + AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); + /* Ctr only uses encrypt, even on key setup */ + AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); + + AesCtrEncrypt(&enc, cipher, ctrPlain, 9); + AesCtrEncrypt(&dec, plain, cipher, 9); + + if (memcmp(plain, ctrPlain, 9)) + return -68; + + if (memcmp(cipher, ctrCipher, 9)) + return -69; + + /* and an additional 9 bytes to reuse tmp left buffer */ + AesCtrEncrypt(&enc, cipher, ctrPlain, 9); + AesCtrEncrypt(&dec, plain, cipher, 9); + + if (memcmp(plain, ctrPlain, 9)) + return -70; + + if (memcmp(cipher, oddCipher, 9)) + return -71; } #endif /* CYASSL_AES_COUNTER */ From 1dac5d28e37cf1381365f3c96e548b33d00338c3 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 24 Jan 2014 12:14:53 -0800 Subject: [PATCH 111/135] Allow PKCS7_VerifyDecodedData to have an empty set of SignerInfos. Save first certificate. --- ctaocrypt/src/pkcs7.c | 133 +++++++++++++++++++++--------------------- 1 file changed, 67 insertions(+), 66 deletions(-) diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index f025c8e0b..25395de35 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -653,8 +653,9 @@ int PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) /* Save the inner data as the content. */ if (length > 0) { - content = &pkiMsg[idx]; - contentSz = length; + /* Local pointer for calculating hashes later */ + pkcs7->content = content = &pkiMsg[idx]; + pkcs7->contentSz = contentSz = length; idx += length; } @@ -680,6 +681,7 @@ int PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) cert = &pkiMsg[idx]; certSz += (certIdx - idx); } + PKCS7_InitWithCert(pkcs7, cert, certSz); } idx += length; } @@ -698,76 +700,75 @@ int PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) if (GetSet(pkiMsg, &idx, &length, pkiMsgSz) < 0) return ASN_PARSE_E; - /* Get the sequence of the first signerInfo */ - if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) - return ASN_PARSE_E; - - /* Get the version */ - if (GetMyVersion(pkiMsg, &idx, &version) < 0) - return ASN_PARSE_E; - - if (version != 1) { - CYASSL_MSG("PKCS#7 signerInfo needs to be of version 1"); - return ASN_VERSION_E; - } - - /* Get the sequence of IssuerAndSerialNumber */ - if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) - return ASN_PARSE_E; - - /* Skip it */ - idx += length; - - /* Get the sequence of digestAlgorithm */ - if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) - return ASN_PARSE_E; - - /* Skip it */ - idx += length; - - /* Get the IMPLICIT[0] SET OF signedAttributes */ - if (pkiMsg[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) { - idx++; - - if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) - return ASN_PARSE_E; - - /* save pointer and length */ - signedAttr = &pkiMsg[idx]; - signedAttrSz = length; - - idx += length; - } - - /* Get the sequence of digestEncryptionAlgorithm */ - if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) - return ASN_PARSE_E; - - /* Skip it */ - idx += length; - - /* Get the signature */ - if (pkiMsg[idx] == ASN_OCTET_STRING) { - idx++; - - if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) - return ASN_PARSE_E; - - /* save pointer and length */ - sig = &pkiMsg[idx]; - sigSz = length; - - idx += length; - } - - { + if (length > 0) { RsaKey key; word32 scratch = 0; int plainSz = 0; byte digest[MAX_SEQ_SZ+MAX_ALGO_SZ+MAX_OCTET_STR_SZ+SHA_DIGEST_SIZE]; + /* Get the sequence of the first signerInfo */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Get the version */ + if (GetMyVersion(pkiMsg, &idx, &version) < 0) + return ASN_PARSE_E; + + if (version != 1) { + CYASSL_MSG("PKCS#7 signerInfo needs to be of version 1"); + return ASN_VERSION_E; + } + + /* Get the sequence of IssuerAndSerialNumber */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Skip it */ + idx += length; + + /* Get the sequence of digestAlgorithm */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Skip it */ + idx += length; + + /* Get the IMPLICIT[0] SET OF signedAttributes */ + if (pkiMsg[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) { + idx++; + + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* save pointer and length */ + signedAttr = &pkiMsg[idx]; + signedAttrSz = length; + + idx += length; + } + + /* Get the sequence of digestEncryptionAlgorithm */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Skip it */ + idx += length; + + /* Get the signature */ + if (pkiMsg[idx] == ASN_OCTET_STRING) { + idx++; + + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* save pointer and length */ + sig = &pkiMsg[idx]; + sigSz = length; + + idx += length; + } + XMEMSET(digest, 0, sizeof(digest)); - PKCS7_InitWithCert(pkcs7, cert, certSz); pkcs7->content = content; pkcs7->contentSz = contentSz; From 5945723d877a8293d1cc0ccbc8fdd259881a4103 Mon Sep 17 00:00:00 2001 From: toddouska Date: Fri, 24 Jan 2014 13:15:26 -0800 Subject: [PATCH 112/135] linux pkcs7 build fixes --- ctaocrypt/src/pkcs7.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index 25395de35..44382e2f6 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -581,6 +581,9 @@ int PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) byte* signedAttr = NULL; int contentSz = 0, sigSz = 0, certSz = 0, signedAttrSz = 0; + (void)signedAttr; /* not used yet, just set */ + (void)signedAttrSz; + if (pkcs7 == NULL || pkiMsg == NULL || pkiMsgSz == 0) return BAD_FUNC_ARG; From 21c9eb7b22e9695d1f8f5d05230876f33aa7e1b5 Mon Sep 17 00:00:00 2001 From: toddouska Date: Fri, 24 Jan 2014 13:58:20 -0800 Subject: [PATCH 113/135] fix forgotten leading 0 on SetRsaPublicKey --- ctaocrypt/src/asn.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index 29c54fc1c..b528d844a 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -4020,6 +4020,7 @@ static int SetRsaPublicKey(byte* output, RsaKey* key) int idx; int rawLen; int leadingBit; + int err; /* n */ leadingBit = mp_leading_bit(&key->n); @@ -4028,7 +4029,9 @@ static int SetRsaPublicKey(byte* output, RsaKey* key) nSz = SetLength(rawLen, n + 1) + 1; /* int tag */ if ( (nSz + rawLen) < (int)sizeof(n)) { - int err = mp_to_unsigned_bin(&key->n, n + nSz + leadingBit); + if (leadingBit) + n[nSz] = 0; + err = mp_to_unsigned_bin(&key->n, n + nSz + leadingBit); if (err == MP_OKAY) nSz += rawLen; else @@ -4044,7 +4047,9 @@ static int SetRsaPublicKey(byte* output, RsaKey* key) eSz = SetLength(rawLen, e + 1) + 1; /* int tag */ if ( (eSz + rawLen) < (int)sizeof(e)) { - int err = mp_to_unsigned_bin(&key->e, e + eSz + leadingBit); + if (leadingBit) + e[eSz] = 0; + err = mp_to_unsigned_bin(&key->e, e + eSz + leadingBit); if (err == MP_OKAY) eSz += rawLen; else From c0f9780c70a91779b794041008714c9bd0b14ec3 Mon Sep 17 00:00:00 2001 From: toddouska Date: Fri, 24 Jan 2014 14:08:14 -0800 Subject: [PATCH 114/135] fix challenge pwd init bug --- ctaocrypt/src/asn.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index b528d844a..b2771828f 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -3893,6 +3893,10 @@ void InitCert(Cert* cert) cert->subject.unit[0] = '\0'; cert->subject.commonName[0] = '\0'; cert->subject.email[0] = '\0'; + +#ifdef CYASSL_CERT_REQ + cert->challengePw[0] ='\0'; +#endif } From cfa90071999e2b95de03ac55e140d7e2d95ffc41 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Mon, 27 Jan 2014 11:35:43 -0800 Subject: [PATCH 115/135] 1. Bumped release version in configure.ac. 2. Added enable option for SCEP. Enables prereqs. 3. Added CyaSSL_wolfSCEP() for ac to test for CyaSSL SCEP. --- configure.ac | 38 +++++++++++++++++++++++++++++++++++++- cyassl/ssl.h | 5 +++++ cyassl/version.h | 4 ++-- src/ssl.c | 6 ++++++ 4 files changed, 50 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 20c4253f3..eda0bd416 100644 --- a/configure.ac +++ b/configure.ac @@ -6,7 +6,7 @@ # # -AC_INIT([cyassl],[2.8.5],[https://github.com/cyassl/cyassl/issues],[cyassl],[http://www.yassl.com]) +AC_INIT([cyassl],[2.8.6],[https://github.com/cyassl/cyassl/issues],[cyassl],[http://www.yassl.com]) AC_CONFIG_AUX_DIR([build-aux]) @@ -1242,6 +1242,41 @@ fi AM_CONDITIONAL([BUILD_PKCS7], [test "x$ENABLED_PKCS7" = "xyes"]) + +# Simple Certificate Enrollment Protocol (SCEP) +AC_ARG_ENABLE([scep], + [ --enable-scep Enable wolfSCEP (default: disabled)], + [ ENABLED_WOLFSCEP=$enableval ], + [ ENABLED_WOLFSCEP=no ] + ) +if test "$ENABLED_WOLFSCEP" = "yes" +then + # Enable prereqs if not already enabled + if test "x$ENABLED_KEYGEN" = "xno" + then + ENABLED_KEYGEN="yes" + AM_CFLAGS="$AM_CFLAGS -DCYASSL_KEY_GEN" + fi + if test "x$ENABLED_CERTGEN" = "xno" + then + ENABLED_CERTGEN="yes" + AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_GEN" + fi + if test "x$ENABLED_CERTREQ" = "xno" + then + ENABLED_CERTREQ="yes" + AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_REQ" + fi + if test "x$ENABLED_PKCS7" = "xno" + then + ENABLED_PKCS7="yes" + AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7" + AM_CONDITIONAL([BUILD_PKCS7], [test "x$ENABLED_PKCS7" = "xyes"]) + fi + AM_CFLAGS="$AM_CFLAGS -DCYASSL_HAVE_WOLFSCEP" +fi + + #valgrind AC_ARG_ENABLE([valgrind], [ --enable-valgrind Enable valgrind for unit tests (default: disabled)], @@ -1629,6 +1664,7 @@ echo " * Truncated HMAC: $ENABLED_TRUNCATED_HMAC" echo " * Renegotiation Indication: $ENABLED_RENEGOTIATION_INDICATION" echo " * All TLS Extensions: $ENABLED_TLSX" echo " * PKCS#7 $ENABLED_PKCS7" +echo " * wolfSCEP $ENABLED_WOLFSCEP" echo " * valgrind unit tests: $ENABLED_VALGRIND" echo " * LIBZ: $ENABLED_LIBZ" echo " * Examples: $ENABLED_EXAMPLES" diff --git a/cyassl/ssl.h b/cyassl/ssl.h index 2b5f44273..049e0d5eb 100644 --- a/cyassl/ssl.h +++ b/cyassl/ssl.h @@ -1262,6 +1262,11 @@ CYASSL_API int CyaSSL_accept_ex(CYASSL*, HandShakeCallBack, TimeoutCallBack, #endif /* CYASSL_CALLBACKS */ +#ifdef CYASSL_HAVE_WOLFSCEP +CYASSL_API void CyaSSL_wolfSCEP(void); +#endif /* CYASSL_HAVE_WOLFSCEP */ + + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/cyassl/version.h b/cyassl/version.h index 96207f8fa..192ff9874 100644 --- a/cyassl/version.h +++ b/cyassl/version.h @@ -26,8 +26,8 @@ extern "C" { #endif -#define LIBCYASSL_VERSION_STRING "2.8.5" -#define LIBCYASSL_VERSION_HEX 0x02008005 +#define LIBCYASSL_VERSION_STRING "2.8.6" +#define LIBCYASSL_VERSION_HEX 0x02008006 #ifdef __cplusplus } diff --git a/src/ssl.c b/src/ssl.c index 3b5230619..e12e66f9e 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -11340,3 +11340,9 @@ void* CyaSSL_GetRsaDecCtx(CYASSL* ssl) #endif /* HAVE_PK_CALLBACKS */ #endif /* NO_CERTS */ + +#ifdef CYASSL_HAVE_WOLFSCEP + /* Used by autoconf to see if wolfSCEP is available */ + void CyaSSL_wolfSCEP(void) {} +#endif + From e040e0ba7ab42323a66c7abfa3c2927c2ca0ab94 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 27 Jan 2014 12:50:29 -0800 Subject: [PATCH 116/135] fix scep 32 --- ctaocrypt/src/integer.c | 2 +- cyassl/ctaocrypt/integer.h | 5 +---- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/ctaocrypt/src/integer.c b/ctaocrypt/src/integer.c index d3cb044b8..88e16d57c 100644 --- a/ctaocrypt/src/integer.c +++ b/ctaocrypt/src/integer.c @@ -3765,7 +3765,7 @@ int mp_sqrmod (mp_int * a, mp_int * b, mp_int * c) #endif -#if defined(HAVE_ECC) || !defined(NO_PWDBASED) || defined(CYASSL_SNIFFER) +#if defined(HAVE_ECC) || !defined(NO_PWDBASED) || defined(CYASSL_SNIFFER) || defined(CYASSL_HAVE_WOLFSCEP) /* single digit addition */ int mp_add_d (mp_int* a, mp_digit b, mp_int* c) diff --git a/cyassl/ctaocrypt/integer.h b/cyassl/ctaocrypt/integer.h index 2f7ab84fa..707eff7bf 100644 --- a/cyassl/ctaocrypt/integer.h +++ b/cyassl/ctaocrypt/integer.h @@ -286,6 +286,7 @@ int mp_2expt (mp_int * a, int b); int mp_reduce_2k_setup(mp_int *a, mp_digit *d); int mp_add_d (mp_int* a, mp_digit b, mp_int* c); int mp_set_int (mp_int * a, unsigned long b); +int mp_sub_d (mp_int * a, mp_digit b, mp_int * c); /* end support added functions */ /* added */ @@ -305,10 +306,6 @@ int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e, int mp_lcm (mp_int * a, mp_int * b, mp_int * c); #endif -#if defined(HAVE_ECC) || !defined(NO_PWDBASED) || defined(CYASSL_SNIFFER) - int mp_sub_d (mp_int * a, mp_digit b, mp_int * c); -#endif - #ifdef __cplusplus } #endif From 2084e9869d9fb32499514cf9d0ead43982ffea05 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 27 Jan 2014 16:29:15 -0800 Subject: [PATCH 117/135] fix pkcs7 leaks with normal math --- ctaocrypt/src/pkcs7.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index 44382e2f6..d1f79eefb 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -862,6 +862,7 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz, *keyEncSz = RsaPublicEncrypt(contentKeyPlain, blockKeySz, contentKeyEnc, MAX_ENCRYPTED_KEY_SZ, &pubKey, rng); + FreeRsaKey(&pubKey); if (*keyEncSz < 0) { CYASSL_MSG("RSA Public Encrypt failed"); return *keyEncSz; @@ -1231,6 +1232,7 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, if (GetInt(&serialNum, pkiMsg, &idx, pkiMsgSz) < 0) return ASN_PARSE_E; + mp_clear(&serialNum); if (GetAlgoId(pkiMsg, &idx, &encOID, pkiMsgSz) < 0) return ASN_PARSE_E; @@ -1299,6 +1301,7 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, /* decrypt encryptedKey */ keySz = RsaPrivateDecryptInline(encryptedKey, encryptedKeySz, &decryptedKey, &privKey); + FreeRsaKey(&privKey); if (keySz <= 0) return keySz; From 60cddecd9ccb2b3f9bdfcbe6a6f34d593305db20 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 27 Jan 2014 20:04:14 -0800 Subject: [PATCH 118/135] remove mcheck from --enable-debug, not thread safe --- m4/ax_debug.m4 | 1 - 1 file changed, 1 deletion(-) diff --git a/m4/ax_debug.m4 b/m4/ax_debug.m4 index 5522d7215..5ea3c3594 100644 --- a/m4/ax_debug.m4 +++ b/m4/ax_debug.m4 @@ -52,7 +52,6 @@ AC_DEFUN([AX_DEBUG], [Add debug code/turns off optimizations (yes|no) @<:@default=no@:>@])], [ax_enable_debug=yes AC_DEFINE([DEBUG],[1],[Define to 1 to enable debugging code.]) - AX_CHECK_LIBRARY([MCHECK],[mcheck.h],[mcheck],[AX_APPEND_LINK_FLAGS([-lmcheck])]) AX_ADD_AM_MACRO([--debug],[AM_YFLAGS]) AX_ADD_AM_MACRO([-D_GLIBCXX_DEBUG],[AM_CPPFLAGS])], [ax_enable_debug=no From 42ad70591ab463fffe419ce07f3bd2a7995a54f1 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Tue, 28 Jan 2014 10:28:19 -0700 Subject: [PATCH 119/135] prevent XFREE from freeing NULL pointer under Freescale MQX --- cyassl/ctaocrypt/settings.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cyassl/ctaocrypt/settings.h b/cyassl/ctaocrypt/settings.h index 0ca3f350e..22dea06d0 100644 --- a/cyassl/ctaocrypt/settings.h +++ b/cyassl/ctaocrypt/settings.h @@ -332,8 +332,8 @@ #include "mutex.h" #endif - #define XMALLOC(s, h, type) (void *)_mem_alloc_system((s)) - #define XFREE(p, h, type) _mem_free(p) + #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s)) + #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));} /* Note: MQX has no realloc, using fastmath above */ #endif From 631cfbcf272db5468bcc4b27822735aec2612ebe Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 28 Jan 2014 11:57:49 -0800 Subject: [PATCH 120/135] fix output size check bug --- ctaocrypt/src/asn.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index b2771828f..d1c82f8e1 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -5273,7 +5273,8 @@ int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, mp_int* s) int sLen = mp_unsigned_bin_size(s); int err; - if (*outLen < (rLen + sLen + headerSz + 2)) /* SEQ_TAG + LEN(ENUM) */ + if (*outLen < (rLen + rLeadingZero + sLen + sLeadingZero + + headerSz + 2)) /* SEQ_TAG + LEN(ENUM) */ return BAD_FUNC_ARG; idx = SetSequence(rLen+rLeadingZero+sLen+sLeadingZero+headerSz, out); From 2fe847767987fa27ae3b05351dab6daa4f848250 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 28 Jan 2014 12:22:16 -0800 Subject: [PATCH 121/135] fix `make distcheck` --- tests/unit.c | 2 +- testsuite/testsuite.c | 15 ++++++++++----- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/tests/unit.c b/tests/unit.c index 8183b82ca..f1926f2e9 100644 --- a/tests/unit.c +++ b/tests/unit.c @@ -27,7 +27,7 @@ int main(int argc, char** argv) err_sys("Cavium OpenNitroxDevice failed"); #endif /* HAVE_CAVIUM */ - if (CurrentDir("tests")) + if (CurrentDir("tests") || CurrentDir("_build")) ChangeDirBack(1); else if (CurrentDir("Debug") || CurrentDir("Release")) ChangeDirBack(3); diff --git a/testsuite/testsuite.c b/testsuite/testsuite.c index 43f2d5300..6d6cc8921 100644 --- a/testsuite/testsuite.c +++ b/testsuite/testsuite.c @@ -51,11 +51,16 @@ enum { NUMARGS = 3 }; +#ifndef USE_WINDOWS_API + const char outputName[] = "/tmp/output"; +#else + const char outputName[] = "output"; +#endif + int myoptind = 0; char* myoptarg = NULL; - int main(int argc, char** argv) { func_args server_args; @@ -79,7 +84,7 @@ int main(int argc, char** argv) CyaSSL_Debugging_ON(); #endif - if (CurrentDir("testsuite")) + if (CurrentDir("testsuite") || CurrentDir("_build")) ChangeDirBack(1); else if (CurrentDir("Debug") || CurrentDir("Release")) ChangeDirBack(3); /* Xcode->Preferences->Locations->Locations*/ @@ -117,8 +122,8 @@ int main(int argc, char** argv) strcpy(echo_args.argv[0], "echoclient"); strcpy(echo_args.argv[1], "input"); - strcpy(echo_args.argv[2], "output"); - remove("output"); + strcpy(echo_args.argv[2], outputName); + remove(outputName); /* Share the signal, it has the new port number in it. */ echo_args.signal = server_args.signal; @@ -146,7 +151,7 @@ int main(int argc, char** argv) byte output[SHA256_DIGEST_SIZE]; file_test("input", input); - file_test("output", output); + file_test(outputName, output); if (memcmp(input, output, sizeof(input)) != 0) return EXIT_FAILURE; } From 12e93096182b4de85cacd8ab4ce2baea0e411e65 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 28 Jan 2014 12:30:01 -0800 Subject: [PATCH 122/135] fix Windows function name conflict --- ctaocrypt/src/coding.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/ctaocrypt/src/coding.c b/ctaocrypt/src/coding.c index ed7a54c5e..8add2d59a 100644 --- a/ctaocrypt/src/coding.c +++ b/ctaocrypt/src/coding.c @@ -149,7 +149,7 @@ const byte base64Encode[] = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', /* make sure *i (idx) won't exceed max, store and possibly escape to out, * raw means use e w/o decode, 0 on success */ -static int Escape(int escaped, byte e, byte* out, word32* i, word32 max, +static int CEscape(int escaped, byte e, byte* out, word32* i, word32 max, int raw) { int doEscape = 0; @@ -256,19 +256,19 @@ static int DoBase64_Encode(const byte* in, word32 inLen, byte* out, byte e4 = b3 & 0x3F; /* store */ - ret = Escape(escaped, e1, out, &i, *outLen, 0); + ret = CEscape(escaped, e1, out, &i, *outLen, 0); if (ret != 0) break; - ret = Escape(escaped, e2, out, &i, *outLen, 0); + ret = CEscape(escaped, e2, out, &i, *outLen, 0); if (ret != 0) break; - ret = Escape(escaped, e3, out, &i, *outLen, 0); + ret = CEscape(escaped, e3, out, &i, *outLen, 0); if (ret != 0) break; - ret = Escape(escaped, e4, out, &i, *outLen, 0); + ret = CEscape(escaped, e4, out, &i, *outLen, 0); if (ret != 0) break; inLen -= 3; if ((++n % (PEM_LINE_SZ / 4)) == 0 && inLen) { - ret = Escape(escaped, '\n', out, &i, *outLen, 1); + ret = CEscape(escaped, '\n', out, &i, *outLen, 1); if (ret != 0) break; } } @@ -284,23 +284,23 @@ static int DoBase64_Encode(const byte* in, word32 inLen, byte* out, byte e2 = ((b1 & 0x3) << 4) | (b2 >> 4); byte e3 = (b2 & 0xF) << 2; - ret = Escape(escaped, e1, out, &i, *outLen, 0); + ret = CEscape(escaped, e1, out, &i, *outLen, 0); if (ret == 0) - ret = Escape(escaped, e2, out, &i, *outLen, 0); + ret = CEscape(escaped, e2, out, &i, *outLen, 0); if (ret == 0) { /* third */ if (twoBytes) - ret = Escape(escaped, e3, out, &i, *outLen, 0); + ret = CEscape(escaped, e3, out, &i, *outLen, 0); else - ret = Escape(escaped, '=', out, &i, *outLen, 1); + ret = CEscape(escaped, '=', out, &i, *outLen, 1); } /* fourth always pad */ if (ret == 0) - ret = Escape(escaped, '=', out, &i, *outLen, 1); + ret = CEscape(escaped, '=', out, &i, *outLen, 1); } if (ret == 0) - ret = Escape(escaped, '\n', out, &i, *outLen, 1); + ret = CEscape(escaped, '\n', out, &i, *outLen, 1); if (i != outSz && escaped == 0 && ret == 0) return ASN_INPUT_E; From b2ebfe900428d7e980c93ebfd9607ee33bedd28b Mon Sep 17 00:00:00 2001 From: toddouska Date: Fri, 31 Jan 2014 10:37:11 -0800 Subject: [PATCH 123/135] determine if openssl command line tool available for testing with ocsp, if so, HAVE_OPENSSL_CMD define is set --- configure.ac | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/configure.ac b/configure.ac index eda0bd416..bea2e0e05 100644 --- a/configure.ac +++ b/configure.ac @@ -1105,6 +1105,20 @@ fi AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"]) +if test "$ENABLED_OCSP" = "yes" +then + # check openssl command tool for testing ocsp + AC_CHECK_PROG([HAVE_OPENSSL_CMD],[openssl],[yes],[no]) + + if test "$HAVE_OPENSSL_CMD" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DHAVE_OPENSSL_CMD" + else + AC_MSG_WARN([openssl command line tool not available for testing ocsp]) + fi +fi + + # CRL AC_ARG_ENABLE([crl], [ --enable-crl Enable CRL (default: disabled)], From 75ae9dc973d84e216078239caa8d8edc4dab6453 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Mon, 26 Aug 2013 12:27:58 -0300 Subject: [PATCH 124/135] added external api for Elliptic Curves Extension. --- cyassl/internal.h | 22 ++++++++++++++++++---- cyassl/ssl.h | 43 +++++++++++++++++++++++++++++++++++++++++++ src/ssl.c | 24 ++++++++++++++++++++++++ 3 files changed, 85 insertions(+), 4 deletions(-) diff --git a/cyassl/internal.h b/cyassl/internal.h index 085d2a393..f2e9558ec 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -1109,11 +1109,13 @@ typedef struct CYASSL_DTLS_CTX { typedef enum { SERVER_NAME_INDICATION = 0, MAX_FRAGMENT_LENGTH = 1, - /*CLIENT_CERTIFICATE_URL = 2, - TRUSTED_CA_KEYS = 3,*/ + /*CLIENT_CERTIFICATE_URL = 2,*/ + /*TRUSTED_CA_KEYS = 3,*/ TRUNCATED_HMAC = 4, - /*STATUS_REQUEST = 5, - SIGNATURE_ALGORITHMS = 13,*/ + /*STATUS_REQUEST = 5,*/ + ELLIPTIC_CURVES = 10, + /*EC_POINT_FORMATS = 11,*/ + /*SIGNATURE_ALGORITHMS = 13,*/ } TLSX_Type; typedef struct TLSX { @@ -1180,6 +1182,18 @@ CYASSL_LOCAL int TLSX_UseTruncatedHMAC(TLSX** extensions); #endif /* HAVE_TRUNCATED_HMAC */ +#ifdef HAVE_ELLIPTIC_CURVES + +typedef struct EllipticCurve { + word16 name; /* CurveNames */ + struct EllipticCurve* next; /* List Behavior */ + +} EllipticCurve; + +CYASSL_LOCAL int TLSX_UseEllipticCurve(TLSX** extensions, word16 name); + +#endif + #endif /* HAVE_TLS_EXTENSIONS */ /* CyaSSL context type */ diff --git a/cyassl/ssl.h b/cyassl/ssl.h index 049e0d5eb..678c1934f 100644 --- a/cyassl/ssl.h +++ b/cyassl/ssl.h @@ -1231,6 +1231,7 @@ CYASSL_API int CyaSSL_CTX_UseMaxFragment(CYASSL_CTX* ctx, unsigned char mfl); #endif /* NO_CYASSL_CLIENT */ #endif /* HAVE_MAX_FRAGMENT */ +/* Truncated HMAC */ #ifdef HAVE_TRUNCATED_HMAC #ifndef NO_CYASSL_CLIENT @@ -1240,6 +1241,48 @@ CYASSL_API int CyaSSL_CTX_UseTruncatedHMAC(CYASSL_CTX* ctx); #endif /* NO_CYASSL_CLIENT */ #endif /* HAVE_TRUNCATED_HMAC */ +/* Elliptic Curves */ +#ifdef HAVE_ELLIPTIC_CURVES + +enum { + /*CYASSL_ECC_SECT163K1 = 1,*/ + /*CYASSL_ECC_SECT163R1 = 2,*/ + /*CYASSL_ECC_SECT163R2 = 3,*/ + /*CYASSL_ECC_SECT193R1 = 4,*/ + /*CYASSL_ECC_SECT193R2 = 5,*/ + /*CYASSL_ECC_SECT233K1 = 6,*/ + /*CYASSL_ECC_SECT233R1 = 7,*/ + /*CYASSL_ECC_SECT239K1 = 8,*/ + /*CYASSL_ECC_SECT283K1 = 9,*/ + /*CYASSL_ECC_SECT283R1 = 10,*/ + /*CYASSL_ECC_SECT409K1 = 11,*/ + /*CYASSL_ECC_SECT409R1 = 12,*/ + /*CYASSL_ECC_SECT571K1 = 13,*/ + /*CYASSL_ECC_SECT571R1 = 14,*/ + /*CYASSL_ECC_SECP160K1 = 15,*/ + CYASSL_ECC_SECP160R1 = 16, + /*CYASSL_ECC_SECP160R2 = 17,*/ + /*CYASSL_ECC_SECP192K1 = 18,*/ + CYASSL_ECC_SECP192R1 = 19, + /*CYASSL_ECC_SECP224K1 = 20,*/ + CYASSL_ECC_SECP224R1 = 21, + /*CYASSL_ECC_SECP256K1 = 22,*/ + CYASSL_ECC_SECP256R1 = 23, + CYASSL_ECC_SECP384R1 = 24, + CYASSL_ECC_SECP521R1 = 25, + /*CYASSL_ECC_ARBITRARY_EXPLICIT_PRIME_CURVES = 0xFF01,*/ + /*CYASSL_ECC_ARBITRARY_EXPLICIT_CHAR2_CURVES = 0xFF02*/ +}; + +#ifndef NO_CYASSL_CLIENT + +CYASSL_API int CyaSSL_UseEllipticCurve(CYASSL* ssl, unsigned short name); +CYASSL_API int CyaSSL_CTX_UseEllipticCurve(CYASSL_CTX* ctx, + unsigned short name); + +#endif /* NO_CYASSL_CLIENT */ +#endif /* HAVE_ELLIPTIC_CURVES */ + #define CYASSL_CRL_MONITOR 0x01 /* monitor this dir flag */ #define CYASSL_CRL_START_MON 0x02 /* start monitoring flag */ diff --git a/src/ssl.c b/src/ssl.c index e12e66f9e..b1d309db2 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -622,6 +622,30 @@ int CyaSSL_CTX_UseTruncatedHMAC(CYASSL_CTX* ctx) #endif /* NO_CYASSL_CLIENT */ #endif /* HAVE_TRUNCATED_HMAC */ +/* Elliptic Curves */ +#ifdef HAVE_ELLIPTIC_CURVES +#ifndef NO_CYASSL_CLIENT + +int CyaSSL_UseEllipticCurve(CYASSL* ssl, word16 name) +{ + if (ssl == NULL) + return BAD_FUNC_ARG; + + return TLSX_UseEllipticCurve(&ssl->extensions, name); +} + +int CyaSSL_CTX_UseEllipticCurve(CYASSL_CTX* ctx, word16 name) +{ + if (ctx == NULL) + return BAD_FUNC_ARG; + + return TLSX_UseEllipticCurve(&ctx->extensions, name); +} + +#endif /* NO_CYASSL_CLIENT */ +#endif /* HAVE_ELLIPTIC_CURVES */ + + #ifndef CYASSL_LEANPSK int CyaSSL_send(CYASSL* ssl, const void* data, int sz, int flags) { From 179836ad436f3ec9804aa5836b4891a98de60579 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Mon, 26 Aug 2013 12:39:27 -0300 Subject: [PATCH 125/135] added api tests for Elliptic Curves Extensions. --- tests/api.c | 34 ++++++++++++++++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/tests/api.c b/tests/api.c index 3dadad7a1..176b08abf 100644 --- a/tests/api.c +++ b/tests/api.c @@ -56,6 +56,9 @@ static void test_CyaSSL_UseMaxFragment(void); #ifdef HAVE_TRUNCATED_HMAC static void test_CyaSSL_UseTruncatedHMAC(void); #endif /* HAVE_TRUNCATED_HMAC */ +#ifdef HAVE_ELLIPTIC_CURVES +static void test_CyaSSL_UseEllipticCurve(void); +#endif /* HAVE_ELLIPTIC_CURVES */ /* test function helpers */ static int test_method(CYASSL_METHOD *method, const char *name); @@ -116,6 +119,9 @@ int ApiTest(void) #ifdef HAVE_TRUNCATED_HMAC test_CyaSSL_UseTruncatedHMAC(); #endif /* HAVE_TRUNCATED_HMAC */ +#ifdef HAVE_ELLIPTIC_CURVES + test_CyaSSL_UseEllipticCurve(); +#endif /* HAVE_ELLIPTIC_CURVES */ test_CyaSSL_Cleanup(); printf(" End API Tests\n"); @@ -236,7 +242,6 @@ int test_CyaSSL_CTX_new(CYASSL_METHOD *method) return TEST_SUCCESS; } -#ifdef HAVE_TLS_EXTENSIONS #ifdef HAVE_SNI static void use_SNI_at_ctx(CYASSL_CTX* ctx) { @@ -537,7 +542,32 @@ static void test_CyaSSL_UseTruncatedHMAC(void) } #endif /* HAVE_TRUNCATED_HMAC */ -#endif /* HAVE_TLS_EXTENSIONS */ +#ifdef HAVE_ELLIPTIC_CURVES +static void test_CyaSSL_UseEllipticCurve(void) +{ + CYASSL_CTX *ctx = CyaSSL_CTX_new(CyaSSLv23_client_method()); + CYASSL *ssl = CyaSSL_new(ctx); + + AssertNotNull(ctx); + AssertNotNull(ssl); + +#ifndef NO_CYASSL_CLIENT + /* error cases */ + AssertIntNE(0, CyaSSL_CTX_UseEllipticCurve(NULL, CYASSL_ECC_SECP160R1)); + AssertIntNE(0, CyaSSL_CTX_UseEllipticCurve(ctx, 0)); + + AssertIntNE(0, CyaSSL_UseEllipticCurve(NULL, CYASSL_ECC_SECP160R1)); + AssertIntNE(0, CyaSSL_UseEllipticCurve(ssl, 0)); + + /* success case */ + AssertIntEQ(0, CyaSSL_CTX_UseEllipticCurve(ctx, CYASSL_ECC_SECP160R1)); + AssertIntEQ(0, CyaSSL_UseEllipticCurve(ssl, CYASSL_ECC_SECP160R1)); +#endif + + CyaSSL_free(ssl); + CyaSSL_CTX_free(ctx); +} +#endif /* HAVE_ELLIPTIC_CURVES */ #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) /* Helper for testing CyaSSL_CTX_use_certificate_file() */ From 7d2a6800f70f701a81a9c4d9408512fdef994cd4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Mon, 26 Aug 2013 12:44:50 -0300 Subject: [PATCH 126/135] added Elliptic Curves Extensions implementation and configuration. --- configure.ac | 13 +++ src/tls.c | 233 +++++++++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 239 insertions(+), 7 deletions(-) diff --git a/configure.ac b/configure.ac index bea2e0e05..f749db2cf 100644 --- a/configure.ac +++ b/configure.ac @@ -1226,6 +1226,18 @@ then AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_RENEGOTIATION_INDICATION" fi +# Elliptic Curves Extensions +AC_ARG_ENABLE([ellipticcurves], + [ --enable-ellipticcurves Enable Elliptic Curves (default: disabled)], + [ ENABLED_ELLIPTIC_CURVES=$enableval ], + [ ENABLED_ELLIPTIC_CURVES=no ] + ) + +if test "x$ENABLED_ELLIPTIC_CURVES" = "xyes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_ELLIPTIC_CURVES" +fi + # TLS Extensions AC_ARG_ENABLE([tlsx], [ --enable-tlsx Enable all TLS Extensions (default: disabled)], @@ -1676,6 +1688,7 @@ echo " * SNI: $ENABLED_SNI" echo " * Maximum Fragment Length: $ENABLED_MAX_FRAGMENT" echo " * Truncated HMAC: $ENABLED_TRUNCATED_HMAC" echo " * Renegotiation Indication: $ENABLED_RENEGOTIATION_INDICATION" +echo " * Elliptic Curves: $ENABLED_ELLIPTIC_CURVES" echo " * All TLS Extensions: $ENABLED_TLSX" echo " * PKCS#7 $ENABLED_PKCS7" echo " * wolfSCEP $ENABLED_WOLFSCEP" diff --git a/src/tls.c b/src/tls.c index 482271ba6..f96bc1035 100644 --- a/src/tls.c +++ b/src/tls.c @@ -515,6 +515,12 @@ void TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz, #ifdef HAVE_TLS_EXTENSIONS +#define IS_OFF(semaphore, light) \ + ((semaphore)[(light) / 8] ^ (byte) (0x01 << ((light) % 8))) + +#define TURN_ON(semaphore, light) \ + ((semaphore)[(light) / 8] |= (byte) (0x01 << ((light) % 8))) + static int TLSX_Append(TLSX** list, TLSX_Type type) { TLSX* extension; @@ -536,7 +542,9 @@ static int TLSX_Append(TLSX** list, TLSX_Type type) #ifndef NO_CYASSL_SERVER -static void TLSX_SetResponse(CYASSL* ssl, TLSX_Type type) +void TLSX_SetResponse(CYASSL* ssl, TLSX_Type type); + +void TLSX_SetResponse(CYASSL* ssl, TLSX_Type type) { TLSX *ext = TLSX_Find(ssl->extensions, type); @@ -1152,6 +1160,200 @@ static int TLSX_THM_Parse(CYASSL* ssl, byte* input, word16 length, #endif /* HAVE_TRUNCATED_HMAC */ +#ifdef HAVE_ELLIPTIC_CURVES + +#ifndef HAVE_ECC +#error "Elliptic Curves Extension requires Elliptic Curve Cryptography. \ +Use --enable-ecc in the configure script or define HAVE_ECC." +#endif + +static void TLSX_EllipticCurve_FreeAll(EllipticCurve* list) +{ + EllipticCurve* curve; + + while ((curve = list)) { + list = curve->next; + XFREE(curve, 0, DYNAMIC_TYPE_TLSX); + } +} + +static int TLSX_EllipticCurve_Append(EllipticCurve** list, word16 name) +{ + EllipticCurve* curve; + + if (list == NULL) + return BAD_FUNC_ARG; + + if ((curve = XMALLOC(sizeof(EllipticCurve), 0, DYNAMIC_TYPE_TLSX)) == NULL) + return MEMORY_E; + + curve->name = name; + curve->next = *list; + + *list = curve; + + return 0; +} + +#ifndef NO_CYASSL_CLIENT + +static void TLSX_EllipticCurve_ValidateRequest(CYASSL* ssl, byte* semaphore) +{ + int i; + + for (i = 0; i < ssl->suites->suiteSz; i+= 2) + if (ssl->suites->suites[i] == ECC_BYTE) + return; + + /* No elliptic curve suite found */ + TURN_ON(semaphore, ELLIPTIC_CURVES); +} + +static word16 TLSX_EllipticCurve_GetSize(EllipticCurve* list) +{ + EllipticCurve* curve; + word16 length = OPAQUE16_LEN; /* list length */ + + while ((curve = list)) { + list = curve->next; + length += OPAQUE16_LEN; /* curve length */ + } + + return length; +} + +static word16 TLSX_EllipticCurve_Write(EllipticCurve* list, byte* output) +{ + EllipticCurve* curve; + word16 offset = OPAQUE16_LEN; /* list length offset */ + + while ((curve = list)) { + list = curve->next; + + c16toa(curve->name, output + offset); /* curve name */ + offset += OPAQUE16_LEN; + } + + c16toa(offset - OPAQUE16_LEN, output); /* writing list length */ + + return offset; +} + +#endif /* NO_CYASSL_CLIENT */ +#ifndef NO_CYASSL_SERVER + +static int TLSX_EllipticCurve_Parse(CYASSL* ssl, byte* input, word16 length, + byte isRequest) +{ + word16 offset; + word16 name; + int r; + + (void) isRequest; /* shut up compiler! */ + + if (OPAQUE16_LEN > length || length % OPAQUE16_LEN) + return INCOMPLETE_DATA; + + ato16(input, &offset); + + /* validating curve list length */ + if (length != OPAQUE16_LEN + offset) + return INCOMPLETE_DATA; + + while (offset) { + ato16(input + offset, &name); + offset -= OPAQUE16_LEN; + + r = TLSX_UseEllipticCurve(&ssl->extensions, name); + + if (r) return r; /* throw error */ + } + + return 0; +} + +#endif /* NO_CYASSL_SERVER */ + +int TLSX_UseEllipticCurve(TLSX** extensions, word16 name) +{ + TLSX* extension = NULL; + EllipticCurve* curve = NULL; + int ret = 0; + + if (extensions == NULL) + return BAD_FUNC_ARG; + + if ( name != CYASSL_ECC_SECP160R1 && + name != CYASSL_ECC_SECP192R1 && + name != CYASSL_ECC_SECP224R1 && + (name < CYASSL_ECC_SECP256R1 || name > CYASSL_ECC_SECP521R1)) + return BAD_FUNC_ARG; + + if ((ret = TLSX_EllipticCurve_Append(&curve, name)) != 0) + return ret; + + extension = *extensions; + + /* find EllipticCurve extension if it already exists. */ + while (extension && extension->type != ELLIPTIC_CURVES) + extension = extension->next; + + /* push new EllipticCurve extension if it doesn't exists. */ + if (!extension) { + if ((ret = TLSX_Append(extensions, ELLIPTIC_CURVES)) != 0) { + XFREE(curve, 0, DYNAMIC_TYPE_TLSX); + return ret; + } + + extension = *extensions; + } + + /* push new EllipticCurve object to extension data. */ + curve->next = (EllipticCurve*) extension->data; + extension->data = (void*) curve; + + /* look for another curve of the same name to remove (replacement) */ + do { + if (curve->next && curve->next->name == name) { + EllipticCurve *next = curve->next; + + curve->next = next->next; + XFREE(next, 0, DYNAMIC_TYPE_TLSX); + + break; + } + } while ((curve = curve->next)); + + return 0; +} + +#define EC_FREE_ALL TLSX_EllipticCurve_FreeAll +#define EC_VALIDATE_REQUEST TLSX_EllipticCurve_ValidateRequest + +#ifndef NO_CYASSL_CLIENT +#define EC_GET_SIZE TLSX_EllipticCurve_GetSize +#define EC_WRITE TLSX_EllipticCurve_Write +#else +#define EC_GET_SIZE(list) 0 +#define EC_WRITE(a, b) 0 +#endif + +#ifndef NO_CYASSL_SERVER +#define EC_PARSE TLSX_EllipticCurve_Parse +#else +#define EC_PARSE(a, b, c, d) 0 +#endif + +#else + +#define EC_FREE_ALL(list) +#define EC_GET_SIZE(list) 0 +#define EC_WRITE(a, b) 0 +#define EC_PARSE(a, b, c, d) 0 +#define EC_VALIDATE_REQUEST(a, b) + +#endif /* HAVE_ELLIPTIC_CURVES */ + TLSX* TLSX_Find(TLSX* list, TLSX_Type type) { TLSX* extension = list; @@ -1181,18 +1383,16 @@ void TLSX_FreeAll(TLSX* list) case TRUNCATED_HMAC: /* Nothing to do. */ break; + + case ELLIPTIC_CURVES: + EC_FREE_ALL(extension->data); + break; } XFREE(extension, 0, DYNAMIC_TYPE_TLSX); } } -#define IS_OFF(semaphore, light) \ - ((semaphore)[(light) / 8] ^ (byte) (0x01 << ((light) % 8))) - -#define TURN_ON(semaphore, light) \ - ((semaphore)[(light) / 8] |= (byte) (0x01 << ((light) % 8))) - static word16 TLSX_GetSize(TLSX* list, byte* semaphore, byte isRequest) { TLSX* extension; @@ -1220,6 +1420,10 @@ static word16 TLSX_GetSize(TLSX* list, byte* semaphore, byte isRequest) case TRUNCATED_HMAC: /* empty extension. */ break; + + case ELLIPTIC_CURVES: + length += EC_GET_SIZE((EllipticCurve *) extension->data); + break; } TURN_ON(semaphore, extension->type); @@ -1264,6 +1468,11 @@ static word16 TLSX_Write(TLSX* list, byte* output, byte* semaphore, case TRUNCATED_HMAC: /* empty extension. */ break; + + case ELLIPTIC_CURVES: + offset += EC_WRITE((EllipticCurve *) extension->data, + output + offset); + break; } /* writing extension data length */ @@ -1286,6 +1495,8 @@ word16 TLSX_GetRequestSize(CYASSL* ssl) if (ssl && IsTLS(ssl)) { byte semaphore[16] = {0}; + EC_VALIDATE_REQUEST(ssl, semaphore); + if (ssl->extensions) length += TLSX_GetSize(ssl->extensions, semaphore, 1); @@ -1311,6 +1522,8 @@ word16 TLSX_WriteRequest(CYASSL* ssl, byte* output) offset += OPAQUE16_LEN; /* extensions length */ + EC_VALIDATE_REQUEST(ssl, semaphore); + if (ssl->extensions) offset += TLSX_Write(ssl->extensions, output + offset, semaphore, 1); @@ -1430,6 +1643,12 @@ int TLSX_Parse(CYASSL* ssl, byte* input, word16 length, byte isRequest, ret = THM_PARSE(ssl, input + offset, size, isRequest); break; + case ELLIPTIC_CURVES: + CYASSL_MSG("Elliptic Curves extension received"); + + ret = EC_PARSE(ssl, input + offset, size, isRequest); + break; + case HELLO_EXT_SIG_ALGO: if (isRequest) { /* do not mess with offset inside the switch! */ From ae6d5930966ed9f467805895f8ba4a8b937f7ddd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Mon, 6 Jan 2014 10:52:22 -0300 Subject: [PATCH 127/135] added curve names extension to all extensions --- configure.ac | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac index f749db2cf..36c82960d 100644 --- a/configure.ac +++ b/configure.ac @@ -1251,7 +1251,8 @@ then ENABLED_MAX_FRAGMENT=yes ENABLED_TRUNCATED_HMAC=yes ENABLED_RENEGOTIATION_INDICATION=yes - AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC -DHAVE_RENEGOTIATION_INDICATION" + ENABLED_ELLIPTIC_CURVES=yes + AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC -DHAVE_RENEGOTIATION_INDICATION -DHAVE_ELLIPTIC_CURVES" fi # PKCS7 From afd38d11cd044953704ea9c206149c93ba933b1f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Wed, 8 Jan 2014 11:57:57 -0300 Subject: [PATCH 128/135] removing unused curve names. --- cyassl/ssl.h | 23 +---------------------- 1 file changed, 1 insertion(+), 22 deletions(-) diff --git a/cyassl/ssl.h b/cyassl/ssl.h index 678c1934f..8acebf25e 100644 --- a/cyassl/ssl.h +++ b/cyassl/ssl.h @@ -1245,33 +1245,12 @@ CYASSL_API int CyaSSL_CTX_UseTruncatedHMAC(CYASSL_CTX* ctx); #ifdef HAVE_ELLIPTIC_CURVES enum { - /*CYASSL_ECC_SECT163K1 = 1,*/ - /*CYASSL_ECC_SECT163R1 = 2,*/ - /*CYASSL_ECC_SECT163R2 = 3,*/ - /*CYASSL_ECC_SECT193R1 = 4,*/ - /*CYASSL_ECC_SECT193R2 = 5,*/ - /*CYASSL_ECC_SECT233K1 = 6,*/ - /*CYASSL_ECC_SECT233R1 = 7,*/ - /*CYASSL_ECC_SECT239K1 = 8,*/ - /*CYASSL_ECC_SECT283K1 = 9,*/ - /*CYASSL_ECC_SECT283R1 = 10,*/ - /*CYASSL_ECC_SECT409K1 = 11,*/ - /*CYASSL_ECC_SECT409R1 = 12,*/ - /*CYASSL_ECC_SECT571K1 = 13,*/ - /*CYASSL_ECC_SECT571R1 = 14,*/ - /*CYASSL_ECC_SECP160K1 = 15,*/ CYASSL_ECC_SECP160R1 = 16, - /*CYASSL_ECC_SECP160R2 = 17,*/ - /*CYASSL_ECC_SECP192K1 = 18,*/ CYASSL_ECC_SECP192R1 = 19, - /*CYASSL_ECC_SECP224K1 = 20,*/ CYASSL_ECC_SECP224R1 = 21, - /*CYASSL_ECC_SECP256K1 = 22,*/ CYASSL_ECC_SECP256R1 = 23, CYASSL_ECC_SECP384R1 = 24, - CYASSL_ECC_SECP521R1 = 25, - /*CYASSL_ECC_ARBITRARY_EXPLICIT_PRIME_CURVES = 0xFF01,*/ - /*CYASSL_ECC_ARBITRARY_EXPLICIT_CHAR2_CURVES = 0xFF02*/ + CYASSL_ECC_SECP521R1 = 25 }; #ifndef NO_CYASSL_CLIENT From 70e3d6ddb093be6a537c95369058a0eb8aafdac4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Wed, 8 Jan 2014 12:15:48 -0300 Subject: [PATCH 129/135] removing missing extensions --- cyassl/internal.h | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/cyassl/internal.h b/cyassl/internal.h index f2e9558ec..956e84c3b 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -1109,13 +1109,8 @@ typedef struct CYASSL_DTLS_CTX { typedef enum { SERVER_NAME_INDICATION = 0, MAX_FRAGMENT_LENGTH = 1, - /*CLIENT_CERTIFICATE_URL = 2,*/ - /*TRUSTED_CA_KEYS = 3,*/ TRUNCATED_HMAC = 4, - /*STATUS_REQUEST = 5,*/ - ELLIPTIC_CURVES = 10, - /*EC_POINT_FORMATS = 11,*/ - /*SIGNATURE_ALGORITHMS = 13,*/ + ELLIPTIC_CURVES = 10 } TLSX_Type; typedef struct TLSX { From de6a5378965aa889fa4abf3bcd6f4498cf100d27 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Tue, 14 Jan 2014 14:20:34 -0300 Subject: [PATCH 130/135] exporting pkCurve info to ctx and ssl --- ctaocrypt/src/asn.c | 9 +++------ cyassl/internal.h | 2 ++ src/internal.c | 1 + src/ssl.c | 7 +++++++ 4 files changed, 13 insertions(+), 6 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index d1c82f8e1..fa4552e9f 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -1522,7 +1522,6 @@ static int GetKey(DecodedCert* cert) #ifdef HAVE_ECC case ECDSAk: { - word32 oid = 0; int oidSz = 0; byte b = cert->source[cert->srcIdx++]; @@ -1533,12 +1532,10 @@ static int GetKey(DecodedCert* cert) return ASN_PARSE_E; while(oidSz--) - oid += cert->source[cert->srcIdx++]; - if (CheckCurve(oid) < 0) + cert->pkCurveOID += cert->source[cert->srcIdx++]; + + if (CheckCurve(cert->pkCurveOID) < 0) return ECC_CURVE_OID_E; - #ifdef OPENSSL_EXTRA - cert->pkCurveOID = oid; - #endif /* OPENSSL_EXTRA */ /* key header */ b = cert->source[cert->srcIdx++]; diff --git a/cyassl/internal.h b/cyassl/internal.h index 956e84c3b..c7e4d431a 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -1230,6 +1230,7 @@ struct CYASSL_CTX { word32 timeout; /* session timeout */ #ifdef HAVE_ECC word16 eccTempKeySz; /* in octets 20 - 66 */ + word32 pkCurveOID; /* curve Ecc_Sum */ #endif #ifndef NO_PSK byte havePSK; /* psk key set by user */ @@ -1849,6 +1850,7 @@ struct CYASSL { ecc_key* eccTempKey; /* private ECDHE key */ ecc_key* eccDsaKey; /* private ECDSA key */ word16 eccTempKeySz; /* in octets 20 - 66 */ + word32 pkCurveOID; /* curve Ecc_Sum */ byte peerEccKeyPresent; byte peerEccDsaKeyPresent; byte eccTempKeyPresent; diff --git a/src/internal.c b/src/internal.c index 0f438dd1b..7423b59a9 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1400,6 +1400,7 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) #ifdef HAVE_ECC ssl->eccTempKeySz = ctx->eccTempKeySz; + ssl->pkCurveOID = ctx->pkCurveOID; ssl->peerEccKeyPresent = 0; ssl->peerEccDsaKeyPresent = 0; ssl->eccDsaKeyPresent = 0; diff --git a/src/ssl.c b/src/ssl.c index b1d309db2..902ebd042 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -2137,6 +2137,13 @@ int CyaSSL_Init(void) break; } +#ifdef HAVE_ECC + if (ctx) + ctx->pkCurveOID = cert.pkCurveOID; + if (ssl) + ssl->pkCurveOID = cert.pkCurveOID; +#endif + FreeDecodedCert(&cert); } From 9490c0dbafc6da343d680e2d0bcb8b40429b7a42 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Tue, 14 Jan 2014 15:39:06 -0300 Subject: [PATCH 131/135] validating curves --- cyassl/internal.h | 5 +++ cyassl/ssl.h | 12 +++---- src/internal.c | 7 ++++ src/tls.c | 84 ++++++++++++++++++++++++++++++++++++++++++++--- 4 files changed, 97 insertions(+), 11 deletions(-) diff --git a/cyassl/internal.h b/cyassl/internal.h index c7e4d431a..104a9c1cd 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -1187,8 +1187,13 @@ typedef struct EllipticCurve { CYASSL_LOCAL int TLSX_UseEllipticCurve(TLSX** extensions, word16 name); +#ifndef NO_CYASSL_SERVER +CYASSL_LOCAL int TLSX_ValidateEllipticCurves(CYASSL* ssl, byte first, + byte second); #endif +#endif /* HAVE_ELLIPTIC_CURVES */ + #endif /* HAVE_TLS_EXTENSIONS */ /* CyaSSL context type */ diff --git a/cyassl/ssl.h b/cyassl/ssl.h index 8acebf25e..aa7056246 100644 --- a/cyassl/ssl.h +++ b/cyassl/ssl.h @@ -1245,12 +1245,12 @@ CYASSL_API int CyaSSL_CTX_UseTruncatedHMAC(CYASSL_CTX* ctx); #ifdef HAVE_ELLIPTIC_CURVES enum { - CYASSL_ECC_SECP160R1 = 16, - CYASSL_ECC_SECP192R1 = 19, - CYASSL_ECC_SECP224R1 = 21, - CYASSL_ECC_SECP256R1 = 23, - CYASSL_ECC_SECP384R1 = 24, - CYASSL_ECC_SECP521R1 = 25 + CYASSL_ECC_SECP160R1 = 0x10, + CYASSL_ECC_SECP192R1 = 0x13, + CYASSL_ECC_SECP224R1 = 0x15, + CYASSL_ECC_SECP256R1 = 0x17, + CYASSL_ECC_SECP384R1 = 0x18, + CYASSL_ECC_SECP521R1 = 0x19 }; #ifndef NO_CYASSL_CLIENT diff --git a/src/internal.c b/src/internal.c index 7423b59a9..08f7cefa1 100644 --- a/src/internal.c +++ b/src/internal.c @@ -9765,6 +9765,13 @@ static void PickHashSigAlgo(CYASSL* ssl, } } +#ifdef HAVE_ELLIPTIC_CURVES + if (!TLSX_ValidateEllipticCurves(ssl, first, second)) { + CYASSL_MSG("Don't have matching curves"); + return 0; + } +#endif + /* ECCDHE is always supported if ECC on */ return 1; diff --git a/src/tls.c b/src/tls.c index f96bc1035..1a59e6386 100644 --- a/src/tls.c +++ b/src/tls.c @@ -1272,6 +1272,73 @@ static int TLSX_EllipticCurve_Parse(CYASSL* ssl, byte* input, word16 length, return 0; } +int TLSX_ValidateEllipticCurves(CYASSL* ssl, byte first, byte second) { + TLSX* extension = (first == ECC_BYTE) + ? TLSX_Find(ssl->extensions, ELLIPTIC_CURVES) + : NULL; + EllipticCurve* curve = NULL; + word32 oid = 0; + word16 octets = 0; /* acording to 'ecc_set_type ecc_sets[];' */ + + if (!extension) + return 1; /* no suite restriction */ + + for (curve = extension->data; curve; curve = curve->next) { + switch (curve->name) { + case CYASSL_ECC_SECP160R1: oid = ECC_160R1; octets = 20; break; + case CYASSL_ECC_SECP192R1: oid = ECC_192R1; octets = 24; break; + case CYASSL_ECC_SECP224R1: oid = ECC_224R1; octets = 28; break; + case CYASSL_ECC_SECP256R1: oid = ECC_256R1; octets = 32; break; + case CYASSL_ECC_SECP384R1: oid = ECC_384R1; octets = 48; break; + case CYASSL_ECC_SECP521R1: oid = ECC_521R1; octets = 66; break; + } + } + + /* ECDSA */ + switch (second) { + case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: + case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: + case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: + case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: + case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: + case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: + case TLS_ECDH_ECDSA_WITH_RC4_128_SHA: + case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: + case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: + case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: + if (ssl->pkCurveOID != oid) + return 0; + } + + switch (second) { + /* ECDHE */ +#ifndef NO_RSA + case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: + case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: + case TLS_ECDHE_RSA_WITH_RC4_128_SHA: + case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: + case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: + case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: +#endif + case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: + case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: + case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: + case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: + if (ssl->eccTempKeySz != octets) + return 0; + + /* ECDH */ + default: + ; /* not sure how to check yet... */ + } + + return 1; +} + #endif /* NO_CYASSL_SERVER */ int TLSX_UseEllipticCurve(TLSX** extensions, word16 name) @@ -1283,11 +1350,18 @@ int TLSX_UseEllipticCurve(TLSX** extensions, word16 name) if (extensions == NULL) return BAD_FUNC_ARG; - if ( name != CYASSL_ECC_SECP160R1 && - name != CYASSL_ECC_SECP192R1 && - name != CYASSL_ECC_SECP224R1 && - (name < CYASSL_ECC_SECP256R1 || name > CYASSL_ECC_SECP521R1)) - return BAD_FUNC_ARG; + switch (name) { + case CYASSL_ECC_SECP160R1: + case CYASSL_ECC_SECP192R1: + case CYASSL_ECC_SECP224R1: + case CYASSL_ECC_SECP256R1: + case CYASSL_ECC_SECP384R1: + case CYASSL_ECC_SECP521R1: + break; + + default: + return BAD_FUNC_ARG; + } if ((ret = TLSX_EllipticCurve_Append(&curve, name)) != 0) return ret; From 30e2b4aa114d0e621b4a8a945bf44da9d13f5bd8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Tue, 28 Jan 2014 16:53:59 -0300 Subject: [PATCH 132/135] writing curves in the right order. (reverse) improved curve validation. --- src/tls.c | 132 +++++++++++++++++++++++++++++++++--------------------- 1 file changed, 81 insertions(+), 51 deletions(-) diff --git a/src/tls.c b/src/tls.c index 1a59e6386..00c229473 100644 --- a/src/tls.c +++ b/src/tls.c @@ -1222,21 +1222,27 @@ static word16 TLSX_EllipticCurve_GetSize(EllipticCurve* list) return length; } +static word16 TLSX_EllipticCurve_WriteR(EllipticCurve* curve, byte* output); +static word16 TLSX_EllipticCurve_WriteR(EllipticCurve* curve, byte* output) +{ + word16 offset = 0; + + if (!curve) + return offset; + + offset = TLSX_EllipticCurve_WriteR(curve->next, output); + c16toa(curve->name, output + offset); + + return OPAQUE16_LEN + offset; +} + static word16 TLSX_EllipticCurve_Write(EllipticCurve* list, byte* output) { - EllipticCurve* curve; - word16 offset = OPAQUE16_LEN; /* list length offset */ + word16 length = TLSX_EllipticCurve_WriteR(list, output + OPAQUE16_LEN); - while ((curve = list)) { - list = curve->next; + c16toa(length, output); /* writing list length */ - c16toa(curve->name, output + offset); /* curve name */ - offset += OPAQUE16_LEN; - } - - c16toa(offset - OPAQUE16_LEN, output); /* writing list length */ - - return offset; + return OPAQUE16_LEN + length; } #endif /* NO_CYASSL_CLIENT */ @@ -1279,11 +1285,14 @@ int TLSX_ValidateEllipticCurves(CYASSL* ssl, byte first, byte second) { EllipticCurve* curve = NULL; word32 oid = 0; word16 octets = 0; /* acording to 'ecc_set_type ecc_sets[];' */ + int sig = 0; /* valitade signature */ + int key = 0; /* validate key */ if (!extension) return 1; /* no suite restriction */ - for (curve = extension->data; curve; curve = curve->next) { + for (curve = extension->data; curve && !(sig && key); curve = curve->next) { + switch (curve->name) { case CYASSL_ECC_SECP160R1: oid = ECC_160R1; octets = 20; break; case CYASSL_ECC_SECP192R1: oid = ECC_192R1; octets = 24; break; @@ -1292,51 +1301,72 @@ int TLSX_ValidateEllipticCurves(CYASSL* ssl, byte first, byte second) { case CYASSL_ECC_SECP384R1: oid = ECC_384R1; octets = 48; break; case CYASSL_ECC_SECP521R1: oid = ECC_521R1; octets = 66; break; } - } - /* ECDSA */ - switch (second) { - case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: - case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: - case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: - case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: - case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: - case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: - case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: - case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: - case TLS_ECDH_ECDSA_WITH_RC4_128_SHA: - case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: - case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: - case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: - if (ssl->pkCurveOID != oid) - return 0; - } + switch (second) { +#ifndef NO_DSA + /* ECDHE_ECDSA */ + case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: + case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: + case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: + case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: + case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: + case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: + case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: + case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8: + sig |= ssl->pkCurveOID == oid; + key |= ssl->eccTempKeySz == octets; + break; - switch (second) { - /* ECDHE */ -#ifndef NO_RSA - case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: - case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: - case TLS_ECDHE_RSA_WITH_RC4_128_SHA: - case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: - case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: - case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: + /* ECDH_ECDSA */ + case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: + case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: + case TLS_ECDH_ECDSA_WITH_RC4_128_SHA: + case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: + case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: + case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: + case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: + case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: + sig |= ssl->pkCurveOID == oid; + key |= ssl->pkCurveOID == oid; + break; #endif - case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: - case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: - case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: - case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: - case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: - case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: - if (ssl->eccTempKeySz != octets) - return 0; +#ifndef NO_RSA + /* ECDHE_RSA */ + case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: + case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: + case TLS_ECDHE_RSA_WITH_RC4_128_SHA: + case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: + case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: + case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: + case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: + case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: + sig = 1; + key |= ssl->eccTempKeySz == octets; + break; - /* ECDH */ - default: - ; /* not sure how to check yet... */ + /* ECDH_RSA */ + case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: + case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: + case TLS_ECDH_RSA_WITH_RC4_128_SHA: + case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: + case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: + case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: + case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: + case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: + sig = 1; + key |= ssl->pkCurveOID == oid; + break; +#endif + default: + sig = 1; + key = 1; + break; + } } - return 1; + return sig && key; } #endif /* NO_CYASSL_SERVER */ From 5616450a4bbc9320ad51d2005cc967a2d146bad7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Thu, 30 Jan 2014 16:59:29 -0300 Subject: [PATCH 133/135] fixed return codes added protection for missing HAVE_TLS_EXTENSIONS --- IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c | 3 +- IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c | 2 +- IDE/MDK5-ARM/Projects/SimpleClient/client.c | 3 +- IDE/MDK5-ARM/Projects/SimpleServer/server.c | 2 +- examples/client/client.c | 7 +- examples/server/server.c | 2 +- src/tls.c | 21 ++++-- tests/api.c | 74 ++++++++++----------- 8 files changed, 62 insertions(+), 52 deletions(-) diff --git a/IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c b/IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c index 2fd81fe2a..608a32457 100644 --- a/IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c +++ b/IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c @@ -469,7 +469,8 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args) #ifdef HAVE_SNI if (sniHostName) - if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))) + if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName)) + != SSL_SUCCESS) err_sys("UseSNI failed"); #endif diff --git a/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c b/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c index 88a6064b4..aeecd62fb 100644 --- a/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c +++ b/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c @@ -419,7 +419,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) #ifdef HAVE_SNI if (sniHostName) { if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName, - XSTRLEN(sniHostName))) + XSTRLEN(sniHostName)) != SSL_SUCCESS) err_sys("UseSNI failed"); else CyaSSL_CTX_SNI_SetOptions(ctx, CYASSL_SNI_HOST_NAME, diff --git a/IDE/MDK5-ARM/Projects/SimpleClient/client.c b/IDE/MDK5-ARM/Projects/SimpleClient/client.c index 07cf20bea..e6f6a56e3 100644 --- a/IDE/MDK5-ARM/Projects/SimpleClient/client.c +++ b/IDE/MDK5-ARM/Projects/SimpleClient/client.c @@ -471,7 +471,8 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args) #ifdef HAVE_SNI if (sniHostName) - if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))) + if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName)) + != SSL_SUCCESS) err_sys("UseSNI failed"); #endif diff --git a/IDE/MDK5-ARM/Projects/SimpleServer/server.c b/IDE/MDK5-ARM/Projects/SimpleServer/server.c index de53738e8..ecc9b510b 100644 --- a/IDE/MDK5-ARM/Projects/SimpleServer/server.c +++ b/IDE/MDK5-ARM/Projects/SimpleServer/server.c @@ -418,7 +418,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) #ifdef HAVE_SNI if (sniHostName) { if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName, - XSTRLEN(sniHostName))) + XSTRLEN(sniHostName)) != SSL_SUCCESS) err_sys("UseSNI failed"); else CyaSSL_CTX_SNI_SetOptions(ctx, CYASSL_SNI_HOST_NAME, diff --git a/examples/client/client.c b/examples/client/client.c index ff0e9848f..ac6f935a8 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -550,17 +550,18 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args) #ifdef HAVE_SNI if (sniHostName) - if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))) + if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName)) + != SSL_SUCCESS) err_sys("UseSNI failed"); #endif #ifdef HAVE_MAX_FRAGMENT if (maxFragment) - if (CyaSSL_CTX_UseMaxFragment(ctx, maxFragment)) + if (CyaSSL_CTX_UseMaxFragment(ctx, maxFragment) != SSL_SUCCESS) err_sys("UseMaxFragment failed"); #endif #ifdef HAVE_TRUNCATED_HMAC if (truncatedHMAC) - if (CyaSSL_CTX_UseTruncatedHMAC(ctx)) + if (CyaSSL_CTX_UseTruncatedHMAC(ctx) != SSL_SUCCESS) err_sys("UseTruncatedHMAC failed"); #endif diff --git a/examples/server/server.c b/examples/server/server.c index 365418d5d..f99be0aa2 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -443,7 +443,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) #ifdef HAVE_SNI if (sniHostName) if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName, - XSTRLEN(sniHostName))) + XSTRLEN(sniHostName)) != SSL_SUCCESS) err_sys("UseSNI failed"); #endif diff --git a/src/tls.c b/src/tls.c index 00c229473..872016460 100644 --- a/src/tls.c +++ b/src/tls.c @@ -776,7 +776,7 @@ static int TLSX_SNI_Parse(CYASSL* ssl, byte* input, word16 length, int r = TLSX_UseSNI(&ssl->extensions, type, input + offset, size); - if (r) return r; /* throw error */ + if (r != SSL_SUCCESS) return r; /* throw error */ TLSX_SNI_SetStatus(ssl->extensions, type, matched ? CYASSL_SNI_REAL_MATCH : CYASSL_SNI_FAKE_MATCH); @@ -842,7 +842,7 @@ int TLSX_UseSNI(TLSX** extensions, byte type, const void* data, word16 size) } } while ((sni = sni->next)); - return 0; + return SSL_SUCCESS; } #ifndef NO_CYASSL_SERVER @@ -1047,7 +1047,7 @@ static int TLSX_MFL_Parse(CYASSL* ssl, byte* input, word16 length, if (isRequest) { int r = TLSX_UseMaxFragment(&ssl->extensions, *input); - if (r) return r; /* throw error */ + if (r != SSL_SUCCESS) return r; /* throw error */ TLSX_SetResponse(ssl, MAX_FRAGMENT_LENGTH); } @@ -1097,7 +1097,7 @@ int TLSX_UseMaxFragment(TLSX** extensions, byte mfl) } } while ((extension = extension->next)); - return 0; + return SSL_SUCCESS; } @@ -1128,7 +1128,7 @@ int TLSX_UseTruncatedHMAC(TLSX** extensions) if ((ret = TLSX_Append(extensions, TRUNCATED_HMAC)) != 0) return ret; - return 0; + return SSL_SUCCESS; } static int TLSX_THM_Parse(CYASSL* ssl, byte* input, word16 length, @@ -1141,7 +1141,7 @@ static int TLSX_THM_Parse(CYASSL* ssl, byte* input, word16 length, if (isRequest) { int r = TLSX_UseTruncatedHMAC(&ssl->extensions); - if (r) return r; /* throw error */ + if (r != SSL_SUCCESS) return r; /* throw error */ TLSX_SetResponse(ssl, TRUNCATED_HMAC); } @@ -1428,7 +1428,7 @@ int TLSX_UseEllipticCurve(TLSX** extensions, word16 name) } } while ((curve = curve->next)); - return 0; + return SSL_SUCCESS; } #define EC_FREE_ALL TLSX_EllipticCurve_FreeAll @@ -1785,6 +1785,13 @@ int TLSX_Parse(CYASSL* ssl, byte* input, word16 length, byte isRequest, #undef IS_OFF #undef TURN_ON +#elif defined(HAVE_SNI) \ + || defined(HAVE_MAX_FRAGMENT) \ + || defined(HAVE_TRUNCATED_HMAC) \ + || defined(HAVE_ELLIPTIC_CURVES) + +#error "Using TLS extensions requires HAVE_TLS_EXTENSIONS to be defined." + #endif /* HAVE_TLS_EXTENSIONS */ diff --git a/tests/api.c b/tests/api.c index 176b08abf..9de246eb0 100644 --- a/tests/api.c +++ b/tests/api.c @@ -248,7 +248,7 @@ static void use_SNI_at_ctx(CYASSL_CTX* ctx) byte type = CYASSL_SNI_HOST_NAME; char name[] = "www.yassl.com"; - AssertIntEQ(0, CyaSSL_CTX_UseSNI(ctx, type, (void *) name, XSTRLEN(name))); + AssertIntEQ(1, CyaSSL_CTX_UseSNI(ctx, type, (void *) name, XSTRLEN(name))); } static void use_SNI_at_ssl(CYASSL* ssl) @@ -256,7 +256,7 @@ static void use_SNI_at_ssl(CYASSL* ssl) byte type = CYASSL_SNI_HOST_NAME; char name[] = "www.yassl.com"; - AssertIntEQ(0, CyaSSL_UseSNI(ssl, type, (void *) name, XSTRLEN(name))); + AssertIntEQ(1, CyaSSL_UseSNI(ssl, type, (void *) name, XSTRLEN(name))); } static void different_SNI_at_ssl(CYASSL* ssl) @@ -264,7 +264,7 @@ static void different_SNI_at_ssl(CYASSL* ssl) byte type = CYASSL_SNI_HOST_NAME; char name[] = "ww2.yassl.com"; - AssertIntEQ(0, CyaSSL_UseSNI(ssl, type, (void *) name, XSTRLEN(name))); + AssertIntEQ(1, CyaSSL_UseSNI(ssl, type, (void *) name, XSTRLEN(name))); } static void use_SNI_WITH_CONTINUE_at_ssl(CYASSL* ssl) @@ -431,16 +431,16 @@ void test_CyaSSL_UseSNI(void) AssertNotNull(ssl); /* error cases */ - AssertIntNE(0, CyaSSL_CTX_UseSNI(NULL, 0, (void *) "ctx", XSTRLEN("ctx"))); - AssertIntNE(0, CyaSSL_UseSNI( NULL, 0, (void *) "ssl", XSTRLEN("ssl"))); - AssertIntNE(0, CyaSSL_CTX_UseSNI(ctx, -1, (void *) "ctx", XSTRLEN("ctx"))); - AssertIntNE(0, CyaSSL_UseSNI( ssl, -1, (void *) "ssl", XSTRLEN("ssl"))); - AssertIntNE(0, CyaSSL_CTX_UseSNI(ctx, 0, (void *) NULL, XSTRLEN("ctx"))); - AssertIntNE(0, CyaSSL_UseSNI( ssl, 0, (void *) NULL, XSTRLEN("ssl"))); + AssertIntNE(1, CyaSSL_CTX_UseSNI(NULL, 0, (void *) "ctx", XSTRLEN("ctx"))); + AssertIntNE(1, CyaSSL_UseSNI( NULL, 0, (void *) "ssl", XSTRLEN("ssl"))); + AssertIntNE(1, CyaSSL_CTX_UseSNI(ctx, -1, (void *) "ctx", XSTRLEN("ctx"))); + AssertIntNE(1, CyaSSL_UseSNI( ssl, -1, (void *) "ssl", XSTRLEN("ssl"))); + AssertIntNE(1, CyaSSL_CTX_UseSNI(ctx, 0, (void *) NULL, XSTRLEN("ctx"))); + AssertIntNE(1, CyaSSL_UseSNI( ssl, 0, (void *) NULL, XSTRLEN("ssl"))); /* success case */ - AssertIntEQ(0, CyaSSL_CTX_UseSNI(ctx, 0, (void *) "ctx", XSTRLEN("ctx"))); - AssertIntEQ(0, CyaSSL_UseSNI( ssl, 0, (void *) "ssl", XSTRLEN("ssl"))); + AssertIntEQ(1, CyaSSL_CTX_UseSNI(ctx, 0, (void *) "ctx", XSTRLEN("ctx"))); + AssertIntEQ(1, CyaSSL_UseSNI( ssl, 0, (void *) "ssl", XSTRLEN("ssl"))); CyaSSL_free(ssl); CyaSSL_CTX_free(ctx); @@ -496,24 +496,24 @@ static void test_CyaSSL_UseMaxFragment(void) AssertNotNull(ssl); /* error cases */ - AssertIntNE(0, CyaSSL_CTX_UseMaxFragment(NULL, CYASSL_MFL_2_9)); - AssertIntNE(0, CyaSSL_UseMaxFragment( NULL, CYASSL_MFL_2_9)); - AssertIntNE(0, CyaSSL_CTX_UseMaxFragment(ctx, 0)); - AssertIntNE(0, CyaSSL_CTX_UseMaxFragment(ctx, 6)); - AssertIntNE(0, CyaSSL_UseMaxFragment(ssl, 0)); - AssertIntNE(0, CyaSSL_UseMaxFragment(ssl, 6)); + AssertIntNE(1, CyaSSL_CTX_UseMaxFragment(NULL, CYASSL_MFL_2_9)); + AssertIntNE(1, CyaSSL_UseMaxFragment( NULL, CYASSL_MFL_2_9)); + AssertIntNE(1, CyaSSL_CTX_UseMaxFragment(ctx, 0)); + AssertIntNE(1, CyaSSL_CTX_UseMaxFragment(ctx, 6)); + AssertIntNE(1, CyaSSL_UseMaxFragment(ssl, 0)); + AssertIntNE(1, CyaSSL_UseMaxFragment(ssl, 6)); /* success case */ - AssertIntEQ(0, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_9)); - AssertIntEQ(0, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_10)); - AssertIntEQ(0, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_11)); - AssertIntEQ(0, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_12)); - AssertIntEQ(0, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_13)); - AssertIntEQ(0, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_9)); - AssertIntEQ(0, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_10)); - AssertIntEQ(0, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_11)); - AssertIntEQ(0, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_12)); - AssertIntEQ(0, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_13)); + AssertIntEQ(1, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_9)); + AssertIntEQ(1, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_10)); + AssertIntEQ(1, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_11)); + AssertIntEQ(1, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_12)); + AssertIntEQ(1, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_13)); + AssertIntEQ(1, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_9)); + AssertIntEQ(1, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_10)); + AssertIntEQ(1, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_11)); + AssertIntEQ(1, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_12)); + AssertIntEQ(1, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_13)); CyaSSL_free(ssl); CyaSSL_CTX_free(ctx); @@ -530,12 +530,12 @@ static void test_CyaSSL_UseTruncatedHMAC(void) AssertNotNull(ssl); /* error cases */ - AssertIntNE(0, CyaSSL_CTX_UseTruncatedHMAC(NULL)); - AssertIntNE(0, CyaSSL_UseTruncatedHMAC(NULL)); + AssertIntNE(1, CyaSSL_CTX_UseTruncatedHMAC(NULL)); + AssertIntNE(1, CyaSSL_UseTruncatedHMAC(NULL)); /* success case */ - AssertIntEQ(0, CyaSSL_CTX_UseTruncatedHMAC(ctx)); - AssertIntEQ(0, CyaSSL_UseTruncatedHMAC(ssl)); + AssertIntEQ(1, CyaSSL_CTX_UseTruncatedHMAC(ctx)); + AssertIntEQ(1, CyaSSL_UseTruncatedHMAC(ssl)); CyaSSL_free(ssl); CyaSSL_CTX_free(ctx); @@ -553,15 +553,15 @@ static void test_CyaSSL_UseEllipticCurve(void) #ifndef NO_CYASSL_CLIENT /* error cases */ - AssertIntNE(0, CyaSSL_CTX_UseEllipticCurve(NULL, CYASSL_ECC_SECP160R1)); - AssertIntNE(0, CyaSSL_CTX_UseEllipticCurve(ctx, 0)); + AssertIntNE(1, CyaSSL_CTX_UseEllipticCurve(NULL, CYASSL_ECC_SECP160R1)); + AssertIntNE(1, CyaSSL_CTX_UseEllipticCurve(ctx, 0)); - AssertIntNE(0, CyaSSL_UseEllipticCurve(NULL, CYASSL_ECC_SECP160R1)); - AssertIntNE(0, CyaSSL_UseEllipticCurve(ssl, 0)); + AssertIntNE(1, CyaSSL_UseEllipticCurve(NULL, CYASSL_ECC_SECP160R1)); + AssertIntNE(1, CyaSSL_UseEllipticCurve(ssl, 0)); /* success case */ - AssertIntEQ(0, CyaSSL_CTX_UseEllipticCurve(ctx, CYASSL_ECC_SECP160R1)); - AssertIntEQ(0, CyaSSL_UseEllipticCurve(ssl, CYASSL_ECC_SECP160R1)); + AssertIntEQ(1, CyaSSL_CTX_UseEllipticCurve(ctx, CYASSL_ECC_SECP160R1)); + AssertIntEQ(1, CyaSSL_UseEllipticCurve(ssl, CYASSL_ECC_SECP160R1)); #endif CyaSSL_free(ssl); From c14bc1a45c09a38eda7fd64934bd3606674ce5ff Mon Sep 17 00:00:00 2001 From: toddouska Date: Sat, 1 Feb 2014 11:37:08 -0800 Subject: [PATCH 134/135] fix ecc w/o openssl extra --- cyassl/ctaocrypt/asn.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cyassl/ctaocrypt/asn.h b/cyassl/ctaocrypt/asn.h index 90ba8c7a1..a609a1693 100644 --- a/cyassl/ctaocrypt/asn.h +++ b/cyassl/ctaocrypt/asn.h @@ -343,10 +343,10 @@ struct DecodedCert { word32 extAuthKeyIdSz; byte* extSubjKeyIdSrc; word32 extSubjKeyIdSz; - #ifdef HAVE_ECC - word32 pkCurveOID; /* Public Key's curve OID */ - #endif /* HAVE_ECC */ #endif +#ifdef HAVE_ECC + word32 pkCurveOID; /* Public Key's curve OID */ +#endif /* HAVE_ECC */ byte* beforeDate; int beforeDateLen; byte* afterDate; From 51b3b1cb6cf35dedccd0311289d43aa8c628648d Mon Sep 17 00:00:00 2001 From: toddouska Date: Sat, 1 Feb 2014 12:14:41 -0800 Subject: [PATCH 135/135] fix pkCurveOID c files, doesn't require openssl extra --- ctaocrypt/src/asn.c | 6 +++--- src/internal.c | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index fa4552e9f..410c91e48 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -1323,10 +1323,10 @@ void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap) cert->extAuthKeyIdSz = 0; cert->extSubjKeyIdSrc = NULL; cert->extSubjKeyIdSz = 0; - #ifdef HAVE_ECC - cert->pkCurveOID = 0; - #endif /* HAVE_ECC */ #endif /* OPENSSL_EXTRA */ +#ifdef HAVE_ECC + cert->pkCurveOID = 0; +#endif /* HAVE_ECC */ #ifdef CYASSL_SEP cert->deviceTypeSz = 0; cert->deviceType = NULL; diff --git a/src/internal.c b/src/internal.c index 08f7cefa1..d797d75cc 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1282,6 +1282,9 @@ void InitX509(CYASSL_X509* x509, int dynamicFlag) x509->altNamesNext = NULL; x509->dynamicMemory = (byte)dynamicFlag; x509->isCa = 0; +#ifdef HAVE_ECC + x509->pkCurveOID = 0; +#endif /* HAVE_ECC */ #ifdef OPENSSL_EXTRA x509->pathLength = 0; x509->basicConstSet = 0; @@ -1300,9 +1303,6 @@ void InitX509(CYASSL_X509* x509, int dynamicFlag) x509->keyUsageSet = 0; x509->keyUsageCrit = 0; x509->keyUsage = 0; - #ifdef HAVE_ECC - x509->pkCurveOID = 0; - #endif /* HAVE_ECC */ #ifdef CYASSL_SEP x509->certPolicySet = 0; x509->certPolicyCrit = 0; @@ -3225,14 +3225,14 @@ int CopyDecodedToX509(CYASSL_X509* x509, DecodedCert* dCert) } x509->keyUsageSet = dCert->extKeyUsageSet; x509->keyUsageCrit = dCert->extKeyUsageCrit; - #ifdef HAVE_ECC - x509->pkCurveOID = dCert->pkCurveOID; - #endif /* HAVE_ECC */ #ifdef CYASSL_SEP x509->certPolicySet = dCert->extCertPolicySet; x509->certPolicyCrit = dCert->extCertPolicyCrit; #endif /* CYASSL_SEP */ #endif /* OPENSSL_EXTRA */ +#ifdef HAVE_ECC + x509->pkCurveOID = dCert->pkCurveOID; +#endif /* HAVE_ECC */ return ret; }