wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

CyaSSL master, 2.8.6

Browse Source
This commit is contained in:
Takashi Kojo
2014-01-31 08:44:42 +09:00
parent 9a67901081
commit e28d256197
83 changed files with 7807 additions and 859 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
.gitignore vendored
View File

@@ -46,10 +46,17 @@ testsuite/*.pem
testsuite/*.raw
cert.der
cert.pem
certecc.der
certecc.pem
othercert.der
othercert.pem
key.der
key.pem
certreq.der
certreq.pem
pkcs7cert.der
pkcs7signedData.der
pkcs7envelopedData.der
diff
sslSniffer/sslSnifferTest/tracefile.txt
*.gz

34
IDE/IAR-EWARM/CyaSSL/HTTPS-main.h Normal file
View File

@@ -0,0 +1,34 @@
/* HTTPS-main.h
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifndef __HTTPS_MAIN_H__
#define __HTTPS_MAIN_H__
extern CYASSL_HTTPS_NB CyaSSL_HTTPS_Client_1 ;
extern CYASSL_HTTPS_NB CyaSSL_HTTPS_Client_2 ;
extern CYASSL_HTTPS_NB CyaSSL_HTTPS_Client_3 ;
extern CYASSL_HTTPS_NB CyaSSL_HTTPS_Client_4 ;
extern CYASSL_HTTPS_NB CyaSSL_HTTPS_Client_5 ;
extern void HTTPS_Clinet_main_init(void) ;
extern void HTTPS_Clinet_main(void) ;
#endif

6
IDE/MDK5-ARM/Projects/CryptTest/test.c
View File

@@ -2779,7 +2779,8 @@ int rsa_test(void)
if (certSz < 0)
return -407;
certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng);
certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
&caKey, &rng);
if (certSz < 0)
return -408;
@@ -2891,7 +2892,8 @@ int rsa_test(void)
if (certSz < 0)
return -456;
certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng);
certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
&caKey, &rng);
if (certSz < 0)
return -457;

8
IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c
View File

@@ -347,6 +347,10 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
usePsk = 1;
#endif
#ifdef OPENSSL_EXTRA
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
if (fewerPackets)
CyaSSL_CTX_set_group_messages(ctx);
@@ -404,10 +408,6 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
}
#endif
#ifdef OPENSSL_EXTRA
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
/* don't use EDH, can't sniff tmp keys */
if (cipherList == NULL) {

6
IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c
View File

@@ -2550,7 +2550,8 @@ int rsa_test(void)
if (certSz < 0)
return -407;
certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng);
certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
&caKey, &rng);
if (certSz < 0)
return -408;
@@ -2662,7 +2663,8 @@ int rsa_test(void)
if (certSz < 0)
return -456;
certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng);
certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
&caKey, &rng);
if (certSz < 0)
return -457;

1
Makefile.am
View File

@@ -62,6 +62,7 @@ include mqx/ctaocrypt_test/Sources/include.am
include mqx/cyassl/include.am
include mqx/cyassl_client/Sources/include.am
include mqx/util_lib/Sources/include.am
include mplabx/include.am
include mplabx/ctaocrypt_benchmark.X/nbproject/include.am
include mplabx/ctaocrypt_test.X/nbproject/include.am
include mplabx/cyassl.X/nbproject/include.am

9
README
View File

@@ -37,10 +37,19 @@ before calling SSL_new(); Though it's not recommended.
CyaSSL Release 2.9.0 (X/XX/XXXX)
Release 2.9.0 CyaSSL has bug fixes and new features including:
- Freescale Kinetis RNGB support
- Freescale Kinetis mmCAU support
The Freescale Kinetis K53 RNGB documentation can be found in Chapter 33 of the
K53 Sub-Family Reference Manual:
http://cache.freescale.com/files/32bit/doc/ref_manual/K53P144M100SF2RM.pdf
Freescale Kinetis K60 mmCAU (AES, DES, 3DES, MD5, SHA, SHA256) documentation
can be found in the "ColdFire/ColdFire+ CAU and Kinetis mmCAU Software Library
User Guide":
http://cache.freescale.com/files/32bit/doc/user_guide/CAUAPIUG.pdf
*****************CyaSSL Release 2.8.0 (8/30/2013)

112
configure.ac
View File

@@ -6,7 +6,7 @@
#
#
AC_INIT([cyassl],[2.8.3],[https://github.com/cyassl/cyassl/issues],[cyassl],[http://www.yassl.com])
AC_INIT([cyassl],[2.8.6],[https://github.com/cyassl/cyassl/issues],[cyassl],[http://www.yassl.com])
AC_CONFIG_AUX_DIR([build-aux])
@@ -103,6 +103,8 @@ OPTIMIZE_FAST_CFLAGS="-O2 -fomit-frame-pointer"
OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET -DTFM_HUGE_SET"
DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_CYASSL"
# Thread local storage
AX_TLS([AM_CFLAGS="$AM_CFLAGS -DHAVE_THREAD_LS"])
# DEBUG
AX_DEBUG
@@ -308,17 +310,20 @@ fi
# SNIFFER
ENABLED_SNIFFTEST=no
AC_ARG_ENABLE([sniffer],
[AS_HELP_STRING([--enable-sniffer],[ Enable CyaSSL sniffer support (default: disabled) ])],[
AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[
ENABLED_SNIFFER=yes
AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA"
],[ ENABLED_SNIFFER=no ]) ])
],[
ENABLED_SNIFFER=no
])
[AS_HELP_STRING([--enable-sniffer],[ Enable CyaSSL sniffer support (default: disabled) ])],[
ENABLED_SNIFFER=yes
AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA"
AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[
ENABLED_SNIFFTEST=yes
],[ AC_MSG_WARN([cannot enable sniffer test without having libpcap available.]) ]) ])
],[
ENABLED_SNIFFER=no
])
AM_CONDITIONAL([BUILD_SNIFFER], [ test "x$ENABLED_SNIFFER" = "xyes" ])
AM_CONDITIONAL([BUILD_SNIFFER], [ test "x$ENABLED_SNIFFER" = "xyes" ])
AM_CONDITIONAL([BUILD_SNIFFTEST], [ test "x$ENABLED_SNIFFTEST" = "xyes" ])
# AES-GCM
AC_ARG_ENABLE([aesgcm],
@@ -526,6 +531,23 @@ then
fi
# CERT REQUEST GENERATION
AC_ARG_ENABLE([certreq],
[ --enable-certreq Enable cert request generation (default: disabled)],
[ ENABLED_CERTREQ=$enableval ],
[ ENABLED_CERTREQ=no ]
)
if test "$ENABLED_CERTREQ" = "yes"
then
if test "$ENABLED_CERTGEN" = "no"
then
AC_MSG_ERROR([cannot enable certreq without enabling certgen.])
fi
AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_REQ"
fi
# SEP
AC_ARG_ENABLE([sep],
[ --enable-sep Enable sep extensions (default: disabled)],
@@ -1178,6 +1200,18 @@ then
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_TRUNCATED_HMAC"
fi
# Renegotiation Indication
AC_ARG_ENABLE([renegotiation-indication],
[ --enable-renegotiation-indication Enable Renegotiation Indication (default: disabled)],
[ ENABLED_RENEGOTIATION_INDICATION=$enableval ],
[ ENABLED_RENEGOTIATION_INDICATION=no ]
)
if test "x$ENABLED_RENEGOTIATION_INDICATION" = "xyes"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_RENEGOTIATION_INDICATION"
fi
# TLS Extensions
AC_ARG_ENABLE([tlsx],
[ --enable-tlsx Enable all TLS Extensions (default: disabled)],
@@ -1189,9 +1223,60 @@ if test "x$ENABLED_TLSX" = "xyes"
then
ENABLED_SNI=yes
ENABLED_MAX_FRAGMENT=yes
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT"
ENABLED_TRUNCATED_HMAC=yes
ENABLED_RENEGOTIATION_INDICATION=yes
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC -DHAVE_RENEGOTIATION_INDICATION"
fi
# PKCS7
AC_ARG_ENABLE([pkcs7],
[ --enable-pkcs7 Enable PKCS7 (default: disabled)],
[ ENABLED_PKCS7=$enableval ],
[ ENABLED_PKCS7=no ],
)
if test "$ENABLED_PKCS7" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7"
fi
AM_CONDITIONAL([BUILD_PKCS7], [test "x$ENABLED_PKCS7" = "xyes"])
# Simple Certificate Enrollment Protocol (SCEP)
AC_ARG_ENABLE([scep],
[ --enable-scep Enable wolfSCEP (default: disabled)],
[ ENABLED_WOLFSCEP=$enableval ],
[ ENABLED_WOLFSCEP=no ]
)
if test "$ENABLED_WOLFSCEP" = "yes"
then
# Enable prereqs if not already enabled
if test "x$ENABLED_KEYGEN" = "xno"
then
ENABLED_KEYGEN="yes"
AM_CFLAGS="$AM_CFLAGS -DCYASSL_KEY_GEN"
fi
if test "x$ENABLED_CERTGEN" = "xno"
then
ENABLED_CERTGEN="yes"
AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_GEN"
fi
if test "x$ENABLED_CERTREQ" = "xno"
then
ENABLED_CERTREQ="yes"
AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_REQ"
fi
if test "x$ENABLED_PKCS7" = "xno"
then
ENABLED_PKCS7="yes"
AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7"
AM_CONDITIONAL([BUILD_PKCS7], [test "x$ENABLED_PKCS7" = "xyes"])
fi
AM_CFLAGS="$AM_CFLAGS -DCYASSL_HAVE_WOLFSCEP"
fi
#valgrind
AC_ARG_ENABLE([valgrind],
[ --enable-valgrind Enable valgrind for unit tests (default: disabled)],
@@ -1529,6 +1614,7 @@ echo " * Filesystem: $ENABLED_FILESYSTEM"
echo " * OpenSSL Extra API: $ENABLED_OPENSSLEXTRA"
echo " * fastmath: $ENABLED_FASTMATH"
echo " * sniffer: $ENABLED_SNIFFER"
echo " * snifftest: $ENABLED_SNIFFTEST"
echo " * ARC4: $ENABLED_ARC4"
echo " * AES: $ENABLED_AES"
echo " * AES-NI: $ENABLED_AESNI"
@@ -1544,6 +1630,7 @@ echo " * SHA-512: $ENABLED_SHA512"
echo " * BLAKE2: $ENABLED_BLAKE2"
echo " * keygen: $ENABLED_KEYGEN"
echo " * certgen: $ENABLED_CERTGEN"
echo " * certreq: $ENABLED_CERTREQ"
echo " * HC-128: $ENABLED_HC128"
echo " * RABBIT: $ENABLED_RABBIT"
echo " * PWDBASED: $ENABLED_PWDBASED"
@@ -1574,7 +1661,10 @@ echo " * NTRU: $ENABLED_NTRU"
echo " * SNI: $ENABLED_SNI"
echo " * Maximum Fragment Length: $ENABLED_MAX_FRAGMENT"
echo " * Truncated HMAC: $ENABLED_TRUNCATED_HMAC"
echo " * Renegotiation Indication: $ENABLED_RENEGOTIATION_INDICATION"
echo " * All TLS Extensions: $ENABLED_TLSX"
echo " * PKCS#7 $ENABLED_PKCS7"
echo " * wolfSCEP $ENABLED_WOLFSCEP"
echo " * valgrind unit tests: $ENABLED_VALGRIND"
echo " * LIBZ: $ENABLED_LIBZ"
echo " * Examples: $ENABLED_EXAMPLES"

43
ctaocrypt/benchmark/benchmark.c
View File

@@ -221,13 +221,13 @@ int benchmark_test(void *args)
#ifdef BENCH_EMBEDDED
const int numBlocks = 25; /* how many kB/megs to test (en/de)cryption */
const char blockType[] = "kB"; /* used in printf output */
const int times = 1; /* public key iterations */
const int ntimes = 1; /* public key iterations */
const int genTimes = 5;
const int agreeTimes = 5;
#else
const int numBlocks = 5;
const char blockType[] = "megs";
const int times = 100;
const int ntimes = 100;
const int genTimes = 100;
const int agreeTimes = 100;
#endif
@@ -742,15 +742,15 @@ void bench_rsa(void)
start = current_time(1);
for (i = 0; i < times; i++)
for (i = 0; i < ntimes; i++)
ret = RsaPublicEncrypt(message,len,enc,sizeof(enc), &rsaKey, &rng);
total = current_time(0) - start;
each = total / times; /* per second */
each = total / ntimes; /* per second */
milliEach = each * 1000; /* milliseconds */
printf("RSA %d encryption took %6.2f milliseconds, avg over %d"
" iterations\n", rsaKeySz, milliEach, times);
" iterations\n", rsaKeySz, milliEach, ntimes);
if (ret < 0) {
printf("Rsa Public Encrypt failed\n");
@@ -759,17 +759,17 @@ void bench_rsa(void)
start = current_time(1);
for (i = 0; i < times; i++) {
for (i = 0; i < ntimes; i++) {
byte out[512]; /* for up to 4096 bit */
RsaPrivateDecrypt(enc, (word32)ret, out, sizeof(out), &rsaKey);
}
total = current_time(0) - start;
each = total / times; /* per second */
each = total / ntimes; /* per second */
milliEach = each * 1000; /* milliseconds */
printf("RSA %d decryption took %6.2f milliseconds, avg over %d"
" iterations\n", rsaKeySz, milliEach, times);
" iterations\n", rsaKeySz, milliEach, ntimes);
FreeRsaKey(&rsaKey);
#ifdef HAVE_CAVIUM
@@ -847,28 +847,28 @@ void bench_dh(void)
start = current_time(1);
for (i = 0; i < times; i++)
for (i = 0; i < ntimes; i++)
DhGenerateKeyPair(&dhKey, &rng, priv, &privSz, pub, &pubSz);
total = current_time(0) - start;
each = total / times; /* per second */
each = total / ntimes; /* per second */
milliEach = each * 1000; /* milliseconds */
printf("DH %d key generation %6.2f milliseconds, avg over %d"
" iterations\n", dhKeySz, milliEach, times);
" iterations\n", dhKeySz, milliEach, ntimes);
DhGenerateKeyPair(&dhKey, &rng, priv2, &privSz2, pub2, &pubSz2);
start = current_time(1);
for (i = 0; i < times; i++)
for (i = 0; i < ntimes; i++)
DhAgree(&dhKey, agree, &agreeSz, priv, privSz, pub2, pubSz2);
total = current_time(0) - start;
each = total / times; /* per second */
each = total / ntimes; /* per second */
milliEach = each * 1000; /* milliseconds */
printf("DH %d key agreement %6.2f milliseconds, avg over %d"
" iterations\n", dhKeySz, milliEach, times);
" iterations\n", dhKeySz, milliEach, ntimes);
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
fclose(file);
@@ -1087,7 +1087,22 @@ void bench_eccKeyAgree(void)
}
#elif defined CYASSL_MDK_ARM
extern double current_time(int reset) ;
#elif defined FREERTOS
double current_time(int reset)
{
(void) reset;
portTickType tickCount;
/* tick count == ms, if configTICK_RATE_HZ is set to 1000 */
tickCount = xTaskGetTickCount();
return (double)tickCount / 1000;
}
#else
#include <sys/time.h>

128
ctaocrypt/src/aes.c
View File

@@ -62,8 +62,8 @@
* document (See note in README).
*/
#include "stm32f2xx.h"
#include "stm32f2xx_cryp.h"
#include "stm32f2xx_cryp.h"
int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
int dir)
{
@@ -553,6 +553,96 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
return 0;
}
#elif defined FREESCALE_MMCAU
/*
* Freescale mmCAU hardware AES support through the CAU/mmCAU library.
* Documentation located in ColdFire/ColdFire+ CAU and Kinetis mmCAU
* Software Library User Guide (See note in README).
*/
#include "cau_api.h"
int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
int dir)
{
byte *rk = (byte*)aes->key;
if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
return BAD_FUNC_ARG;
if (rk == NULL)
return BAD_FUNC_ARG;
aes->rounds = keylen/4 + 6;
cau_aes_set_key(userKey, keylen*8, rk);
return AesSetIV(aes, iv);
}
int AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
int i;
int offset = 0;
int len = sz;
byte *iv, *enc_key;
byte temp_block[AES_BLOCK_SIZE];
iv = (byte*)aes->reg;
enc_key = (byte*)aes->key;
while (len > 0)
{
XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
/* XOR block with IV for CBC */
for (i = 0; i < AES_BLOCK_SIZE; i++)
temp_block[i] ^= iv[i];
cau_aes_encrypt(temp_block, enc_key, aes->rounds, out + offset);
len -= AES_BLOCK_SIZE;
offset += AES_BLOCK_SIZE;
/* store IV for next block */
XMEMCPY(iv, out + offset - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
}
return 0;
}
int AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
int i;
int offset = 0;
int len = sz;
byte* iv, *dec_key;
byte temp_block[AES_BLOCK_SIZE];
iv = (byte*)aes->reg;
dec_key = (byte*)aes->key;
while (len > 0)
{
XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
cau_aes_decrypt(in + offset, dec_key, aes->rounds, out + offset);
/* XOR block with IV for CBC */
for (i = 0; i < AES_BLOCK_SIZE; i++)
(out + offset)[i] ^= iv[i];
/* store IV for next block */
XMEMCPY(iv, temp_block, AES_BLOCK_SIZE);
len -= AES_BLOCK_SIZE;
offset += AES_BLOCK_SIZE;
}
return 0;
}
#else /* CTaoCrypt software implementation */
static const word32 rcon[] = {
@@ -1386,6 +1476,10 @@ static int AesSetKeyLocal(Aes* aes, const byte* userKey, word32 keylen,
#ifdef CYASSL_AESNI
aes->use_aesni = 0;
#endif /* CYASSL_AESNI */
#ifdef CYASSL_AES_COUNTER
aes->left = 0;
#endif /* CYASSL_AES_COUNTER */
aes->rounds = keylen/4 + 6;
XMEMCPY(rk, userKey, keylen);
@@ -2039,15 +2133,39 @@ static INLINE void IncrementAesCounter(byte* inOutCtr)
void AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
word32 blocks = sz / AES_BLOCK_SIZE;
byte* tmp = (byte*)aes->tmp + AES_BLOCK_SIZE - aes->left;
while (blocks--) {
/* consume any unused bytes left in aes->tmp */
while (aes->left && sz) {
*(out++) = *(in++) ^ *(tmp++);
aes->left--;
sz--;
}
/* do as many block size ops as possible */
while (sz >= AES_BLOCK_SIZE) {
AesEncrypt(aes, (byte*)aes->reg, out);
IncrementAesCounter((byte*)aes->reg);
xorbuf(out, in, AES_BLOCK_SIZE);
out += AES_BLOCK_SIZE;
in += AES_BLOCK_SIZE;
in += AES_BLOCK_SIZE;
sz -= AES_BLOCK_SIZE;
aes->left = 0;
}
/* handle non block size remaining and sotre unused byte count in left */
if (sz) {
AesEncrypt(aes, (byte*)aes->reg, (byte*)aes->tmp);
IncrementAesCounter((byte*)aes->reg);
aes->left = AES_BLOCK_SIZE;
tmp = (byte*)aes->tmp;
while (sz--) {
*(out++) = *(in++) ^ *(tmp++);
aes->left--;
}
}
}

12
ctaocrypt/src/asm.c
View File

@@ -1004,15 +1004,17 @@ __asm__( \
#define SQRADDAC(i, j) \
do { fp_word t; \
t = sc0 + ((fp_word)i) * ((fp_word)j); sc0 = t; \
t = sc1 + (t >> DIGIT_BIT); sc1 = t; sc2 += t >> DIGIT_BIT; \
t = sc0 + ((fp_word)i) * ((fp_word)j); sc0 = (fp_digit)t; \
t = sc1 + (t >> DIGIT_BIT); sc1 = (fp_digit)t; \
sc2 += (fp_digit)(t >> DIGIT_BIT); \
} while (0);
#define SQRADDDB \
do { fp_word t; \
t = ((fp_word)sc0) + ((fp_word)sc0) + c0; c0 = t; \
t = ((fp_word)sc1) + ((fp_word)sc1) + c1 + (t >> DIGIT_BIT); c1 = t; \
c2 = c2 + ((fp_word)sc2) + ((fp_word)sc2) + (t >> DIGIT_BIT); \
t = ((fp_word)sc0) + ((fp_word)sc0) + c0; c0 = (fp_digit)t; \
t = ((fp_word)sc1) + ((fp_word)sc1) + c1 + (t >> DIGIT_BIT); \
c1 = (fp_digit)t; \
c2 = c2 + (fp_digit)(((fp_word)sc2) + ((fp_word)sc2) + (t >> DIGIT_BIT)); \
} while (0);
#endif

927
ctaocrypt/src/asn.c
View File

File diff suppressed because it is too large Load Diff

154
ctaocrypt/src/coding.c
View File

@@ -147,16 +147,101 @@ const byte base64Encode[] = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',
};
/* porting assistance from yaSSL by Raphael HUCK */
int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
/* make sure *i (idx) won't exceed max, store and possibly escape to out,
* raw means use e w/o decode, 0 on success */
static int CEscape(int escaped, byte e, byte* out, word32* i, word32 max,
int raw)
{
int doEscape = 0;
word32 needed = 1;
word32 idx = *i;
byte basic;
byte plus = 0;
byte equals = 0;
byte newline = 0;
if (raw)
basic = e;
else
basic = base64Encode[e];
/* check whether to escape */
if (escaped) {
switch ((char)basic) {
case '+' :
plus = 1;
doEscape = 1;
needed += 2;
break;
case '=' :
equals = 1;
doEscape = 1;
needed += 2;
break;
case '\n' :
newline = 1;
doEscape = 1;
needed += 2;
break;
default:
/* do nothing */
break;
}
}
/* check size */
if ( (idx+needed) > max) {
CYASSL_MSG("Escape buffer max too small");
return BUFFER_E;
}
/* store it */
if (doEscape == 0) {
out[idx++] = basic;
}
else {
out[idx++] = '%'; /* start escape */
if (plus) {
out[idx++] = '2';
out[idx++] = 'B';
}
else if (equals) {
out[idx++] = '3';
out[idx++] = 'D';
}
else if (newline) {
out[idx++] = '0';
out[idx++] = 'A';
}
}
*i = idx;
return 0;
}
/* internal worker, handles both escaped and normal line endings */
static int DoBase64_Encode(const byte* in, word32 inLen, byte* out,
word32* outLen, int escaped)
{
int ret = 0;
word32 i = 0,
j = 0,
n = 0; /* new line counter */
word32 outSz = (inLen + 3 - 1) / 3 * 4;
outSz += (outSz + PEM_LINE_SZ - 1) / PEM_LINE_SZ; /* new lines */
word32 addSz = (outSz + PEM_LINE_SZ - 1) / PEM_LINE_SZ; /* new lines */
if (escaped)
addSz *= 3; /* instead of just \n, we're doing %0A triplet */
outSz += addSz;
/* if escaped we can't predetermine size for one pass encoding, but
* make sure we have enough if no escapes are in input */
if (outSz > *outLen) return BAD_FUNC_ARG;
while (inLen > 2) {
@@ -171,19 +256,25 @@ int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
byte e4 = b3 & 0x3F;
/* store */
out[i++] = base64Encode[e1];
out[i++] = base64Encode[e2];
out[i++] = base64Encode[e3];
out[i++] = base64Encode[e4];
ret = CEscape(escaped, e1, out, &i, *outLen, 0);
if (ret != 0) break;
ret = CEscape(escaped, e2, out, &i, *outLen, 0);
if (ret != 0) break;
ret = CEscape(escaped, e3, out, &i, *outLen, 0);
if (ret != 0) break;
ret = CEscape(escaped, e4, out, &i, *outLen, 0);
if (ret != 0) break;
inLen -= 3;
if ((++n % (PEM_LINE_SZ / 4)) == 0 && inLen)
out[i++] = '\n';
if ((++n % (PEM_LINE_SZ / 4)) == 0 && inLen) {
ret = CEscape(escaped, '\n', out, &i, *outLen, 1);
if (ret != 0) break;
}
}
/* last integral */
if (inLen) {
if (inLen && ret == 0) {
int twoBytes = (inLen == 2);
byte b1 = in[j++];
@@ -193,18 +284,43 @@ int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
byte e2 = ((b1 & 0x3) << 4) | (b2 >> 4);
byte e3 = (b2 & 0xF) << 2;
out[i++] = base64Encode[e1];
out[i++] = base64Encode[e2];
out[i++] = (twoBytes) ? base64Encode[e3] : PAD;
out[i++] = PAD;
ret = CEscape(escaped, e1, out, &i, *outLen, 0);
if (ret == 0)
ret = CEscape(escaped, e2, out, &i, *outLen, 0);
if (ret == 0) {
/* third */
if (twoBytes)
ret = CEscape(escaped, e3, out, &i, *outLen, 0);
else
ret = CEscape(escaped, '=', out, &i, *outLen, 1);
}
/* fourth always pad */
if (ret == 0)
ret = CEscape(escaped, '=', out, &i, *outLen, 1);
}
out[i++] = '\n';
if (i != outSz)
return ASN_INPUT_E;
*outLen = outSz;
if (ret == 0)
ret = CEscape(escaped, '\n', out, &i, *outLen, 1);
return 0;
if (i != outSz && escaped == 0 && ret == 0)
return ASN_INPUT_E;
*outLen = i;
return ret;
}
/* Base64 Encode, PEM style, with \n line endings */
int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
{
return DoBase64_Encode(in, inLen, out, outLen, 0);
}
/* Base64 Encode, with %0A esacped line endings instead of \n */
int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out, word32* outLen)
{
return DoBase64_Encode(in, inLen, out, outLen, 1);
}

181
ctaocrypt/src/des3.c
View File

@@ -413,6 +413,187 @@ void Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir)
}
}
#elif defined FREESCALE_MMCAU
/*
* Freescale mmCAU hardware DES/3DES support through the CAU/mmCAU library.
* Documentation located in ColdFire/ColdFire+ CAU and Kinetis mmCAU
* Software Library User Guide (See note in README).
*/
#include "cau_api.h"
const unsigned char parityLookup[128] =
{
1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,
0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,
0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,
1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0
};
void Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
{
int i = 0;
byte* dkey = (byte*)des->key;
XMEMCPY(dkey, key, 8);
Des_SetIV(des, iv);
/* fix key parity, if needed */
for (i = 0; i < 8; i++) {
dkey[i] = ((dkey[i] & 0xFE) | parityLookup[dkey[i] >> 1]);
}
}
void Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
{
int i = 0;
byte* dkey1 = (byte*)des->key[0];
byte* dkey2 = (byte*)des->key[1];
byte* dkey3 = (byte*)des->key[2];
XMEMCPY(dkey1, key, 8); /* set key 1 */
XMEMCPY(dkey2, key + 8, 8); /* set key 2 */
XMEMCPY(dkey3, key + 16, 8); /* set key 3 */
Des3_SetIV(des, iv);
/* fix key parity if needed */
for (i = 0; i < 8; i++)
dkey1[i] = ((dkey1[i] & 0xFE) | parityLookup[dkey1[i] >> 1]);
for (i = 0; i < 8; i++)
dkey2[i] = ((dkey2[i] & 0xFE) | parityLookup[dkey2[i] >> 1]);
for (i = 0; i < 8; i++)
dkey3[i] = ((dkey3[i] & 0xFE) | parityLookup[dkey3[i] >> 1]);
}
void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
{
int i;
int offset = 0;
int len = sz;
byte *iv;
byte temp_block[DES_BLOCK_SIZE];
iv = (byte*)des->reg;
while (len > 0)
{
XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
/* XOR block with IV for CBC */
for (i = 0; i < DES_BLOCK_SIZE; i++)
temp_block[i] ^= iv[i];
cau_des_encrypt(temp_block, (byte*)des->key, out + offset);
len -= DES_BLOCK_SIZE;
offset += DES_BLOCK_SIZE;
/* store IV for next block */
XMEMCPY(iv, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
}
return;
}
void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
{
int i;
int offset = 0;
int len = sz;
byte* iv;
byte temp_block[DES_BLOCK_SIZE];
iv = (byte*)des->reg;
while (len > 0)
{
XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
cau_des_decrypt(in + offset, (byte*)des->key, out + offset);
/* XOR block with IV for CBC */
for (i = 0; i < DES_BLOCK_SIZE; i++)
(out + offset)[i] ^= iv[i];
/* store IV for next block */
XMEMCPY(iv, temp_block, DES_BLOCK_SIZE);
len -= DES_BLOCK_SIZE;
offset += DES_BLOCK_SIZE;
}
return;
}
void Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
{
int i;
int offset = 0;
int len = sz;
byte *iv;
byte temp_block[DES_BLOCK_SIZE];
iv = (byte*)des->reg;
while (len > 0)
{
XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
/* XOR block with IV for CBC */
for (i = 0; i < DES_BLOCK_SIZE; i++)
temp_block[i] ^= iv[i];
cau_des_encrypt(temp_block , (byte*)des->key[0], out + offset);
cau_des_decrypt(out + offset, (byte*)des->key[1], out + offset);
cau_des_encrypt(out + offset, (byte*)des->key[2], out + offset);
len -= DES_BLOCK_SIZE;
offset += DES_BLOCK_SIZE;
/* store IV for next block */
XMEMCPY(iv, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
}
return;
}
void Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
{
int i;
int offset = 0;
int len = sz;
byte* iv;
byte temp_block[DES_BLOCK_SIZE];
iv = (byte*)des->reg;
while (len > 0)
{
XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
cau_des_decrypt(in + offset , (byte*)des->key[2], out + offset);
cau_des_encrypt(out + offset, (byte*)des->key[1], out + offset);
cau_des_decrypt(out + offset, (byte*)des->key[0], out + offset);
/* XOR block with IV for CBC */
for (i = 0; i < DES_BLOCK_SIZE; i++)
(out + offset)[i] ^= iv[i];
/* store IV for next block */
XMEMCPY(iv, temp_block, DES_BLOCK_SIZE);
len -= DES_BLOCK_SIZE;
offset += DES_BLOCK_SIZE;
}
return;
}
#else /* CTaoCrypt software implementation */
/* permuted choice table (key) */

337
ctaocrypt/src/ecc.c
View File

@@ -1997,7 +1997,6 @@ int ecc_export_x963(ecc_key* key, byte* out, word32* outLen)
int ecc_import_x963(const byte* in, word32 inLen, ecc_key* key)
{
int x, err;
if (in == NULL || key == NULL)
return ECC_BAD_ARG_E;
@@ -2144,17 +2143,22 @@ int ecc_sig_size(ecc_key* key)
/** Our FP cache */
static struct {
typedef struct {
ecc_point* g; /* cached COPY of base point */
ecc_point* LUT[1U<<FP_LUT]; /* fixed point lookup */
mp_int mu; /* copy of the montgomery constant */
int lru_count; /* amount of times this entry has been used */
int lock; /* flag to indicate cache eviction */
/* permitted (0) or not (1) */
} fp_cache[FP_ENTRIES];
} fp_cache_t;
static volatile int initMutex = 0; /* prevent multiple mutex inits */
static CyaSSL_Mutex ecc_fp_lock;
/* if HAVE_THREAD_LS this cache is per thread, no locking needed */
static THREAD_LS_T fp_cache_t fp_cache[FP_ENTRIES];
#ifndef HAVE_THREAD_LS
static volatile int initMutex = 0; /* prevent multiple mutex inits */
static CyaSSL_Mutex ecc_fp_lock;
#endif /* HAVE_THREAD_LS */
/* simple table to help direct the generation of the LUT */
static const struct {
@@ -3263,21 +3267,22 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
ecc_point* B, mp_int* kB,
ecc_point* C, mp_int* modulus)
{
int idx1, idx2, err = MP_OKAY, mpInit = 0;
int idx1 = -1, idx2 = -1, err = MP_OKAY, mpInit = 0;
mp_digit mp;
mp_int mu;
if (initMutex == 0) {
InitMutex(&ecc_fp_lock);
initMutex = 1;
}
err = mp_init(&mu);
if (err != MP_OKAY)
return err;
#ifndef HAVE_THREAD_LS
if (initMutex == 0) {
InitMutex(&ecc_fp_lock);
initMutex = 1;
}
if (LockMutex(&ecc_fp_lock) != 0)
return BAD_MUTEX_E;
#endif /* HAVE_THREAD_LS */
/* find point */
idx1 = find_base(A);
@@ -3362,7 +3367,9 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
}
}
#ifndef HAVE_THREAD_LS
UnLockMutex(&ecc_fp_lock);
#endif /* HAVE_THREAD_LS */
mp_clear(&mu);
return err;
@@ -3389,6 +3396,7 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
if (mp_init(&mu) != MP_OKAY)
return MP_INIT_E;
#ifndef HAVE_THREAD_LS
if (initMutex == 0) {
InitMutex(&ecc_fp_lock);
initMutex = 1;
@@ -3396,6 +3404,7 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
if (LockMutex(&ecc_fp_lock) != 0)
return BAD_MUTEX_E;
#endif /* HAVE_THREAD_LS */
/* find point */
idx = find_base(G);
@@ -3445,7 +3454,9 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
}
}
#ifndef HAVE_THREAD_LS
UnLockMutex(&ecc_fp_lock);
#endif /* HAVE_THREAD_LS */
mp_clear(&mu);
return err;
@@ -3474,18 +3485,23 @@ static void ecc_fp_free_cache(void)
/** Free the Fixed Point cache */
void ecc_fp_free(void)
{
#ifndef HAVE_THREAD_LS
if (initMutex == 0) {
InitMutex(&ecc_fp_lock);
initMutex = 1;
}
if (LockMutex(&ecc_fp_lock) == 0) {
ecc_fp_free_cache();
UnLockMutex(&ecc_fp_lock);
#endif /* HAVE_THREAD_LS */
ecc_fp_free_cache();
#ifndef HAVE_THREAD_LS
UnLockMutex(&ecc_fp_lock);
FreeMutex(&ecc_fp_lock);
initMutex = 0;
}
#endif /* HAVE_THREAD_LS */
}
@@ -3493,33 +3509,189 @@ void ecc_fp_free(void)
#ifdef HAVE_ECC_ENCRYPT
/* init and set defaults, just holders */
void ecc_encrypt_init_options(ecEncOptions* options)
{
if (options) {
XMEMSET(options, 0, sizeof(ecEncOptions));
options->encAlgo = ecAES_128_CBC;
options->kdfAlgo = ecHKDF_SHA256;
options->macAlgo = ecHMAC_SHA256;
enum ecCliState {
ecCLI_INIT = 1,
ecCLI_SALT_GET = 2,
ecCLI_SALT_SET = 3,
ecCLI_SENT_REQ = 4,
ecCLI_RECV_RESP = 5,
ecCLI_BAD_STATE = 99
};
enum ecSrvState {
ecSRV_INIT = 1,
ecSRV_SALT_GET = 2,
ecSRV_SALT_SET = 3,
ecSRV_RECV_REQ = 4,
ecSRV_SENT_RESP = 5,
ecSRV_BAD_STATE = 99
};
struct ecEncCtx {
byte* kdfSalt; /* optional salt for kdf */
byte* kdfInfo; /* optional info for kdf */
byte* macSalt; /* optional salt for mac */
word32 kdfSaltSz; /* size of kdfSalt */
word32 kdfInfoSz; /* size of kdfInfo */
word32 macSaltSz; /* size of macSalt */
byte clientSalt[EXCHANGE_SALT_SZ]; /* for msg exchange */
byte serverSalt[EXCHANGE_SALT_SZ]; /* for msg exchange */
byte encAlgo; /* which encryption type */
byte kdfAlgo; /* which key derivation function type */
byte macAlgo; /* which mac function type */
byte protocol; /* are we REQ_RESP client or server ? */
byte cliSt; /* protocol state, for sanity checks */
byte srvSt; /* protocol state, for sanity checks */
};
const byte* ecc_ctx_get_own_salt(ecEncCtx* ctx)
{
if (ctx == NULL || ctx->protocol == 0)
return NULL;
if (ctx->protocol == REQ_RESP_CLIENT) {
if (ctx->cliSt == ecCLI_INIT) {
ctx->cliSt = ecCLI_SALT_GET;
return ctx->clientSalt;
}
else {
ctx->cliSt = ecCLI_BAD_STATE;
return NULL;
}
}
else if (ctx->protocol == REQ_RESP_SERVER) {
if (ctx->srvSt == ecSRV_INIT) {
ctx->srvSt = ecSRV_SALT_GET;
return ctx->serverSalt;
}
else {
ctx->srvSt = ecSRV_BAD_STATE;
return NULL;
}
}
return NULL;
}
static const char* exchange_info = "Secure Message Exchange";
int ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt)
{
byte tmp[EXCHANGE_SALT_SZ/2];
int halfSz = EXCHANGE_SALT_SZ/2;
if (ctx == NULL || ctx->protocol == 0 || salt == NULL)
return BAD_FUNC_ARG;
if (ctx->protocol == REQ_RESP_CLIENT) {
XMEMCPY(ctx->serverSalt, salt, EXCHANGE_SALT_SZ);
if (ctx->cliSt == ecCLI_SALT_GET)
ctx->cliSt = ecCLI_SALT_SET;
else {
ctx->cliSt = ecCLI_BAD_STATE;
return BAD_ENC_STATE_E;
}
}
else {
XMEMCPY(ctx->clientSalt, salt, EXCHANGE_SALT_SZ);
if (ctx->srvSt == ecSRV_SALT_GET)
ctx->srvSt = ecSRV_SALT_SET;
else {
ctx->srvSt = ecSRV_BAD_STATE;
return BAD_ENC_STATE_E;
}
}
/* mix half and half */
/* tmp stores 2nd half of client before overwrite */
XMEMCPY(tmp, ctx->clientSalt + halfSz, halfSz);
XMEMCPY(ctx->clientSalt + halfSz, ctx->serverSalt, halfSz);
XMEMCPY(ctx->serverSalt, tmp, halfSz);
ctx->kdfSalt = ctx->clientSalt;
ctx->kdfSaltSz = EXCHANGE_SALT_SZ;
ctx->macSalt = ctx->serverSalt;
ctx->macSaltSz = EXCHANGE_SALT_SZ;
ctx->kdfInfo = (byte*)exchange_info;
ctx->kdfInfoSz = EXCHANGE_INFO_SZ;
return 0;
}
static int ecc_ctx_set_salt(ecEncCtx* ctx, int flags, RNG* rng)
{
byte* saltBuffer = NULL;
if (ctx == NULL || rng == NULL || flags == 0)
return BAD_FUNC_ARG;
saltBuffer = (flags == REQ_RESP_CLIENT) ? ctx->clientSalt : ctx->serverSalt;
RNG_GenerateBlock(rng, saltBuffer, EXCHANGE_SALT_SZ);
return 0;
}
static void ecc_ctx_init(ecEncCtx* ctx, int flags)
{
if (ctx) {
XMEMSET(ctx, 0, sizeof(ecEncCtx));
ctx->encAlgo = ecAES_128_CBC;
ctx->kdfAlgo = ecHKDF_SHA256;
ctx->macAlgo = ecHMAC_SHA256;
ctx->protocol = (byte)flags;
if (flags == REQ_RESP_CLIENT)
ctx->cliSt = ecCLI_INIT;
if (flags == REQ_RESP_SERVER)
ctx->srvSt = ecSRV_INIT;
}
}
/* alloc/init and set defaults, return new Context */
ecEncCtx* ecc_ctx_new(int flags, RNG* rng)
{
int ret = 0;
ecEncCtx* ctx = (ecEncCtx*)XMALLOC(sizeof(ecEncCtx), 0, DYNAMIC_TYPE_ECC);
ecc_ctx_init(ctx, flags);
if (ctx && flags)
ret = ecc_ctx_set_salt(ctx, flags, rng);
if (ret != 0) {
ecc_ctx_free(ctx);
ctx = NULL;
}
return ctx;
}
/* free any resources, clear any keys */
void ecc_encrypt_free_options(ecEncOptions* options)
void ecc_ctx_free(ecEncCtx* ctx)
{
if (options) {
XMEMSET(options, 0, sizeof(ecEncOptions));
if (ctx) {
XMEMSET(ctx, 0, sizeof(ecEncCtx));
XFREE(ctx, 0, DYNAMIC_TYPE_ECC);
}
}
static int ecc_get_key_sizes(ecEncOptions* options, int* encKeySz, int* ivSz,
static int ecc_get_key_sizes(ecEncCtx* ctx, int* encKeySz, int* ivSz,
int* keysLen, word32* digestSz, word32* blockSz)
{
if (options) {
switch (options->encAlgo) {
if (ctx) {
switch (ctx->encAlgo) {
case ecAES_128_CBC:
*encKeySz = KEY_SIZE_128;
*ivSz = IV_SIZE_64;
@@ -3529,7 +3701,7 @@ static int ecc_get_key_sizes(ecEncOptions* options, int* encKeySz, int* ivSz,
return BAD_FUNC_ARG;
}
switch (options->macAlgo) {
switch (ctx->macAlgo) {
case ecHMAC_SHA256:
*digestSz = SHA256_DIGEST_SIZE;
break;
@@ -3546,22 +3718,23 @@ static int ecc_get_key_sizes(ecEncOptions* options, int* encKeySz, int* ivSz,
/* ecc encrypt with shared secret run through kdf
options holds non default algos and inputs
ctx holds non default algos and inputs
msgSz should be the right size for encAlgo, i.e., already padded
return 0 on success */
int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncOptions* opts)
word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx)
{
int ret;
word32 blockSz;
word32 digestSz;
ecEncOptions options;
ecEncCtx localCtx;
byte sharedSecret[ECC_MAXSIZE]; /* 521 max size */
byte keys[ECC_BUFSIZE]; /* max size */
word32 sharedSz = sizeof(sharedSecret);
int keysLen;
int encKeySz;
int ivSz;
int offset = 0; /* keys offset if doing msg exchange */
byte* encKey;
byte* encIv;
byte* macKey;
@@ -3570,19 +3743,37 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
outSz == NULL)
return BAD_FUNC_ARG;
if (opts)
options = *opts;
else {
ecc_encrypt_init_options(&options); /* defaults */
if (ctx == NULL) { /* use defaults */
ecc_ctx_init(&localCtx, 0);
ctx = &localCtx;
}
ret = ecc_get_key_sizes(&options, &encKeySz, &ivSz, &keysLen, &digestSz,
ret = ecc_get_key_sizes(ctx, &encKeySz, &ivSz, &keysLen, &digestSz,
&blockSz);
if (ret != 0)
return ret;
if (ctx->protocol == REQ_RESP_SERVER) {
offset = keysLen;
keysLen *= 2;
if (ctx->srvSt != ecSRV_RECV_REQ)
return BAD_ENC_STATE_E;
ctx->srvSt = ecSRV_BAD_STATE; /* we're done no more ops allowed */
}
else if (ctx->protocol == REQ_RESP_CLIENT) {
if (ctx->cliSt != ecCLI_SALT_SET)
return BAD_ENC_STATE_E;
ctx->cliSt = ecCLI_SENT_REQ; /* only do this once */
}
if (keysLen > (int)sizeof(keys))
return BUFFER_E;
if ( (msgSz%blockSz) != 0)
return BAD_FUNC_ARG;
return BAD_PADDING_E;
if (*outSz < (msgSz + digestSz))
return BUFFER_E;
@@ -3591,11 +3782,11 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
if (ret != 0)
return ret;
switch (options.kdfAlgo) {
switch (ctx->kdfAlgo) {
case ecHKDF_SHA256 :
ret = HKDF(SHA256, sharedSecret, sharedSz, options.kdfSalt,
options.kdfSaltSz, options.kdfInfo,
options.kdfInfoSz, keys, keysLen);
ret = HKDF(SHA256, sharedSecret, sharedSz, ctx->kdfSalt,
ctx->kdfSaltSz, ctx->kdfInfo,
ctx->kdfInfoSz, keys, keysLen);
if (ret != 0)
return ret;
break;
@@ -3604,11 +3795,11 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
return BAD_FUNC_ARG;
}
encKey = keys;
encKey = keys + offset;
encIv = encKey + encKeySz;
macKey = encKey + encKeySz + ivSz;
switch (options.encAlgo) {
switch (ctx->encAlgo) {
case ecAES_128_CBC:
{
Aes aes;
@@ -3625,7 +3816,7 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
return BAD_FUNC_ARG;
}
switch (options.macAlgo) {
switch (ctx->macAlgo) {
case ecHMAC_SHA256:
{
Hmac hmac;
@@ -3633,7 +3824,7 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
if (ret != 0)
return ret;
HmacUpdate(&hmac, out, msgSz);
HmacUpdate(&hmac, options.macSalt, options.macSaltSz);
HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz);
HmacFinal(&hmac, out+msgSz);
}
break;
@@ -3648,19 +3839,23 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
}
/* ecc decrypt with shared secret run through kdf
ctx holds non default algos and inputs
return 0 on success */
int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncOptions* opts)
word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx)
{
int ret;
word32 blockSz;
word32 digestSz;
ecEncOptions options;
ecEncCtx localCtx;
byte sharedSecret[ECC_MAXSIZE]; /* 521 max size */
byte keys[ECC_BUFSIZE]; /* max size */
word32 sharedSz = sizeof(sharedSecret);
int keysLen;
int encKeySz;
int ivSz;
int offset = 0; /* in case using msg exchange */
byte* encKey;
byte* encIv;
byte* macKey;
@@ -3669,19 +3864,37 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
outSz == NULL)
return BAD_FUNC_ARG;
if (opts)
options = *opts;
else {
ecc_encrypt_init_options(&options); /* defaults */
if (ctx == NULL) { /* use defaults */
ecc_ctx_init(&localCtx, 0);
ctx = &localCtx;
}
ret = ecc_get_key_sizes(&options, &encKeySz, &ivSz, &keysLen, &digestSz,
ret = ecc_get_key_sizes(ctx, &encKeySz, &ivSz, &keysLen, &digestSz,
&blockSz);
if (ret != 0)
return ret;
if (ctx->protocol == REQ_RESP_CLIENT) {
offset = keysLen;
keysLen *= 2;
if (ctx->cliSt != ecCLI_SENT_REQ)
return BAD_ENC_STATE_E;
ctx->cliSt = ecSRV_BAD_STATE; /* we're done no more ops allowed */
}
else if (ctx->protocol == REQ_RESP_SERVER) {
if (ctx->srvSt != ecSRV_SALT_SET)
return BAD_ENC_STATE_E;
ctx->srvSt = ecSRV_RECV_REQ; /* only do this once */
}
if (keysLen > (int)sizeof(keys))
return BUFFER_E;
if ( ((msgSz-digestSz) % blockSz) != 0)
return BAD_FUNC_ARG;
return BAD_PADDING_E;
if (*outSz < (msgSz - digestSz))
return BUFFER_E;
@@ -3690,11 +3903,11 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
if (ret != 0)
return ret;
switch (options.kdfAlgo) {
switch (ctx->kdfAlgo) {
case ecHKDF_SHA256 :
ret = HKDF(SHA256, sharedSecret, sharedSz, options.kdfSalt,
options.kdfSaltSz, options.kdfInfo,
options.kdfInfoSz, keys, keysLen);
ret = HKDF(SHA256, sharedSecret, sharedSz, ctx->kdfSalt,
ctx->kdfSaltSz, ctx->kdfInfo,
ctx->kdfInfoSz, keys, keysLen);
if (ret != 0)
return ret;
break;
@@ -3703,11 +3916,11 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
return BAD_FUNC_ARG;
}
encKey = keys;
encKey = keys + offset;
encIv = encKey + encKeySz;
macKey = encKey + encKeySz + ivSz;
switch (options.macAlgo) {
switch (ctx->macAlgo) {
case ecHMAC_SHA256:
{
byte verify[SHA256_DIGEST_SIZE];
@@ -3716,7 +3929,7 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
if (ret != 0)
return ret;
HmacUpdate(&hmac, msg, msgSz-digestSz);
HmacUpdate(&hmac, options.macSalt, options.macSaltSz);
HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz);
HmacFinal(&hmac, verify);
if (memcmp(verify, msg + msgSz - digestSz, digestSz) != 0) {
@@ -3729,7 +3942,7 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
return BAD_FUNC_ARG;
}
switch (options.encAlgo) {
switch (ctx->encAlgo) {
case ecAES_128_CBC:
{
Aes aes;

20
ctaocrypt/src/error.c
View File

@@ -323,6 +323,26 @@ void CTaoCryptErrorString(int error, char* buffer)
XSTRNCPY(buffer, "ASN OCSP sig error, confirm failure", max);
break;
case BAD_ENC_STATE_E:
XSTRNCPY(buffer, "Bad ecc encrypt state operation", max);
break;
case BAD_PADDING_E:
XSTRNCPY(buffer, "Bad padding, message wrong length", max);
break;
case REQ_ATTRIBUTE_E:
XSTRNCPY(buffer, "Setting cert request attributes error", max);
break;
case PKCS7_OID_E:
XSTRNCPY(buffer, "PKCS#7 error: mismatched OID value", max);
break;
case PKCS7_RECIP_E:
XSTRNCPY(buffer, "PKCS#7 error: no matching recipient found", max);
break;
default:
XSTRNCPY(buffer, "unknown error number", max);

4
ctaocrypt/src/fp_sqr_comba_12.i
View File

@@ -24,7 +24,9 @@
void fp_sqr_comba12(fp_int *A, fp_int *B)
{
fp_digit *a, b[24], c0, c1, c2, sc0, sc1, sc2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp;
COMBA_START;

3
ctaocrypt/src/fp_sqr_comba_17.i
View File

@@ -24,6 +24,9 @@
void fp_sqr_comba17(fp_int *A, fp_int *B)
{
fp_digit *a, b[34], c0, c1, c2, sc0, sc1, sc2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp;
COMBA_START;

3
ctaocrypt/src/fp_sqr_comba_3.i
View File

@@ -24,6 +24,9 @@
void fp_sqr_comba3(fp_int *A, fp_int *B)
{
fp_digit *a, b[6], c0, c1, c2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp;
COMBA_START;

3
ctaocrypt/src/fp_sqr_comba_4.i
View File

@@ -24,6 +24,9 @@
void fp_sqr_comba4(fp_int *A, fp_int *B)
{
fp_digit *a, b[8], c0, c1, c2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp;
COMBA_START;

3
ctaocrypt/src/fp_sqr_comba_6.i
View File

@@ -24,6 +24,9 @@
void fp_sqr_comba6(fp_int *A, fp_int *B)
{
fp_digit *a, b[12], c0, c1, c2, sc0, sc1, sc2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp;
COMBA_START;

3
ctaocrypt/src/fp_sqr_comba_7.i
View File

@@ -24,6 +24,9 @@
void fp_sqr_comba7(fp_int *A, fp_int *B)
{
fp_digit *a, b[14], c0, c1, c2, sc0, sc1, sc2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp;
COMBA_START;

3
ctaocrypt/src/fp_sqr_comba_8.i
View File

@@ -24,6 +24,9 @@
void fp_sqr_comba8(fp_int *A, fp_int *B)
{
fp_digit *a, b[16], c0, c1, c2, sc0, sc1, sc2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp;
COMBA_START;

3
ctaocrypt/src/fp_sqr_comba_9.i
View File

@@ -24,6 +24,9 @@
void fp_sqr_comba9(fp_int *A, fp_int *B)
{
fp_digit *a, b[18], c0, c1, c2, sc0, sc1, sc2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp;
COMBA_START;

2
ctaocrypt/src/integer.c
View File

@@ -3765,7 +3765,7 @@ int mp_sqrmod (mp_int * a, mp_int * b, mp_int * c)
#endif
#if defined(HAVE_ECC) || !defined(NO_PWDBASED) || defined(CYASSL_SNIFFER)
#if defined(HAVE_ECC) || !defined(NO_PWDBASED) || defined(CYASSL_SNIFFER) || defined(CYASSL_HAVE_WOLFSCEP)
/* single digit addition */
int mp_add_d (mp_int* a, mp_digit b, mp_int* c)

24
ctaocrypt/src/md5.c
View File

@@ -36,6 +36,13 @@
#include <ctaocrypt/src/misc.c>
#endif
#ifdef FREESCALE_MMCAU
#include "cau_api.h"
#define XTRANSFORM(S,B) cau_md5_hash_n((B), 1, (unsigned char*)(S)->digest)
#else
#define XTRANSFORM(S,B) Transform((S))
#endif
#ifdef STM32F2_HASH
/*
@@ -174,6 +181,7 @@ void InitMd5(Md5* md5)
md5->hiLen = 0;
}
#ifndef FREESCALE_MMCAU
static void Transform(Md5* md5)
{
@@ -266,6 +274,8 @@ static void Transform(Md5* md5)
md5->digest[3] += d;
}
#endif /* FREESCALE_MMCAU */
static INLINE void AddLength(Md5* md5, word32 len)
{
@@ -289,10 +299,10 @@ void Md5Update(Md5* md5, const byte* data, word32 len)
len -= add;
if (md5->buffLen == MD5_BLOCK_SIZE) {
#ifdef BIG_ENDIAN_ORDER
#if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseBytes(local, local, MD5_BLOCK_SIZE);
#endif
Transform(md5);
XTRANSFORM(md5, local);
AddLength(md5, MD5_BLOCK_SIZE);
md5->buffLen = 0;
}
@@ -304,7 +314,7 @@ void Md5Final(Md5* md5, byte* hash)
{
byte* local = (byte*)md5->buffer;
AddLength(md5, md5->buffLen); /* before adding pads */
AddLength(md5, md5->buffLen); /* before adding pads */
local[md5->buffLen++] = 0x80; /* add 1 */
@@ -313,10 +323,10 @@ void Md5Final(Md5* md5, byte* hash)
XMEMSET(&local[md5->buffLen], 0, MD5_BLOCK_SIZE - md5->buffLen);
md5->buffLen += MD5_BLOCK_SIZE - md5->buffLen;
#ifdef BIG_ENDIAN_ORDER
#if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseBytes(local, local, MD5_BLOCK_SIZE);
#endif
Transform(md5);
XTRANSFORM(md5, local);
md5->buffLen = 0;
}
XMEMSET(&local[md5->buffLen], 0, MD5_PAD_SIZE - md5->buffLen);
@@ -327,14 +337,14 @@ void Md5Final(Md5* md5, byte* hash)
md5->loLen = md5->loLen << 3;
/* store lengths */
#ifdef BIG_ENDIAN_ORDER
#if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseBytes(local, local, MD5_BLOCK_SIZE);
#endif
/* ! length ordering dependent on digest endian type ! */
XMEMCPY(&local[MD5_PAD_SIZE], &md5->loLen, sizeof(word32));
XMEMCPY(&local[MD5_PAD_SIZE + sizeof(word32)], &md5->hiLen, sizeof(word32));
Transform(md5);
XTRANSFORM(md5, local);
#ifdef BIG_ENDIAN_ORDER
ByteReverseWords(md5->digest, md5->digest, MD5_DIGEST_SIZE);
#endif

1348
ctaocrypt/src/pkcs7.c Normal file
View File

File diff suppressed because it is too large Load Diff

45
ctaocrypt/src/sha.c
View File

@@ -35,6 +35,13 @@
#include <ctaocrypt/src/misc.c>
#endif
#ifdef FREESCALE_MMCAU
#include "cau_api.h"
#define XTRANSFORM(S,B) cau_sha1_hash_n((B), 1, ((S))->digest)
#else
#define XTRANSFORM(S,B) Transform((S))
#endif
#ifdef STM32F2_HASH
/*
@@ -164,17 +171,23 @@
void InitSha(Sha* sha)
{
sha->digest[0] = 0x67452301L;
sha->digest[1] = 0xEFCDAB89L;
sha->digest[2] = 0x98BADCFEL;
sha->digest[3] = 0x10325476L;
sha->digest[4] = 0xC3D2E1F0L;
#ifdef FREESCALE_MMCAU
cau_sha1_initialize_output(sha->digest);
#else
sha->digest[0] = 0x67452301L;
sha->digest[1] = 0xEFCDAB89L;
sha->digest[2] = 0x98BADCFEL;
sha->digest[3] = 0x10325476L;
sha->digest[4] = 0xC3D2E1F0L;
#endif
sha->buffLen = 0;
sha->loLen = 0;
sha->hiLen = 0;
}
#ifndef FREESCALE_MMCAU
#define blk0(i) (W[i] = sha->buffer[i])
#define blk1(i) (W[i&15] = \
rotlFixed(W[(i+13)&15]^W[(i+8)&15]^W[(i+2)&15]^W[i&15],1))
@@ -272,6 +285,8 @@ static void Transform(Sha* sha)
sha->digest[4] += e;
}
#endif /* FREESCALE_MMCAU */
static INLINE void AddLength(Sha* sha, word32 len)
{
@@ -295,10 +310,10 @@ void ShaUpdate(Sha* sha, const byte* data, word32 len)
len -= add;
if (sha->buffLen == SHA_BLOCK_SIZE) {
#ifdef LITTLE_ENDIAN_ORDER
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseBytes(local, local, SHA_BLOCK_SIZE);
#endif
Transform(sha);
XTRANSFORM(sha, local);
AddLength(sha, SHA_BLOCK_SIZE);
sha->buffLen = 0;
}
@@ -310,7 +325,7 @@ void ShaFinal(Sha* sha, byte* hash)
{
byte* local = (byte*)sha->buffer;
AddLength(sha, sha->buffLen); /* before adding pads */
AddLength(sha, sha->buffLen); /* before adding pads */
local[sha->buffLen++] = 0x80; /* add 1 */
@@ -319,10 +334,10 @@ void ShaFinal(Sha* sha, byte* hash)
XMEMSET(&local[sha->buffLen], 0, SHA_BLOCK_SIZE - sha->buffLen);
sha->buffLen += SHA_BLOCK_SIZE - sha->buffLen;
#ifdef LITTLE_ENDIAN_ORDER
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseBytes(local, local, SHA_BLOCK_SIZE);
#endif
Transform(sha);
XTRANSFORM(sha, local);
sha->buffLen = 0;
}
XMEMSET(&local[sha->buffLen], 0, SHA_PAD_SIZE - sha->buffLen);
@@ -333,14 +348,20 @@ void ShaFinal(Sha* sha, byte* hash)
sha->loLen = sha->loLen << 3;
/* store lengths */
#ifdef LITTLE_ENDIAN_ORDER
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseBytes(local, local, SHA_BLOCK_SIZE);
#endif
/* ! length ordering dependent on digest endian type ! */
XMEMCPY(&local[SHA_PAD_SIZE], &sha->hiLen, sizeof(word32));
XMEMCPY(&local[SHA_PAD_SIZE + sizeof(word32)], &sha->loLen, sizeof(word32));
Transform(sha);
#ifdef FREESCALE_MMCAU
/* Kinetis requires only these bytes reversed */
ByteReverseBytes(&local[SHA_PAD_SIZE], &local[SHA_PAD_SIZE],
2 * sizeof(word32));
#endif
XTRANSFORM(sha, local);
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords(sha->digest, sha->digest, SHA_DIGEST_SIZE);
#endif

51
ctaocrypt/src/sha256.c
View File

@@ -37,6 +37,13 @@
#include <ctaocrypt/src/misc.c>
#endif
#ifdef FREESCALE_MMCAU
#include "cau_api.h"
#define XTRANSFORM(S,B) cau_sha256_hash_n((B), 1, ((S))->digest)
#else
#define XTRANSFORM(S,B) Transform((S))
#endif
#ifndef min
@@ -50,20 +57,26 @@
void InitSha256(Sha256* sha256)
{
sha256->digest[0] = 0x6A09E667L;
sha256->digest[1] = 0xBB67AE85L;
sha256->digest[2] = 0x3C6EF372L;
sha256->digest[3] = 0xA54FF53AL;
sha256->digest[4] = 0x510E527FL;
sha256->digest[5] = 0x9B05688CL;
sha256->digest[6] = 0x1F83D9ABL;
sha256->digest[7] = 0x5BE0CD19L;
#ifdef FREESCALE_MMCAU
cau_sha256_initialize_output(sha256->digest);
#else
sha256->digest[0] = 0x6A09E667L;
sha256->digest[1] = 0xBB67AE85L;
sha256->digest[2] = 0x3C6EF372L;
sha256->digest[3] = 0xA54FF53AL;
sha256->digest[4] = 0x510E527FL;
sha256->digest[5] = 0x9B05688CL;
sha256->digest[6] = 0x1F83D9ABL;
sha256->digest[7] = 0x5BE0CD19L;
#endif
sha256->buffLen = 0;
sha256->loLen = 0;
sha256->hiLen = 0;
}
#ifndef FREESCALE_MMCAU
static const word32 K[64] = {
0x428A2F98L, 0x71374491L, 0xB5C0FBCFL, 0xE9B5DBA5L, 0x3956C25BL,
0x59F111F1L, 0x923F82A4L, 0xAB1C5ED5L, 0xD807AA98L, 0x12835B01L,
@@ -128,6 +141,8 @@ static void Transform(Sha256* sha256)
}
}
#endif /* FREESCALE_MMCAU */
static INLINE void AddLength(Sha256* sha256, word32 len)
{
@@ -151,10 +166,10 @@ void Sha256Update(Sha256* sha256, const byte* data, word32 len)
len -= add;
if (sha256->buffLen == SHA256_BLOCK_SIZE) {
#ifdef LITTLE_ENDIAN_ORDER
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseBytes(local, local, SHA256_BLOCK_SIZE);
#endif
Transform(sha256);
XTRANSFORM(sha256, local);
AddLength(sha256, SHA256_BLOCK_SIZE);
sha256->buffLen = 0;
}
@@ -168,17 +183,17 @@ void Sha256Final(Sha256* sha256, byte* hash)
AddLength(sha256, sha256->buffLen); /* before adding pads */
local[sha256->buffLen++] = 0x80; /* add 1 */
local[sha256->buffLen++] = 0x80; /* add 1 */
/* pad with zeros */
if (sha256->buffLen > SHA256_PAD_SIZE) {
XMEMSET(&local[sha256->buffLen], 0, SHA256_BLOCK_SIZE - sha256->buffLen);
sha256->buffLen += SHA256_BLOCK_SIZE - sha256->buffLen;
#ifdef LITTLE_ENDIAN_ORDER
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseBytes(local, local, SHA256_BLOCK_SIZE);
#endif
Transform(sha256);
XTRANSFORM(sha256, local);
sha256->buffLen = 0;
}
XMEMSET(&local[sha256->buffLen], 0, SHA256_PAD_SIZE - sha256->buffLen);
@@ -189,7 +204,7 @@ void Sha256Final(Sha256* sha256, byte* hash)
sha256->loLen = sha256->loLen << 3;
/* store lengths */
#ifdef LITTLE_ENDIAN_ORDER
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseBytes(local, local, SHA256_BLOCK_SIZE);
#endif
/* ! length ordering dependent on digest endian type ! */
@@ -197,7 +212,13 @@ void Sha256Final(Sha256* sha256, byte* hash)
XMEMCPY(&local[SHA256_PAD_SIZE + sizeof(word32)], &sha256->loLen,
sizeof(word32));
Transform(sha256);
#ifdef FREESCALE_MMCAU
/* Kinetis requires only these bytes reversed */
ByteReverseBytes(&local[SHA256_PAD_SIZE], &local[SHA256_PAD_SIZE],
2 * sizeof(word32));
#endif
XTRANSFORM(sha256, local);
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords(sha256->digest, sha256->digest, SHA256_DIGEST_SIZE);
#endif

26
ctaocrypt/src/sha512.c
View File

@@ -146,13 +146,24 @@ static void Transform(Sha512* sha512)
/* Copy digest to working vars */
XMEMCPY(T, sha512->digest, sizeof(T));
/* 64 operations, partially loop unrolled */
#ifdef USE_SLOW_SHA2
/* over twice as small, but 50% slower */
/* 80 operations, not unrolled */
for (j = 0; j < 80; j += 16) {
int m;
for (m = 0; m < 16; m++) { /* braces needed here for macros {} */
R(m);
}
}
#else
/* 80 operations, partially loop unrolled */
for (j = 0; j < 80; j += 16) {
R( 0); R( 1); R( 2); R( 3);
R( 4); R( 5); R( 6); R( 7);
R( 8); R( 9); R(10); R(11);
R(12); R(13); R(14); R(15);
}
#endif /* USE_SLOW_SHA2 */
/* Add the working vars back into digest */
@@ -280,13 +291,24 @@ static void Transform384(Sha384* sha384)
/* Copy digest to working vars */
XMEMCPY(T, sha384->digest, sizeof(T));
/* 64 operations, partially loop unrolled */
#ifdef USE_SLOW_SHA2
/* over twice as small, but 50% slower */
/* 80 operations, not unrolled */
for (j = 0; j < 80; j += 16) {
int m;
for (m = 0; m < 16; m++) { /* braces needed for macros {} */
R2(m);
}
}
#else
/* 80 operations, partially loop unrolled */
for (j = 0; j < 80; j += 16) {
R2( 0); R2( 1); R2( 2); R2( 3);
R2( 4); R2( 5); R2( 6); R2( 7);
R2( 8); R2( 9); R2(10); R2(11);
R2(12); R2(13); R2(14); R2(15);
}
#endif /* USE_SLOW_SHA2 */
/* Add the working vars back into digest */

575
ctaocrypt/test/test.c
View File

@@ -61,6 +61,9 @@
#ifdef HAVE_LIBZ
#include <cyassl/ctaocrypt/compress.h>
#endif
#ifdef HAVE_PKCS7
#include <cyassl/ctaocrypt/pkcs7.h>
#endif
#ifdef _MSC_VER
/* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
@@ -174,6 +177,10 @@ int pbkdf2_test(void);
#ifdef HAVE_LIBZ
int compress_test(void);
#endif
#ifdef HAVE_PKCS7
int pkcs7enveloped_test(void);
int pkcs7signed_test(void);
#endif
@@ -458,6 +465,18 @@ void ctaocrypt_test(void* args)
printf( "COMPRESS test passed!\n");
#endif
#ifdef HAVE_PKCS7
if ( (ret = pkcs7enveloped_test()) != 0)
err_sys("PKCS7enveloped test failed!\n", ret);
else
printf( "PKCS7enveloped test passed!\n");
if ( (ret = pkcs7signed_test()) != 0)
err_sys("PKCS7signed test failed!\n", ret);
else
printf( "PKCS7signed test passed!\n");
#endif
((func_args*)args)->return_code = ret;
}
@@ -1897,6 +1916,12 @@ int aes_test(void)
0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee
};
const byte oddCipher[] =
{
0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0,
0xc2
};
AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
/* Ctr only uses encrypt, even on key setup */
AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
@@ -1909,6 +1934,30 @@ int aes_test(void)
if (memcmp(cipher, ctrCipher, AES_BLOCK_SIZE*4))
return -67;
/* let's try with just 9 bytes, non block size test */
AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
/* Ctr only uses encrypt, even on key setup */
AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
AesCtrEncrypt(&enc, cipher, ctrPlain, 9);
AesCtrEncrypt(&dec, plain, cipher, 9);
if (memcmp(plain, ctrPlain, 9))
return -68;
if (memcmp(cipher, ctrCipher, 9))
return -69;
/* and an additional 9 bytes to reuse tmp left buffer */
AesCtrEncrypt(&enc, cipher, ctrPlain, 9);
AesCtrEncrypt(&dec, plain, cipher, 9);
if (memcmp(plain, ctrPlain, 9))
return -70;
if (memcmp(cipher, oddCipher, 9))
return -71;
}
#endif /* CYASSL_AES_COUNTER */
@@ -2487,17 +2536,27 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out)
#ifdef CYASSL_CERT_GEN
static const char* caKeyFile = "a:\\certs\\ca-key.der";
static const char* caCertFile = "a:\\certs\\ca-cert.pem";
#ifdef HAVE_ECC
static const char* eccCaKeyFile = "a:\\certs\\ecc-key.der";
static const char* eccCaCertFile = "a:\\certs\\server-ecc.pem";
#endif
#endif
#elif defined(CYASSL_MKD_SHELL)
static char* clientKey = "certs/client-key.der";
static char* clientCert = "certs/client-cert.der";
void set_clientKey(char *key) { clientKey = key ; } /* set by shell command */
void set_clientCert(char *cert) { clientCert = cert ; } /* set by shell command */
void set_clientKey(char *key) { clientKey = key ; }
void set_clientCert(char *cert) { clientCert = cert ; }
#ifdef CYASSL_CERT_GEN
static char* caKeyFile = "certs/ca-key.der";
static char* caCertFile = "certs/ca-cert.pem";
void set_caKeyFile (char * key) { caKeyFile = key ; } /* set by shell command */
void set_caCertFile(char * cert) { caCertFile = cert ; } /* set by shell command */
void set_caKeyFile (char * key) { caKeyFile = key ; }
void set_caCertFile(char * cert) { caCertFile = cert ; }
#ifdef HAVE_ECC
static const char* eccCaKeyFile = "certs/ecc-key.der";
static const char* eccCaCertFile = "certs/server-ecc.pem";
void set_eccCaKeyFile (char * key) { eccCaKeyFile = key ; }
void set_eccCaCertFile(char * cert) { eccCaCertFile = cert ; }
#endif
#endif
#else
static const char* clientKey = "./certs/client-key.der";
@@ -2505,6 +2564,10 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out)
#ifdef CYASSL_CERT_GEN
static const char* caKeyFile = "./certs/ca-key.der";
static const char* caCertFile = "./certs/ca-cert.pem";
#ifdef HAVE_ECC
static const char* eccCaKeyFile = "./certs/ecc-key.der";
static const char* eccCaCertFile = "./certs/server-ecc.pem";
#endif
#endif
#endif
#endif
@@ -2784,11 +2847,12 @@ int rsa_test(void)
if (ret < 0)
return -405;
certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, &rng);
certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, NULL, &rng);
if (certSz < 0)
return -407;
certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng);
certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
&caKey, NULL, &rng);
if (certSz < 0)
return -408;
@@ -2820,6 +2884,95 @@ int rsa_test(void)
free(derCert);
FreeRsaKey(&caKey);
}
#ifdef HAVE_ECC
/* ECC CA style */
{
ecc_key caKey;
Cert myCert;
byte* derCert;
byte* pem;
FILE* derFile;
FILE* pemFile;
int certSz;
int pemSz;
size_t bytes3;
word32 idx3 = 0;
FILE* file3 ;
#ifdef CYASSL_TEST_CERT
DecodedCert decode;
#endif
derCert = (byte*)malloc(FOURK_BUF);
if (derCert == NULL)
return -5311;
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
return -5312;
file3 = fopen(eccCaKeyFile, "rb");
if (!file3)
return -5412;
bytes3 = fread(tmp, 1, FOURK_BUF, file3);
fclose(file3);
ecc_init(&caKey);
ret = EccPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3);
if (ret != 0) return -5413;
InitCert(&myCert);
myCert.sigType = CTC_SHA256wECDSA;
strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
strncpy(myCert.subject.org, "wolfSSL", CTC_NAME_SIZE);
strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
strncpy(myCert.subject.commonName, "www.wolfssl.com", CTC_NAME_SIZE);
strncpy(myCert.subject.email, "info@wolfssl.com", CTC_NAME_SIZE);
ret = SetIssuer(&myCert, eccCaCertFile);
if (ret < 0)
return -5405;
certSz = MakeCert(&myCert, derCert, FOURK_BUF, NULL, &caKey, &rng);
if (certSz < 0)
return -5407;
certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
NULL, &caKey, &rng);
if (certSz < 0)
return -5408;
#ifdef CYASSL_TEST_CERT
InitDecodedCert(&decode, derCert, certSz, 0);
ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
if (ret != 0)
return -5409;
FreeDecodedCert(&decode);
#endif
derFile = fopen("./certecc.der", "wb");
if (!derFile)
return -5410;
ret = (int)fwrite(derCert, certSz, 1, derFile);
fclose(derFile);
pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
if (pemSz < 0)
return -5411;
pemFile = fopen("./certecc.pem", "wb");
if (!pemFile)
return -5412;
ret = (int)fwrite(pem, pemSz, 1, pemFile);
fclose(pemFile);
free(pem);
free(derCert);
ecc_free(&caKey);
}
#endif /* HAVE_ECC */
#ifdef HAVE_NTRU
{
RsaKey caKey;
@@ -2900,7 +3053,8 @@ int rsa_test(void)
if (certSz < 0)
return -456;
certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng);
certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
&caKey, NULL, &rng);
if (certSz < 0)
return -457;
@@ -2938,6 +3092,66 @@ int rsa_test(void)
FreeRsaKey(&caKey);
}
#endif /* HAVE_NTRU */
#ifdef CYASSL_CERT_REQ
{
Cert req;
byte* der;
byte* pem;
int derSz;
int pemSz;
FILE* reqFile;
der = (byte*)malloc(FOURK_BUF);
if (der == NULL)
return -463;
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
return -464;
InitCert(&req);
req.version = 0;
req.isCA = 1;
strncpy(req.challengePw, "yassl123", CTC_NAME_SIZE);
strncpy(req.subject.country, "US", CTC_NAME_SIZE);
strncpy(req.subject.state, "OR", CTC_NAME_SIZE);
strncpy(req.subject.locality, "Portland", CTC_NAME_SIZE);
strncpy(req.subject.org, "yaSSL", CTC_NAME_SIZE);
strncpy(req.subject.unit, "Development", CTC_NAME_SIZE);
strncpy(req.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
strncpy(req.subject.email, "info@yassl.com", CTC_NAME_SIZE);
req.sigType = CTC_SHA256wRSA;
derSz = MakeCertReq(&req, der, FOURK_BUF, &key, NULL);
if (derSz < 0)
return -465;
derSz = SignCert(req.bodySz, req.sigType, der, FOURK_BUF,
&key, NULL, &rng);
if (derSz < 0)
return -466;
pemSz = DerToPem(der, derSz, pem, FOURK_BUF, CERTREQ_TYPE);
if (pemSz < 0)
return -467;
reqFile = fopen("./certreq.der", "wb");
if (!reqFile)
return -468;
ret = (int)fwrite(der, derSz, 1, reqFile);
fclose(reqFile);
reqFile = fopen("./certreq.pem", "wb");
if (!reqFile)
return -469;
ret = (int)fwrite(pem, pemSz, 1, reqFile);
fclose(reqFile);
free(pem);
free(der);
}
#endif /* CYASSL_CERT_REQ */
#endif /* CYASSL_CERT_GEN */
FreeRsaKey(&key);
@@ -3628,12 +3842,12 @@ int ecc_encrypt_test(void)
for (i = 0; i < 48; i++)
msg[i] = i;
/* send encrypted msg to B */
/* encrypt msg to B */
ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz, NULL);
if (ret != 0)
return -3003;
/* decrypted msg to B */
/* decrypt msg from A */
ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, NULL);
if (ret != 0)
return -3004;
@@ -3641,6 +3855,84 @@ int ecc_encrypt_test(void)
if (memcmp(plain, msg, sizeof(msg)) != 0)
return -3005;
{ /* let's verify message exchange works, A is client, B is server */
ecEncCtx* cliCtx = ecc_ctx_new(REQ_RESP_CLIENT, &rng);
ecEncCtx* srvCtx = ecc_ctx_new(REQ_RESP_SERVER, &rng);
byte cliSalt[EXCHANGE_SALT_SZ];
byte srvSalt[EXCHANGE_SALT_SZ];
const byte* tmpSalt;
if (cliCtx == NULL || srvCtx == NULL)
return -3006;
/* get salt to send to peer */
tmpSalt = ecc_ctx_get_own_salt(cliCtx);
if (tmpSalt == NULL)
return -3007;
memcpy(cliSalt, tmpSalt, EXCHANGE_SALT_SZ);
tmpSalt = ecc_ctx_get_own_salt(srvCtx);
if (tmpSalt == NULL)
return -3007;
memcpy(srvSalt, tmpSalt, EXCHANGE_SALT_SZ);
/* in actual use, we'd get the peer's salt over the transport */
ret = ecc_ctx_set_peer_salt(cliCtx, srvSalt);
ret += ecc_ctx_set_peer_salt(srvCtx, cliSalt);
if (ret != 0)
return -3008;
/* get encrypted msg (request) to send to B */
outSz = sizeof(out);
ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz,cliCtx);
if (ret != 0)
return -3009;
/* B decrypts msg (request) from A */
plainSz = sizeof(plain);
ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, srvCtx);
if (ret != 0)
return -3010;
if (memcmp(plain, msg, sizeof(msg)) != 0)
return -3011;
{
/* msg2 (response) from B to A */
byte msg2[48];
byte plain2[48];
byte out2[80];
word32 outSz2 = sizeof(out2);
word32 plainSz2 = sizeof(plain2);
for (i = 0; i < 48; i++)
msg2[i] = i+48;
/* get encrypted msg (response) to send to B */
ret = ecc_encrypt(&userB, &userA, msg2, sizeof(msg2), out2,
&outSz2, srvCtx);
if (ret != 0)
return -3012;
/* A decrypts msg (response) from B */
ret = ecc_decrypt(&userA, &userB, out2, outSz2, plain2, &plainSz2,
cliCtx);
if (ret != 0)
return -3013;
if (memcmp(plain2, msg2, sizeof(msg2)) != 0)
return -3014;
}
/* cleanup */
ecc_ctx_free(srvCtx);
ecc_ctx_free(cliCtx);
}
/* cleanup */
ecc_free(&userB);
ecc_free(&userA);
@@ -3766,4 +4058,269 @@ int compress_test(void)
#endif /* HAVE_LIBZ */
#ifdef HAVE_PKCS7
int pkcs7enveloped_test(void)
{
int ret = 0;
int cipher = DES3b;
int envelopedSz, decodedSz;
PKCS7 pkcs7;
byte* cert;
byte* privKey;
byte enveloped[2048];
byte decoded[2048];
size_t certSz;
size_t privKeySz;
FILE* certFile;
FILE* keyFile;
FILE* pkcs7File;
const char* pkcs7OutFile = "pkcs7envelopedData.der";
const byte data[] = { /* Hello World */
0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
0x72,0x6c,0x64
};
/* read client cert and key in DER format */
cert = (byte*)malloc(FOURK_BUF);
if (cert == NULL)
return -201;
privKey = (byte*)malloc(FOURK_BUF);
if (privKey == NULL)
return -202;
certFile = fopen(clientCert, "rb");
if (!certFile)
err_sys("can't open ./certs/client-cert.der, "
"Please run from CyaSSL home dir", -42);
certSz = fread(cert, 1, FOURK_BUF, certFile);
fclose(certFile);
keyFile = fopen(clientKey, "rb");
if (!keyFile)
err_sys("can't open ./certs/client-key.der, "
"Please run from CyaSSL home dir", -43);
privKeySz = fread(privKey, 1, FOURK_BUF, keyFile);
fclose(keyFile);
PKCS7_InitWithCert(&pkcs7, cert, (word32)certSz);
pkcs7.content = (byte*)data;
pkcs7.contentSz = (word32)sizeof(data);
pkcs7.contentOID = DATA;
pkcs7.encryptOID = cipher;
pkcs7.privateKey = privKey;
pkcs7.privateKeySz = (word32)privKeySz;
/* encode envelopedData */
envelopedSz = PKCS7_EncodeEnvelopedData(&pkcs7, enveloped,
sizeof(enveloped));
if (envelopedSz <= 0)
return -203;
/* decode envelopedData */
decodedSz = PKCS7_DecodeEnvelopedData(&pkcs7, enveloped, envelopedSz,
decoded, sizeof(decoded));
if (decodedSz <= 0)
return -204;
/* test decode result */
if (memcmp(decoded, data, sizeof(data)) != 0) {
return -205;
}
/* output pkcs7 envelopedData for external testing */
pkcs7File = fopen(pkcs7OutFile, "wb");
if (!pkcs7File)
return -206;
ret = (int)fwrite(enveloped, envelopedSz, 1, pkcs7File);
fclose(pkcs7File);
free(cert);
free(privKey);
PKCS7_Free(&pkcs7);
if (ret > 0)
return 0;
return ret;
}
int pkcs7signed_test(void)
{
int ret = 0;
FILE* file;
byte* certDer;
byte* keyDer;
byte* out;
char data[] = "Hello World";
word32 dataSz, outSz, certDerSz, keyDerSz;
PKCS7 msg;
RNG rng;
byte transIdOid[] =
{ 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
0x09, 0x07 };
byte messageTypeOid[] =
{ 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
0x09, 0x02 };
byte senderNonceOid[] =
{ 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
0x09, 0x05 };
byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1];
byte messageType[] = { 0x13, 2, '1', '9' };
byte senderNonce[PKCS7_NONCE_SZ + 2];
PKCS7Attrib attribs[] =
{
{ transIdOid, sizeof(transIdOid),
transId, sizeof(transId) - 1 }, /* take off the null */
{ messageTypeOid, sizeof(messageTypeOid),
messageType, sizeof(messageType) },
{ senderNonceOid, sizeof(senderNonceOid),
senderNonce, sizeof(senderNonce) }
};
dataSz = (word32) strlen(data);
outSz = FOURK_BUF;
certDer = (byte*)malloc(FOURK_BUF);
keyDer = (byte*)malloc(FOURK_BUF);
out = (byte*)malloc(FOURK_BUF);
if (certDer == NULL)
return -207;
if (keyDer == NULL)
return -208;
if (out == NULL)
return -209;
/* read in DER cert of recipient, into cert of size certSz */
file = fopen(clientCert, "rb");
if (!file) {
free(certDer);
free(keyDer);
free(out);
err_sys("can't open ./certs/client-cert.der, "
"Please run from CyaSSL home dir", -44);
}
certDerSz = (word32)fread(certDer, 1, FOURK_BUF, file);
fclose(file);
file = fopen(clientKey, "rb");
if (!file) {
free(certDer);
free(keyDer);
free(out);
err_sys("can't open ./certs/client-key.der, "
"Please run from CyaSSL home dir", -45);
}
keyDerSz = (word32)fread(keyDer, 1, FOURK_BUF, file);
fclose(file);
ret = InitRng(&rng);
senderNonce[0] = 0x04;
senderNonce[1] = PKCS7_NONCE_SZ;
RNG_GenerateBlock(&rng, &senderNonce[2], PKCS7_NONCE_SZ);
PKCS7_InitWithCert(&msg, certDer, certDerSz);
msg.privateKey = keyDer;
msg.privateKeySz = keyDerSz;
msg.content = (byte*)data;
msg.contentSz = dataSz;
msg.hashOID = SHAh;
msg.encryptOID = RSAk;
msg.signedAttribs = attribs;
msg.signedAttribsSz = sizeof(attribs)/sizeof(PKCS7Attrib);
msg.rng = &rng;
{
Sha sha;
byte digest[SHA_DIGEST_SIZE];
int i,j;
transId[0] = 0x13;
transId[1] = SHA_DIGEST_SIZE * 2;
InitSha(&sha);
ShaUpdate(&sha, msg.publicKey, msg.publicKeySz);
ShaFinal(&sha, digest);
for (i = 0, j = 2; i < SHA_DIGEST_SIZE; i++, j += 2) {
snprintf((char*)&transId[j], 3, "%02x", digest[i]);
}
}
ret = PKCS7_EncodeSignedData(&msg, out, outSz);
if (ret < 0) {
free(certDer);
free(keyDer);
free(out);
PKCS7_Free(&msg);
return -210;
}
else
outSz = ret;
/* write PKCS#7 to output file for more testing */
file = fopen("./pkcs7signedData.der", "wb");
if (!file) {
free(certDer);
free(keyDer);
free(out);
PKCS7_Free(&msg);
return -211;
}
ret = (int)fwrite(out, 1, outSz, file);
fclose(file);
PKCS7_Free(&msg);
PKCS7_InitWithCert(&msg, NULL, 0);
ret = PKCS7_VerifySignedData(&msg, out, outSz);
if (ret < 0) {
free(certDer);
free(keyDer);
free(out);
PKCS7_Free(&msg);
return -212;
}
if (msg.singleCert == NULL || msg.singleCertSz == 0) {
free(certDer);
free(keyDer);
free(out);
PKCS7_Free(&msg);
return -213;
}
file = fopen("./pkcs7cert.der", "wb");
if (!file) {
free(certDer);
free(keyDer);
free(out);
PKCS7_Free(&msg);
return -214;
}
ret = (int)fwrite(msg.singleCert, 1, msg.singleCertSz, file);
fclose(file);
free(certDer);
free(keyDer);
free(out);
PKCS7_Free(&msg);
if (ret > 0)
return 0;
return ret;
}
#endif /* HAVE_PKCS7 */
#endif /* NO_CRYPT_TEST */

20
cyassl-ntru.vcproj
View File

@@ -166,10 +166,22 @@
RelativePath=".\ctaocrypt\src\asn.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\blake2b.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\camellia.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\coding.c"
>
</File>
<File
RelativePath=".\src\crl.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\des3.c"
>
@@ -182,6 +194,10 @@
RelativePath=".\ctaocrypt\src\dsa.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\ecc.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\error.c"
>
@@ -230,6 +246,10 @@
RelativePath=".\ctaocrypt\src\misc.c"
>
</File>
<File
RelativePath=".\src\ocsp.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\port.c"
>

20
cyassl.vcproj
View File

@@ -162,10 +162,22 @@
RelativePath=".\ctaocrypt\src\asn.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\blake2b.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\camellia.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\coding.c"
>
</File>
<File
RelativePath=".\src\crl.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\des3.c"
>
@@ -178,6 +190,10 @@
RelativePath=".\ctaocrypt\src\dsa.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\ecc.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\error.c"
>
@@ -222,6 +238,10 @@
RelativePath=".\ctaocrypt\src\memory.c"
>
</File>
<File
RelativePath=".\src\ocsp.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\port.c"
>

3
cyassl/ctaocrypt/aes.h
View File

@@ -92,6 +92,9 @@ typedef struct Aes {
word32 magic; /* using cavium magic */
word64 contextHandle; /* nitrox context memory handle */
#endif
#ifdef CYASSL_AES_COUNTER
word32 left; /* unsued bytes left from last call */
#endif
} Aes;

99
cyassl/ctaocrypt/asn.h
View File

@@ -59,6 +59,7 @@ enum ASN_Tags {
ASN_TAG_NULL = 0x05,
ASN_OBJECT_ID = 0x06,
ASN_ENUMERATED = 0x0a,
ASN_UTF8STRING = 0x0c,
ASN_SEQUENCE = 0x10,
ASN_SET = 0x11,
ASN_UTC_TIME = 0x17,
@@ -125,6 +126,9 @@ enum Misc_ASN {
MAX_ALGO_SZ = 20,
MAX_SEQ_SZ = 5, /* enum(seq | con) + length(4) */
MAX_SET_SZ = 5, /* enum(set | con) + length(4) */
MAX_OCTET_STR_SZ = 5, /* enum(set | con) + length(4) */
MAX_EXP_SZ = 5, /* enum(contextspec|con|exp) + length(4) */
MAX_PRSTR_SZ = 5, /* enum(prstr) + length(4) */
MAX_VERSION_SZ = 5, /* enum + id + version(byte) + (header(2))*/
MAX_ENCODED_DIG_SZ = 73, /* sha512 + enum(bit or octet) + legnth(4) */
MAX_RSA_INT_SZ = 517, /* RSA raw sz 4096 for bits + tag + len(4) */
@@ -135,6 +139,11 @@ enum Misc_ASN {
MAX_CA_SZ = 32, /* Max encoded CA basic constraint length */
MAX_SN_SZ = 35, /* Max encoded serial number (INT) length */
#ifdef CYASSL_CERT_GEN
#ifdef CYASSL_CERT_REQ
/* Max encoded cert req attributes length */
MAX_ATTRIB_SZ = MAX_SEQ_SZ * 3 + (11 + MAX_SEQ_SZ) * 2 +
MAX_PRSTR_SZ + CTC_NAME_SIZE, /* 11 is the OID size */
#endif
#ifdef CYASSL_ALT_NAMES
MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + CTC_MAX_ALT_SIZE,
#else
@@ -151,9 +160,11 @@ enum Misc_ASN {
enum Oid_Types {
hashType = 0,
sigType = 1,
keyType = 2
hashType = 0,
sigType = 1,
keyType = 2,
curveType = 3,
blkType = 4
};
@@ -167,6 +178,12 @@ enum Hash_Sum {
};
enum Block_Sum {
DESb = 69,
DES3b = 652
};
enum Key_Sum {
DSAk = 515,
RSAk = 645,
@@ -198,7 +215,8 @@ enum Extensions_Sum {
CA_ISSUER_OID = 117,
AUTH_KEY_OID = 149,
SUBJ_KEY_OID = 128,
CERT_POLICY_OID = 146
CERT_POLICY_OID = 146,
KEY_USAGE_OID = 129 /* 2.5.29.15 */
};
enum CertificatePolicy_Sum {
@@ -216,6 +234,18 @@ enum VerifyType {
};
/* Key usage extension bits */
#define KEYUSE_DIGITAL_SIG 0x0100
#define KEYUSE_CONTENT_COMMIT 0x0080
#define KEYUSE_KEY_ENCIPHER 0x0040
#define KEYUSE_DATA_ENCIPHER 0x0020
#define KEYUSE_KEY_AGREE 0x0010
#define KEYUSE_KEY_CERT_SIGN 0x0008
#define KEYUSE_CRL_SIGN 0x0004
#define KEYUSE_ENCIPHER_ONLY 0x0002
#define KEYUSE_DECIPHER_ONLY 0x0001
typedef struct DNS_entry DNS_entry;
struct DNS_entry {
@@ -296,11 +326,35 @@ struct DecodedCert {
byte extSubjKeyIdSet; /* Set when the SKID was read from cert */
byte extAuthKeyId[SHA_SIZE]; /* Authority Key ID */
byte extAuthKeyIdSet; /* Set when the AKID was read from cert */
byte isCA; /* CA basic constraint true */
byte isCA; /* CA basic constraint true */
#ifdef OPENSSL_EXTRA
byte extBasicConstSet;
byte extBasicConstCrit;
byte extBasicConstPlSet;
word32 pathLength; /* CA basic constraint path length, opt */
byte extSubjAltNameSet;
byte extSubjAltNameCrit;
byte extAuthKeyIdCrit;
byte extSubjKeyIdCrit;
byte extKeyUsageSet;
byte extKeyUsageCrit;
word16 extKeyUsage; /* Key usage bitfield */
byte* extAuthKeyIdSrc;
word32 extAuthKeyIdSz;
byte* extSubjKeyIdSrc;
word32 extSubjKeyIdSz;
#ifdef HAVE_ECC
word32 pkCurveOID; /* Public Key's curve OID */
#endif /* HAVE_ECC */
#endif
byte* beforeDate;
int beforeDateLen;
byte* afterDate;
int afterDateLen;
#ifdef HAVE_PKCS7
byte* issuerRaw; /* pointer to issuer inside source */
int issuerRawLen;
#endif
#if defined(CYASSL_CERT_GEN)
/* easy access to subject info for other sign */
char* subjectSN;
@@ -329,6 +383,10 @@ struct DecodedCert {
byte* hwType;
int hwSerialNumSz;
byte* hwSerialNum;
#ifdef OPENSSL_EXTRA
byte extCertPolicySet;
byte extCertPolicyCrit;
#endif /* OPENSSL_EXTRA */
#endif /* CYASSL_SEP */
};
@@ -385,15 +443,37 @@ CYASSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*, int);
CYASSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType);
/* ASN.1 helper functions */
CYASSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len,
word32 maxIdx);
CYASSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len,
word32 maxIdx);
CYASSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len,
word32 maxIdx);
CYASSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx,
int* version);
CYASSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
word32 maxIdx);
CYASSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid,
word32 maxIdx);
CYASSL_LOCAL word32 SetLength(word32 length, byte* output);
CYASSL_LOCAL word32 SetSequence(word32 len, byte* output);
CYASSL_LOCAL word32 SetOctetString(word32 len, byte* output);
CYASSL_LOCAL word32 SetImplicit(byte tag, byte number, word32 len,byte* output);
CYASSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output);
CYASSL_LOCAL word32 SetSet(word32 len, byte* output);
CYASSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz);
CYASSL_LOCAL int SetMyVersion(word32 version, byte* output, int header);
CYASSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output);
CYASSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,
int maxIdx);
#ifdef HAVE_ECC
/* ASN sig helpers */
CYASSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r,
mp_int* s);
CYASSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen,
mp_int* r, mp_int* s);
/* private key helpers */
CYASSL_API int EccPrivateKeyDecode(const byte* input,word32* inOutIdx,
ecc_key*,word32);
#endif
#ifdef CYASSL_CERT_GEN
@@ -403,7 +483,8 @@ enum cert_enums {
JOINT_LEN = 2,
EMAIL_JOINT_LEN = 9,
RSA_KEY = 10,
NTRU_KEY = 11
NTRU_KEY = 11,
ECC_KEY = 12
};

27
cyassl/ctaocrypt/asn_public.h
View File

@@ -24,6 +24,7 @@
#define CTAO_CRYPT_ASN_PUBLIC_H
#include <cyassl/ctaocrypt/types.h>
#include <cyassl/ctaocrypt/ecc.h>
#ifdef CYASSL_CERT_GEN
#include <cyassl/ctaocrypt/rsa.h>
#endif
@@ -41,7 +42,8 @@ enum CertType {
DH_PARAM_TYPE,
CRL_TYPE,
CA_TYPE,
ECC_PRIVATEKEY_TYPE
ECC_PRIVATEKEY_TYPE,
CERTREQ_TYPE
};
@@ -63,6 +65,10 @@ enum Ctc_SigType {
#ifdef CYASSL_CERT_GEN
#ifndef HAVE_ECC
typedef struct ecc_key ecc_key;
#endif
enum Ctc_Misc {
CTC_NAME_SIZE = 64,
CTC_DATE_SIZE = 32,
@@ -103,6 +109,9 @@ typedef struct Cert {
byte afterDate[CTC_DATE_SIZE]; /* after date copy */
int afterDateSz; /* size of copy */
#endif
#ifdef CYASSL_CERT_REQ
char challengePw[CTC_NAME_SIZE];
#endif
} Cert;
@@ -120,8 +129,14 @@ typedef struct Cert {
keyType = RSA_KEY (default)
*/
CYASSL_API void InitCert(Cert*);
CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
CYASSL_API int SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
ecc_key*, RNG*);
#ifdef CYASSL_CERT_REQ
CYASSL_API int MakeCertReq(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
ecc_key*);
#endif
CYASSL_API int SignCert(int requestSz, int sigType, byte* derBuffer,
word32 derSz, RsaKey*, ecc_key*, RNG*);
CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
RNG*);
CYASSL_API int SetIssuer(Cert*, const char*);
@@ -147,6 +162,12 @@ CYASSL_API int SetDatesBuffer(Cert*, const byte*, int);
word32 outputSz, int type);
#endif
#ifdef HAVE_ECC
/* private key helpers */
CYASSL_API int EccPrivateKeyDecode(const byte* input,word32* inOutIdx,
ecc_key*,word32);
#endif
#ifdef __cplusplus
} /* extern "C" */

3
cyassl/ctaocrypt/coding.h
View File

@@ -39,6 +39,9 @@ CYASSL_LOCAL int Base64_Decode(const byte* in, word32 inLen, byte* out,
CYASSL_API
int Base64_Encode(const byte* in, word32 inLen, byte* out,
word32* outLen);
CYASSL_API
int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out,
word32* outLen);
CYASSL_LOCAL
int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen);
#endif

8
cyassl/ctaocrypt/des3.h
View File

@@ -63,22 +63,22 @@ enum {
typedef struct Des {
word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */
#ifdef COLDFIRE_SEC
#ifdef HAVE_COLDFIRE_SEC
byte keylen ; /* for Coldfire SEC */
byte ivlen ; /* for Coldfire SEC */
byte iv[DES3_IVLEN]; /* for Coldfire SEC */
#endif
#endif
word32 key[DES_KS_SIZE];
} Des;
/* DES3 encryption and decryption */
typedef struct Des3 {
#ifdef COLDFIRE_SEC
#ifdef HAVE_COLDFIRE_SEC
byte keylen ; /* for Coldfire SEC */
byte ivlen ; /* for Coldfire SEC */
byte iv[DES3_IVLEN]; /* for Coldfire SEC */
#endif
#endif
word32 key[3][DES_KS_SIZE];
word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */

44
cyassl/ctaocrypt/ecc.h
View File

@@ -49,7 +49,7 @@ typedef struct {
int size; /* The size of the curve in octets */
const char* name; /* name of this curve */
const char* prime; /* prime that defines the field, curve is in (hex) */
const char* B; /* fields B param (hex) */
const char* Bf; /* fields B param (hex) */
const char* order; /* order of the curve (hex) */
const char* Gx; /* x coordinate of the base point on curve (hex) */
const char* Gy; /* y coordinate of the base point on curve (hex) */
@@ -119,6 +119,7 @@ CYASSL_API
int ecc_sig_size(ecc_key* key);
#ifdef HAVE_ECC_ENCRYPT
/* ecc encrypt */
enum ecEncAlgo {
@@ -137,34 +138,39 @@ enum ecMacAlgo {
};
enum {
KEY_SIZE_128 = 16,
KEY_SIZE_256 = 32,
IV_SIZE_64 = 8
KEY_SIZE_128 = 16,
KEY_SIZE_256 = 32,
IV_SIZE_64 = 8,
EXCHANGE_SALT_SZ = 16,
EXCHANGE_INFO_SZ = 23
};
typedef struct ecEncOptions {
byte encAlgo; /* which encryption type */
byte kdfAlgo; /* which key derivation function type */
byte macAlgo; /* which mac function type */
byte* kdfSalt; /* optional salt for kdf */
byte* kdfInfo; /* optional info for kdf */
byte* macSalt; /* optional salt for mac */
word32 kdfSaltSz; /* size of kdfSalt */
word32 kdfInfoSz; /* size of kdfInfo */
word32 macSaltSz; /* size of macSalt */
} ecEncOptions;
enum ecFlags {
REQ_RESP_CLIENT = 1,
REQ_RESP_SERVER = 2
};
typedef struct ecEncCtx ecEncCtx;
CYASSL_API
void ecc_encrypt_init_options(ecEncOptions*); /* init and set to defaults */
ecEncCtx* ecc_ctx_new(int flags, RNG* rng);
CYASSL_API
void ecc_encrypt_free_options(ecEncOptions*); /* release/clear options */
void ecc_ctx_free(ecEncCtx*);
CYASSL_API
const byte* ecc_ctx_get_own_salt(ecEncCtx*);
CYASSL_API
int ecc_ctx_set_peer_salt(ecEncCtx*, const byte* salt);
CYASSL_API
int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncOptions* options);
word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
CYASSL_API
int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncOptions* options);
word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
#endif /* HAVE_ECC_ENCRYPT */
#ifdef __cplusplus
} /* extern "C" */

8
cyassl/ctaocrypt/error.h
View File

@@ -114,6 +114,14 @@ enum {
ASN_CRL_NO_SIGNER_E = -190, /* ASN CRL no signer to confirm failure */
ASN_OCSP_CONFIRM_E = -191, /* ASN OCSP signature confirm failure */
BAD_ENC_STATE_E = -192, /* Bad ecc enc state operation */
BAD_PADDING_E = -193, /* Bad padding, msg not correct length */
REQ_ATTRIBUTE_E = -194, /* setting cert request attributes error */
PKCS7_OID_E = -195, /* PKCS#7, mismatched OID error */
PKCS7_RECIP_E = -196, /* PKCS#7, recipient error */
MIN_CODE_E = -200 /* errors -101 - -199 */
};

1
cyassl/ctaocrypt/include.am
View File

@@ -21,6 +21,7 @@ nobase_include_HEADERS+= \
cyassl/ctaocrypt/md4.h \
cyassl/ctaocrypt/md5.h \
cyassl/ctaocrypt/misc.h \
cyassl/ctaocrypt/pkcs7.h \
cyassl/ctaocrypt/port.h \
cyassl/ctaocrypt/pwdbased.h \
cyassl/ctaocrypt/rabbit.h \

5
cyassl/ctaocrypt/integer.h
View File

@@ -286,6 +286,7 @@ int mp_2expt (mp_int * a, int b);
int mp_reduce_2k_setup(mp_int *a, mp_digit *d);
int mp_add_d (mp_int* a, mp_digit b, mp_int* c);
int mp_set_int (mp_int * a, unsigned long b);
int mp_sub_d (mp_int * a, mp_digit b, mp_int * c);
/* end support added functions */
/* added */
@@ -305,10 +306,6 @@ int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e,
int mp_lcm (mp_int * a, mp_int * b, mp_int * c);
#endif
#if defined(HAVE_ECC) || !defined(NO_PWDBASED) || defined(CYASSL_SNIFFER)
int mp_sub_d (mp_int * a, mp_digit b, mp_int * c);
#endif
#ifdef __cplusplus
}
#endif

123
cyassl/ctaocrypt/pkcs7.h Normal file
View File

@@ -0,0 +1,123 @@
/* pkcs7.h
*
* Copyright (C) 2006-2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifdef HAVE_PKCS7
#ifndef CTAO_CRYPT_PKCS7_H
#define CTAO_CRYPT_PKCS7_H
#include <cyassl/ctaocrypt/types.h>
#include <cyassl/ctaocrypt/asn.h>
#include <cyassl/ctaocrypt/asn_public.h>
#include <cyassl/ctaocrypt/random.h>
#include <cyassl/ctaocrypt/des3.h>
#ifdef __cplusplus
extern "C" {
#endif
/* PKCS#7 content types, ref RFC 2315 (Section 14) */
enum PKCS7_TYPES {
PKCS7_MSG = 650, /* 1.2.840.113549.1.7 */
DATA = 651, /* 1.2.840.113549.1.7.1 */
SIGNED_DATA = 652, /* 1.2.840.113549.1.7.2 */
ENVELOPED_DATA = 653, /* 1.2.840.113549.1.7.3 */
SIGNED_AND_ENVELOPED_DATA = 654, /* 1.2.840.113549.1.7.4 */
DIGESTED_DATA = 655, /* 1.2.840.113549.1.7.5 */
ENCRYPTED_DATA = 656 /* 1.2.840.113549.1.7.6 */
};
enum Pkcs7_Misc {
PKCS7_NONCE_SZ = 16,
MAX_ENCRYPTED_KEY_SZ = 512, /* max enc. key size, RSA <= 4096 */
MAX_CONTENT_KEY_LEN = DES3_KEYLEN, /* highest current cipher is 3DES */
MAX_RECIP_SZ = MAX_VERSION_SZ +
MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ +
MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ
};
typedef struct PKCS7Attrib {
byte* oid;
word32 oidSz;
byte* value;
word32 valueSz;
} PKCS7Attrib;
typedef struct PKCS7 {
byte* content; /* inner content, not owner */
word32 contentSz; /* content size */
int contentOID; /* PKCS#7 content type OID sum */
RNG* rng;
int hashOID;
int encryptOID; /* key encryption algorithm OID */
byte* singleCert; /* recipient cert, DER, not owner */
word32 singleCertSz; /* size of recipient cert buffer, bytes */
byte issuerHash[SHA_SIZE]; /* hash of all alt Names */
byte* issuer; /* issuer name of singleCert */
word32 issuerSz; /* length of issuer name */
byte issuerSn[MAX_SN_SZ]; /* singleCert's serial number */
word32 issuerSnSz; /* length of serial number */
byte publicKey[512];
word32 publicKeySz;
byte* privateKey; /* private key, DER, not owner */
word32 privateKeySz; /* size of private key buffer, bytes */
PKCS7Attrib* signedAttribs;
word32 signedAttribsSz;
} PKCS7;
CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output);
CYASSL_LOCAL int GetContentType(const byte* input, word32* inOutIdx,
word32* oid, word32 maxIdx);
CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz,
int keyEncAlgo, int blockKeySz,
RNG* rng, byte* contentKeyPlain,
byte* contentKeyEnc,
int* keyEncSz, byte* out, word32 outSz);
CYASSL_API int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz);
CYASSL_API void PKCS7_Free(PKCS7* pkcs7);
CYASSL_API int PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz);
CYASSL_API int PKCS7_EncodeSignedData(PKCS7* pkcs7,
byte* output, word32 outputSz);
CYASSL_API int PKCS7_VerifySignedData(PKCS7* pkcs7,
byte* pkiMsg, word32 pkiMsgSz);
CYASSL_API int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7,
byte* output, word32 outputSz);
CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
word32 pkiMsgSz, byte* output,
word32 outputSz);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* CTAO_CRYPT_PKCS7_H */
#endif /* HAVE_PKCS7 */

54
cyassl/ctaocrypt/settings.h
View File

@@ -78,6 +78,9 @@
/* Uncomment next line if using Comverge settings */
/* #define COMVERGE */
/* Uncomment next line if using QL SEP settings */
/* #define CYASSL_QL */
#include <cyassl/ctaocrypt/visibility.h>
@@ -149,10 +152,26 @@
#endif /* MBED */
#ifdef CYASSL_TYTO
#include "rand.h"
#define FREERTOS
#define NO_FILESYSTEM
#define CYASSL_USER_IO
#define NO_DEV_RANDOM
#define HAVE_ECC
#define HAVE_ECC_ENCRYPT
#define ECC_SHAMIR
#define HAVE_HKDF
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#define FP_MAX_BITS 512
#define NO_OLD_TLS
#define NO_MD4
#define NO_RABBIT
#define NO_HC128
#define NO_RSA
#define NO_DSA
#define NO_PWDBASED
#define NO_PSK
#endif
#ifdef FREERTOS_WINSIM
@@ -313,8 +332,8 @@
#include "mutex.h"
#endif
#define XMALLOC(s, h, type) (void *)_mem_alloc_system((s))
#define XFREE(p, h, type) _mem_free(p)
#define XMALLOC(s, h, t) (void *)_mem_alloc_system((s))
#define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));}
/* Note: MQX has no realloc, using fastmath above */
#endif
@@ -524,6 +543,37 @@
#endif /* MICRIUM */
#ifdef CYASSL_QL
#ifndef CYASSL_SEP
#define CYASSL_SEP
#endif
#ifndef OPENSSL_EXTRA
#define OPENSSL_EXTRA
#endif
#ifndef SESSION_CERTS
#define SESSION_CERTS
#endif
#ifndef HAVE_AESCCM
#define HAVE_AESCCM
#endif
#ifndef ATOMIC_USER
#define ATOMIC_USER
#endif
#ifndef CYASSL_DER_LOAD
#define CYASSL_DER_LOAD
#endif
#ifndef KEEP_PEER_CERT
#define KEEP_PEER_CERT
#endif
#ifndef HAVE_ECC
#define HAVE_ECC
#endif
#ifndef SESSION_INDEX
#define SESSION_INDEX
#endif
#endif /* CYASSL_QL */
#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \
!defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY)
#define USE_CYASSL_MEMORY

68
cyassl/ctaocrypt/tfm.h
View File

@@ -510,104 +510,104 @@ void s_fp_add(fp_int *a, fp_int *b, fp_int *c);
void s_fp_sub(fp_int *a, fp_int *b, fp_int *c);
void fp_reverse(unsigned char *s, int len);
void fp_mul_comba(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba(fp_int *a, fp_int *b, fp_int *c);
#ifdef TFM_SMALL_SET
void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba_small(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL3
void fp_mul_comba3(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba3(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL4
void fp_mul_comba4(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba4(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL6
void fp_mul_comba6(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba6(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL7
void fp_mul_comba7(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba7(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL8
void fp_mul_comba8(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba8(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL9
void fp_mul_comba9(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba9(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL12
void fp_mul_comba12(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba12(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL17
void fp_mul_comba17(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba17(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL20
void fp_mul_comba20(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba20(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL24
void fp_mul_comba24(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba24(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL28
void fp_mul_comba28(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba28(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL32
void fp_mul_comba32(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba32(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL48
void fp_mul_comba48(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba48(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL64
void fp_mul_comba64(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba64(fp_int *a, fp_int *b, fp_int *c);
#endif
void fp_sqr_comba(fp_int *A, fp_int *B);
void fp_sqr_comba(fp_int *a, fp_int *b);
#ifdef TFM_SMALL_SET
void fp_sqr_comba_small(fp_int *A, fp_int *B);
void fp_sqr_comba_small(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR3
void fp_sqr_comba3(fp_int *A, fp_int *B);
void fp_sqr_comba3(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR4
void fp_sqr_comba4(fp_int *A, fp_int *B);
void fp_sqr_comba4(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR6
void fp_sqr_comba6(fp_int *A, fp_int *B);
void fp_sqr_comba6(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR7
void fp_sqr_comba7(fp_int *A, fp_int *B);
void fp_sqr_comba7(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR8
void fp_sqr_comba8(fp_int *A, fp_int *B);
void fp_sqr_comba8(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR9
void fp_sqr_comba9(fp_int *A, fp_int *B);
void fp_sqr_comba9(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR12
void fp_sqr_comba12(fp_int *A, fp_int *B);
void fp_sqr_comba12(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR17
void fp_sqr_comba17(fp_int *A, fp_int *B);
void fp_sqr_comba17(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR20
void fp_sqr_comba20(fp_int *A, fp_int *B);
void fp_sqr_comba20(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR24
void fp_sqr_comba24(fp_int *A, fp_int *B);
void fp_sqr_comba24(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR28
void fp_sqr_comba28(fp_int *A, fp_int *B);
void fp_sqr_comba28(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR32
void fp_sqr_comba32(fp_int *A, fp_int *B);
void fp_sqr_comba32(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR48
void fp_sqr_comba48(fp_int *A, fp_int *B);
void fp_sqr_comba48(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR64
void fp_sqr_comba64(fp_int *A, fp_int *B);
void fp_sqr_comba64(fp_int *a, fp_int *b);
#endif
/*extern const char *fp_s_rmap;*/
@@ -642,7 +642,7 @@ int mp_mul (mp_int * a, mp_int * b, mp_int * c);
int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
int mp_mod(mp_int *a, mp_int *b, mp_int *c);
int mp_invmod(mp_int *a, mp_int *b, mp_int *c);
int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y);
int mp_exptmod (mp_int * g, mp_int * x, mp_int * p, mp_int * y);
int mp_cmp(mp_int *a, mp_int *b);
int mp_cmp_d(mp_int *a, mp_digit b);
@@ -663,7 +663,7 @@ void mp_rshb(mp_int *a, int x);
#ifdef HAVE_ECC
int mp_read_radix(mp_int* a, const char* str, int radix);
int mp_set(fp_int *a, fp_digit b);
int mp_sqr(fp_int *A, fp_int *B);
int mp_sqr(fp_int *a, fp_int *b);
int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp);
int mp_montgomery_setup(fp_int *a, fp_digit *rho);
int mp_div_2(fp_int * a, fp_int * b);

20
cyassl/ctaocrypt/types.h
View File

@@ -139,6 +139,18 @@ enum {
#endif
/* set up thread local storage if available */
#ifdef HAVE_THREAD_LS
#if defined(_MSC_VER)
#define THREAD_LS_T __declspec(thread)
#else
#define THREAD_LS_T __thread
#endif
#else
#define THREAD_LS_T
#endif
/* Micrium will use Visual Studio for compilation but not the Win32 API */
#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \
&& !defined(EBSNET)
@@ -205,6 +217,11 @@ enum {
#define XISALPHA(c) isalpha((c))
#endif
/* needed by CyaSSL_check_domain_name() */
#ifdef __CYGWIN__
/* Cygwin uses a macro version of tolower() by default, use the
* function version. */
#undef tolower
#endif
#define XTOLOWER(c) tolower((c))
#endif
@@ -253,7 +270,8 @@ enum {
DYNAMIC_TYPE_CAVIUM_TMP = 40,
DYNAMIC_TYPE_CAVIUM_RSA = 41,
DYNAMIC_TYPE_X509 = 42,
DYNAMIC_TYPE_TLSX = 43
DYNAMIC_TYPE_TLSX = 43,
DYNAMIC_TYPE_OCSP = 44
};
/* max error buffer string size */

5
cyassl/include.am
View File

@@ -9,7 +9,6 @@ EXTRA_DIST+= cyassl/sniffer_error.rc
nobase_include_HEADERS+= \
cyassl/error.h \
cyassl/internal.h \
cyassl/ssl.h \
cyassl/sniffer_error.h \
cyassl/sniffer.h \
@@ -20,3 +19,7 @@ nobase_include_HEADERS+= \
cyassl/options.h \
cyassl/ocsp.h \
cyassl/crl.h
noinst_HEADERS+= \
cyassl/internal.h

101
cyassl/internal.h
View File

@@ -483,7 +483,6 @@ enum {
TLS_RSA_WITH_AES_256_CBC_B2B256 = 0xF9,
TLS_RSA_WITH_HC_128_B2B256 = 0xFA, /* eSTREAM too */
/* CyaSSL extension - NTRU */
TLS_NTRU_RSA_WITH_RC4_128_SHA = 0xe5,
TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA = 0xe6,
@@ -533,8 +532,10 @@ enum {
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x45,
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x88,
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xbe,
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc4
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc4,
/* Renegotiation Indication Extension Special Suite */
TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0xff
};
@@ -608,6 +609,7 @@ enum Misc {
CERT_HEADER_SZ = 3, /* always 3 bytes */
REQ_HEADER_SZ = 2, /* cert request header sz */
HINT_LEN_SZ = 2, /* length of hint size field */
TRUNCATED_HMAC_SZ = 10, /* length of hmac w/ truncated hmac extension */
HELLO_EXT_TYPE_SZ = 2, /* length of a hello extension type */
HELLO_EXT_SZ = 8, /* total length of the lazy hello extensions */
HELLO_EXT_LEN = 6, /* length of the lazy hello extensions */
@@ -981,24 +983,22 @@ typedef struct OCSP_Entry OCSP_Entry;
#endif
struct OCSP_Entry {
OCSP_Entry* next; /* next entry */
OCSP_Entry* next; /* next entry */
byte issuerHash[OCSP_DIGEST_SIZE]; /* issuer hash */
byte issuerKeyHash[OCSP_DIGEST_SIZE]; /* issuer public key hash */
CertStatus* status; /* OCSP response list */
int totalStatus; /* number on list */
CertStatus* status; /* OCSP response list */
int totalStatus; /* number on list */
};
#ifndef HAVE_OCSP
typedef struct CYASSL_OCSP CYASSL_OCSP;
#endif
/* CyaSSL OCSP controller */
struct CYASSL_OCSP {
byte enabled;
byte useOverrideUrl;
byte useNonce;
char overrideUrl[80];
OCSP_Entry* ocspList;
void* IOCB_OcspCtx;
CallbackIOOcsp CBIOOcsp;
CallbackIOOcspRespFree CBIOOcspRespFree;
CYASSL_CERT_MANAGER* cm; /* pointer back to cert manager */
OCSP_Entry* ocspList; /* OCSP response list */
};
#ifndef MAX_DATE_SIZE
@@ -1076,6 +1076,14 @@ struct CYASSL_CERT_MANAGER {
byte crlEnabled; /* is CRL on ? */
byte crlCheckAll; /* always leaf, but all ? */
CbMissingCRL cbMissingCRL; /* notify through cb of missing crl */
CYASSL_OCSP* ocsp; /* OCSP checker */
byte ocspEnabled; /* is OCSP on ? */
byte ocspSendNonce; /* send the OCSP nonce ? */
byte ocspUseOverrideURL; /* ignore cert's responder, override */
char* ocspOverrideURL; /* use this responder */
void* ocspIOCtx; /* I/O callback CTX */
CbOCSPIO ocspIOCb; /* I/O callback for OCSP lookup */
CbOCSPRespFree ocspRespFreeCb; /* Frees OCSP Response from IO Cb */
};
CYASSL_LOCAL int CM_SaveCertCache(CYASSL_CERT_MANAGER*, const char*);
@@ -1153,6 +1161,8 @@ CYASSL_LOCAL void TLSX_SNI_SetOptions(TLSX* extensions, byte type,
CYASSL_LOCAL byte TLSX_SNI_Status(TLSX* extensions, byte type);
CYASSL_LOCAL word16 TLSX_SNI_GetRequest(TLSX* extensions, byte type,
void** data);
CYASSL_LOCAL int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz,
byte type, byte* sni, word32* inOutSz);
#endif
#endif /* HAVE_SNI */
@@ -1166,8 +1176,6 @@ CYASSL_LOCAL int TLSX_UseMaxFragment(TLSX** extensions, byte mfl);
#ifdef HAVE_TRUNCATED_HMAC
#define TRUNCATED_HMAC_SIZE 10
CYASSL_LOCAL int TLSX_UseTruncatedHMAC(TLSX** extensions);
#endif /* HAVE_TRUNCATED_HMAC */
@@ -1360,6 +1368,30 @@ enum ClientCertificateType {
enum CipherType { stream, block, aead };
#ifdef CYASSL_DTLS
#ifdef WORD64_AVAILABLE
typedef word64 DtlsSeq;
#else
typedef word32 DtlsSeq;
#endif
#define DTLS_SEQ_BITS (sizeof(DtlsSeq) * CHAR_BIT)
typedef struct DtlsState {
DtlsSeq window; /* Sliding window for current epoch */
word16 nextEpoch; /* Expected epoch in next record */
word32 nextSeq; /* Expected sequence in next record */
word16 curEpoch; /* Received epoch in current record */
word32 curSeq; /* Received sequence in current record */
DtlsSeq prevWindow; /* Sliding window for old epoch */
word32 prevSeq; /* Next sequence in allowed old epoch */
} DtlsState;
#endif /* CYASSL_DTLS */
/* keys and secrets */
typedef struct Keys {
byte client_write_MAC_secret[MAX_DIGEST_SIZE]; /* max sizes */
@@ -1378,15 +1410,13 @@ typedef struct Keys {
word32 sequence_number;
#ifdef CYASSL_DTLS
word32 dtls_sequence_number;
word32 dtls_peer_sequence_number;
word32 dtls_expected_peer_sequence_number;
word16 dtls_handshake_number;
DtlsState dtls_state; /* Peer's state */
word16 dtls_peer_handshake_number;
word16 dtls_expected_peer_handshake_number;
word16 dtls_epoch;
word16 dtls_peer_epoch;
word16 dtls_expected_peer_epoch;
word16 dtls_epoch; /* Current tx epoch */
word32 dtls_sequence_number; /* Current tx sequence */
word16 dtls_handshake_number; /* Current tx handshake seq */
#endif
word32 encryptSz; /* last size of encrypted data */
@@ -1661,6 +1691,10 @@ struct CYASSL_X509 {
byte hwType[EXTERNAL_SERIAL_SIZE];
int hwSerialNumSz;
byte hwSerialNum[EXTERNAL_SERIAL_SIZE];
#ifdef OPENSSL_EXTRA
byte certPolicySet;
byte certPolicyCrit;
#endif /* OPENSSL_EXTRA */
#endif
int notBeforeSz;
byte notBefore[MAX_DATE_SZ];
@@ -1670,10 +1704,33 @@ struct CYASSL_X509 {
buffer sig;
int pubKeyOID;
buffer pubKey;
#ifdef HAVE_ECC
word32 pkCurveOID;
#endif /* HAVE_ECC */
buffer derCert; /* may need */
DNS_entry* altNames; /* alt names list */
DNS_entry* altNamesNext; /* hint for retrieval */
byte dynamicMemory; /* dynamic memory flag */
byte isCa;
#ifdef OPENSSL_EXTRA
word32 pathLength;
word16 keyUsage;
byte basicConstSet;
byte basicConstCrit;
byte basicConstPlSet;
byte subjAltNameSet;
byte subjAltNameCrit;
byte authKeyIdSet;
byte authKeyIdCrit;
byte* authKeyId;
word32 authKeyIdSz;
byte subjKeyIdSet;
byte subjKeyIdCrit;
byte* subjKeyId;
word32 subjKeyIdSz;
byte keyUsageSet;
byte keyUsageCrit;
#endif /* OPENSSL_EXTRA */
};

2121
cyassl/internal.h.orig Normal file
View File

File diff suppressed because it is too large Load Diff

8
cyassl/ocsp.h
View File

@@ -36,12 +36,10 @@
typedef struct CYASSL_OCSP CYASSL_OCSP;
CYASSL_LOCAL int CyaSSL_OCSP_Init(CYASSL_OCSP*);
CYASSL_LOCAL void CyaSSL_OCSP_Cleanup(CYASSL_OCSP*);
CYASSL_LOCAL int CyaSSL_OCSP_set_override_url(CYASSL_OCSP*, const char*);
CYASSL_LOCAL int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP*, DecodedCert*);
CYASSL_LOCAL int InitOCSP(CYASSL_OCSP*, CYASSL_CERT_MANAGER*);
CYASSL_LOCAL void FreeOCSP(CYASSL_OCSP*, int dynamic);
CYASSL_LOCAL int CheckCertOCSP(CYASSL_OCSP*, DecodedCert*);
#ifdef __cplusplus
} /* extern "C" */

66
cyassl/ssl.h
View File

@@ -99,6 +99,9 @@ typedef struct CYASSL_EVP_PKEY {
union {
char* ptr;
} pkey;
#ifdef HAVE_ECC
int pkey_curve;
#endif
} CYASSL_EVP_PKEY;
typedef struct CYASSL_MD4_CTX {
@@ -413,6 +416,16 @@ CYASSL_API int CyaSSL_X509_STORE_CTX_get_error_depth(CYASSL_X509_STORE_CTX*);
CYASSL_API char* CyaSSL_X509_NAME_oneline(CYASSL_X509_NAME*, char*, int);
CYASSL_API CYASSL_X509_NAME* CyaSSL_X509_get_issuer_name(CYASSL_X509*);
CYASSL_API CYASSL_X509_NAME* CyaSSL_X509_get_subject_name(CYASSL_X509*);
CYASSL_API int CyaSSL_X509_ext_isSet_by_NID(CYASSL_X509*, int);
CYASSL_API int CyaSSL_X509_ext_get_critical_by_NID(CYASSL_X509*, int);
CYASSL_API int CyaSSL_X509_get_isCA(CYASSL_X509*);
CYASSL_API int CyaSSL_X509_get_isSet_pathLength(CYASSL_X509*);
CYASSL_API unsigned int CyaSSL_X509_get_pathLength(CYASSL_X509*);
CYASSL_API unsigned int CyaSSL_X509_get_keyUsage(CYASSL_X509*);
CYASSL_API unsigned char* CyaSSL_X509_get_authorityKeyID(
CYASSL_X509*, unsigned char*, int*);
CYASSL_API unsigned char* CyaSSL_X509_get_subjectKeyID(
CYASSL_X509*, unsigned char*, int*);
CYASSL_API int CyaSSL_X509_NAME_entry_count(CYASSL_X509_NAME*);
CYASSL_API int CyaSSL_X509_NAME_get_text_by_NID(
CYASSL_X509_NAME*, int, char*, int);
@@ -530,6 +543,9 @@ enum {
OCSP_RESPONSE = 8,
OCSP_BASICRESP = 16,
CYASSL_OCSP_URL_OVERRIDE = 1,
CYASSL_OCSP_NO_NONCE = 2,
CYASSL_CRL_CHECKALL = 1,
ASN1_GENERALIZEDTIME = 4,
@@ -810,9 +826,9 @@ CYASSL_API CYASSL_X509*
#ifndef NO_FILESYSTEM
CYASSL_API CYASSL_X509*
CyaSSL_X509_d2i_fp(CYASSL_X509** x509, FILE* file);
#endif
CYASSL_API CYASSL_X509*
CyaSSL_X509_load_certificate_file(const char* fname, int format);
#endif
#ifdef CYASSL_SEP
CYASSL_API unsigned char*
@@ -930,15 +946,6 @@ CYASSL_API void CyaSSL_CTX_SetGenCookie(CYASSL_CTX*, CallbackGenCookie);
CYASSL_API void CyaSSL_SetCookieCtx(CYASSL* ssl, void *ctx);
CYASSL_API void* CyaSSL_GetCookieCtx(CYASSL* ssl);
typedef int (*CallbackIOOcsp)(void*, const char*, int,
unsigned char*, int, unsigned char**);
typedef void (*CallbackIOOcspRespFree)(void*,unsigned char*);
#ifdef HAVE_OCSP
CYASSL_API void CyaSSL_SetIOOcsp(CYASSL_CTX *ocsp, CallbackIOOcsp cb);
CYASSL_API void CyaSSL_SetIOOcspRespFree(CYASSL_CTX *ocsp,
CallbackIOOcspRespFree cb);
CYASSL_API void CyaSSL_SetIOOcspCtx(CYASSL_CTX *ocsp, void *octx);
#endif
/* I/O Callback default errors */
enum IOerrors {
@@ -966,9 +973,14 @@ CYASSL_API int CyaSSL_GetObjectSize(void); /* object size based on build */
CYASSL_API int CyaSSL_SetVersion(CYASSL* ssl, int version);
CYASSL_API int CyaSSL_KeyPemToDer(const unsigned char*, int sz, unsigned char*,
int, const char*);
CYASSL_API int CyaSSL_CertPemToDer(const unsigned char*, int sz, unsigned char*,
int, int);
typedef void (*CallbackCACache)(unsigned char* der, int sz, int type);
typedef void (*CbMissingCRL)(const char* url);
typedef int (*CbOCSPIO)(void*, const char*, int,
unsigned char*, int, unsigned char**);
typedef void (*CbOCSPRespFree)(void*,unsigned char*);
/* User Atomic Record Layer CallBacks */
typedef int (*CallbackMacEncrypt)(CYASSL* ssl, unsigned char* macOut,
@@ -994,6 +1006,7 @@ CYASSL_API const unsigned char* CyaSSL_GetClientWriteIV(CYASSL*);
CYASSL_API const unsigned char* CyaSSL_GetServerWriteKey(CYASSL*);
CYASSL_API const unsigned char* CyaSSL_GetServerWriteIV(CYASSL*);
CYASSL_API int CyaSSL_GetKeySize(CYASSL*);
CYASSL_API int CyaSSL_GetIVSize(CYASSL*);
CYASSL_API int CyaSSL_GetSide(CYASSL*);
CYASSL_API int CyaSSL_IsTLSv1_1(CYASSL*);
CYASSL_API int CyaSSL_GetBulkCipher(CYASSL*);
@@ -1113,16 +1126,34 @@ CYASSL_API void* CyaSSL_GetRsaDecCtx(CYASSL* ssl);
int, int);
CYASSL_API int CyaSSL_CertManagerSetCRL_Cb(CYASSL_CERT_MANAGER*,
CbMissingCRL);
CYASSL_API int CyaSSL_CertManagerCheckOCSP(CYASSL_CERT_MANAGER*,
unsigned char*, int sz);
CYASSL_API int CyaSSL_CertManagerEnableOCSP(CYASSL_CERT_MANAGER*,
int options);
CYASSL_API int CyaSSL_CertManagerDisableOCSP(CYASSL_CERT_MANAGER*);
CYASSL_API int CyaSSL_CertManagerSetOCSPOverrideURL(CYASSL_CERT_MANAGER*,
const char*);
CYASSL_API int CyaSSL_CertManagerSetOCSP_Cb(CYASSL_CERT_MANAGER*,
CbOCSPIO, CbOCSPRespFree, void*);
CYASSL_API int CyaSSL_EnableCRL(CYASSL* ssl, int options);
CYASSL_API int CyaSSL_DisableCRL(CYASSL* ssl);
CYASSL_API int CyaSSL_LoadCRL(CYASSL*, const char*, int, int);
CYASSL_API int CyaSSL_SetCRL_Cb(CYASSL*, CbMissingCRL);
CYASSL_API int CyaSSL_EnableOCSP(CYASSL*, int options);
CYASSL_API int CyaSSL_DisableOCSP(CYASSL*);
CYASSL_API int CyaSSL_SetOCSP_OverrideURL(CYASSL*, const char*);
CYASSL_API int CyaSSL_SetOCSP_Cb(CYASSL*, CbOCSPIO, CbOCSPRespFree, void*);
CYASSL_API int CyaSSL_CTX_EnableCRL(CYASSL_CTX* ctx, int options);
CYASSL_API int CyaSSL_CTX_DisableCRL(CYASSL_CTX* ctx);
CYASSL_API int CyaSSL_CTX_LoadCRL(CYASSL_CTX*, const char*, int, int);
CYASSL_API int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX*, CbMissingCRL);
CYASSL_API int CyaSSL_CTX_EnableOCSP(CYASSL_CTX*, int options);
CYASSL_API int CyaSSL_CTX_DisableOCSP(CYASSL_CTX*);
CYASSL_API int CyaSSL_CTX_SetOCSP_OverrideURL(CYASSL_CTX*, const char*);
CYASSL_API int CyaSSL_CTX_SetOCSP_Cb(CYASSL_CTX*,
CbOCSPIO, CbOCSPRespFree, void*);
#endif /* !NO_CERTS */
/* end of handshake frees temporary arrays, if user needs for get_keys or
@@ -1174,6 +1205,10 @@ CYASSL_API unsigned char CyaSSL_SNI_Status(CYASSL* ssl, unsigned char type);
CYASSL_API unsigned short CyaSSL_SNI_GetRequest(CYASSL *ssl, unsigned char type,
void** data);
CYASSL_API int CyaSSL_SNI_GetFromBuffer(
const unsigned char* clientHello, unsigned int helloSz,
unsigned char type, unsigned char* sni, unsigned int* inOutSz);
#endif /* NO_CYASSL_SERVER */
#endif /* HAVE_SNI */
@@ -1227,14 +1262,9 @@ CYASSL_API int CyaSSL_accept_ex(CYASSL*, HandShakeCallBack, TimeoutCallBack,
#endif /* CYASSL_CALLBACKS */
CYASSL_API int CyaSSL_CTX_OCSP_set_options(CYASSL_CTX*, int);
CYASSL_API int CyaSSL_CTX_OCSP_set_override_url(CYASSL_CTX*, const char*);
/* OCSP Options */
#define CYASSL_OCSP_ENABLE 0x0001 /* Enable OCSP lookups */
#define CYASSL_OCSP_URL_OVERRIDE 0x0002 /* Use the override URL instead of URL
* in certificate */
#define CYASSL_OCSP_NO_NONCE 0x0004 /* Disables the request nonce. */
#ifdef CYASSL_HAVE_WOLFSCEP
CYASSL_API void CyaSSL_wolfSCEP(void);
#endif /* CYASSL_HAVE_WOLFSCEP */
#ifdef __cplusplus

4
cyassl/version.h
View File

@@ -26,8 +26,8 @@
extern "C" {
#endif
#define LIBCYASSL_VERSION_STRING "2.8.3"
#define LIBCYASSL_VERSION_HEX 0x02008003
#define LIBCYASSL_VERSION_STRING "2.8.6"
#define LIBCYASSL_VERSION_HEX 0x02008006
#ifdef __cplusplus
}

15
examples/client/client.c
View File

@@ -505,10 +505,13 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args)
#ifdef HAVE_OCSP
if (useOcsp) {
CyaSSL_CTX_OCSP_set_options(ctx,
CYASSL_OCSP_ENABLE | CYASSL_OCSP_NO_NONCE);
if (ocspUrl != NULL)
CyaSSL_CTX_OCSP_set_override_url(ctx, ocspUrl);
if (ocspUrl != NULL) {
CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE
| CYASSL_OCSP_URL_OVERRIDE);
}
else
CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE);
}
#endif
@@ -803,8 +806,10 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args)
#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) && !defined(STACK_TRAP)
CyaSSL_Debugging_ON();
#endif
if (CurrentDir("client") || CurrentDir("build"))
if (CurrentDir("client"))
ChangeDirBack(2);
else if (CurrentDir("Debug") || CurrentDir("Release"))
ChangeDirBack(3);
#ifdef HAVE_STACK_SIZE
StackSizeCheck(&args, client_test);

4
examples/echoclient/echoclient.c
View File

@@ -255,8 +255,10 @@ void echoclient_test(void* args)
CyaSSL_Debugging_ON();
#endif
if (CurrentDir("echoclient") || CurrentDir("build"))
if (CurrentDir("echoclient"))
ChangeDirBack(2);
else if (CurrentDir("Debug") || CurrentDir("Release"))
ChangeDirBack(3);
echoclient_test(&args);
CyaSSL_Cleanup();

4
examples/echoserver/echoserver.c
View File

@@ -339,8 +339,10 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
CyaSSL_Debugging_ON();
#endif
if (CurrentDir("echoserver") || CurrentDir("build"))
if (CurrentDir("echoserver"))
ChangeDirBack(2);
else if (CurrentDir("Debug") || CurrentDir("Release"))
ChangeDirBack(3);
echoserver_test(&args);
CyaSSL_Cleanup();

23
examples/server/server.c
View File

@@ -374,6 +374,10 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
if (fewerPackets)
CyaSSL_CTX_set_group_messages(ctx);
#ifdef OPENSSL_EXTRA
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
if (!usePsk) {
if (SSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM)
@@ -428,10 +432,6 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
}
#endif
#ifdef OPENSSL_EXTRA
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
/* don't use EDH, can't sniff tmp keys */
if (cipherList == NULL) {
@@ -459,10 +459,13 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
#endif
#ifdef HAVE_OCSP
if (useOcsp) {
CyaSSL_CTX_OCSP_set_options(ctx,
CYASSL_OCSP_ENABLE | CYASSL_OCSP_NO_NONCE);
if (ocspUrl != NULL)
CyaSSL_CTX_OCSP_set_override_url(ctx, ocspUrl);
if (ocspUrl != NULL) {
CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE
| CYASSL_OCSP_URL_OVERRIDE);
}
else
CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE);
}
#endif
#ifdef HAVE_PK_CALLBACKS
@@ -556,8 +559,10 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
CyaSSL_Debugging_ON();
#endif
if (CurrentDir("server") || CurrentDir("build"))
if (CurrentDir("server"))
ChangeDirBack(2);
else if (CurrentDir("Debug") || CurrentDir("Release"))
ChangeDirBack(3);
#ifdef HAVE_STACK_SIZE
StackSizeCheck(&args, server_test);

1
m4/ax_debug.m4
View File

@@ -52,7 +52,6 @@ AC_DEFUN([AX_DEBUG],
[Add debug code/turns off optimizations (yes|no) @<:@default=no@:>@])],
[ax_enable_debug=yes
AC_DEFINE([DEBUG],[1],[Define to 1 to enable debugging code.])
AX_CHECK_LIBRARY([MCHECK],[mcheck.h],[mcheck],[AX_APPEND_LINK_FLAGS([-lmcheck])])
AX_ADD_AM_MACRO([--debug],[AM_YFLAGS])
AX_ADD_AM_MACRO([-D_GLIBCXX_DEBUG],[AM_CPPFLAGS])],
[ax_enable_debug=no

76
m4/ax_tls.m4 Normal file
View File

@@ -0,0 +1,76 @@
# ===========================================================================
# http://www.gnu.org/software/autoconf-archive/ax_tls.html
# ===========================================================================
#
# SYNOPSIS
#
# AX_TLS([action-if-found], [action-if-not-found])
#
# DESCRIPTION
#
# Provides a test for the compiler support of thread local storage (TLS)
# extensions. Defines TLS if it is found. Currently knows about GCC/ICC
# and MSVC. I think SunPro uses the same as GCC, and Borland apparently
# supports either.
#
# LICENSE
#
# Copyright (c) 2008 Alan Woodland <ajw05@aber.ac.uk>
# Copyright (c) 2010 Diego Elio Petteno` <flameeyes@gmail.com>
#
# This program is free software: you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation, either version 3 of the License, or (at your
# option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
# Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program. If not, see <http://www.gnu.org/licenses/>.
#
# As a special exception, the respective Autoconf Macro's copyright owner
# gives unlimited permission to copy, distribute and modify the configure
# scripts that are the output of Autoconf when processing the Macro. You
# need not follow the terms of the GNU General Public License when using
# or distributing such scripts, even though portions of the text of the
# Macro appear in them. The GNU General Public License (GPL) does govern
# all other use of the material that constitutes the Autoconf Macro.
#
# This special exception to the GPL applies to versions of the Autoconf
# Macro released by the Autoconf Archive. When you make and distribute a
# modified version of the Autoconf Macro, you may extend this special
# exception to the GPL to apply to your modified version as well.
#serial 10
AC_DEFUN([AX_TLS], [
AC_MSG_CHECKING(for thread local storage (TLS) class)
AC_CACHE_VAL(ac_cv_tls, [
ax_tls_keywords="__thread __declspec(thread) none"
for ax_tls_keyword in $ax_tls_keywords; do
AS_CASE([$ax_tls_keyword],
[none], [ac_cv_tls=none ; break],
[AC_TRY_COMPILE(
[#include <stdlib.h>
static void
foo(void) {
static ] $ax_tls_keyword [ int bar;
exit(1);
}],
[],
[ac_cv_tls=$ax_tls_keyword ; break],
ac_cv_tls=none
)])
done
])
AC_MSG_RESULT($ac_cv_tls)
AS_IF([test "$ac_cv_tls" != "none"],
AC_DEFINE_UNQUOTED([TLS], $ac_cv_tls, [If the compiler supports a TLS storage class define it to that here])
m4_ifnblank([$1], [$1]),
m4_ifnblank([$2], [$2])
)
])

22
mcapi/ctaocrypt_mcapi.X/nbproject/configurations.xml
View File

@@ -167,28 +167,6 @@
<property key="save-temps" value="false"/>
<property key="wpo-lto" value="false"/>
</C32Global>
<PKOBSKDEPlatformTool>
<property key="AutoSelectMemRanges" value="auto"/>
<property key="SecureSegment.SegmentProgramming" value="FullChipProgramming"/>
<property key="ToolFirmwareFilePath"
value="Press to browse for a specific firmware version"/>
<property key="ToolFirmwareOption.UseLatestFirmware" value="true"/>
<property key="memories.configurationmemory" value="false"/>
<property key="memories.eeprom" value="false"/>
<property key="memories.id" value="false"/>
<property key="memories.programmemory" value="true"/>
<property key="memories.programmemory.end" value="0x1d07ffff"/>
<property key="memories.programmemory.start" value="0x1d000000"/>
<property key="poweroptions.powerenable" value="false"/>
<property key="programoptions.eraseb4program" value="true"/>
<property key="programoptions.preserveeeprom" value="false"/>
<property key="programoptions.preserveprogramrange" value="false"/>
<property key="programoptions.preserveprogramrange.end" value="0x1d0001ff"/>
<property key="programoptions.preserveprogramrange.start" value="0x1d000000"/>
<property key="programoptions.usehighvoltageonmclr" value="false"/>
<property key="programoptions.uselvpprogramming" value="false"/>
<property key="voltagevalue" value="3.25"/>
</PKOBSKDEPlatformTool>
<SKDEPIC32PlatformTool>
<property key="whatToProgram" value="all"/>
</SKDEPIC32PlatformTool>

22
mcapi/ctaocrypt_test.X/nbproject/configurations.xml
View File

@@ -184,28 +184,6 @@
<property key="save-temps" value="false"/>
<property key="wpo-lto" value="false"/>
</C32Global>
<PKOBSKDEPlatformTool>
<property key="AutoSelectMemRanges" value="auto"/>
<property key="SecureSegment.SegmentProgramming" value="FullChipProgramming"/>
<property key="ToolFirmwareFilePath"
value="Press to browse for a specific firmware version"/>
<property key="ToolFirmwareOption.UseLatestFirmware" value="true"/>
<property key="memories.configurationmemory" value="false"/>
<property key="memories.eeprom" value="false"/>
<property key="memories.id" value="false"/>
<property key="memories.programmemory" value="true"/>
<property key="memories.programmemory.end" value="0x1d07ffff"/>
<property key="memories.programmemory.start" value="0x1d000000"/>
<property key="poweroptions.powerenable" value="false"/>
<property key="programoptions.eraseb4program" value="true"/>
<property key="programoptions.preserveeeprom" value="false"/>
<property key="programoptions.preserveprogramrange" value="false"/>
<property key="programoptions.preserveprogramrange.end" value="0x1d0001ff"/>
<property key="programoptions.preserveprogramrange.start" value="0x1d000000"/>
<property key="programoptions.usehighvoltageonmclr" value="false"/>
<property key="programoptions.uselvpprogramming" value="false"/>
<property key="voltagevalue" value="3.25"/>
</PKOBSKDEPlatformTool>
<SKDEPIC32PlatformTool>
<property key="whatToProgram" value="all"/>
</SKDEPIC32PlatformTool>

3
mcapi/ctaocrypt_test.X/nbproject/include.am
View File

@@ -3,8 +3,7 @@
#
EXTRA_DIST += \
mcapi/ctaocrypt_test.X/Makefile \
mcapi/ctaocrypt_test.X/main.c
mcapi/ctaocrypt_test.X/Makefile
EXTRA_DIST += \
mcapi/ctaocrypt_test.X/nbproject/configurations.xml \

1
mcapi/cyassl.X/nbproject/include.am
View File

@@ -3,7 +3,6 @@
#
EXTRA_DIST += \
mcapi/README \
mcapi/cyassl.X/Makefile
EXTRA_DIST += \

7
mcapi/include.am
View File

@@ -6,9 +6,14 @@ if BUILD_MCAPI
check_PROGRAMS += mcapi/test
noinst_PROGRAMS += mcapi/test
mcapi_test_SOURCES = mcapi/crypto.c \
mcapi/test.c
mcapi/mcapi_test.c
mcapi_test_LDADD = src/libcyassl.la
mcapi_test_DEPENDENCIES = src/libcyassl.la
endif
noinst_HEADERS += mcapi/crypto.h
EXTRA_DIST += \
mcapi/README \
mcapi/PIC32MZ-serial.h

6
mcapi/mcapi_test.c
View File

@@ -53,7 +53,7 @@
#include <stdlib.h>
#include "PIC32MZ-serial.h"
#define SYSTEMConfigPerformance /* void out SYSTEMConfigPerformance(); */
#else
#elif defined(MICROCHIP_PIC32)
#define PIC32_STARTER_KIT
#include <stdio.h>
#include <stdlib.h>
@@ -61,6 +61,8 @@
#include <plib.h>
#include <sys/appio.h>
#define init_serial() /* void out init_serial() */
#else
#include <stdio.h> /* order matters above ? */
#endif
#define OUR_DATA_SIZE 1024
static byte ourData[OUR_DATA_SIZE];
@@ -93,9 +95,11 @@ int main(int argc, char** argv)
(void)argc;
(void)argv;
#if defined(MICROCHIP_PIC32)
init_serial() ; /* initialize PIC32MZ serial I/O */
SYSTEMConfigPerformance(80000000);
DBINIT();
#endif
/* align key, iv pointers */
key = (byte*)XMALLOC(32, NULL, DYNAMIC_TYPE_KEY);

27
mplabx/ctaocrypt_benchmark.X/nbproject/configurations.xml
View File

@@ -32,7 +32,7 @@
<targetDevice>PIC32MX795F512L</targetDevice>
<targetHeader></targetHeader>
<targetPluginBoard></targetPluginBoard>
<platformTool>SKDEPIC32PlatformTool</platformTool>
<platformTool>PKOBSKDEPlatformTool</platformTool>
<languageToolchain>XC32</languageToolchain>
<languageToolchainVersion>1.30</languageToolchainVersion>
<platform>3</platform>
@@ -166,9 +166,28 @@
<property key="save-temps" value="false"/>
<property key="wpo-lto" value="false"/>
</C32Global>
<SKDEPIC32PlatformTool>
<property key="whatToProgram" value="all"/>
</SKDEPIC32PlatformTool>
<PKOBSKDEPlatformTool>
<property key="AutoSelectMemRanges" value="auto"/>
<property key="SecureSegment.SegmentProgramming" value="FullChipProgramming"/>
<property key="ToolFirmwareFilePath"
value="Press to browse for a specific firmware version"/>
<property key="ToolFirmwareOption.UseLatestFirmware" value="true"/>
<property key="memories.configurationmemory" value="true"/>
<property key="memories.eeprom" value="true"/>
<property key="memories.id" value="true"/>
<property key="memories.programmemory" value="true"/>
<property key="memories.programmemory.end" value="0x1d07ffff"/>
<property key="memories.programmemory.start" value="0x1d000000"/>
<property key="poweroptions.powerenable" value="false"/>
<property key="programoptions.eraseb4program" value="true"/>
<property key="programoptions.preserveeeprom" value="false"/>
<property key="programoptions.preserveprogramrange" value="false"/>
<property key="programoptions.preserveprogramrange.end" value="0x1d0001ff"/>
<property key="programoptions.preserveprogramrange.start" value="0x1d000000"/>
<property key="programoptions.usehighvoltageonmclr" value="false"/>
<property key="programoptions.uselvpprogramming" value="false"/>
<property key="voltagevalue" value="3.25"/>
</PKOBSKDEPlatformTool>
</conf>
</confs>
</configurationDescriptor>

3
mplabx/ctaocrypt_benchmark.X/nbproject/include.am
View File

@@ -3,8 +3,7 @@
#
EXTRA_DIST += \
mplabx/ctaocrypt_benchmark.X/Makefile \
mplabx/ctaocrypt_benchmark.X/main.c
mplabx/ctaocrypt_benchmark.X/Makefile
EXTRA_DIST += \
mplabx/ctaocrypt_benchmark.X/nbproject/configurations.xml \

5
mplabx/ctaocrypt_test.X/nbproject/configurations.xml
View File

@@ -33,7 +33,7 @@
<targetDevice>PIC32MX795F512L</targetDevice>
<targetHeader></targetHeader>
<targetPluginBoard></targetPluginBoard>
<platformTool>SKDEPIC32PlatformTool</platformTool>
<platformTool>PKOBSKDEPlatformTool</platformTool>
<languageToolchain>XC32</languageToolchain>
<languageToolchainVersion>1.30</languageToolchainVersion>
<platform>3</platform>
@@ -189,9 +189,6 @@
<property key="programoptions.uselvpprogramming" value="false"/>
<property key="voltagevalue" value="3.25"/>
</PKOBSKDEPlatformTool>
<SKDEPIC32PlatformTool>
<property key="whatToProgram" value="all"/>
</SKDEPIC32PlatformTool>
</conf>
</confs>
</configurationDescriptor>

3
mplabx/ctaocrypt_test.X/nbproject/include.am
View File

@@ -3,8 +3,7 @@
#
EXTRA_DIST += \
mplabx/ctaocrypt_test.X/Makefile \
mplabx/ctaocrypt_test.X/main.c
mplabx/ctaocrypt_test.X/Makefile
EXTRA_DIST += \
mplabx/ctaocrypt_test.X/nbproject/configurations.xml \

29
mplabx/cyassl.X/nbproject/configurations.xml
View File

@@ -70,7 +70,7 @@
<targetDevice>PIC32MX795F512L</targetDevice>
<targetHeader></targetHeader>
<targetPluginBoard></targetPluginBoard>
<platformTool>SKDEPIC32PlatformTool</platformTool>
<platformTool>PKOBSKDEPlatformTool</platformTool>
<languageToolchain>XC32</languageToolchain>
<languageToolchainVersion>1.30</languageToolchainVersion>
<platform>3</platform>
@@ -104,7 +104,7 @@
<property key="post-instruction-scheduling" value="default"/>
<property key="pre-instruction-scheduling" value="default"/>
<property key="preprocessor-macros"
value="CYASSL_SHA512;CYASSL_SHA384;HAVE_ECC;CYASSL_PIC32MZ_CRYPT;CYASSL_MICROCHIP_PIC32MZ"/>
value="CYASSL_SHA512;CYASSL_SHA384;HAVE_ECC"/>
<property key="strict-ansi" value="false"/>
<property key="support-ansi" value="false"/>
<property key="use-cci" value="false"/>
@@ -181,9 +181,28 @@
<property key="save-temps" value="false"/>
<property key="wpo-lto" value="false"/>
</C32Global>
<SKDEPIC32PlatformTool>
<property key="whatToProgram" value="all"/>
</SKDEPIC32PlatformTool>
<PKOBSKDEPlatformTool>
<property key="AutoSelectMemRanges" value="auto"/>
<property key="SecureSegment.SegmentProgramming" value="FullChipProgramming"/>
<property key="ToolFirmwareFilePath"
value="Press to browse for a specific firmware version"/>
<property key="ToolFirmwareOption.UseLatestFirmware" value="true"/>
<property key="memories.configurationmemory" value="true"/>
<property key="memories.eeprom" value="true"/>
<property key="memories.id" value="true"/>
<property key="memories.programmemory" value="true"/>
<property key="memories.programmemory.end" value="0x1d07ffff"/>
<property key="memories.programmemory.start" value="0x1d000000"/>
<property key="poweroptions.powerenable" value="false"/>
<property key="programoptions.eraseb4program" value="true"/>
<property key="programoptions.preserveeeprom" value="false"/>
<property key="programoptions.preserveprogramrange" value="false"/>
<property key="programoptions.preserveprogramrange.end" value="0x1d0001ff"/>
<property key="programoptions.preserveprogramrange.start" value="0x1d000000"/>
<property key="programoptions.usehighvoltageonmclr" value="false"/>
<property key="programoptions.uselvpprogramming" value="false"/>
<property key="voltagevalue" value="3.25"/>
</PKOBSKDEPlatformTool>
</conf>
</confs>
</configurationDescriptor>

1
mplabx/cyassl.X/nbproject/include.am
View File

@@ -3,7 +3,6 @@
#
EXTRA_DIST += \
mplabx/README \
mplabx/cyassl.X/Makefile
EXTRA_DIST += \

10
mplabx/include.am Normal file
View File

@@ -0,0 +1,10 @@
# vim:ft=automake
# All paths should be given relative to the root
#
EXTRA_DIST += \
mplabx/PIC32MZ-serial.h \
mplabx/README \
mplabx/benchmark_main.c \
mplabx/test_main.c

4
src/include.am
View File

@@ -136,3 +136,7 @@ if BUILD_LIBZ
src_libcyassl_la_SOURCES += ctaocrypt/src/compress.c
endif
if BUILD_PKCS7
src_libcyassl_la_SOURCES += ctaocrypt/src/pkcs7.c
endif

273
src/internal.c
View File

@@ -87,6 +87,13 @@ CYASSL_CALLBACKS needs LARGE_STATIC_BUFFERS, please add LARGE_STATIC_BUFFERS
#endif
#endif
#ifdef CYASSL_DTLS
static INLINE int DtlsCheckWindow(DtlsState* state);
static INLINE int DtlsUpdateWindow(DtlsState* state);
#endif
typedef enum {
doProcessInit = 0,
#ifndef NO_CYASSL_SERVER
@@ -419,9 +426,6 @@ int InitSSL_Ctx(CYASSL_CTX* ctx, CYASSL_METHOD* method)
ctx->sendVerify = 0;
ctx->quietShutdown = 0;
ctx->groupMessages = 0;
#ifdef HAVE_OCSP
CyaSSL_OCSP_Init(&ctx->ocsp);
#endif
#ifdef HAVE_CAVIUM
ctx->devId = NO_CAVIUM_DEVICE;
#endif
@@ -472,9 +476,6 @@ void SSL_CtxResourceFree(CYASSL_CTX* ctx)
XFREE(ctx->certChain.buffer, ctx->heap, DYNAMIC_TYPE_CERT);
CyaSSL_CertManagerFree(ctx->cm);
#endif
#ifdef HAVE_OCSP
CyaSSL_OCSP_Cleanup(&ctx->ocsp);
#endif
#ifdef HAVE_TLS_EXTENSIONS
TLSX_FreeAll(ctx->extensions);
#endif
@@ -628,8 +629,10 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
if (suites->setSuites)
return; /* trust user settings, don't override */
if (side == CYASSL_SERVER_END && haveStaticECC)
if (side == CYASSL_SERVER_END && haveStaticECC) {
haveRSA = 0; /* can't do RSA with ECDSA key */
(void)haveRSA; /* some builds won't read */
}
if (side == CYASSL_SERVER_END && haveECDSAsig) {
haveRSAsig = 0; /* can't have RSA sig if signed by ECDSA */
@@ -643,6 +646,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
}
#endif
#ifdef HAVE_RENEGOTIATION_INDICATION
if (side == CYASSL_CLIENT_END) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_EMPTY_RENEGOTIATION_INFO_SCSV;
}
#endif
#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
if (tls && haveNTRU && haveRSA) {
suites->suites[idx++] = 0;
@@ -1271,6 +1281,33 @@ void InitX509(CYASSL_X509* x509, int dynamicFlag)
x509->altNames = NULL;
x509->altNamesNext = NULL;
x509->dynamicMemory = (byte)dynamicFlag;
x509->isCa = 0;
#ifdef OPENSSL_EXTRA
x509->pathLength = 0;
x509->basicConstSet = 0;
x509->basicConstCrit = 0;
x509->basicConstPlSet = 0;
x509->subjAltNameSet = 0;
x509->subjAltNameCrit = 0;
x509->authKeyIdSet = 0;
x509->authKeyIdCrit = 0;
x509->authKeyId = NULL;
x509->authKeyIdSz = 0;
x509->subjKeyIdSet = 0;
x509->subjKeyIdCrit = 0;
x509->subjKeyId = NULL;
x509->subjKeyIdSz = 0;
x509->keyUsageSet = 0;
x509->keyUsageCrit = 0;
x509->keyUsage = 0;
#ifdef HAVE_ECC
x509->pkCurveOID = 0;
#endif /* HAVE_ECC */
#ifdef CYASSL_SEP
x509->certPolicySet = 0;
x509->certPolicyCrit = 0;
#endif /* CYASSL_SEP */
#endif /* OPENSSL_EXTRA */
}
@@ -1286,6 +1323,10 @@ void FreeX509(CYASSL_X509* x509)
XFREE(x509->pubKey.buffer, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
XFREE(x509->derCert.buffer, NULL, DYNAMIC_TYPE_SUBJECT_CN);
XFREE(x509->sig.buffer, NULL, 0);
#ifdef OPENSSL_EXTRA
XFREE(x509->authKeyId, NULL, 0);
XFREE(x509->subjKeyId, NULL, 0);
#endif /* OPENSSL_EXTRA */
if (x509->altNames)
FreeAltNames(x509->altNames, NULL);
if (x509->dynamicMemory)
@@ -1390,6 +1431,9 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
#ifdef CYASSL_DTLS
ssl->IOCB_CookieCtx = NULL; /* we don't use for default cb */
ssl->dtls_expected_rx = MAX_MTU;
ssl->keys.dtls_state.window = 0;
ssl->keys.dtls_state.nextEpoch = 0;
ssl->keys.dtls_state.nextSeq = 0;
#endif
#ifndef NO_OLD_TLS
@@ -1447,13 +1491,13 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
#ifdef CYASSL_DTLS
ssl->keys.dtls_sequence_number = 0;
ssl->keys.dtls_peer_sequence_number = 0;
ssl->keys.dtls_expected_peer_sequence_number = 0;
ssl->keys.dtls_state.curSeq = 0;
ssl->keys.dtls_state.nextSeq = 0;
ssl->keys.dtls_handshake_number = 0;
ssl->keys.dtls_expected_peer_handshake_number = 0;
ssl->keys.dtls_epoch = 0;
ssl->keys.dtls_peer_epoch = 0;
ssl->keys.dtls_expected_peer_epoch = 0;
ssl->keys.dtls_state.curEpoch = 0;
ssl->keys.dtls_state.nextEpoch = 0;
ssl->dtls_timeout_init = DTLS_TIMEOUT_INIT;
ssl->dtls_timeout_max = DTLS_TIMEOUT_MAX;
ssl->dtls_timeout = ssl->dtls_timeout_init;
@@ -1595,6 +1639,7 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
CYASSL_MSG("Arrays Memory error");
return MEMORY_E;
}
XMEMSET(ssl->arrays, 0, sizeof(Arrays));
#ifndef NO_PSK
ssl->arrays->client_identity[0] = 0;
@@ -2731,9 +2776,9 @@ static int GetRecordHeader(CYASSL* ssl, const byte* input, word32* inOutIdx,
/* type and version in same sport */
XMEMCPY(rh, input + *inOutIdx, ENUM_LEN + VERSION_SZ);
*inOutIdx += ENUM_LEN + VERSION_SZ;
ato16(input + *inOutIdx, &ssl->keys.dtls_peer_epoch);
ato16(input + *inOutIdx, &ssl->keys.dtls_state.curEpoch);
*inOutIdx += 4; /* advance past epoch, skip first 2 seq bytes for now */
ato32(input + *inOutIdx, &ssl->keys.dtls_peer_sequence_number);
ato32(input + *inOutIdx, &ssl->keys.dtls_state.curSeq);
*inOutIdx += 4; /* advance past rest of seq */
ato16(input + *inOutIdx, size);
*inOutIdx += LENGTH_SZ;
@@ -2754,27 +2799,14 @@ static int GetRecordHeader(CYASSL* ssl, const byte* input, word32* inOutIdx,
return VERSION_ERROR; /* only use requested version */
}
}
#if 0
/* Instead of this, check the datagram against the sliding window of
* received datagram goodness. */
#ifdef CYASSL_DTLS
/* If DTLS, check the sequence number against expected. If out of
* order, drop the record. Allows newer records in and resets the
* expected to the next record. */
if (ssl->options.dtls) {
if ((ssl->keys.dtls_expected_peer_epoch ==
ssl->keys.dtls_peer_epoch) &&
(ssl->keys.dtls_peer_sequence_number >=
ssl->keys.dtls_expected_peer_sequence_number)) {
ssl->keys.dtls_expected_peer_sequence_number =
ssl->keys.dtls_peer_sequence_number + 1;
}
else {
if (DtlsCheckWindow(&ssl->keys.dtls_state) != 1)
return SEQUENCE_ERROR;
}
}
#endif
#endif
/* record layer length check */
#ifdef HAVE_MAX_FRAGMENT
if (*size > (ssl->max_fragment + MAX_COMP_EXTRA + MAX_MSG_EXTRA))
@@ -3156,6 +3188,51 @@ int CopyDecodedToX509(CYASSL_X509* x509, DecodedCert* dCert)
dCert->altNames = NULL; /* takes ownership */
x509->altNamesNext = x509->altNames; /* index hint */
x509->isCa = dCert->isCA;
#ifdef OPENSSL_EXTRA
x509->pathLength = dCert->pathLength;
x509->keyUsage = dCert->extKeyUsage;
x509->basicConstSet = dCert->extBasicConstSet;
x509->basicConstCrit = dCert->extBasicConstCrit;
x509->basicConstPlSet = dCert->extBasicConstPlSet;
x509->subjAltNameSet = dCert->extSubjAltNameSet;
x509->subjAltNameCrit = dCert->extSubjAltNameCrit;
x509->authKeyIdSet = dCert->extAuthKeyIdSet;
x509->authKeyIdCrit = dCert->extAuthKeyIdCrit;
if (dCert->extAuthKeyIdSrc != NULL && dCert->extAuthKeyIdSz != 0) {
x509->authKeyId = (byte*)XMALLOC(dCert->extAuthKeyIdSz, NULL, 0);
if (x509->authKeyId != NULL) {
XMEMCPY(x509->authKeyId,
dCert->extAuthKeyIdSrc, dCert->extAuthKeyIdSz);
x509->authKeyIdSz = dCert->extAuthKeyIdSz;
}
else
ret = MEMORY_E;
}
x509->subjKeyIdSet = dCert->extSubjKeyIdSet;
x509->subjKeyIdCrit = dCert->extSubjKeyIdCrit;
if (dCert->extSubjKeyIdSrc != NULL && dCert->extSubjKeyIdSz != 0) {
x509->subjKeyId = (byte*)XMALLOC(dCert->extSubjKeyIdSz, NULL, 0);
if (x509->subjKeyId != NULL) {
XMEMCPY(x509->subjKeyId,
dCert->extSubjKeyIdSrc, dCert->extSubjKeyIdSz);
x509->subjKeyIdSz = dCert->extSubjKeyIdSz;
}
else
ret = MEMORY_E;
}
x509->keyUsageSet = dCert->extKeyUsageSet;
x509->keyUsageCrit = dCert->extKeyUsageCrit;
#ifdef HAVE_ECC
x509->pkCurveOID = dCert->pkCurveOID;
#endif /* HAVE_ECC */
#ifdef CYASSL_SEP
x509->certPolicySet = dCert->extCertPolicySet;
x509->certPolicyCrit = dCert->extCertPolicyCrit;
#endif /* CYASSL_SEP */
#endif /* OPENSSL_EXTRA */
return ret;
}
@@ -3317,8 +3394,8 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx)
}
#ifdef HAVE_OCSP
if (fatal == 0) {
ret = CyaSSL_OCSP_Lookup_Cert(&ssl->ctx->ocsp, &dCert);
if (fatal == 0 && ssl->ctx->cm->ocspEnabled) {
ret = CheckCertOCSP(ssl->ctx->cm->ocsp, &dCert);
if (ret != 0) {
CYASSL_MSG("\tOCSP Lookup not ok");
fatal = 0;
@@ -3331,7 +3408,7 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx)
int doCrlLookup = 1;
#ifdef HAVE_OCSP
if (ssl->ctx->ocsp.enabled) {
if (ssl->ctx->cm->ocspEnabled) {
doCrlLookup = (ret == OCSP_CERT_UNKNOWN);
}
#endif /* HAVE_OCSP */
@@ -3792,6 +3869,68 @@ static int DoHandShakeMsg(CYASSL* ssl, byte* input, word32* inOutIdx,
#ifdef CYASSL_DTLS
static INLINE int DtlsCheckWindow(DtlsState* state)
{
word32 cur;
word32 next;
DtlsSeq window;
if (state->curEpoch == state->nextEpoch) {
next = state->nextSeq;
window = state->window;
}
else if (state->curEpoch < state->nextEpoch) {
next = state->prevSeq;
window = state->prevWindow;
}
else {
return 0;
}
cur = state->curSeq;
if ((next > DTLS_SEQ_BITS) && (cur < next - DTLS_SEQ_BITS)) {
return 0;
}
else if ((cur < next) && (window & (1 << (next - cur - 1)))) {
return 0;
}
return 1;
}
static INLINE int DtlsUpdateWindow(DtlsState* state)
{
word32 cur;
word32* next;
DtlsSeq* window;
if (state->curEpoch == state->nextEpoch) {
next = &state->nextSeq;
window = &state->window;
}
else {
next = &state->prevSeq;
window = &state->prevWindow;
}
cur = state->curSeq;
if (cur < *next) {
*window |= (1 << (*next - cur - 1));
}
else {
*window <<= (1 + cur - *next);
*window |= 1;
*next = cur + 1;
}
return 1;
}
static int DtlsMsgDrain(CYASSL* ssl)
{
DtlsMsg* item = ssl->dtls_msg_list;
@@ -4191,23 +4330,27 @@ static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input,
/* check cipher text size for sanity */
static int SanityCheckCipherText(CYASSL* ssl, word32 encryptSz)
{
word32 minLength = 0;
#ifdef HAVE_TRUNCATED_HMAC
word32 minLength = ssl->truncated_hmac ? TRUNCATED_HMAC_SZ
: ssl->specs.hash_size;
#else
word32 minLength = ssl->specs.hash_size; /* covers stream */
#endif
if (ssl->specs.cipher_type == block) {
if (encryptSz % ssl->specs.block_size) {
CYASSL_MSG("Block ciphertext not block size");
return SANITY_CIPHER_E;
}
minLength = ssl->specs.hash_size + 1; /* pad byte */
minLength++; /* pad byte */
if (ssl->specs.block_size > minLength)
minLength = ssl->specs.block_size;
if (ssl->options.tls1_1)
minLength += ssl->specs.block_size; /* explicit IV */
}
else if (ssl->specs.cipher_type == stream) {
minLength = ssl->specs.hash_size;
}
else if (ssl->specs.cipher_type == aead) {
minLength = ssl->specs.block_size; /* explicit IV + implicit IV + CTR */
}
@@ -4651,7 +4794,12 @@ static INLINE int VerifyMac(CYASSL* ssl, const byte* input, word32 msgSz,
int ret;
word32 pad = 0;
word32 padByte = 0;
#ifdef HAVE_TRUNCATED_HMAC
word32 digestSz = ssl->truncated_hmac ? TRUNCATED_HMAC_SZ
: ssl->specs.hash_size;
#else
word32 digestSz = ssl->specs.hash_size;
#endif
byte verify[MAX_DIGEST_SIZE];
if (ssl->specs.cipher_type == block) {
@@ -4803,8 +4951,6 @@ int ProcessReply(CYASSL* ssl)
&ssl->curRL, &ssl->curSize);
#ifdef CYASSL_DTLS
if (ssl->options.dtls && ret == SEQUENCE_ERROR) {
/* This message is out of order. If we are handshaking, save
*it for later. Otherwise go ahead and process it. */
ssl->options.processReply = doProcessInit;
ssl->buffers.inputBuffer.length = 0;
ssl->buffers.inputBuffer.idx = 0;
@@ -4840,7 +4986,14 @@ int ProcessReply(CYASSL* ssl)
/* the record layer is here */
case runProcessingOneMessage:
if (ssl->keys.encryptionOn && ssl->keys.decryptedCur == 0) {
#ifdef CYASSL_DTLS
if (ssl->options.dtls &&
ssl->keys.dtls_state.curEpoch < ssl->keys.dtls_state.nextEpoch)
ssl->keys.decryptedCur = 1;
#endif
if (ssl->keys.encryptionOn && ssl->keys.decryptedCur == 0)
{
ret = SanityCheckCipherText(ssl, ssl->curSize);
if (ret < 0)
return ret;
@@ -4890,6 +5043,12 @@ int ProcessReply(CYASSL* ssl)
ssl->keys.decryptedCur = 1;
}
if (ssl->options.dtls) {
#ifdef CYASSL_DTLS
DtlsUpdateWindow(&ssl->keys.dtls_state);
#endif /* CYASSL_DTLS */
}
CYASSL_MSG("received record layer msg");
switch (ssl->curRL.type) {
@@ -4949,8 +5108,8 @@ int ProcessReply(CYASSL* ssl)
#ifdef CYASSL_DTLS
if (ssl->options.dtls) {
DtlsPoolReset(ssl);
ssl->keys.dtls_expected_peer_epoch++;
ssl->keys.dtls_expected_peer_sequence_number = 0;
ssl->keys.dtls_state.nextEpoch++;
ssl->keys.dtls_state.nextSeq = 0;
}
#endif
@@ -5236,7 +5395,12 @@ static void BuildCertHashes(CYASSL* ssl, Hashes* hashes)
static int BuildMessage(CYASSL* ssl, byte* output, const byte* input, int inSz,
int type)
{
#ifdef HAVE_TRUNCATED_HMAC
word32 digestSz = min(ssl->specs.hash_size,
ssl->truncated_hmac ? TRUNCATED_HMAC_SZ : ssl->specs.hash_size);
#else
word32 digestSz = ssl->specs.hash_size;
#endif
word32 sz = RECORD_HEADER_SZ + inSz + digestSz;
word32 pad = 0, i;
word32 idx = RECORD_HEADER_SZ;
@@ -5312,8 +5476,19 @@ static int BuildMessage(CYASSL* ssl, byte* output, const byte* input, int inSz,
#endif
}
else {
if (ssl->specs.cipher_type != aead)
ssl->hmac(ssl, output+idx, output + headerSz + ivSz, inSz, type, 0);
if (ssl->specs.cipher_type != aead) {
#ifdef HAVE_TRUNCATED_HMAC
if (ssl->truncated_hmac && ssl->specs.hash_size > digestSz) {
byte hmac[MAX_DIGEST_SIZE];
ssl->hmac(ssl, hmac, output + headerSz + ivSz, inSz, type, 0);
XMEMCPY(output + idx, hmac, digestSz);
} else
#endif
ssl->hmac(ssl, output+idx, output + headerSz + ivSz, inSz,
type, 0);
}
if ( (ret = Encrypt(ssl, output + headerSz, output+headerSz,size)) != 0)
return ret;
@@ -7946,7 +8121,7 @@ static void PickHashSigAlgo(CYASSL* ssl,
case ecc_diffie_hellman_kea:
{
ecc_key myKey;
ecc_key* peerKey = &myKey;
ecc_key* peerKey = NULL;
word32 size = sizeof(encSecret);
if (ssl->specs.static_ecdh) {
@@ -7961,6 +8136,9 @@ static void PickHashSigAlgo(CYASSL* ssl,
peerKey = ssl->peerEccKey;
}
if (peerKey == NULL)
return NO_PEER_KEY;
ecc_init(&myKey);
ret = ecc_make_key(ssl->rng, peerKey->dp->size, &myKey);
if (ret != 0)
@@ -9130,7 +9308,7 @@ static void PickHashSigAlgo(CYASSL* ssl,
return 1;
break;
#ifndef NO_3DES
#ifndef NO_DES3
case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA :
if (requirement == REQUIRES_RSA)
return 1;
@@ -9159,7 +9337,7 @@ static void PickHashSigAlgo(CYASSL* ssl,
#endif
#endif /* NO_RSA */
#ifndef NO_3DES
#ifndef NO_DES3
case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA :
if (requirement == REQUIRES_ECC_DSA)
return 1;
@@ -9715,6 +9893,7 @@ static void PickHashSigAlgo(CYASSL* ssl,
if (clSuites.suiteSz > MAX_SUITE_SZ)
return BUFFER_ERROR;
clSuites.hashSigAlgoSz = 0;
/* session size */
ato16(&input[idx], &sessionSz);

129
src/io.c
View File

@@ -352,7 +352,7 @@ int EmbedReceiveFrom(CYASSL *ssl, char *buf, int sz, void *ctx)
int err;
int sd = dtlsCtx->fd;
int dtls_timeout = CyaSSL_dtls_get_current_timeout(ssl);
struct sockaddr_in6 peer;
struct sockaddr_storage peer;
XSOCKLENT peerSz = sizeof(peer);
CYASSL_ENTER("EmbedReceiveFrom()");
@@ -471,34 +471,21 @@ int EmbedSendTo(CYASSL* ssl, char *buf, int sz, void *ctx)
int EmbedGenerateCookie(CYASSL* ssl, byte *buf, int sz, void *ctx)
{
int sd = ssl->wfd;
struct sockaddr_in6 peer;
struct sockaddr_storage peer;
XSOCKLENT peerSz = sizeof(peer);
Sha sha;
byte digest[SHA_DIGEST_SIZE];
(void)ctx;
XMEMSET(&peer, 0, sizeof(peer));
if (getpeername(sd, (struct sockaddr*)&peer, &peerSz) != 0) {
CYASSL_MSG("getpeername failed in EmbedGenerateCookie");
return GEN_COOKIE_E;
}
InitSha(&sha);
if (peer.sin6_family == AF_INET6) {
ShaUpdate(&sha, (byte*)&peer.sin6_port, sizeof(peer.sin6_port));
ShaUpdate(&sha, (byte*)&peer.sin6_addr, sizeof(peer.sin6_addr));
}
else if (peer.sin6_family == AF_INET) {
struct sockaddr_in *s = (struct sockaddr_in*)&peer;
ShaUpdate(&sha, (byte*)&s->sin_port, sizeof(s->sin_port));
ShaUpdate(&sha, (byte*)&s->sin_addr, sizeof(s->sin_addr));
}
else {
CYASSL_MSG("peer sin_family unknown type in EmbedGenerateCookie");
return GEN_COOKIE_E;
}
ShaUpdate(&sha, (byte*)&peer, peerSz);
ShaFinal(&sha, digest);
if (sz > SHA_DIGEST_SIZE)
@@ -512,52 +499,62 @@ int EmbedGenerateCookie(CYASSL* ssl, byte *buf, int sz, void *ctx)
#ifdef HAVE_OCSP
#ifdef TEST_IPV6
typedef struct sockaddr_in6 SOCKADDR_IN_T;
#define AF_INET_V AF_INET6
#else
typedef struct sockaddr_in SOCKADDR_IN_T;
#define AF_INET_V AF_INET
#endif
static INLINE int tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port)
static int tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port)
{
SOCKADDR_IN_T addr;
const char* host = ip;
struct sockaddr_storage addr;
int sockaddr_len = sizeof(struct sockaddr_in);
XMEMSET(&addr, 0, sizeof(addr));
/* peer could be in human readable form */
if (ip != INADDR_ANY && isalpha(ip[0])) {
#ifdef HAVE_GETADDRINFO
{
struct addrinfo hints;
struct addrinfo* answer = NULL;
char strPort[8];
XMEMSET(&hints, 0, sizeof(hints));
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
hints.ai_protocol = IPPROTO_TCP;
XSNPRINTF(strPort, sizeof(strPort), "%d", port);
strPort[7] = '\0';
if (getaddrinfo(ip, strPort, &hints, &answer) < 0 || answer == NULL) {
CYASSL_MSG("no addr info for OCSP responder");
return -1;
}
sockaddr_len = answer->ai_addrlen;
XMEMCPY(&addr, answer->ai_addr, sockaddr_len);
freeaddrinfo(answer);
}
#else /* HAVE_GETADDRINFO */
{
struct hostent* entry = gethostbyname(ip);
struct sockaddr_in *sin = (struct sockaddr_in *)&addr;
if (entry) {
struct sockaddr_in tmp;
XMEMSET(&tmp, 0, sizeof(struct sockaddr_in));
XMEMCPY(&tmp.sin_addr.s_addr, entry->h_addr_list[0],
entry->h_length);
host = inet_ntoa(tmp.sin_addr);
sin->sin_family = AF_INET;
sin->sin_port = htons(port);
XMEMCPY(&sin->sin_addr.s_addr, entry->h_addr_list[0],
entry->h_length);
}
else {
CYASSL_MSG("no addr entry for OCSP responder");
CYASSL_MSG("no addr info for OCSP responder");
return -1;
}
}
#endif /* HAVE_GETADDRINFO */
*sockfd = socket(AF_INET_V, SOCK_STREAM, 0);
*sockfd = socket(addr.ss_family, SOCK_STREAM, 0);
if (*sockfd < 0) {
CYASSL_MSG("bad socket fd, out of fds?");
return -1;
}
XMEMSET(&addr, 0, sizeof(SOCKADDR_IN_T));
addr.sin_family = AF_INET_V;
addr.sin_port = htons(port);
if (host == INADDR_ANY)
addr.sin_addr.s_addr = INADDR_ANY;
else
addr.sin_addr.s_addr = inet_addr(host);
if (connect(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0) {
if (connect(*sockfd, (struct sockaddr *)&addr, sockaddr_len) != 0) {
CYASSL_MSG("OCSP responder tcp connect failed");
return -1;
}
@@ -597,15 +594,26 @@ static int decode_url(const char* url, int urlSz,
int i, cur;
/* need to break the url down into scheme, address, and port */
/* "http://example.com:8080/" */
/* "http://example.com:8080/" */
/* "http://[::1]:443/" */
if (XSTRNCMP(url, "http://", 7) == 0) {
cur = 7;
} else cur = 0;
i = 0;
while (url[cur] != 0 && url[cur] != ':' &&
if (url[cur] == '[') {
cur++;
/* copy until ']' */
while (url[cur] != 0 && url[cur] != ']' && cur < urlSz) {
outName[i++] = url[cur++];
}
cur++; /* skip ']' */
}
else {
while (url[cur] != 0 && url[cur] != ':' &&
url[cur] != '/' && cur < urlSz) {
outName[i++] = url[cur++];
outName[i++] = url[cur++];
}
}
outName[i] = 0;
/* Need to pick out the path after the domain name */
@@ -670,7 +678,7 @@ static int process_http_response(int sfd, byte** respBuf,
if (result > 0) {
len += result;
start = (char*)httpBuf;
start[len+1] = 0;
start[len] = 0;
}
else {
CYASSL_MSG("process_http_response recv http from peer failed");
@@ -929,27 +937,6 @@ CYASSL_API void* CyaSSL_GetCookieCtx(CYASSL* ssl)
#endif /* CYASSL_DTLS */
#ifdef HAVE_OCSP
CYASSL_API void CyaSSL_SetIOOcsp(CYASSL_CTX* ctx, CallbackIOOcsp cb)
{
ctx->ocsp.CBIOOcsp = cb;
}
CYASSL_API void CyaSSL_SetIOOcspRespFree(CYASSL_CTX* ctx,
CallbackIOOcspRespFree cb)
{
ctx->ocsp.CBIOOcspRespFree = cb;
}
CYASSL_API void CyaSSL_SetIOOcspCtx(CYASSL_CTX* ctx, void *octx)
{
ctx->ocsp.IOCB_OcspCtx = octx;
}
#endif
#ifdef HAVE_NETX
/* The NetX receive callback

121
src/ocsp.c
View File

@@ -27,55 +27,32 @@
#ifdef HAVE_OCSP
#ifdef EBSNET
#include "rtip.h"
#include "socket.h"
#endif
#include <cyassl/error.h>
#include <cyassl/ocsp.h>
#include <cyassl/internal.h>
#include <ctype.h>
#include <string.h>
#ifndef EBSNET
#include <unistd.h>
#include <netdb.h>
#include <netinet/in.h>
#include <netinet/tcp.h>
#include <arpa/inet.h>
#include <sys/ioctl.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/socket.h>
#endif
CYASSL_API int ocsp_test(unsigned char* buf, int sz);
#define CYASSL_OCSP_ENABLE 0x0001 /* Enable OCSP lookups */
#define CYASSL_OCSP_URL_OVERRIDE 0x0002 /* Use the override URL instead of URL
* in certificate */
#define CYASSL_OCSP_NO_NONCE 0x0004 /* Disables the request nonce */
typedef struct sockaddr_in SOCKADDR_IN_T;
#define AF_INET_V AF_INET
#define SOCKET_T unsigned int
int CyaSSL_OCSP_Init(CYASSL_OCSP* ocsp)
int InitOCSP(CYASSL_OCSP* ocsp, CYASSL_CERT_MANAGER* cm)
{
if (ocsp != NULL) {
XMEMSET(ocsp, 0, sizeof(*ocsp));
ocsp->useNonce = 1;
#ifndef CYASSL_USER_IO
ocsp->CBIOOcsp = EmbedOcspLookup;
ocsp->CBIOOcspRespFree = EmbedOcspRespFree;
#endif
return 0;
}
CYASSL_ENTER("InitOCSP");
XMEMSET(ocsp, 0, sizeof(*ocsp));
ocsp->cm = cm;
return -1;
return 0;
}
static int InitOCSP_Entry(OCSP_Entry* ocspe, DecodedCert* cert)
{
CYASSL_ENTER("InitOCSP_Entry");
ocspe->next = NULL;
XMEMCPY(ocspe->issuerHash, cert->issuerHash, SHA_DIGEST_SIZE);
XMEMCPY(ocspe->issuerKeyHash, cert->issuerKeyHash, SHA_DIGEST_SIZE);
ocspe->status = NULL;
ocspe->totalStatus = 0;
return 0;
}
@@ -93,45 +70,21 @@ static void FreeOCSP_Entry(OCSP_Entry* ocspe)
}
void CyaSSL_OCSP_Cleanup(CYASSL_OCSP* ocsp)
void FreeOCSP(CYASSL_OCSP* ocsp, int dynamic)
{
OCSP_Entry* tmp = ocsp->ocspList;
ocsp->enabled = 0;
CYASSL_ENTER("FreeOCSP");
while (tmp) {
OCSP_Entry* next = tmp->next;
FreeOCSP_Entry(tmp);
XFREE(tmp, NULL, DYNAMIC_TYPE_OCSP_ENTRY);
tmp = next;
}
}
int CyaSSL_OCSP_set_override_url(CYASSL_OCSP* ocsp, const char* url)
{
if (ocsp != NULL) {
int urlSz = (int)XSTRLEN(url);
if (urlSz < (int)sizeof(ocsp->overrideUrl)) {
XSTRNCPY(ocsp->overrideUrl, url, urlSz);
return 1;
}
}
return 0;
}
static int InitOCSP_Entry(OCSP_Entry* ocspe, DecodedCert* cert)
{
CYASSL_ENTER("InitOCSP_Entry");
ocspe->next = NULL;
XMEMCPY(ocspe->issuerHash, cert->issuerHash, SHA_DIGEST_SIZE);
XMEMCPY(ocspe->issuerKeyHash, cert->issuerKeyHash, SHA_DIGEST_SIZE);
ocspe->status = NULL;
ocspe->totalStatus = 0;
return 0;
if (dynamic)
XFREE(ocsp, NULL, DYNAMIC_TYPE_OCSP);
}
@@ -224,7 +177,7 @@ static int xstat2err(int stat)
}
int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP* ocsp, DecodedCert* cert)
int CheckCertOCSP(CYASSL_OCSP* ocsp, DecodedCert* cert)
{
byte* ocspReqBuf = NULL;
int ocspReqSz = 2048;
@@ -237,11 +190,7 @@ int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP* ocsp, DecodedCert* cert)
const char *url;
int urlSz;
/* If OCSP lookups are disabled, return success. */
if (!ocsp->enabled) {
CYASSL_MSG("OCSP lookup disabled, assuming CERT_GOOD");
return 0;
}
CYASSL_ENTER("CheckCertOCSP");
ocspe = find_ocsp_entry(ocsp, cert);
if (ocspe == NULL) {
@@ -275,11 +224,10 @@ int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP* ocsp, DecodedCert* cert)
}
}
if (ocsp->useOverrideUrl) {
if (ocsp->overrideUrl[0] != '\0') {
url = ocsp->overrideUrl;
if (ocsp->cm->ocspUseOverrideURL) {
url = ocsp->cm->ocspOverrideURL;
if (url != NULL && url[0] != '\0')
urlSz = (int)XSTRLEN(url);
}
else
return OCSP_NEED_URL;
}
@@ -297,11 +245,12 @@ int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP* ocsp, DecodedCert* cert)
CYASSL_MSG("\talloc OCSP request buffer failed");
return MEMORY_ERROR;
}
InitOcspRequest(&ocspRequest, cert, ocsp->useNonce, ocspReqBuf, ocspReqSz);
InitOcspRequest(&ocspRequest, cert, ocsp->cm->ocspSendNonce,
ocspReqBuf, ocspReqSz);
ocspReqSz = EncodeOcspRequest(&ocspRequest);
if (ocsp->CBIOOcsp) {
result = ocsp->CBIOOcsp(ocsp->IOCB_OcspCtx, url, urlSz,
if (ocsp->cm->ocspIOCb) {
result = ocsp->cm->ocspIOCb(ocsp->cm->ocspIOCtx, url, urlSz,
ocspReqBuf, ocspReqSz, &ocspRespBuf);
}
@@ -331,8 +280,8 @@ int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP* ocsp, DecodedCert* cert)
if (ocspReqBuf != NULL) {
XFREE(ocspReqBuf, NULL, DYNAMIC_TYPE_IN_BUFFER);
}
if (ocspRespBuf != NULL && ocsp->CBIOOcspRespFree) {
ocsp->CBIOOcspRespFree(ocsp->IOCB_OcspCtx, ocspRespBuf);
if (ocspRespBuf != NULL && ocsp->cm->ocspRespFreeCb) {
ocsp->cm->ocspRespFreeCb(ocsp->cm->ocspIOCtx, ocspRespBuf);
}
return result;

7
src/sniffer.c
View File

@@ -417,6 +417,13 @@ void ssl_FreeSniffer(void)
FreeMutex(&SessionMutex);
FreeMutex(&ServerListMutex);
if (TraceFile) {
TraceOn = 0;
fclose(TraceFile);
TraceFile = NULL;
}
CyaSSL_Cleanup();
}

692
src/ssl.c
View File

@@ -568,6 +568,15 @@ word16 CyaSSL_SNI_GetRequest(CYASSL* ssl, byte type, void** data)
return 0;
}
int CyaSSL_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz, byte type,
byte* sni, word32* inOutSz)
{
if (clientHello && helloSz > 0 && sni && inOutSz && *inOutSz > 0)
return TLSX_SNI_GetFromBuffer(clientHello, helloSz, type, sni, inOutSz);
return BAD_FUNC_ARG;
}
#endif /* NO_CYASSL_SERVER */
#endif /* HAVE_SNI */
@@ -901,6 +910,15 @@ int CyaSSL_GetKeySize(CYASSL* ssl)
}
int CyaSSL_GetIVSize(CYASSL* ssl)
{
if (ssl)
return ssl->specs.iv_size;
return BAD_FUNC_ARG;
}
int CyaSSL_GetBulkCipher(CYASSL* ssl)
{
if (ssl)
@@ -967,8 +985,9 @@ int CyaSSL_GetSide(CYASSL* ssl)
int CyaSSL_GetHmacSize(CYASSL* ssl)
{
/* AEAD ciphers don't have HMAC keys */
if (ssl)
return ssl->specs.hash_size;
return (ssl->specs.cipher_type != aead) ? ssl->specs.hash_size : 0;
return BAD_FUNC_ARG;
}
@@ -986,16 +1005,7 @@ CYASSL_CERT_MANAGER* CyaSSL_CertManagerNew(void)
cm = (CYASSL_CERT_MANAGER*) XMALLOC(sizeof(CYASSL_CERT_MANAGER), 0,
DYNAMIC_TYPE_CERT_MANAGER);
if (cm) {
int i;
for (i = 0; i < CA_TABLE_SIZE; i++)
cm->caTable[i] = NULL;
cm->heap = NULL;
cm->caCacheCallback = NULL;
cm->crl = NULL;
cm->crlEnabled = 0;
cm->crlCheckAll = 0;
cm->cbMissingCRL = NULL;
XMEMSET(cm, 0, sizeof(CYASSL_CERT_MANAGER));
if (InitMutex(&cm->caLock) != 0) {
CYASSL_MSG("Bad mutex init");
@@ -1017,6 +1027,10 @@ void CyaSSL_CertManagerFree(CYASSL_CERT_MANAGER* cm)
if (cm->crl)
FreeCRL(cm->crl, 1);
#endif
#ifdef HAVE_OCSP
if (cm->ocsp)
FreeOCSP(cm->ocsp, 1);
#endif
FreeSignerTable(cm->caTable, CA_TABLE_SIZE, NULL);
FreeMutex(&cm->caLock);
XFREE(cm, NULL, DYNAMIC_TYPE_CERT_MANAGER);
@@ -1045,6 +1059,124 @@ int CyaSSL_CertManagerUnloadCAs(CYASSL_CERT_MANAGER* cm)
}
/* Return bytes written to buff or < 0 for error */
int CyaSSL_CertPemToDer(const unsigned char* pem, int pemSz,
unsigned char* buff, int buffSz,
int type)
{
EncryptedInfo info;
int eccKey = 0;
int ret;
buffer der;
CYASSL_ENTER("CyaSSL_CertPemToDer");
if (pem == NULL || buff == NULL || buffSz <= 0) {
CYASSL_MSG("Bad pem der args");
return BAD_FUNC_ARG;
}
if (type != CERT_TYPE && type != CA_TYPE && type != CERTREQ_TYPE) {
CYASSL_MSG("Bad cert type");
return BAD_FUNC_ARG;
}
info.set = 0;
info.ctx = NULL;
info.consumed = 0;
der.buffer = NULL;
ret = PemToDer(pem, pemSz, type, &der, NULL, &info, &eccKey);
if (ret < 0) {
CYASSL_MSG("Bad Pem To Der");
}
else {
if (der.length <= (word32)buffSz) {
XMEMCPY(buff, der.buffer, der.length);
ret = der.length;
}
else {
CYASSL_MSG("Bad der length");
ret = BAD_FUNC_ARG;
}
}
XFREE(der.buffer, NULL, DYNAMIC_TYPE_KEY);
return ret;
}
/* our KeyPemToDer password callback, password in userData */
static INLINE int OurPasswordCb(char* passwd, int sz, int rw, void* userdata)
{
(void)rw;
if (userdata == NULL)
return 0;
XSTRNCPY(passwd, (char*)userdata, sz);
return min((word32)sz, (word32)XSTRLEN((char*)userdata));
}
/* Return bytes written to buff or < 0 for error */
int CyaSSL_KeyPemToDer(const unsigned char* pem, int pemSz, unsigned char* buff,
int buffSz, const char* pass)
{
EncryptedInfo info;
int eccKey = 0;
int ret;
buffer der;
(void)pass;
CYASSL_ENTER("CyaSSL_KeyPemToDer");
if (pem == NULL || buff == NULL || buffSz <= 0) {
CYASSL_MSG("Bad pem der args");
return BAD_FUNC_ARG;
}
info.set = 0;
info.ctx = NULL;
info.consumed = 0;
der.buffer = NULL;
#ifdef OPENSSL_EXTRA
if (pass) {
info.ctx = CyaSSL_CTX_new(CyaSSLv23_client_method());
if (info.ctx == NULL)
return MEMORY_E;
CyaSSL_CTX_set_default_passwd_cb(info.ctx, OurPasswordCb);
CyaSSL_CTX_set_default_passwd_cb_userdata(info.ctx, (void*)pass);
}
#endif
ret = PemToDer(pem, pemSz, PRIVATEKEY_TYPE, &der, NULL, &info, &eccKey);
if (ret < 0) {
CYASSL_MSG("Bad Pem To Der");
}
else {
if (der.length <= (word32)buffSz) {
XMEMCPY(buff, der.buffer, der.length);
ret = der.length;
}
else {
CYASSL_MSG("Bad der length");
ret = BAD_FUNC_ARG;
}
}
XFREE(der.buffer, NULL, DYNAMIC_TYPE_KEY);
if (info.ctx)
CyaSSL_CTX_free(info.ctx);
return ret;
}
#endif /* !NO_CERTS */
@@ -1484,6 +1616,7 @@ int CyaSSL_Init(void)
char* consumedEnd;
char* bufferEnd = (char*)(buff + longSz);
long neededSz;
int ret = 0;
int pkcs8 = 0;
int pkcs8Enc = 0;
int dynamicType = 0;
@@ -1497,6 +1630,12 @@ int CyaSSL_Init(void)
XSTRNCPY(footer, "-----END CERTIFICATE-----", sizeof(footer));
dynamicType = (type == CA_TYPE) ? DYNAMIC_TYPE_CA :
DYNAMIC_TYPE_CERT;
} else if (type == CERTREQ_TYPE) {
XSTRNCPY(header, "-----BEGIN CERTIFICATE REQUEST-----",
sizeof(header));
XSTRNCPY(footer, "-----END CERTIFICATE REQUEST-----",
sizeof(footer));
dynamicType = DYNAMIC_TYPE_KEY;
} else if (type == DH_PARAM_TYPE) {
XSTRNCPY(header, "-----BEGIN DH PARAMETERS-----", sizeof(header));
XSTRNCPY(footer, "-----END DH PARAMETERS-----", sizeof(footer));
@@ -1635,8 +1774,15 @@ int CyaSSL_Init(void)
&der->length) < 0)
return SSL_BAD_FILE;
if (pkcs8)
return ToTraditional(der->buffer, der->length);
if (pkcs8) {
/* convert and adjust length */
if ( (ret = ToTraditional(der->buffer, der->length)) < 0 ) {
return ret;
} else {
der->length = ret;
return 0;
}
}
#if defined(OPENSSL_EXTRA) && !defined(NO_PWDBASED)
if (pkcs8Enc) {
@@ -1647,8 +1793,14 @@ int CyaSSL_Init(void)
return SSL_BAD_FILE; /* no callback error */
passwordSz = info->ctx->passwd_cb(password, sizeof(password), 0,
info->ctx->userdata);
return ToTraditionalEnc(der->buffer, der->length, password,
passwordSz);
/* convert and adjust length */
if ( (ret = ToTraditionalEnc(der->buffer, der->length, password,
passwordSz)) < 0 ) {
return ret;
} else {
der->length = ret;
return 0;
}
}
#endif
@@ -1677,6 +1829,7 @@ int CyaSSL_Init(void)
der.buffer = 0;
(void)dynamicType;
(void)rsaKey;
if (used)
*used = sz; /* used bytes default to sz, PEM chain may shorten*/
@@ -1927,7 +2080,8 @@ int CyaSSL_Init(void)
}
ecc_free(&key);
eccKey = 1;
ctx->haveStaticECC = 1;
if (ctx)
ctx->haveStaticECC = 1;
if (ssl)
ssl->options.haveStaticECC = 1;
}
@@ -2399,6 +2553,62 @@ int CyaSSL_CertManagerDisableCRL(CYASSL_CERT_MANAGER* cm)
}
/* turn on OCSP if off and compiled in, set options */
int CyaSSL_CertManagerEnableOCSP(CYASSL_CERT_MANAGER* cm, int options)
{
int ret = SSL_SUCCESS;
(void)options;
CYASSL_ENTER("CyaSSL_CertManagerEnableOCSP");
if (cm == NULL)
return BAD_FUNC_ARG;
#ifdef HAVE_OCSP
if (cm->ocsp == NULL) {
cm->ocsp = (CYASSL_OCSP*)XMALLOC(sizeof(CYASSL_OCSP), cm->heap,
DYNAMIC_TYPE_OCSP);
if (cm->ocsp == NULL)
return MEMORY_E;
if (InitOCSP(cm->ocsp, cm) != 0) {
CYASSL_MSG("Init OCSP failed");
FreeOCSP(cm->ocsp, 1);
cm->ocsp = NULL;
return SSL_FAILURE;
}
}
cm->ocspEnabled = 1;
if (options & CYASSL_OCSP_URL_OVERRIDE)
cm->ocspUseOverrideURL = 1;
if (options & CYASSL_OCSP_NO_NONCE)
cm->ocspSendNonce = 0;
else
cm->ocspSendNonce = 1;
#ifndef CYASSL_USER_IO
cm->ocspIOCb = EmbedOcspLookup;
cm->ocspRespFreeCb = EmbedOcspRespFree;
#endif /* CYASSL_USER_IO */
#else
ret = NOT_COMPILED_IN;
#endif
return ret;
}
int CyaSSL_CertManagerDisableOCSP(CYASSL_CERT_MANAGER* cm)
{
CYASSL_ENTER("CyaSSL_CertManagerDisableOCSP");
if (cm == NULL)
return BAD_FUNC_ARG;
cm->ocspEnabled = 0;
return SSL_SUCCESS;
}
int CyaSSL_CTX_check_private_key(CYASSL_CTX* ctx)
{
/* TODO: check private against public for RSA match */
@@ -2561,6 +2771,171 @@ int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX* ctx, CbMissingCRL cb)
#endif /* HAVE_CRL */
#ifdef HAVE_OCSP
/* check CRL if enabled, SSL_SUCCESS */
int CyaSSL_CertManagerCheckOCSP(CYASSL_CERT_MANAGER* cm, byte* der, int sz)
{
int ret;
DecodedCert cert;
CYASSL_ENTER("CyaSSL_CertManagerCheckOCSP");
if (cm == NULL)
return BAD_FUNC_ARG;
if (cm->ocspEnabled == 0)
return SSL_SUCCESS;
InitDecodedCert(&cert, der, sz, NULL);
ret = ParseCertRelative(&cert, CERT_TYPE, NO_VERIFY, cm);
if (ret != 0) {
CYASSL_MSG("ParseCert failed");
return ret;
}
else {
ret = CheckCertOCSP(cm->ocsp, &cert);
if (ret != 0) {
CYASSL_MSG("CheckCertOCSP failed");
}
}
FreeDecodedCert(&cert);
if (ret == 0)
return SSL_SUCCESS; /* convert */
return ret;
}
int CyaSSL_CertManagerSetOCSPOverrideURL(CYASSL_CERT_MANAGER* cm,
const char* url)
{
CYASSL_ENTER("CyaSSL_CertManagerSetOCSPOverrideURL");
if (cm == NULL)
return BAD_FUNC_ARG;
XFREE(cm->ocspOverrideURL, cm->heap, 0);
if (url != NULL) {
int urlSz = (int)XSTRLEN(url) + 1;
cm->ocspOverrideURL = (char*)XMALLOC(urlSz, cm->heap, 0);
if (cm->ocspOverrideURL != NULL) {
XMEMCPY(cm->ocspOverrideURL, url, urlSz);
}
else
return MEMORY_E;
}
else
cm->ocspOverrideURL = NULL;
return SSL_SUCCESS;
}
int CyaSSL_CertManagerSetOCSP_Cb(CYASSL_CERT_MANAGER* cm,
CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx)
{
CYASSL_ENTER("CyaSSL_CertManagerSetOCSP_Cb");
if (cm == NULL)
return BAD_FUNC_ARG;
cm->ocspIOCb = ioCb;
cm->ocspRespFreeCb = respFreeCb;
cm->ocspIOCtx = ioCbCtx;
return SSL_SUCCESS;
}
int CyaSSL_EnableOCSP(CYASSL* ssl, int options)
{
CYASSL_ENTER("CyaSSL_EnableOCSP");
if (ssl)
return CyaSSL_CertManagerEnableOCSP(ssl->ctx->cm, options);
else
return BAD_FUNC_ARG;
}
int CyaSSL_DisableOCSP(CYASSL* ssl)
{
CYASSL_ENTER("CyaSSL_DisableOCSP");
if (ssl)
return CyaSSL_CertManagerDisableOCSP(ssl->ctx->cm);
else
return BAD_FUNC_ARG;
}
int CyaSSL_SetOCSP_OverrideURL(CYASSL* ssl, const char* url)
{
CYASSL_ENTER("CyaSSL_SetOCSP_OverrideURL");
if (ssl)
return CyaSSL_CertManagerSetOCSPOverrideURL(ssl->ctx->cm, url);
else
return BAD_FUNC_ARG;
}
int CyaSSL_SetOCSP_Cb(CYASSL* ssl,
CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx)
{
CYASSL_ENTER("CyaSSL_SetOCSP_Cb");
if (ssl)
return CyaSSL_CertManagerSetOCSP_Cb(ssl->ctx->cm,
ioCb, respFreeCb, ioCbCtx);
else
return BAD_FUNC_ARG;
}
int CyaSSL_CTX_EnableOCSP(CYASSL_CTX* ctx, int options)
{
CYASSL_ENTER("CyaSSL_CTX_EnableOCSP");
if (ctx)
return CyaSSL_CertManagerEnableOCSP(ctx->cm, options);
else
return BAD_FUNC_ARG;
}
int CyaSSL_CTX_DisableOCSP(CYASSL_CTX* ctx)
{
CYASSL_ENTER("CyaSSL_CTX_DisableOCSP");
if (ctx)
return CyaSSL_CertManagerDisableOCSP(ctx->cm);
else
return BAD_FUNC_ARG;
}
int CyaSSL_CTX_SetOCSP_OverrideURL(CYASSL_CTX* ctx, const char* url)
{
CYASSL_ENTER("CyaSSL_SetOCSP_OverrideURL");
if (ctx)
return CyaSSL_CertManagerSetOCSPOverrideURL(ctx->cm, url);
else
return BAD_FUNC_ARG;
}
int CyaSSL_CTX_SetOCSP_Cb(CYASSL_CTX* ctx,
CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx)
{
CYASSL_ENTER("CyaSSL_CTX_SetOCSP_Cb");
if (ctx)
return CyaSSL_CertManagerSetOCSP_Cb(ctx->cm, ioCb, respFreeCb, ioCbCtx);
else
return BAD_FUNC_ARG;
}
#endif /* HAVE_OCSP */
#ifdef CYASSL_DER_LOAD
/* Add format parameter to allow DER load of CA files */
@@ -7048,28 +7423,170 @@ int CyaSSL_set_compression(CYASSL* ssl)
}
/* copy name into in buffer, at most sz bytes, if buffer is null will
malloc buffer, call responsible for freeing */
char* CyaSSL_X509_NAME_oneline(CYASSL_X509_NAME* name, char* in, int sz)
int CyaSSL_X509_get_isCA(CYASSL_X509* x509)
{
int copySz = min(sz, name->sz);
int isCA = 0;
CYASSL_ENTER("CyaSSL_X509_NAME_oneline");
if (!name->sz) return in;
CYASSL_ENTER("CyaSSL_X509_get_isCA");
if (!in) {
in = (char*)XMALLOC(name->sz, 0, DYNAMIC_TYPE_OPENSSL);
if (!in ) return in;
copySz = name->sz;
if (x509 != NULL)
isCA = x509->isCa;
CYASSL_LEAVE("CyaSSL_X509_get_isCA", isCA);
return isCA;
}
#ifdef OPENSSL_EXTRA
int CyaSSL_X509_ext_isSet_by_NID(CYASSL_X509* x509, int nid)
{
int isSet = 0;
CYASSL_ENTER("CyaSSL_X509_ext_isSet_by_NID");
if (x509 != NULL) {
switch (nid) {
case BASIC_CA_OID: isSet = x509->basicConstSet; break;
case ALT_NAMES_OID: isSet = x509->subjAltNameSet; break;
case AUTH_KEY_OID: isSet = x509->authKeyIdSet; break;
case SUBJ_KEY_OID: isSet = x509->subjKeyIdSet; break;
case KEY_USAGE_OID: isSet = x509->keyUsageSet; break;
#ifdef CYASSL_SEP
case CERT_POLICY_OID: isSet = x509->certPolicySet; break;
#endif /* CYASSL_SEP */
}
}
if (copySz == 0)
return in;
CYASSL_LEAVE("CyaSSL_X509_ext_isSet_by_NID", isSet);
XMEMCPY(in, name->name, copySz - 1);
in[copySz - 1] = 0;
return isSet;
}
return in;
int CyaSSL_X509_ext_get_critical_by_NID(CYASSL_X509* x509, int nid)
{
int crit = 0;
CYASSL_ENTER("CyaSSL_X509_ext_get_critical_by_NID");
if (x509 != NULL) {
switch (nid) {
case BASIC_CA_OID: crit = x509->basicConstCrit; break;
case ALT_NAMES_OID: crit = x509->subjAltNameCrit; break;
case AUTH_KEY_OID: crit = x509->authKeyIdCrit; break;
case SUBJ_KEY_OID: crit = x509->subjKeyIdCrit; break;
case KEY_USAGE_OID: crit = x509->keyUsageCrit; break;
#ifdef CYASSL_SEP
case CERT_POLICY_OID: crit = x509->certPolicyCrit; break;
#endif /* CYASSL_SEP */
}
}
CYASSL_LEAVE("CyaSSL_X509_ext_get_critical_by_NID", crit);
return crit;
}
int CyaSSL_X509_get_isSet_pathLength(CYASSL_X509* x509)
{
int isSet = 0;
CYASSL_ENTER("CyaSSL_X509_get_isSet_pathLength");
if (x509 != NULL)
isSet = x509->basicConstPlSet;
CYASSL_LEAVE("CyaSSL_X509_get_isSet_pathLength", isSet);
return isSet;
}
word32 CyaSSL_X509_get_pathLength(CYASSL_X509* x509)
{
word32 pathLength = 0;
CYASSL_ENTER("CyaSSL_X509_get_pathLength");
if (x509 != NULL)
pathLength = x509->pathLength;
CYASSL_LEAVE("CyaSSL_X509_get_pathLength", pathLength);
return pathLength;
}
unsigned int CyaSSL_X509_get_keyUsage(CYASSL_X509* x509)
{
word16 usage = 0;
CYASSL_ENTER("CyaSSL_X509_get_keyUsage");
if (x509 != NULL)
usage = x509->keyUsage;
CYASSL_LEAVE("CyaSSL_X509_get_keyUsage", usage);
return usage;
}
byte* CyaSSL_X509_get_authorityKeyID(
CYASSL_X509* x509, byte* dst, int* dstLen)
{
byte *id = NULL;
int copySz = 0;
CYASSL_ENTER("CyaSSL_X509_get_authorityKeyID");
if (x509 != NULL) {
if (x509->authKeyIdSet) {
copySz = min(dstLen != NULL ? *dstLen : 0,
(int)x509->authKeyIdSz);
id = x509->authKeyId;
}
if (dst != NULL && dstLen != NULL && id != NULL && copySz > 0) {
XMEMCPY(dst, id, copySz);
id = dst;
*dstLen = copySz;
}
}
CYASSL_LEAVE("CyaSSL_X509_get_authorityKeyID", copySz);
return id;
}
byte* CyaSSL_X509_get_subjectKeyID(
CYASSL_X509* x509, byte* dst, int* dstLen)
{
byte *id = NULL;
int copySz = 0;
CYASSL_ENTER("CyaSSL_X509_get_subjectKeyID");
if (x509 != NULL) {
if (x509->subjKeyIdSet) {
copySz = min(dstLen != NULL ? *dstLen : 0,
(int)x509->subjKeyIdSz);
id = x509->subjKeyId;
}
if (dst != NULL && dstLen != NULL && id != NULL && copySz > 0) {
XMEMCPY(dst, id, copySz);
id = dst;
*dstLen = copySz;
}
}
CYASSL_LEAVE("CyaSSL_X509_get_subjectKeyID", copySz);
return id;
}
@@ -7141,6 +7658,32 @@ int CyaSSL_set_compression(CYASSL* ssl)
CYASSL_LEAVE("CyaSSL_X509_NAME_get_text_by_NID", textSz);
return textSz;
}
#endif
/* copy name into in buffer, at most sz bytes, if buffer is null will
malloc buffer, call responsible for freeing */
char* CyaSSL_X509_NAME_oneline(CYASSL_X509_NAME* name, char* in, int sz)
{
int copySz = min(sz, name->sz);
CYASSL_ENTER("CyaSSL_X509_NAME_oneline");
if (!name->sz) return in;
if (!in) {
in = (char*)XMALLOC(name->sz, 0, DYNAMIC_TYPE_OPENSSL);
if (!in ) return in;
copySz = name->sz;
}
if (copySz == 0)
return in;
XMEMCPY(in, name->name, copySz - 1);
in[copySz - 1] = 0;
return in;
}
int CyaSSL_X509_get_signature_type(CYASSL_X509* x509)
@@ -7340,6 +7883,8 @@ CYASSL_X509* CyaSSL_X509_d2i(CYASSL_X509** x509, const byte* in, int len)
}
#ifndef NO_FILESYSTEM
CYASSL_X509* CyaSSL_X509_d2i_fp(CYASSL_X509** x509, XFILE file)
{
CYASSL_X509* newX509 = NULL;
@@ -7463,6 +8008,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format)
return x509;
}
#endif /* NO_FILESYSTEM */
#endif /* KEEP_PEER_CERT || SESSION_CERTS */
@@ -8329,6 +8875,9 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format)
XMEMCPY(key->pkey.ptr,
x509->pubKey.buffer, x509->pubKey.length);
key->pkey_sz = x509->pubKey.length;
#ifdef HAVE_ECC
key->pkey_curve = (int)x509->pkCurveOID;
#endif /* HAVE_ECC */
}
}
return key;
@@ -10430,49 +10979,6 @@ static int initGlobalRNG = 0;
/* Return bytes written to buff or < 0 for error */
int CyaSSL_KeyPemToDer(const unsigned char* pem, int pemSz, unsigned char* buff,
int buffSz, const char* pass)
{
EncryptedInfo info;
int eccKey = 0;
int ret;
buffer der;
(void)pass;
CYASSL_ENTER("CyaSSL_KeyPemToDer");
if (pem == NULL || buff == NULL || buffSz <= 0) {
CYASSL_MSG("Bad pem der args");
return BAD_FUNC_ARG;
}
info.set = 0;
info.ctx = NULL;
info.consumed = 0;
der.buffer = NULL;
ret = PemToDer(pem, pemSz, PRIVATEKEY_TYPE, &der, NULL, &info, &eccKey);
if (ret < 0) {
CYASSL_MSG("Bad Pem To Der");
}
else {
if (der.length <= (word32)buffSz) {
XMEMCPY(buff, der.buffer, der.length);
ret = der.length;
}
else {
CYASSL_MSG("Bad der length");
ret = BAD_FUNC_ARG;
}
}
XFREE(der.buffer, NULL, DYNAMIC_TYPE_KEY);
return ret;
}
/* Load RSA from Der, SSL_SUCCESS on success < 0 on error */
int CyaSSL_RSA_LoadDer(CYASSL_RSA* rsa, const unsigned char* der, int derSz)
@@ -10685,38 +11191,6 @@ const byte* CyaSSL_get_sessionID(const CYASSL_SESSION* session)
#endif /* SESSION_CERTS */
int CyaSSL_CTX_OCSP_set_options(CYASSL_CTX* ctx, int options)
{
CYASSL_ENTER("CyaSSL_CTX_OCSP_set_options");
#ifdef HAVE_OCSP
if (ctx != NULL) {
ctx->ocsp.enabled = (options & CYASSL_OCSP_ENABLE) != 0;
ctx->ocsp.useOverrideUrl = (options & CYASSL_OCSP_URL_OVERRIDE) != 0;
ctx->ocsp.useNonce = (options & CYASSL_OCSP_NO_NONCE) == 0;
return SSL_SUCCESS;
}
return SSL_FAILURE;
#else
(void)ctx;
(void)options;
return NOT_COMPILED_IN;
#endif
}
int CyaSSL_CTX_OCSP_set_override_url(CYASSL_CTX* ctx, const char* url)
{
CYASSL_ENTER("CyaSSL_CTX_OCSP_set_override_url");
#ifdef HAVE_OCSP
return CyaSSL_OCSP_set_override_url(&ctx->ocsp, url);
#else
(void)ctx;
(void)url;
return NOT_COMPILED_IN;
#endif
}
#ifndef NO_CERTS
#ifdef HAVE_PK_CALLBACKS
@@ -10866,3 +11340,9 @@ void* CyaSSL_GetRsaDecCtx(CYASSL* ssl)
#endif /* HAVE_PK_CALLBACKS */
#endif /* NO_CERTS */
#ifdef CYASSL_HAVE_WOLFSCEP
/* Used by autoconf to see if wolfSCEP is available */
void CyaSSL_wolfSCEP(void) {}
#endif

146
src/tls.c
View File

@@ -376,6 +376,14 @@ static INLINE void ato16(const byte* c, word16* u16)
{
*u16 = (c[0] << 8) | (c[1]);
}
#ifdef HAVE_SNI
/* convert a 24 bit integer into a 32 bit one */
static INLINE void c24to32(const word24 u24, word32* u32)
{
*u32 = (u24[0] << 16) | (u24[1] << 8) | u24[2];
}
#endif
#endif
/* convert 32 bit integer to opaque */
@@ -393,7 +401,7 @@ static INLINE word32 GetSEQIncrement(CYASSL* ssl, int verify)
#ifdef CYASSL_DTLS
if (ssl->options.dtls) {
if (verify)
return ssl->keys.dtls_peer_sequence_number; /* explicit from peer */
return ssl->keys.dtls_state.curSeq; /* explicit from peer */
else
return ssl->keys.dtls_sequence_number - 1; /* already incremented */
}
@@ -410,9 +418,9 @@ static INLINE word32 GetSEQIncrement(CYASSL* ssl, int verify)
static INLINE word32 GetEpoch(CYASSL* ssl, int verify)
{
if (verify)
return ssl->keys.dtls_peer_epoch;
return ssl->keys.dtls_state.curEpoch;
else
return ssl->keys.dtls_epoch;
return ssl->keys.dtls_epoch;
}
#endif /* CYASSL_DTLS */
@@ -854,6 +862,135 @@ void TLSX_SNI_SetOptions(TLSX* extensions, byte type, byte options)
if (sni)
sni->options = options;
}
int TLSX_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz,
byte type, byte* sni, word32* inOutSz)
{
word32 offset = 0;
word32 len32 = 0;
word16 len16 = 0;
if (helloSz < RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ + CLIENT_HELLO_FIRST)
return INCOMPLETE_DATA;
/* TLS record header */
if ((enum ContentType) clientHello[offset++] != handshake)
return BUFFER_ERROR;
if (clientHello[offset++] != SSLv3_MAJOR)
return BUFFER_ERROR;
if (clientHello[offset++] < TLSv1_MINOR)
return BUFFER_ERROR;
ato16(clientHello + offset, &len16);
offset += OPAQUE16_LEN;
if (offset + len16 > helloSz)
return INCOMPLETE_DATA;
/* Handshake header */
if ((enum HandShakeType) clientHello[offset] != client_hello)
return BUFFER_ERROR;
c24to32(clientHello + offset + 1, &len32);
offset += HANDSHAKE_HEADER_SZ;
if (offset + len32 > helloSz)
return INCOMPLETE_DATA;
/* client hello */
offset += VERSION_SZ + RAN_LEN; /* version, random */
if (helloSz < offset + clientHello[offset])
return INCOMPLETE_DATA;
offset += ENUM_LEN + clientHello[offset]; /* skip session id */
/* cypher suites */
if (helloSz < offset + OPAQUE16_LEN)
return INCOMPLETE_DATA;
ato16(clientHello + offset, &len16);
offset += OPAQUE16_LEN;
if (helloSz < offset + len16)
return INCOMPLETE_DATA;
offset += len16; /* skip cypher suites */
/* compression methods */
if (helloSz < offset + 1)
return INCOMPLETE_DATA;
if (helloSz < offset + clientHello[offset])
return INCOMPLETE_DATA;
offset += ENUM_LEN + clientHello[offset]; /* skip compression methods */
/* extensions */
if (helloSz < offset + OPAQUE16_LEN)
return 0; /* no extensions in client hello. */
ato16(clientHello + offset, &len16);
offset += OPAQUE16_LEN;
if (helloSz < offset + len16)
return INCOMPLETE_DATA;
while (len16 > OPAQUE16_LEN + OPAQUE16_LEN) {
word16 extType;
word16 extLen;
ato16(clientHello + offset, &extType);
offset += OPAQUE16_LEN;
ato16(clientHello + offset, &extLen);
offset += OPAQUE16_LEN;
if (helloSz < offset + extLen)
return INCOMPLETE_DATA;
if (extType != SERVER_NAME_INDICATION) {
offset += extLen; /* skip extension */
} else {
word16 listLen;
ato16(clientHello + offset, &listLen);
offset += OPAQUE16_LEN;
if (helloSz < offset + listLen)
return INCOMPLETE_DATA;
while (listLen > ENUM_LEN + OPAQUE16_LEN) {
byte sniType = clientHello[offset++];
word16 sniLen;
ato16(clientHello + offset, &sniLen);
offset += OPAQUE16_LEN;
if (helloSz < offset + sniLen)
return INCOMPLETE_DATA;
if (sniType != type) {
offset += sniLen;
listLen -= min(ENUM_LEN + OPAQUE16_LEN + sniLen, listLen);
continue;
}
*inOutSz = min(sniLen, *inOutSz);
XMEMCPY(sni, clientHello + offset, *inOutSz);
return SSL_SUCCESS;
}
}
len16 -= min(2 * OPAQUE16_LEN + extLen, len16);
}
return len16 ? BUFFER_ERROR : SSL_SUCCESS;
}
#endif
#define SNI_FREE_ALL TLSX_SNI_FreeAll
@@ -1004,9 +1141,6 @@ static int TLSX_THM_Parse(CYASSL* ssl, byte* input, word16 length,
ssl->truncated_hmac = 1;
#error "TRUNCATED HMAC IS NOT FINISHED YET \
(contact moises@wolfssl.com for more info)"
return 0;
}

2
sslSniffer/sslSnifferTest/include.am
View File

@@ -2,7 +2,7 @@
# included from Top Level Makefile.am
# All paths should be given relative to the root
if BUILD_SNIFFER
if BUILD_SNIFFTEST
noinst_PROGRAMS += sslSniffer/sslSnifferTest/snifftest
sslSniffer_sslSnifferTest_snifftest_SOURCES = sslSniffer/sslSnifferTest/snifftest.c
sslSniffer_sslSnifferTest_snifftest_LDADD = src/libcyassl.la -lpcap

24
sslSniffer/sslSnifferTest/snifftest.c
View File

@@ -69,18 +69,25 @@ enum {
};
pcap_t* pcap = 0;
pcap_if_t *alldevs;
pcap_t* pcap = NULL;
pcap_if_t* alldevs = NULL;
static void FreeAll(void)
{
if (pcap)
pcap_close(pcap);
if (alldevs)
pcap_freealldevs(alldevs);
#ifndef _WIN32
ssl_FreeSniffer();
#endif
}
static void sig_handler(const int sig)
{
printf("SIGINT handled = %d.\n", sig);
if (pcap)
pcap_close(pcap);
pcap_freealldevs(alldevs);
#ifndef _WIN32
ssl_FreeSniffer();
#endif
FreeAll();
if (sig)
exit(EXIT_SUCCESS);
}
@@ -286,6 +293,7 @@ int main(int argc, char** argv)
else if (saveFile)
break; /* we're done reading file */
}
FreeAll();
return EXIT_SUCCESS;
}

88
tests/api.c
View File

@@ -332,6 +332,88 @@ static void verify_SNI_fake_matching(CYASSL* ssl)
AssertStrEQ(name, request);
}
static void test_CyaSSL_SNI_GetFromBuffer(void)
{
byte buffer[] = { /* www.paypal.com */
0x00, 0x00, 0x00, 0x00, 0xff, 0x01, 0x00, 0x00, 0x60, 0x03, 0x03, 0x5c,
0xc4, 0xb3, 0x8c, 0x87, 0xef, 0xa4, 0x09, 0xe0, 0x02, 0xab, 0x86, 0xca,
0x76, 0xf0, 0x9e, 0x01, 0x65, 0xf6, 0xa6, 0x06, 0x13, 0x1d, 0x0f, 0xa5,
0x79, 0xb0, 0xd4, 0x77, 0x22, 0xeb, 0x1a, 0x00, 0x00, 0x16, 0x00, 0x6b,
0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x35,
0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x21,
0x00, 0x00, 0x00, 0x13, 0x00, 0x11, 0x00, 0x00, 0x0e, 0x77, 0x77, 0x77,
0x2e, 0x70, 0x61, 0x79, 0x70, 0x61, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x00,
0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01
};
byte buffer2[] = { /* api.textmate.org */
0x16, 0x03, 0x01, 0x00, 0xc6, 0x01, 0x00, 0x00, 0xc2, 0x03, 0x03, 0x52,
0x8b, 0x7b, 0xca, 0x69, 0xec, 0x97, 0xd5, 0x08, 0x03, 0x50, 0xfe, 0x3b,
0x99, 0xc3, 0x20, 0xce, 0xa5, 0xf6, 0x99, 0xa5, 0x71, 0xf9, 0x57, 0x7f,
0x04, 0x38, 0xf6, 0x11, 0x0b, 0xb8, 0xd3, 0x00, 0x00, 0x5e, 0x00, 0xff,
0xc0, 0x24, 0xc0, 0x23, 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x07, 0xc0, 0x08,
0xc0, 0x28, 0xc0, 0x27, 0xc0, 0x14, 0xc0, 0x13, 0xc0, 0x11, 0xc0, 0x12,
0xc0, 0x26, 0xc0, 0x25, 0xc0, 0x2a, 0xc0, 0x29, 0xc0, 0x05, 0xc0, 0x04,
0xc0, 0x02, 0xc0, 0x03, 0xc0, 0x0f, 0xc0, 0x0e, 0xc0, 0x0c, 0xc0, 0x0d,
0x00, 0x3d, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x35,
0x00, 0x0a, 0x00, 0x67, 0x00, 0x6b, 0x00, 0x33, 0x00, 0x39, 0x00, 0x16,
0x00, 0xaf, 0x00, 0xae, 0x00, 0x8d, 0x00, 0x8c, 0x00, 0x8a, 0x00, 0x8b,
0x00, 0xb1, 0x00, 0xb0, 0x00, 0x2c, 0x00, 0x3b, 0x01, 0x00, 0x00, 0x3b,
0x00, 0x00, 0x00, 0x15, 0x00, 0x13, 0x00, 0x00, 0x10, 0x61, 0x70, 0x69,
0x2e, 0x74, 0x65, 0x78, 0x74, 0x6d, 0x61, 0x74, 0x65, 0x2e, 0x6f, 0x72,
0x67, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x17, 0x00, 0x18, 0x00,
0x19, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0d, 0x00, 0x0c, 0x00,
0x0a, 0x05, 0x01, 0x04, 0x01, 0x02, 0x01, 0x04, 0x03, 0x02, 0x03
};
byte buffer3[] = { /* no sni extension */
0x16, 0x03, 0x03, 0x00, 0x4d, 0x01, 0x00, 0x00, 0x49, 0x03, 0x03, 0xea,
0xa1, 0x9f, 0x60, 0xdd, 0x52, 0x12, 0x13, 0xbd, 0x84, 0x34, 0xd5, 0x1c,
0x38, 0x25, 0xa8, 0x97, 0xd2, 0xd5, 0xc6, 0x45, 0xaf, 0x1b, 0x08, 0xe4,
0x1e, 0xbb, 0xdf, 0x9d, 0x39, 0xf0, 0x65, 0x00, 0x00, 0x16, 0x00, 0x6b,
0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x35,
0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x0a,
0x00, 0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01
};
byte result[32] = {0};
word32 length = 32;
AssertIntEQ(SSL_SUCCESS, CyaSSL_SNI_GetFromBuffer(buffer3, sizeof(buffer3),
0, result, &length));
AssertIntEQ(SSL_SUCCESS, CyaSSL_SNI_GetFromBuffer(buffer2, sizeof(buffer2),
1, result, &length));
AssertIntEQ(-228, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0,
result, &length));
buffer[0] = 0x16;
AssertIntEQ(-228, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0,
result, &length));
buffer[1] = 0x03;
AssertIntEQ(-228, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0,
result, &length));
buffer[2] = 0x03;
AssertIntEQ(-210, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0,
result, &length));
buffer[4] = 0x64;
AssertIntEQ(1, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), 0,
result, &length));
result[length] = 0;
AssertStrEQ("www.paypal.com", (const char*) result);
length = 32;
AssertIntEQ(1, CyaSSL_SNI_GetFromBuffer(buffer2, sizeof(buffer2), 0,
result, &length));
result[length] = 0;
AssertStrEQ("api.textmate.org", (const char*) result);
}
void test_CyaSSL_UseSNI(void)
{
callback_functions client_callbacks = {CyaSSLv23_client_method, 0, 0, 0};
@@ -358,6 +440,8 @@ void test_CyaSSL_UseSNI(void)
CyaSSL_free(ssl);
CyaSSL_CTX_free(ctx);
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
/* Testing success case at ctx */
client_callbacks.ctx_ready = server_callbacks.ctx_ready = use_SNI_at_ctx;
server_callbacks.on_result = verify_SNI_real_matching;
@@ -390,6 +474,10 @@ void test_CyaSSL_UseSNI(void)
server_callbacks.on_result = verify_SNI_fake_matching;
test_CyaSSL_client_server(&client_callbacks, &server_callbacks);
#endif
test_CyaSSL_SNI_GetFromBuffer();
}
#endif /* HAVE_SNI */

6
tests/unit.c
View File

@@ -27,10 +27,10 @@ int main(int argc, char** argv)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
if (CurrentDir("tests"))
if (CurrentDir("tests") || CurrentDir("_build"))
ChangeDirBack(1);
else if (CurrentDir("build"))
ChangeDirBack(2);
else if (CurrentDir("Debug") || CurrentDir("Release"))
ChangeDirBack(3);
if ( (ret = ApiTest()) != 0) {
printf("api test failed with %d\n", ret);

23
testsuite/testsuite.c
View File

@@ -51,11 +51,16 @@ enum {
NUMARGS = 3
};
#ifndef USE_WINDOWS_API
const char outputName[] = "/tmp/output";
#else
const char outputName[] = "output";
#endif
int myoptind = 0;
char* myoptarg = NULL;
int main(int argc, char** argv)
{
func_args server_args;
@@ -79,11 +84,13 @@ int main(int argc, char** argv)
CyaSSL_Debugging_ON();
#endif
if (CurrentDir("testsuite"))
if (CurrentDir("testsuite") || CurrentDir("_build"))
ChangeDirBack(1);
else if (CurrentDir("build")) /* Xcode->Preferences->Locations->Build */
ChangeDirBack(2); /* Location "Place build product in locations
specified by targets", uses build/Debug */
else if (CurrentDir("Debug") || CurrentDir("Release"))
ChangeDirBack(3); /* Xcode->Preferences->Locations->Locations*/
/* Derived Data Advanced -> Custom */
/* Relative to Workspace, Build/Products */
/* Debug or Release */
server_args.signal = &ready;
InitTcpReady(&ready);
@@ -115,8 +122,8 @@ int main(int argc, char** argv)
strcpy(echo_args.argv[0], "echoclient");
strcpy(echo_args.argv[1], "input");
strcpy(echo_args.argv[2], "output");
remove("output");
strcpy(echo_args.argv[2], outputName);
remove(outputName);
/* Share the signal, it has the new port number in it. */
echo_args.signal = server_args.signal;
@@ -144,7 +151,7 @@ int main(int argc, char** argv)
byte output[SHA256_DIGEST_SIZE];
file_test("input", input);
file_test("output", output);
file_test(outputName, output);
if (memcmp(input, output, sizeof(input)) != 0)
return EXIT_FAILURE;
}