Cyclic0007/wolfssl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Cyclic0007:v1.9.0
Branches Tags
Cyclic0007:master Cyclic0007:nightly-snapshot Cyclic0007:revert-9495-aarch64_no_hw_crypto_asm_aes Cyclic0007:revert-9512-20251210-linuxkm-5.17-ubuntu-jammy-tegra-patches Cyclic0007:TLS13-cipher-suite-fix Cyclic0007:revert-9145-zd20038_2 Cyclic0007:pr-8603 Cyclic0007:remove-arc4 Cyclic0007:devin-lifeguard/update-rules-d59f9c48 Cyclic0007:revert-8277-aarch64_no_crypto Cyclic0007:revert-5549-fix_sha256_debug Cyclic0007:cert-3389
Cyclic0007:WCv5.2.4-KRNL-CHKIN-r5 Cyclic0007:WCv6.0.0-linuxkm-UPDT-RC2 Cyclic0007:WCv6.0.0-linuxkm-UPDT-RC1 Cyclic0007:WCv5.2.4-KRNL-CHKIN-r4 Cyclic0007:wolfEntropy2d Cyclic0007:v5.8.4-stable Cyclic0007:WCv5.2.5-STM32-PAA Cyclic0007:WCv5.2.4-KRNL-CHKIN Cyclic0007:v5.8.2-stable Cyclic0007:WCv5.2.3-RSA-SWITCH Cyclic0007:wolfEntropy2 Cyclic0007:WCv5.2.3-DHGENPUB-r2 Cyclic0007:WCv5.2.3-DHGENPUB Cyclic0007:v5.8.0-stable Cyclic0007:WCv6.0.0-RC5 Cyclic0007:WCv6.0.0-RC4 Cyclic0007:WCv5.2.3-STM32-PAA Cyclic0007:WCv6.0.0-RC3 Cyclic0007:v5.7.6-stable Cyclic0007:v5.2.1 Cyclic0007:WCv5.2.3-ARMv8-PAA-r2 Cyclic0007:WCv6.0.0-RC2 Cyclic0007:WCv6.0.0-RC1 Cyclic0007:v5.2.1-stable-OS_Seed-HdrOnly Cyclic0007:v5.7.4-stable Cyclic0007:v5.7.2-stable Cyclic0007:wolfEntropy1 Cyclic0007:v5.7.0-stable Cyclic0007:WCv5.2.3-ARMv8-PAA Cyclic0007:v5.6.6-stable Cyclic0007:v5.6.4-stable Cyclic0007:v5.2.1-stable Cyclic0007:WCv5.2.1-PILOT Cyclic0007:v5.6.3-stable Cyclic0007:v5.6.2-stable Cyclic0007:v5.6.0-stable Cyclic0007:v5.5.4-stable Cyclic0007:v5.5.3-stable Cyclic0007:v5.5.2-stable Cyclic0007:v5.5.1-stable Cyclic0007:v5.5.0-stable Cyclic0007:v5.4.0-stable Cyclic0007:v5.3.0-stable Cyclic0007:v5.2.0-stable Cyclic0007:v5.1.1-stable Cyclic0007:WCv5.0-RC12 Cyclic0007:v5.1.0-stable Cyclic0007:WCv5.0-RC11 Cyclic0007:WCv5.0-RC10 Cyclic0007:v5.0.0-stable Cyclic0007:WCv5.0-RC9 Cyclic0007:v4.8.1-stable Cyclic0007:v4.8.0-stable Cyclic0007:WCv5.0-RC8 Cyclic0007:WCv5.0-RC7 Cyclic0007:WCv5.0-RC6 Cyclic0007:WCv5.0-RC5 Cyclic0007:v4.7.1r Cyclic0007:WCv5.0-RC4 Cyclic0007:WCv5.0-RC3 Cyclic0007:WCv5.0-RC2 Cyclic0007:v4.7.0-stable Cyclic0007:v4.6.0-stable Cyclic0007:v4.5.0-stable Cyclic0007:v4.4.0-stable Cyclic0007:v4.3.0-stable Cyclic0007:v4.2.0c Cyclic0007:v4.2.0-stable Cyclic0007:wolfRand-RC2 Cyclic0007:v4.1.0-stable Cyclic0007:wolfRand-RC1 Cyclic0007:v4.0.0-stable Cyclic0007:list Cyclic0007:WCv4-rng-stable Cyclic0007:v3.15.8 Cyclic0007:v3.15.7-stable Cyclic0007:v3.15.6 Cyclic0007:v3.15.5a Cyclic0007:v3.15.5-stable Cyclic0007:WCv4.0-RC9 Cyclic0007:WCv4.0-RC8 Cyclic0007:WCv4.0-RC7 Cyclic0007:v3.15.3-stable Cyclic0007:l Cyclic0007:WCv4-stable Cyclic0007:v3.15.0-stable Cyclic0007:v3.14.5 Cyclic0007:WCv4.0-RC6 Cyclic0007:WCv4.0-RC5 Cyclic0007:WCv4.0-RC4 Cyclic0007:v3.14.4 Cyclic0007:WCv4.0-RC3 Cyclic0007:WCv4.0-RC2 Cyclic0007:WCv4.0-RC1 Cyclic0007:v3.14.2 Cyclic0007:v3.14.0b Cyclic0007:v3.14.0a Cyclic0007:v3.14.0-stable Cyclic0007:v3.13.3 Cyclic0007:v3.13.2 Cyclic0007:v3.13.0-stable Cyclic0007:v3.12.2-stable Cyclic0007:v3.12.0-stable Cyclic0007:v3.11.1-tls13-beta Cyclic0007:v3.11.0-stable Cyclic0007:v3.10.4 Cyclic0007:v3.10.3 Cyclic0007:v3.10.2-stable Cyclic0007:v3.10.0a Cyclic0007:v3.10.0-stable Cyclic0007:v3.9.10b Cyclic0007:v3.9.10-stable Cyclic0007:v3.9.8 Cyclic0007:v3.9.6w Cyclic0007:v3.9.6 Cyclic0007:v3.9.1 Cyclic0007:v3.9.0 Cyclic0007:v3.8.0 Cyclic0007:v3.7.3 Cyclic0007:v3.7.1 Cyclic0007:v3.7.0 Cyclic0007:v3.6.9d Cyclic0007:v3.69.d Cyclic0007:v3.6.9c Cyclic0007:v3.6.9b Cyclic0007:v3.6.9 Cyclic0007:v3.6.8 Cyclic0007:v3.6.6 Cyclic0007:v3.6.2 Cyclic0007:v3.6.0b Cyclic0007:v3.6.0 Cyclic0007:v3.4.8 Cyclic0007:v3.4.6 Cyclic0007:v3.4.2 Cyclic0007:v3.4.0 Cyclic0007:v3.3.3 Cyclic0007:v3.3.2 Cyclic0007:v3.3.0 Cyclic0007:v3.2.6 Cyclic0007:v3.2.4 Cyclic0007:v3.2.0 Cyclic0007:v3.1.0 Cyclic0007:v3.0.2 Cyclic0007:v3.0.0 Cyclic0007:v2.9.4 Cyclic0007:v2.9.2 Cyclic0007:v2.9.1 Cyclic0007:v0.5 Cyclic0007:v2.9.0 Cyclic0007:v2.8.6 Cyclic0007:v2.8.5a Cyclic0007:v2.8.5 Cyclic0007:v2.8.4 Cyclic0007:v2.8.3 Cyclic0007:v2.8.2 Cyclic0007:v2.8.0 Cyclic0007:v2.7.2 Cyclic0007:v2.7.0 Cyclic0007:v2.6.2 Cyclic0007:v2.6.0 Cyclic0007:v2.5.2b Cyclic0007:v2.5.2 Cyclic0007:v2.5.0 Cyclic0007:v2.4.7 Cyclic0007:v2.4.6 Cyclic0007:v2.4.2 Cyclic0007:v2.4.0 Cyclic0007:v2.3.0 Cyclic0007:v2.2.2 Cyclic0007:v2.1.1 Cyclic0007:v2.2.1 Cyclic0007:v2.2.0 Cyclic0007:v2.1.4 Cyclic0007:v2.1.2 Cyclic0007:v2.0.8 Cyclic0007:v2.0.6 Cyclic0007:v2.0.3 Cyclic0007:v2.0.2 Cyclic0007:v2.0rc3 Cyclic0007:v2.0rc2b Cyclic0007:v2.0rc2 Cyclic0007:v2.0rc1 Cyclic0007:v1.9.0 Cyclic0007:v1.8.8.0
..
compare: Cyclic0007:v2.0rc1
Branches Tags
Cyclic0007:master Cyclic0007:nightly-snapshot Cyclic0007:revert-9495-aarch64_no_hw_crypto_asm_aes Cyclic0007:revert-9512-20251210-linuxkm-5.17-ubuntu-jammy-tegra-patches Cyclic0007:TLS13-cipher-suite-fix Cyclic0007:revert-9145-zd20038_2 Cyclic0007:pr-8603 Cyclic0007:remove-arc4 Cyclic0007:devin-lifeguard/update-rules-d59f9c48 Cyclic0007:revert-8277-aarch64_no_crypto Cyclic0007:revert-5549-fix_sha256_debug Cyclic0007:cert-3389
Cyclic0007:WCv5.2.4-KRNL-CHKIN-r5 Cyclic0007:WCv6.0.0-linuxkm-UPDT-RC2 Cyclic0007:WCv6.0.0-linuxkm-UPDT-RC1 Cyclic0007:WCv5.2.4-KRNL-CHKIN-r4 Cyclic0007:wolfEntropy2d Cyclic0007:v5.8.4-stable Cyclic0007:WCv5.2.5-STM32-PAA Cyclic0007:WCv5.2.4-KRNL-CHKIN Cyclic0007:v5.8.2-stable Cyclic0007:WCv5.2.3-RSA-SWITCH Cyclic0007:wolfEntropy2 Cyclic0007:WCv5.2.3-DHGENPUB-r2 Cyclic0007:WCv5.2.3-DHGENPUB Cyclic0007:v5.8.0-stable Cyclic0007:WCv6.0.0-RC5 Cyclic0007:WCv6.0.0-RC4 Cyclic0007:WCv5.2.3-STM32-PAA Cyclic0007:WCv6.0.0-RC3 Cyclic0007:v5.7.6-stable Cyclic0007:v5.2.1 Cyclic0007:WCv5.2.3-ARMv8-PAA-r2 Cyclic0007:WCv6.0.0-RC2 Cyclic0007:WCv6.0.0-RC1 Cyclic0007:v5.2.1-stable-OS_Seed-HdrOnly Cyclic0007:v5.7.4-stable Cyclic0007:v5.7.2-stable Cyclic0007:wolfEntropy1 Cyclic0007:v5.7.0-stable Cyclic0007:WCv5.2.3-ARMv8-PAA Cyclic0007:v5.6.6-stable Cyclic0007:v5.6.4-stable Cyclic0007:v5.2.1-stable Cyclic0007:WCv5.2.1-PILOT Cyclic0007:v5.6.3-stable Cyclic0007:v5.6.2-stable Cyclic0007:v5.6.0-stable Cyclic0007:v5.5.4-stable Cyclic0007:v5.5.3-stable Cyclic0007:v5.5.2-stable Cyclic0007:v5.5.1-stable Cyclic0007:v5.5.0-stable Cyclic0007:v5.4.0-stable Cyclic0007:v5.3.0-stable Cyclic0007:v5.2.0-stable Cyclic0007:v5.1.1-stable Cyclic0007:WCv5.0-RC12 Cyclic0007:v5.1.0-stable Cyclic0007:WCv5.0-RC11 Cyclic0007:WCv5.0-RC10 Cyclic0007:v5.0.0-stable Cyclic0007:WCv5.0-RC9 Cyclic0007:v4.8.1-stable Cyclic0007:v4.8.0-stable Cyclic0007:WCv5.0-RC8 Cyclic0007:WCv5.0-RC7 Cyclic0007:WCv5.0-RC6 Cyclic0007:WCv5.0-RC5 Cyclic0007:v4.7.1r Cyclic0007:WCv5.0-RC4 Cyclic0007:WCv5.0-RC3 Cyclic0007:WCv5.0-RC2 Cyclic0007:v4.7.0-stable Cyclic0007:v4.6.0-stable Cyclic0007:v4.5.0-stable Cyclic0007:v4.4.0-stable Cyclic0007:v4.3.0-stable Cyclic0007:v4.2.0c Cyclic0007:v4.2.0-stable Cyclic0007:wolfRand-RC2 Cyclic0007:v4.1.0-stable Cyclic0007:wolfRand-RC1 Cyclic0007:v4.0.0-stable Cyclic0007:list Cyclic0007:WCv4-rng-stable Cyclic0007:v3.15.8 Cyclic0007:v3.15.7-stable Cyclic0007:v3.15.6 Cyclic0007:v3.15.5a Cyclic0007:v3.15.5-stable Cyclic0007:WCv4.0-RC9 Cyclic0007:WCv4.0-RC8 Cyclic0007:WCv4.0-RC7 Cyclic0007:v3.15.3-stable Cyclic0007:l Cyclic0007:WCv4-stable Cyclic0007:v3.15.0-stable Cyclic0007:v3.14.5 Cyclic0007:WCv4.0-RC6 Cyclic0007:WCv4.0-RC5 Cyclic0007:WCv4.0-RC4 Cyclic0007:v3.14.4 Cyclic0007:WCv4.0-RC3 Cyclic0007:WCv4.0-RC2 Cyclic0007:WCv4.0-RC1 Cyclic0007:v3.14.2 Cyclic0007:v3.14.0b Cyclic0007:v3.14.0a Cyclic0007:v3.14.0-stable Cyclic0007:v3.13.3 Cyclic0007:v3.13.2 Cyclic0007:v3.13.0-stable Cyclic0007:v3.12.2-stable Cyclic0007:v3.12.0-stable Cyclic0007:v3.11.1-tls13-beta Cyclic0007:v3.11.0-stable Cyclic0007:v3.10.4 Cyclic0007:v3.10.3 Cyclic0007:v3.10.2-stable Cyclic0007:v3.10.0a Cyclic0007:v3.10.0-stable Cyclic0007:v3.9.10b Cyclic0007:v3.9.10-stable Cyclic0007:v3.9.8 Cyclic0007:v3.9.6w Cyclic0007:v3.9.6 Cyclic0007:v3.9.1 Cyclic0007:v3.9.0 Cyclic0007:v3.8.0 Cyclic0007:v3.7.3 Cyclic0007:v3.7.1 Cyclic0007:v3.7.0 Cyclic0007:v3.6.9d Cyclic0007:v3.69.d Cyclic0007:v3.6.9c Cyclic0007:v3.6.9b Cyclic0007:v3.6.9 Cyclic0007:v3.6.8 Cyclic0007:v3.6.6 Cyclic0007:v3.6.2 Cyclic0007:v3.6.0b Cyclic0007:v3.6.0 Cyclic0007:v3.4.8 Cyclic0007:v3.4.6 Cyclic0007:v3.4.2 Cyclic0007:v3.4.0 Cyclic0007:v3.3.3 Cyclic0007:v3.3.2 Cyclic0007:v3.3.0 Cyclic0007:v3.2.6 Cyclic0007:v3.2.4 Cyclic0007:v3.2.0 Cyclic0007:v3.1.0 Cyclic0007:v3.0.2 Cyclic0007:v3.0.0 Cyclic0007:v2.9.4 Cyclic0007:v2.9.2 Cyclic0007:v2.9.1 Cyclic0007:v0.5 Cyclic0007:v2.9.0 Cyclic0007:v2.8.6 Cyclic0007:v2.8.5a Cyclic0007:v2.8.5 Cyclic0007:v2.8.4 Cyclic0007:v2.8.3 Cyclic0007:v2.8.2 Cyclic0007:v2.8.0 Cyclic0007:v2.7.2 Cyclic0007:v2.7.0 Cyclic0007:v2.6.2 Cyclic0007:v2.6.0 Cyclic0007:v2.5.2b Cyclic0007:v2.5.2 Cyclic0007:v2.5.0 Cyclic0007:v2.4.7 Cyclic0007:v2.4.6 Cyclic0007:v2.4.2 Cyclic0007:v2.4.0 Cyclic0007:v2.3.0 Cyclic0007:v2.2.2 Cyclic0007:v2.1.1 Cyclic0007:v2.2.1 Cyclic0007:v2.2.0 Cyclic0007:v2.1.4 Cyclic0007:v2.1.2 Cyclic0007:v2.0.8 Cyclic0007:v2.0.6 Cyclic0007:v2.0.3 Cyclic0007:v2.0.2 Cyclic0007:v2.0rc3 Cyclic0007:v2.0rc2b Cyclic0007:v2.0rc2 Cyclic0007:v2.0rc1 Cyclic0007:v1.9.0 Cyclic0007:v1.8.8.0

69 Commits
v1.9.0 ... v2.0rc1

Author SHA1 Message Date
Todd A Ouska
cfd1946bbf only process chain on cert_chain calls 2011-05-09 13:42:48 -07:00
Todd A Ouska
c0d15f1245 fix alert size on send 2011-05-08 11:35:24 -07:00
Todd A Ouska
fbca29db81 fix fastmath dist pkg 2011-05-02 08:56:37 -07:00
Todd A Ouska
a511ecea66 fix ecc API linkage 2011-05-02 08:38:01 -07:00
Todd A Ouska
2ff6fa64a1 add egs, ctc, and basic targets for new system 2011-04-29 15:20:23 -07:00
Todd A Ouska
595d464d91 make egs target for all examples 2011-04-29 15:11:33 -07:00
Todd A Ouska
9781bef595 README fix 2011-04-29 14:49:32 -07:00
Todd A Ouska
3e793054d0 README update for release 2011-04-29 14:31:23 -07:00
Todd A Ouska
ffe184054f 2.0.0 rc1 versioning 2011-04-29 13:08:05 -07:00
Todd A Ouska
0022282b6b xcode build fix 2011-04-29 11:32:34 -07:00
Todd A Ouska
596cb85143 iphone build fix 2011-04-29 11:25:02 -07:00
Todd A Ouska
db18926414 fix ntru windows build 2011-04-29 11:09:45 -07:00
Todd A Ouska
c4e54556c5 make sure example clients don't use EDH when sniffer active 2011-04-29 10:41:21 -07:00
Todd A Ouska
906e5c19ad windows build fixes for new stuff 2011-04-28 16:34:42 -07:00
Todd A Ouska
b6be0545ab pwdbased warning fix 2011-04-28 16:06:36 -07:00
Todd A Ouska
2f4cd9104d more warning fixes 2011-04-28 15:40:31 -07:00
Todd A Ouska
1e51c4f434 ecc dummy 2011-04-28 14:52:05 -07:00
Todd A Ouska
1ce566971c fix gcc lots o warnings for optional library build features 2011-04-28 12:04:38 -07:00
Todd A Ouska
50b2e1d2d4 fix gcc lots of warnings for build 2011-04-27 17:31:08 -07:00
Todd A Ouska
de18c6b6ec fix aux dir and make dist 2011-04-27 16:00:22 -07:00
Todd A Ouska
b2e0428b71 fix debug messages b4 declarations 2011-04-27 13:23:06 -07:00
Todd A Ouska
ab1935ed8d don't use AUX config, if version mismatch problems 2011-04-27 13:11:19 -07:00
Todd A Ouska
3ba4aa9cca put config gen files in config/ 2011-04-27 12:36:39 -07:00
Todd A Ouska
858d61ad5c remove old Makefile generation 2011-04-27 11:17:17 -07:00
Todd A Ouska
8846b8cad5 use a single Makefile, no recursion 2011-04-26 17:45:41 -07:00
Todd A Ouska
575dc32780 ignore aclocal.m4 2011-04-26 15:54:56 -07:00
Todd A Ouska
491f0e440b add compiler visibility detection, default hide, add external API linkage and internal LOCAL linkage 2011-04-26 15:41:16 -07:00
Todd A Ouska
9acaa22020 disable default static build from autoconf, fix -small build with new stuff 2011-04-26 11:29:40 -07:00
Todd A Ouska
5be1c4c9f3 wincyrpt.h clashes fix, submitted by eof 2011-04-26 10:05:54 -07:00
Todd A Ouska
b83862d01d add more SHA-256 cipher suites, DHE 2011-04-26 09:32:18 -07:00
Todd A Ouska
adaffeca6c fix initsuites with PSK on downgrade, example server with PSK 2011-04-25 16:11:23 -07:00
Todd A Ouska
1ad10ffdc8 allow client to downgrade version with v23, make server downgrade more robust 2011-04-25 15:49:30 -07:00
Todd A Ouska
6c96166c48 more logging messages 2011-04-25 09:24:21 -07:00
Todd A Ouska
5a78a8999a add better codes/messages for CyaSSL generic errors 2011-04-20 16:58:51 -07:00
Todd A Ouska
92bc4fc00d better error messages for generics in CTaoCrypt 2011-04-20 16:29:19 -07:00
Todd A Ouska
adaef70aec remove large static buffer for cert chain processing 2011-04-20 15:54:34 -07:00
Todd A Ouska
1326c79bb6 add server EDH 2011-04-20 14:40:07 -07:00
Todd A Ouska
33e5d2f04a add submitted by eof tag 2011-04-15 16:48:13 -07:00
Todd A Ouska
651b793791 add cyassl runtime alloc routines override, move to ctaocrypt so both can use, submitted by eof 2011-04-15 16:43:00 -07:00
Todd A Ouska
7014d6bbc1 allow runtime setting of logging function, move to ctaocrypt for use by both, submitted by eof 2011-04-15 14:55:07 -07:00
Todd A Ouska
41f1e72407 fix SUBJECT_CN dynamic type (was issuser) 2011-04-14 13:26:09 -07:00
Todd A Ouska
1084ad3026 when processing multiple cert files don't error out if some junk at eof 2011-04-14 10:49:38 -07:00
Todd A Ouska
78ea389021 Merge branch 'master' of github.com:cyassl/cyassl 2011-04-14 10:06:48 -07:00
Todd A Ouska
d788030343 pkcs#5 v.20 and pkcs#12 private encryption for pkcs#8 keys 2011-04-14 10:04:24 -07:00
Todd A Ouska
4cf94570d7 fix confirm CA get signer bug, ugh 2011-04-13 17:21:30 -07:00
Todd A Ouska
2da2e15484 remove SSL caList pointer, only use SSL_CTX one as current 2011-04-13 12:28:01 -07:00
Todd A Ouska
58589b4f9b add verify from root, top->down, serial number extension for size 2011-04-11 12:55:17 -07:00
Todd A Ouska
7a0c0264a6 UID name tracking 2011-04-09 16:31:25 -07:00
Todd A Ouska
45c32b858d allow multi/chain PEM CA files or buffers 2011-04-09 13:48:12 -07:00
Todd A Ouska
f32d59c883 remove pdf doc from github and dist, add doc/README link 2011-04-09 13:16:54 -07:00
Todd A Ouska
831f4b6be9 add use cert chain handling 2011-04-09 13:08:56 -07:00
Todd A Ouska
0c6015fb86 sha256 with ECDSA certificate signatures 2011-04-08 11:08:45 -07:00
Todd A Ouska
214d2cfad7 sha256 rsa signed certs 2011-04-08 11:00:38 -07:00
Todd A Ouska
8a31288c95 serial int init bug fix submitted by eof 2011-04-07 08:56:34 -07:00
Todd A Ouska
cf978c8189 more porting changes 2011-04-04 17:42:50 -07:00
Todd A Ouska
8d38f93d8a make building into resip easier 2011-03-31 16:45:05 -07:00
Todd A Ouska
0604c96e0f Add SHA1 OpenSSL 2011-03-30 12:36:23 -07:00
Todd A Ouska
50c8faf7a1 add PBKDF2 2011-03-28 17:15:14 -07:00
Todd A Ouska
249935d59b remove non external headers from install 2011-03-28 15:02:23 -07:00
Todd A Ouska
9ad5726d2b add library version for libtool 2011-03-28 14:28:09 -07:00
Todd A Ouska
43674f2de4 send proper http GET for examples/client 2011-03-22 08:18:27 -07:00
Todd A Ouska
c068592799 use first 64 bits of SERIAL number 2011-03-22 08:15:03 -07:00
Todd A Ouska
680358abe1 PKCS #5 v1.5 encrypted key adds, small build fixes 2011-03-22 07:35:18 -07:00
Todd A Ouska
b9ff110b2e add CyaSSL_X509_get_serial_number() 2011-03-11 15:22:16 -08:00
Todd A Ouska
f874bf9b76 mix MTU defines and DTLS version info 2011-03-11 14:10:32 -08:00
Jacob Appelbaum
9a932a2b67 This patch adds three new configure options 
--enable-gcc-lots-o-warnings
  This enables a bunch of useful gcc warnings

--enable-gcc-hardening
  This enables FORTIFY_SOURCE, integer wrapping, stack smashing protection
  and other useful security related gcc-isms.

--enable-linker-hardening
  This enables Linux specific linker hardening.

Signed-off-by: Jacob Appelbaum <jacob@appelbaum.net>
 2011-03-11 10:24:46 -08:00
Jacob Appelbaum
f75b9b86d5 This adds an autogen.sh script; it will generate configure scripts 
Signed-off-by: Jacob Appelbaum <jacob@appelbaum.net>
 2011-03-11 10:24:45 -08:00
Todd A Ouska
5a3862f593 strict C for headers 2011-03-08 11:10:41 -08:00
Todd A Ouska
1313ca7872 SHA256 cipher suites for TLSv1.2 2011-03-04 11:13:28 -08:00
112 changed files with 5516 additions and 2551 deletions
Expand all files Collapse all files

9
.gitignore vendored
View File

@@ -1,13 +1,16 @@
*.lo
*.la
*.o
*.m4
*.deps
*.libs
*sh
*.cache
.dirstamp
config*
stamp*
libtool.m4
aclocal.m4
lt*.m4
Makefile.in
Makefile
depcomp
@@ -28,5 +31,9 @@ sslSniffer/sslSnifferTest/tracefile.txt
*.gz
*.zip
*.bak
*.dummy
compile
NTRU_algorithm/
build-test/
build/
cyassl.xcodeproj/

40
Makefile.am
View File

@@ -1,14 +1,38 @@
SUBDIRS = src ctaocrypt examples testsuite sslSniffer
EXTRA_DIST = certs/*.pem certs/*.der certs/*.txt certs/*.raw \
lib/dummy *.sln *.vcproj cyassl-iphone.xcodeproj/project.pbxproj \
doc/*.pdf swig/README swig/*.i swig/cyassl_adds.c swig/*.sh swig/runme.* \
doc/*.txt swig/README swig/*.i swig/cyassl_adds.c swig/*.sh swig/runme.* \
swig/python_cyassl.vcproj swig/rsasign.py
ACLOCAL_AMFLAGS = -I m4
include src/include.am
include ctaocrypt/test/include.am
include ctaocrypt/benchmark/include.am
include examples/client/include.am
include examples/server/include.am
include examples/echoclient/include.am
include examples/echoserver/include.am
include testsuite/include.am
include sslSniffer/sslSnifferTest/include.am
# !!!! first line of rule has to start with a hard (real) tab, not spaces
basic:
cd src; $(MAKE); cd ../testsuite; $(MAKE); cd ../
$(MAKE) src/libcyassl.la; \
$(MAKE) testsuite/testsuite; \
cd testsuite; \
./testsuite; \
cd ../;
egs:
$(MAKE) examples/client/client; \
$(MAKE) examples/echoclient/echoclient;\
$(MAKE) examples/server/server; \
$(MAKE) examples/echoserver/echoserver;
ctc:
$(MAKE) ctaocrypt/test/test; \
$(MAKE) ctaocrypt/benchmark/benchmark;
openssl-links:
cd lib; ln -s ../src/.libs/libcyassl.a libcrypto.a; \
@@ -18,9 +42,13 @@ openssl-links:
# !!! test -e with a .name like .libs then a * like *dylib fails so just
# look for the .dylib on OS X, and .so otherwise but copy all parts
install:
$(mkinstalldirs) $(DESTDIR)$(includedir) $(DESTDIR)$(libdir); \
cp -fpR include/* $(DESTDIR)$(includedir); \
cp -fpR ctaocrypt/include/* $(DESTDIR)$(includedir); \
$(mkinstalldirs) $(DESTDIR)$(includedir)/openssl $(DESTDIR)$(libdir); \
cp -fpR include/openssl/* $(DESTDIR)$(includedir)/openssl; \
cp -fpR ctaocrypt/include/*.h $(DESTDIR)$(includedir); \
rm $(DESTDIR)$(includedir)/asn.h; \
rm $(DESTDIR)$(includedir)/coding.h; \
rm $(DESTDIR)$(includedir)/error.h; \
rm $(DESTDIR)$(includedir)/misc.h; \
cp -fpR src/libcyassl.la $(DESTDIR)$(libdir); \
if test -e src/.libs/libcyassl.a; then \
cp -fp src/.libs/libcyassl.a $(DESTDIR)$(libdir); fi; \

35
README
View File

@@ -13,7 +13,40 @@ before calling SSL_new(); Though it's not recommended.
*** end Note ***
CyaSSL Release 1.9.0 (3/2/2011)
CyaSSL Release 2.0.0rc1 (5/2/2011)
Release 2.0.0rc1 for CyaSSL has many new features including:
- bug fixes
- SHA-256 cipher suites
- Root Certificate Verification (instead of needing all certs in the chain)
- PKCS #8 private key encryption (supports PKCS #5 v1-v2 and PKCS #12)
- Serial number retrieval for x509
- PBKDF2 and PKCS #12 PBKDF
- UID parsing for x509
- SHA-256 certificate signatures
- Client and server can send chains (SSL_CTX_use_certificate_chain_file)
- CA loading can now parse multiple certificates per file
- Dynamic memory runtime hooks
- Runtime hooks for logging
- EDH on server side
- More informative error codes
- More informative logging messages
- Version downgrade more robust (use SSL_v23*)
- Shared build only by default through ./configure
- Compiler visibility is now used, internal functions not polluting namespace
- Single Makefile, no recursion, for faster and simpler building
- Turn on all warnings possible build option, warning fixes
- and more.
Because of all the new features and the multiple OS, compiler, feature-set
options that CyaSSL allows, there may be some configuration fixes needed.
Please send any comments or questions to support@yassl.com.
The CyaSSL manual is available at:
http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions
and comments about the new features please check the manual.
****************** CyaSSL Release 1.9.0 (3/2/2011)
Release 1.9.0 for CyaSSL adds bug fixes, improved TLSv1.2 through testing and
better hash/sig algo ids, --enable-webServer for the yaSSL embedded web server,

12
autogen.sh Executable file
View File

@@ -0,0 +1,12 @@
#!/bin/sh
#
# Create configure and makefile stuff...
#
set -e
autoreconf -ivf
aclocal -I m4
autoheader
autoconf
automake --add-missing --copy

56
certs/server-cert.pem
View File

@@ -37,3 +37,59 @@ Kp5+VqW2h58VxxhmfhZ34qcCAwEAATANBgkqhkiG9w0BAQQFAANBAFipmOcWUkxA
5+FHkhkbOo+XbHu3sMsgba2100dY2OTyPjLp74d35VQ29I1QjQe0d0XqnaQzNpsL
4HRYEcUBe00=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
8a:37:22:65:73:f5:aa:e8
Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=sawtooth, OU=consulting, CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
Validity
Not Before: Jun 30 18:47:10 2010 GMT
Not After : Mar 26 18:47:10 2013 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=sawtooth, OU=consulting, CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (512 bit)
Modulus (512 bit):
00:97:30:b9:1a:92:ef:25:4f:ca:4c:11:31:95:1a:
e1:c0:10:19:0a:20:b9:37:80:1a:57:38:02:4e:1b:
c5:0f:28:4f:da:e3:c9:16:aa:50:bd:4a:fb:b7:71:
c7:35:cc:63:81:c1:dd:9d:33:f9:38:16:88:32:a0:
aa:56:23:03:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:66:FD:A0:40:C6:F4:E2:70:CF:21:1A:0C:4F:67:FE:B7:4B:42:09
X509v3 Authority Key Identifier:
keyid:3B:66:FD:A0:40:C6:F4:E2:70:CF:21:1A:0C:4F:67:FE:B7:4B:42:09
DirName:/C=US/ST=Montana/L=Bozeman/O=sawtooth/OU=consulting/CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
serial:8A:37:22:65:73:F5:AA:E8
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: md5WithRSAEncryption
32:65:a2:b1:dc:6d:e0:8d:8b:c8:58:29:8e:b8:18:4b:62:88:
13:67:f8:6c:75:46:75:8f:8a:19:a6:a3:d5:3c:fc:57:4e:7a:
68:a9:fc:93:dc:ae:29:7d:bb:4e:ec:ea:55:fa:a4:e3:00:61:
f4:b0:34:6d:d1:d5:a4:64:24:f8
-----BEGIN CERTIFICATE-----
MIIDQDCCAuqgAwIBAgIJAIo3ImVz9aroMA0GCSqGSIb3DQEBBAUAMIGeMQswCQYD
VQQGEwJVUzEQMA4GA1UECBMHTW9udGFuYTEQMA4GA1UEBxMHQm96ZW1hbjERMA8G
A1UEChMIc2F3dG9vdGgxEzARBgNVBAsTCmNvbnN1bHRpbmcxJDAiBgNVBAMTG3d3
dy5zYXd0b290aC1jb25zdWx0aW5nLmNvbTEdMBsGCSqGSIb3DQEJARYOaW5mb0B5
YXNzbC5jb20wHhcNMTAwNjMwMTg0NzEwWhcNMTMwMzI2MTg0NzEwWjCBnjELMAkG
A1UEBhMCVVMxEDAOBgNVBAgTB01vbnRhbmExEDAOBgNVBAcTB0JvemVtYW4xETAP
BgNVBAoTCHNhd3Rvb3RoMRMwEQYDVQQLEwpjb25zdWx0aW5nMSQwIgYDVQQDExt3
d3cuc2F3dG9vdGgtY29uc3VsdGluZy5jb20xHTAbBgkqhkiG9w0BCQEWDmluZm9A
eWFzc2wuY29tMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJcwuRqS7yVPykwRMZUa
4cAQGQoguTeAGlc4Ak4bxQ8oT9rjyRaqUL1K+7dxxzXMY4HB3Z0z+TgWiDKgqlYj
A6MCAwEAAaOCAQcwggEDMB0GA1UdDgQWBBQ7Zv2gQMb04nDPIRoMT2f+t0tCCTCB
0wYDVR0jBIHLMIHIgBQ7Zv2gQMb04nDPIRoMT2f+t0tCCaGBpKSBoTCBnjELMAkG
A1UEBhMCVVMxEDAOBgNVBAgTB01vbnRhbmExEDAOBgNVBAcTB0JvemVtYW4xETAP
BgNVBAoTCHNhd3Rvb3RoMRMwEQYDVQQLEwpjb25zdWx0aW5nMSQwIgYDVQQDExt3
d3cuc2F3dG9vdGgtY29uc3VsdGluZy5jb20xHTAbBgkqhkiG9w0BCQEWDmluZm9A
eWFzc2wuY29tggkAijciZXP1qugwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQF
AANBADJlorHcbeCNi8hYKY64GEtiiBNn+Gx1RnWPihmmo9U8/FdOemip/JPcril9
u07s6lX6pOMAYfSwNG3R1aRkJPg=
-----END CERTIFICATE-----

11
certs/server-keyPkcs8Enc.pem Normal file
View File

@@ -0,0 +1,11 @@
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBgTAbBgkqhkiG9w0BBQMwDgQIMbn/uK6tvZcCAggABIIBYK9oQl9uOmp/LC3j
VxEoo+imbDLwS+ybpjbvcnfyWja4TRpRdCHCB/PLHRmVGCf/pBMG8UkobxbVbjpg
DE5Mr69rOVOreNVIBkfAt0B8PgmLPRdKXtp6Y8IJ85R9Aic1g1+s5XeBcvEZRUHm
ZvKd+oV4y8OUpnZkAZdN4In/8ZvWEfZf6ZPplGbcmoqM7eoLrCCiJ1zLvTt3CPm5
yi/F8jJxPYM2iNj86y9hlpwk4lS+TvdAwmO/RGQQWverEQmX9MPob23s5ouBdHe5
7TnBldo/Hq6YVtBYHuvOlx99kaMuumhYdhRONRnWbXedqymaMMG0xA4RgCljv0ud
JrWK1YNGB7gl7/ANoqyy4ZODBUoH33qDR0NzkqwGXMIexlUZIjbwMmUPZZ/XBqMB
tEDrOxAnauE12K3DbfviE40Py8uloXiZf94RnPWbttGp874EOpyiEYjUooo3ii6G
jscqox0=
-----END ENCRYPTED PRIVATE KEY-----

11
certs/server-keyPkcs8Enc12.pem Normal file
View File

@@ -0,0 +1,11 @@
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBgjAcBgoqhkiG9w0BDAEDMA4ECDkwZMQEXsc8AgIIAASCAWAswojJ2ac33Tak
A8ol6daT+VLEtVwgh9AMO8NE/2xvPZFd3758j/9136k/dsci59ZbvnAVnOURf8Sa
MW0jaE+JnrnEdGDZAuODONGCtKdBx3fntHw6qRYIY0t7yhLCCRdeoVH6XK60JUtS
vzi+Hitvg5ObzV1RpiockVCxGJDAizDrXMgQO7N7doeb9fypoBx5IFgLztWONFAg
A9rQrd5CnkgEbOygRYMduv6fX+uEXWrHEB3vDI6HY5k+VHjx2XLGmNOH1goiv+9p
DA4n4YpN45xRQUDKmx2T6kyULnMoG7Tf/le2qtJ2nja7697yk8zeEkZnR+UD2IXh
/A5eyhAquiM5qDbbV46ydOh2Aji6vI8E8/ZnYk2SJ2/VVlNro/tL0XELYdjBBFnI
SfEtCp1QWWtQdCAPipWzgmsEHKkk4ihmHQqTjmoJ0Pl9XbhxvqHUUrKdHXVJtksZ
TmvgXItk
-----END ENCRYPTED PRIVATE KEY-----

11
certs/server-keyPkcs8Enc2.pem Normal file
View File

@@ -0,0 +1,11 @@
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBpjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIBI6Zodac3rQCAggA
MBQGCCqGSIb3DQMHBAjJZP0y7jYpRwSCAWDKV70/DSueiztJHeMKow93Fd/KXDpU
PGTtlz+lfmOUcGTTt5PwSI2rjHX+QeFTCeb2j9bekcWcaW2iIO8FDRJm1djdKVh0
mO2kAxM0W2s+GoR7T6ByQSrqKp2NL6Ug/B6od2xZ6/0tvcB4Ig+10ljL3/pT3T9M
EYCQ5gjaGhPlJIZhFIwmh6x+Pz+d2bkmXObasKEhwRMhJU9GYhKhWB2fOfl8zWlb
tIDcWBf2rCZUfk3LFx/FrV0NOIY5Jmpm/xQt2gdBIos9LNV16HQOqHkhPBhGXP9D
WZGTrpxgClpZhCUJ+LvqZbAp1dXbfrrElrux0y2zmSGxWP9z8cmfC1SHgBIxcD36
CymYSD0s1hPMH4sFoCM6uyEFfK5KwRpYc3IKfEzvkk9+ZTBYpryzJNDqR1Xpfklp
19m2qz9aJjkIgV4afydQWHYEKVm5IS/PcRVl0ZWkgxJXNHRmLd7HWysS
-----END ENCRYPTED PRIVATE KEY-----

7
certs/taoCert.txt
View File

@@ -69,6 +69,13 @@ openssl rsa -in 1024rsa.priv -pubout -out 1024rsa.pub
openssl pkcs8 -nocrypt -topk8 -in server-key.pem -out server-keyPkcs8.pem
**** To convert to pkcs8 encrypted *******
openssl pkcs8 -topk8 -in server-key.pem -out server-keyPkcs8Enc.pem
passwd: yassl123
**** To convert from pkcs8 to traditional ****
openssl pkcs8 -nocrypt -in server-keyPkcs8.pem -out server-key.pem

85
configure.in
View File

@@ -1,23 +1,36 @@
AC_INIT
AC_CANONICAL_SYSTEM
AM_INIT_AUTOMAKE(cyassl,1.9.0) # !!! also change in ssl.h !!!
AC_INIT(cyassl,2.0.0rc1,http://www.yassl.com) # !!! also change in ssl.h !!!
AC_CONFIG_AUX_DIR(config)
AM_CONFIG_HEADER(ctaocrypt/include/config.h)
#dnl Include m4
#sinclude(lib_socket_nsl.m4)
#sinclude(acx_pthread.m4)
AC_CONFIG_MACRO_DIR([m4])
AC_CANONICAL_SYSTEM
AM_INIT_AUTOMAKE(subdir-objects)
#shared library versioning
CYASSL_LIBRARY_VERSION=2:0:0
# | | |
# +------+ | +---+
# | | |
# current:revision:age
# | | |
# | | +- increment if interfaces have been added
# | | set to zero if interfaces have been removed or changed
# | +- increment if source code has changed
# | set to zero if current is incremented
# +- increment if interfaces have been added, removed or changed
AC_SUBST(CYASSL_LIBRARY_VERSION)
# make sure configure doesn't add to CFLAGS
CFLAGS="$CFLAGS $C_EXTRA_FLAGS"
AC_PROG_CC
AM_PROG_CC_C_O
AC_PROG_CC_C_O
AM_PROG_AS
AC_PROG_INSTALL
AC_LIBTOOL_WIN32_DLL
AC_DISABLE_STATIC
AC_PROG_LIBTOOL
AC_PREFIX_DEFAULT(/usr/local/cyassl)
@@ -32,6 +45,7 @@ AC_CHECK_LIBM
AC_CHECK_HEADERS(errno.h)
OPTIMIZE_CFLAGS="-Os -fomit-frame-pointer"
OPTIMIZE_FAST_CFLAGS="-O3 -fomit-frame-pointer"
OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET"
@@ -66,7 +80,7 @@ then
# if you only want server or client you can define NO_CYASSL_SERVER or
# NO_CYASSL_CLIENT but then some of the examples and testsuite won't build
# note that TLS needs HMAC
CFLAGS="-DNO_TLS -DNO_HMAC -DNO_AES -DNO_DES3 -DNO_SHA256 -DNO_ERROR_STRINGS -DNO_HC128 -DNO_RABBIT -DNO_PSK -DNO_DSA -DNO_DH $CFLAGS"
CFLAGS="-DNO_TLS -DNO_HMAC -DNO_AES -DNO_DES3 -DNO_SHA256 -DNO_ERROR_STRINGS -DNO_HC128 -DNO_RABBIT -DNO_PSK -DNO_DSA -DNO_DH -DNO_PWDBASED $CFLAGS"
fi
@@ -421,25 +435,50 @@ CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
LIB_SOCKET_NSL
dnl Various GCC warnings that should never fire for release quality code
GCCWARNINGS="-Wall -fno-strict-aliasing -W -Wfloat-equal -Wundef \
-Wpointer-arith -Wstrict-prototypes -Wmissing-prototypes \
-Wwrite-strings -Wredundant-decls -Wchar-subscripts -Wcomment \
-Wformat=2 -Wwrite-strings -Wmissing-declarations -Wredundant-decls \
-Wnested-externs -Wbad-function-cast -Wswitch-enum -Winit-self \
-Wmissing-field-initializers -Wdeclaration-after-statement \
-Wold-style-definition -Waddress -Wmissing-noreturn -Wnormalized=id \
-Woverride-init -Wstrict-overflow=1 -Wextra -Warray-bounds \
-Wstack-protector -Wformat -Wformat-security -Wpointer-sign"
AC_ARG_ENABLE(gcc-lots-o-warnings,
AS_HELP_STRING(--enable-gcc-lots-o-warnings, enable lots of gcc warnings),
[if test x$enableval = xyes; then
CFLAGS="$CFLAGS $GCCWARNINGS"
fi])
AC_ARG_ENABLE(gcc-hardening,
AS_HELP_STRING(--enable-gcc-hardening, enable compiler security checks),
[if test x$enableval = xyes; then
CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2 -fstack-protector-all"
CFLAGS="$CFLAGS -fwrapv -fPIE -Wstack-protector"
CFLAGS="$CFLAGS --param ssp-buffer-size=1"
LDFLAGS="$LDFLAGS -pie"
fi])
dnl Linker hardening options
dnl Currently these options are ELF specific - you can't use this with MacOSX
AC_ARG_ENABLE(linker-hardening,
AS_HELP_STRING(--enable-linker-hardening, enable linker security fixups),
[if test x$enableval = xyes; then
LDFLAGS="$LDFLAGS -z relro -z now"
fi])
PANDORA_VISIBILITY
CFLAGS="$CFLAGS $CFLAG_VISIBILITY"
AC_SUBST(CFLAGS)
AC_SUBST(LIBS)
# FINAL
AC_CONFIG_FILES(Makefile dnl
ctaocrypt/Makefile dnl
ctaocrypt/src/Makefile dnl
ctaocrypt/test/Makefile dnl
ctaocrypt/benchmark/Makefile dnl
src/Makefile dnl
examples/Makefile dnl
examples/client/Makefile dnl
examples/server/Makefile dnl
examples/echoclient/Makefile dnl
examples/echoserver/Makefile dnl
testsuite/Makefile dnl
sslSniffer/Makefile dnl
sslSniffer/sslSnifferTest/Makefile)
AC_CONFIG_FILES([Makefile])
AC_OUTPUT

3
ctaocrypt/Makefile.am
View File

@@ -1,3 +0,0 @@
SUBDIRS = src test benchmark
EXTRA_DIST = ctaocrypt.sln ctaocrypt.vcproj

7
ctaocrypt/benchmark/Makefile.am
View File

@@ -1,7 +0,0 @@
INCLUDES = -I../include
bin_PROGRAMS = benchmark
benchmark_SOURCES = benchmark.c
benchmark_LDFLAGS = -L../src
benchmark_LDADD = ../../src/libcyassl.la
benchmark_DEPENDENCIES = ../../src/libcyassl.la
EXTRA_DIST = *.der benchmark.sln benchmark.vcproj

12
ctaocrypt/benchmark/include.am Normal file
View File

@@ -0,0 +1,12 @@
# vim:ft=automake
# included from Top Level Makefile.am
# All paths should be given relative to the root
bin_PROGRAMS += ctaocrypt/benchmark/benchmark
ctaocrypt_benchmark_benchmark_SOURCES = ctaocrypt/benchmark/benchmark.c
ctaocrypt_benchmark_benchmark_LDFLAGS = -Lsrc
ctaocrypt_benchmark_benchmark_LDADD = src/libcyassl.la
ctaocrypt_benchmark_benchmark_DEPENDENCIES = src/libcyassl.la
EXTRA_DIST += ctaocrypt/benchmark/*.der \
ctaocrypt/benchmark/benchmark.sln ctaocrypt/benchmark/benchmark.vcproj

4
ctaocrypt/include/arc4.h
View File

@@ -43,8 +43,8 @@ typedef struct Arc4 {
byte state[ARC4_STATE_SIZE];
} Arc4;
void Arc4Process(Arc4*, byte*, const byte*, word32);
void Arc4SetKey(Arc4*, const byte*, word32);
CYASSL_API void Arc4Process(Arc4*, byte*, const byte*, word32);
CYASSL_API void Arc4SetKey(Arc4*, const byte*, word32);
#ifdef __cplusplus

124
ctaocrypt/include/asn.h
View File

@@ -41,6 +41,9 @@ enum {
ISSUER = 0,
SUBJECT = 1,
SERIAL_SIZE = 8,
EXTERNAL_SERIAL_SIZE = 32,
BEFORE = 0,
AFTER = 1
};
@@ -75,8 +78,29 @@ enum DN_Tags {
ASN_ORGUNIT_NAME = 0x0b /* OU */
};
enum PBES {
PBE_MD5_DES = 0,
PBE_SHA1_DES = 1,
PBE_SHA1_DES3 = 2,
PBE_SHA1_RC4_128 = 3,
PBES2 = 13 /* algo ID */
};
enum ENCRYPTION_TYPES {
DES_TYPE = 0,
DES3_TYPE = 1,
RC4_TYPE = 2
};
enum Misc_ASN {
ASN_NAME_MAX = 256,
ASN_NAME_MAX = 256,
MAX_SALT_SIZE = 64, /* MAX PKCS Salt length */
MAX_IV_SIZE = 64, /* MAX PKCS Iv length */
MAX_KEY_SIZE = 64, /* MAX PKCS Key length */
PKCS5 = 5, /* PKCS oid tag */
PKCS5v2 = 6, /* PKCS #5 v2.0 */
PKCS12 = 12, /* PKCS #12 */
MAX_UNICODE_SZ = 256,
SHA_SIZE = 20,
RSA_INTS = 8, /* RSA ints in private key */
MIN_DATE_SIZE = 13,
@@ -88,7 +112,7 @@ enum Misc_ASN {
MAX_SEQ_SZ = 5, /* enum(seq | con) + length(4) */
MAX_SET_SZ = 5, /* enum(set | con) + length(4) */
MAX_VERSION_SZ = 5, /* enum + id + version(byte) + (header(2))*/
MAX_ENCODED_DIG_SZ = 25, /* sha + enum(bit or octet) + legnth(4) */
MAX_ENCODED_DIG_SZ = 73, /* sha512 + enum(bit or octet) + legnth(4) */
MAX_RSA_INT_SZ = 517, /* RSA raw sz 4096 for bits + tag + len(4) */
MAX_NTRU_KEY_SZ = 610, /* NTRU 112 bit public key */
MAX_NTRU_ENC_SZ = 628, /* NTRU 112 bit DER public encoding */
@@ -107,17 +131,20 @@ enum Oid_Types {
enum Sig_Sum {
SHAwDSA = 517,
MD2wRSA = 646,
MD5wRSA = 648,
SHAwRSA = 649,
SHAwECDSA = 520
SHAwDSA = 517,
MD2wRSA = 646,
MD5wRSA = 648,
SHAwRSA = 649,
SHAwECDSA = 520,
SHA256wRSA = 655,
SHA256wECDSA = 524
};
enum Hash_Sum {
MD2h = 646,
MD5h = 649,
SHAh = 88
MD2h = 646,
MD5h = 649,
SHAh = 88,
SHA256h = 414
};
enum Key_Sum {
@@ -137,6 +164,11 @@ enum Ecc_Sum {
};
enum KDF_Sum {
PBKDF2_OID = 660
};
/* Certificate file Type */
enum CertType {
CERT_TYPE = 0,
@@ -171,6 +203,8 @@ typedef struct DecodedCert {
byte* source; /* byte buffer holder cert, NOT owner */
word32 srcIdx; /* current offset into buffer */
void* heap; /* for user memory overrides */
byte serial[EXTERNAL_SERIAL_SIZE]; /* raw serial number */
int serialSz; /* raw serial bytes stored */
#ifdef CYASSL_CERT_GEN
/* easy access to sujbect info for other sign */
char* subjectSN;
@@ -204,53 +238,64 @@ struct Signer {
};
void InitDecodedCert(DecodedCert*, byte*, void*);
void FreeDecodedCert(DecodedCert*);
int ParseCert(DecodedCert*, word32, int type, int verify, Signer* signer);
int ParseCertRelative(DecodedCert*, word32, int type, int verify,
Signer* signer);
CYASSL_API void InitDecodedCert(DecodedCert*, byte*, void*);
CYASSL_API void FreeDecodedCert(DecodedCert*);
CYASSL_API int ParseCert(DecodedCert*, word32, int type, int verify,
Signer* signer);
CYASSL_LOCAL int ParseCertRelative(DecodedCert*, word32, int type, int verify,
Signer* signer);
word32 EncodeSignature(byte* out, const byte* digest, word32 digSz,int hashOID);
CYASSL_LOCAL word32 EncodeSignature(byte* out, const byte* digest, word32 digSz,
int hashOID);
Signer* MakeSigner(void*);
void FreeSigners(Signer*, void*);
CYASSL_LOCAL Signer* MakeSigner(void*);
CYASSL_LOCAL void FreeSigners(Signer*, void*);
int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, word32);
int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, word32);
int ToTraditional(byte* buffer, word32 length);
CYASSL_API int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey*,
word32);
CYASSL_API int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*,
word32);
CYASSL_LOCAL int ToTraditional(byte* buffer, word32 length);
CYASSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*, int);
#ifndef NO_DH
int DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32);
int DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, word32 gSz);
CYASSL_API int DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key,
word32);
CYASSL_API int DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
word32 gSz);
#endif
#ifndef NO_DSA
int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey*, word32);
int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey*, word32);
CYASSL_API int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey*,
word32);
CYASSL_API int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey*,
word32);
#endif
#ifdef CYASSL_KEY_GEN
int RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
CYASSL_API int RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
#endif
#ifdef HAVE_ECC
/* ASN sig helpers */
int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, mp_int* s);
int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, mp_int* r, mp_int* s);
CYASSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r,
mp_int* s);
CYASSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen,
mp_int* r, mp_int* s);
/* private key helpers */
int EccPrivateKeyDecode(const byte* input,word32* inOutIdx,ecc_key*,word32);
CYASSL_LOCAL int EccPrivateKeyDecode(const byte* input,word32* inOutIdx,
ecc_key*,word32);
#endif
#if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN)
int DerToPem(const byte* der, word32 derSz, byte* output, word32 outputSz,
int type);
CYASSL_API int DerToPem(const byte* der, word32 derSz, byte* output,
word32 outputSz, int type);
#endif
#ifdef CYASSL_CERT_GEN
enum cert_enums {
SERIAL_SIZE = 8,
NAME_SIZE = 64,
NAME_ENTRIES = 8,
JOINT_LEN = 2,
@@ -297,14 +342,15 @@ typedef struct Cert {
subject = blank
keyType = RSA_KEY (default)
*/
void InitCert(Cert*);
int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
int SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
int SetIssuer(Cert*, const char*);
CYASSL_API void InitCert(Cert*);
CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
CYASSL_API int SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
RNG*);
CYASSL_API int SetIssuer(Cert*, const char*);
#ifdef HAVE_NTRU
int MakeNtruCert(Cert*, byte* derBuffer, word32 derSz, const byte* ntruKey,
word16 keySz, RNG*);
CYASSL_API int MakeNtruCert(Cert*, byte* derBuffer, word32 derSz,
const byte* ntruKey, word16 keySz, RNG*);
#endif

8
ctaocrypt/include/coding.h
View File

@@ -31,11 +31,15 @@
/* decode needed by CyaSSL */
int Base64Decode(const byte* in, word32 inLen, byte* out, word32* outLen);
CYASSL_LOCAL int Base64Decode(const byte* in, word32 inLen, byte* out,
word32* outLen);
#if defined(OPENSSL_EXTRA) || defined(SESSION_CERTS) || defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) || defined(HAVE_WEBSERVER)
/* encode isn't */
int Base64Encode(const byte* in, word32 inLen, byte* out, word32* outLen);
CYASSL_LOCAL
int Base64Encode(const byte* in, word32 inLen, byte* out,
word32* outLen);
CYASSL_LOCAL
int Base16Decode(const byte* in, word32 inLen, byte* out, word32* outLen);
#endif

16
ctaocrypt/include/config.h
View File

@@ -40,6 +40,10 @@
/* Define to 1 if you have the <unistd.h> header file. */
#define HAVE_UNISTD_H 1
/* Define to 1 or 0, depending whether the compiler supports simple visibility
declarations. */
#define HAVE_VISIBILITY 1
/* Define to the sub-directory in which libtool stores uninstalled libraries.
*/
#define LT_OBJDIR ".libs/"
@@ -51,19 +55,19 @@
#define PACKAGE "cyassl"
/* Define to the address where bug reports for this package should be sent. */
#define PACKAGE_BUGREPORT ""
#define PACKAGE_BUGREPORT "http://www.yassl.com"
/* Define to the full name of this package. */
#define PACKAGE_NAME ""
#define PACKAGE_NAME "cyassl"
/* Define to the full name and version of this package. */
#define PACKAGE_STRING ""
#define PACKAGE_STRING "cyassl 2.0.0rc1"
/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME ""
#define PACKAGE_TARNAME "cyassl"
/* Define to the version of this package. */
#define PACKAGE_VERSION ""
#define PACKAGE_VERSION "2.0.0rc1"
/* Define to necessary symbol if this constant uses a non-standard name on
your system. */
@@ -79,7 +83,7 @@
#define STDC_HEADERS 1
/* Version number of package */
#define VERSION "1.9.0"
#define VERSION "2.0.0rc1"
/* Define to 1 if your processor stores words with the most significant byte
first (like Motorola and SPARC, unlike Intel and VAX). */

4
ctaocrypt/include/config.h.in
View File

@@ -39,6 +39,10 @@
/* Define to 1 if you have the <unistd.h> header file. */
#undef HAVE_UNISTD_H
/* Define to 1 or 0, depending whether the compiler supports simple visibility
declarations. */
#undef HAVE_VISIBILITY
/* Define to the sub-directory in which libtool stores uninstalled libraries.
*/
#undef LT_OBJDIR

7
ctaocrypt/include/ctc_aes.h
View File

@@ -69,9 +69,10 @@ typedef struct Aes {
} Aes;
int AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv, int dir);
void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
CYASSL_API int AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
int dir);
CYASSL_API void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
CYASSL_API void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
#ifdef __cplusplus

13
ctaocrypt/include/ctc_dh.h
View File

@@ -40,13 +40,14 @@ typedef struct DhKey {
} DhKey;
void InitDhKey(DhKey* key);
void FreeDhKey(DhKey* key);
CYASSL_API void InitDhKey(DhKey* key);
CYASSL_API void FreeDhKey(DhKey* key);
int DhGenerateKeyPair(DhKey* key, RNG* rng, byte* priv, word32* privSz,
byte* pub, word32* pubSz);
int DhAgree(DhKey* key, byte* agree, word32* agreeSz, const byte* priv,
word32 privSz, const byte* otherPub, word32 pubSz);
CYASSL_API int DhGenerateKeyPair(DhKey* key, RNG* rng, byte* priv,
word32* privSz, byte* pub, word32* pubSz);
CYASSL_API int DhAgree(DhKey* key, byte* agree, word32* agreeSz,
const byte* priv, word32 privSz, const byte* otherPub,
word32 pubSz);
#ifdef __cplusplus

9
ctaocrypt/include/ctc_dsa.h
View File

@@ -45,11 +45,12 @@ typedef struct DsaKey {
} DsaKey;
void InitDsaKey(DsaKey* key);
void FreeDsaKey(DsaKey* key);
CYASSL_API void InitDsaKey(DsaKey* key);
CYASSL_API void FreeDsaKey(DsaKey* key);
int DsaSign(const byte* digest, byte* out, DsaKey* key, RNG* rng);
int DsaVerify(const byte* digest, const byte* sig, DsaKey* key, int* answer);
CYASSL_API int DsaSign(const byte* digest, byte* out, DsaKey* key, RNG* rng);
CYASSL_API int DsaVerify(const byte* digest, const byte* sig, DsaKey* key,
int* answer);
#ifdef __cplusplus

26
ctaocrypt/include/ctc_ecc.h
View File

@@ -46,12 +46,12 @@ enum {
/* ECC set type defined a NIST GF(p) curve */
typedef struct {
int size; /* The size of the curve in octets */
char* name; /* name of this curve */
char* prime; /* prime that defines the field the curve is in (hex) */
char* B; /* fields B param (hex) */
char* order; /* order of the curve (hex) */
char* Gx; /* x coordinate of the base point on curve (hex) */
char* Gy; /* y coordinate of the base point on curve (hex) */
const char* name; /* name of this curve */
const char* prime; /* prime that defines the field, curve is in (hex) */
const char* B; /* fields B param (hex) */
const char* order; /* order of the curve (hex) */
const char* Gx; /* x coordinate of the base point on curve (hex) */
const char* Gy; /* y coordinate of the base point on curve (hex) */
} ecc_set_type;
@@ -80,28 +80,36 @@ typedef struct {
extern const ecc_set_type ecc_sets[];
CYASSL_API
int ecc_make_key(RNG* rng, int keysize, ecc_key* key);
CYASSL_API
int ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
word32* outlen);
CYASSL_API
int ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
RNG* rng, ecc_key* key);
CYASSL_API
int ecc_verify_hash(const byte* sig, word32 siglen, byte* hash, word32 hashlen,
int* stat, ecc_key* key);
CYASSL_API
void ecc_init(ecc_key* key);
CYASSL_API
void ecc_free(ecc_key* key);
/* ASN key helpers */
CYASSL_API
int ecc_export_x963(ecc_key*, byte* out, word32* outLen);
CYASSL_API
int ecc_import_x963(const byte* in, word32 inLen, ecc_key* key);
CYASSL_API
int ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
word32 pubSz, ecc_key* key);
/* size helper */
CYASSL_API
int ecc_size(ecc_key* key);
CYASSL_API
int ecc_sig_size(ecc_key* key);
/* TODO: fix mutex types */

7
ctaocrypt/include/ctc_hmac.h
View File

@@ -70,9 +70,10 @@ typedef struct Hmac {
} Hmac;
void HmacSetKey(Hmac*, int type, const byte* key, word32 keySz); /* does init */
void HmacUpdate(Hmac*, const byte*, word32);
void HmacFinal(Hmac*, byte*);
/* does init */
CYASSL_API void HmacSetKey(Hmac*, int type, const byte* key, word32 keySz);
CYASSL_API void HmacUpdate(Hmac*, const byte*, word32);
CYASSL_API void HmacFinal(Hmac*, byte*);
#ifdef __cplusplus

6
ctaocrypt/include/ctc_md4.h
View File

@@ -50,9 +50,9 @@ typedef struct Md4 {
} Md4;
void InitMd4(Md4*);
void Md4Update(Md4*, const byte*, word32);
void Md4Final(Md4*, byte*);
CYASSL_API void InitMd4(Md4*);
CYASSL_API void Md4Update(Md4*, const byte*, word32);
CYASSL_API void Md4Final(Md4*, byte*);
#ifdef __cplusplus

6
ctaocrypt/include/ctc_md5.h
View File

@@ -49,9 +49,9 @@ typedef struct Md5 {
} Md5;
void InitMd5(Md5*);
void Md5Update(Md5*, const byte*, word32);
void Md5Final(Md5*, byte*);
CYASSL_API void InitMd5(Md5*);
CYASSL_API void Md5Update(Md5*, const byte*, word32);
CYASSL_API void Md5Final(Md5*, byte*);
#ifdef __cplusplus

6
ctaocrypt/include/ctc_ripemd.h
View File

@@ -52,9 +52,9 @@ typedef struct RipeMd {
} RipeMd;
void InitRipeMd(RipeMd*);
void RipeMdUpdate(RipeMd*, const byte*, word32);
void RipeMdFinal(RipeMd*, byte*);
CYASSL_API void InitRipeMd(RipeMd*);
CYASSL_API void RipeMdUpdate(RipeMd*, const byte*, word32);
CYASSL_API void RipeMdFinal(RipeMd*, byte*);
#ifdef __cplusplus

31
ctaocrypt/include/ctc_rsa.h
View File

@@ -45,24 +45,25 @@ typedef struct RsaKey {
} RsaKey;
void InitRsaKey(RsaKey* key, void*);
void FreeRsaKey(RsaKey* key);
CYASSL_API void InitRsaKey(RsaKey* key, void*);
CYASSL_API void FreeRsaKey(RsaKey* key);
int RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
RsaKey* key, RNG* rng);
int RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, RsaKey* key);
int RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
RsaKey* key);
int RsaSSL_Sign(const byte* in, word32 inLen, byte* out, word32 outLen,
RsaKey* key, RNG* rng);
int RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key);
int RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
RsaKey* key);
int RsaEncryptSize(RsaKey* key);
CYASSL_API int RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, RNG* rng);
CYASSL_API int RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
RsaKey* key);
CYASSL_API int RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key);
CYASSL_API int RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, RNG* rng);
CYASSL_API int RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out,
RsaKey* key);
CYASSL_API int RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key);
CYASSL_API int RsaEncryptSize(RsaKey* key);
#ifdef CYASSL_KEY_GEN
int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng);
CYASSL_API int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng);
#endif

6
ctaocrypt/include/ctc_sha.h
View File

@@ -50,9 +50,9 @@ typedef struct Sha {
} Sha;
void InitSha(Sha*);
void ShaUpdate(Sha*, const byte*, word32);
void ShaFinal(Sha*, byte*);
CYASSL_API void InitSha(Sha*);
CYASSL_API void ShaUpdate(Sha*, const byte*, word32);
CYASSL_API void ShaFinal(Sha*, byte*);
#ifdef __cplusplus

54
ctaocrypt/include/cyassl_memory.h Normal file
View File

@@ -0,0 +1,54 @@
/* cyassl_memory.h
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* submitted by eof */
#ifndef CYASSL_MEMORY_H
#define CYASSL_MEMORY_H
#include <stdlib.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef void *(*CyaSSL_Malloc_cb)(size_t size);
typedef void (*CyaSSL_Free_cb)(void *ptr);
typedef void *(*CyaSSL_Realloc_cb)(void *ptr, size_t size);
CYASSL_API int CyaSSL_SetAllocators(CyaSSL_Malloc_cb malloc_function,
CyaSSL_Free_cb free_function,
CyaSSL_Realloc_cb realloc_function);
CYASSL_API void* CyaSSL_Malloc(size_t size);
CYASSL_API void CyaSSL_Free(void *ptr);
CYASSL_API void* CyaSSL_Realloc(void *ptr, size_t size);
#ifdef __cplusplus
}
#endif
#endif /* CYASSL_MEMORY_H */

12
ctaocrypt/include/des3.h
View File

@@ -57,13 +57,13 @@ typedef struct Des3 {
} Des3;
void Des_SetKey(Des* des, const byte* key, const byte* iv, int dir);
void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz);
void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz);
CYASSL_API void Des_SetKey(Des* des, const byte* key, const byte* iv, int dir);
CYASSL_API void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz);
CYASSL_API void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz);
void Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir);
void Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz);
void Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz);
CYASSL_API void Des3_SetKey(Des3* des, const byte* key, const byte* iv,int dir);
CYASSL_API void Des3_CbcEncrypt(Des3* des, byte* out, const byte* in,word32 sz);
CYASSL_API void Des3_CbcDecrypt(Des3* des, byte* out, const byte* in,word32 sz);
#ifdef __cplusplus

6
ctaocrypt/include/error.h
View File

@@ -52,6 +52,7 @@ enum {
MP_MOD_E = -118, /* mp_mod error state, can't mod */
MP_INVMOD_E = -119, /* mp_invmod error state, can't inv mod */
MP_CMP_E = -120, /* mp_cmp error state */
MP_ZERO_E = -121, /* got a mp zero result, not expected */
MEMORY_E = -125, /* out of memory error */
@@ -86,10 +87,13 @@ enum {
ASN_DH_KEY_E = -158, /* ASN key init error, invalid input */
ASN_NTRU_KEY_E = -159, /* ASN ntru key decode error, invalid input */
/* TODO: TAO add ECC error strings to ErrorString() */
ECC_BAD_ARG_E = -170, /* ECC input argument of wrong type */
ASN_ECC_KEY_E = -171, /* ASN ECC bad input */
ECC_CURVE_OID_E = -172, /* Unsupported ECC OID curve type */
BAD_FUNC_ARG = -173, /* Bad function argument provided */
NOT_COMPILED_IN = -174, /* Feature not compiled in */
UNICODE_SIZE_E = -175, /* Unicdoe password too big */
NO_PASSWORD = -176, /* no password provided by user */
MIN_CODE_E = -200 /* errors -101 - -199 */
};

4
ctaocrypt/include/hc128.h
View File

@@ -44,8 +44,8 @@ typedef struct HC128 {
} HC128;
void Hc128_Process(HC128*, byte*, const byte*, word32);
void Hc128_SetKey(HC128*, const byte* key, const byte* iv);
CYASSL_API void Hc128_Process(HC128*, byte*, const byte*, word32);
CYASSL_API void Hc128_SetKey(HC128*, const byte* key, const byte* iv);
#ifdef __cplusplus

12
ctaocrypt/include/integer.h
View File

@@ -247,10 +247,8 @@ void mp_clamp (mp_int * a);
void mp_exch (mp_int * a, mp_int * b);
void mp_rshd (mp_int * a, int b);
int mp_mod_2d (mp_int * a, int b, mp_int * c);
int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c);
int mp_mul_2d (mp_int * a, int b, mp_int * c);
int mp_lshd (mp_int * a, int b);
int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y);
int mp_abs (mp_int * a, mp_int * b);
int mp_invmod (mp_int * a, mp_int * b, mp_int * c);
int fast_mp_invmod (mp_int * a, mp_int * b, mp_int * c);
@@ -266,7 +264,6 @@ int mp_add (mp_int * a, mp_int * b, mp_int * c);
int s_mp_add (mp_int * a, mp_int * b, mp_int * c);
int s_mp_sub (mp_int * a, mp_int * b, mp_int * c);
int mp_sub (mp_int * a, mp_int * b, mp_int * c);
int mp_init (mp_int * a);
int mp_reduce_is_2k_l(mp_int *a);
int mp_reduce_is_2k(mp_int *a);
int mp_dr_is_modulus(mp_int *a);
@@ -298,14 +295,17 @@ int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
int mp_mul_d (mp_int * a, mp_digit b, mp_int * c);
int mp_2expt (mp_int * a, int b);
int mp_reduce_2k_setup(mp_int *a, mp_digit *d);
int mp_add_d (mp_int* a, mp_digit b, mp_int* c);
/* end support added functions */
/* added */
int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e,
mp_int* f);
#ifdef HAVE_ECC
#if defined(HAVE_ECC) || defined(CYASSL_KEY_GEN)
int mp_sqrmod(mp_int* a, mp_int* b, mp_int* c);
#endif
#ifdef HAVE_ECC
int mp_read_radix(mp_int* a, const char* str, int radix);
#endif
@@ -314,9 +314,11 @@ int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e,
int mp_set_int (mp_int * a, unsigned long b);
int mp_gcd (mp_int * a, mp_int * b, mp_int * c);
int mp_lcm (mp_int * a, mp_int * b, mp_int * c);
int mp_sub_d (mp_int * a, mp_digit b, mp_int * c);
#endif
#if defined(CYASSL_KEY_GEN) || defined(HAVE_ECC) || !defined(NO_PWDBASED)
int mp_sub_d (mp_int * a, mp_digit b, mp_int * c);
#endif
#ifdef __cplusplus
}

69
ctaocrypt/include/logging.h Normal file
View File

@@ -0,0 +1,69 @@
/* logging.h
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* submitted by eof */
#ifndef CYASSL_LOGGING_H
#define CYASSL_LOGGING_H
#ifdef __cplusplus
extern "C" {
#endif
enum CYA_Log_Levels {
ERROR_LOG = 0,
INFO_LOG,
ENTER_LOG,
LEAVE_LOG,
OTHER_LOG
};
typedef void (*CyaSSL_Logging_cb)(const int logLevel,
const char *const logMessage);
CYASSL_API int CyaSSL_SetLoggingCb(CyaSSL_Logging_cb log_function);
#ifdef DEBUG_CYASSL
void CYASSL_ENTER(const char* msg);
void CYASSL_LEAVE(const char* msg, int ret);
void CYASSL_ERROR(int);
void CYASSL_MSG(const char* msg);
#else /* DEBUG_CYASSL */
#define CYASSL_ENTER(m)
#define CYASSL_LEAVE(m, r)
#define CYASSL_ERROR(e)
#define CYASSL_MSG(m)
#endif /* DEBUG_CYASSL */
#ifdef __cplusplus
}
#endif
#endif /* CYASSL_MEMORY_H */

7
ctaocrypt/include/misc.h
View File

@@ -34,14 +34,21 @@
#ifdef NO_INLINE
CYASSL_LOCAL
word32 rotlFixed(word32, word32);
CYASSL_LOCAL
word32 rotrFixed(word32, word32);
CYASSL_LOCAL
word32 ByteReverseWord32(word32);
CYASSL_LOCAL
void ByteReverseWords(word32*, const word32*, word32);
CYASSL_LOCAL
void ByteReverseBytes(byte*, const byte*, word32);
CYASSL_LOCAL
void XorWords(word*, const word*, word32);
CYASSL_LOCAL
void xorbuf(byte*, const byte*, word32);
#endif /* NO_INLINE */

10
ctaocrypt/include/os_settings.h
View File

@@ -41,6 +41,11 @@
/* Uncomment next line if using Mbed */
/* #define MBED */
#if defined(USE_CYASSL_CONFIG) || defined(HAVE_CONFIG_H)
#include "config.h" /* may not want global HAVE_CONFIG_H */
#endif
#include "visibility.h"
#ifdef IPHONE
#define SIZEOF_LONG_LONG 8
@@ -257,6 +262,11 @@
#endif /* MICRIUM */
#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC)
#define USE_CYASSL_MEMORY
#endif
/* Place any other flags or defines here */

12
ctaocrypt/include/pwdbased.h
View File

@@ -34,9 +34,15 @@
#endif
int PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt,
int sLen, int iterations, int kLen, int hashType);
CYASSL_API int PBKDF1(byte* output, const byte* passwd, int pLen,
const byte* salt, int sLen, int iterations, int kLen,
int hashType);
CYASSL_API int PBKDF2(byte* output, const byte* passwd, int pLen,
const byte* salt, int sLen, int iterations, int kLen,
int hashType);
CYASSL_API int PKCS12_PBKDF(byte* output, const byte* passwd, int pLen,
const byte* salt, int sLen, int iterations,
int kLen, int hashType, int purpose);
#ifdef __cplusplus

4
ctaocrypt/include/rabbit.h
View File

@@ -47,8 +47,8 @@ typedef struct Rabbit {
} Rabbit;
void RabbitProcess(Rabbit*, byte*, const byte*, word32);
void RabbitSetKey(Rabbit*, const byte* key, const byte* iv);
CYASSL_API void RabbitProcess(Rabbit*, byte*, const byte*, word32);
CYASSL_API void RabbitSetKey(Rabbit*, const byte* key, const byte* iv);
#ifdef __cplusplus

7
ctaocrypt/include/random.h
View File

@@ -49,6 +49,7 @@ typedef struct OS_Seed {
#endif
} OS_Seed;
CYASSL_LOCAL
int GenerateSeed(OS_Seed* os, byte* seed, word32 sz);
@@ -59,9 +60,9 @@ typedef struct RNG {
} RNG;
int InitRng(RNG*);
void RNG_GenerateBlock(RNG*, byte*, word32 sz);
byte RNG_GenerateByte(RNG*);
CYASSL_API int InitRng(RNG*);
CYASSL_API void RNG_GenerateBlock(RNG*, byte*, word32 sz);
CYASSL_API byte RNG_GenerateByte(RNG*);
#ifdef __cplusplus

6
ctaocrypt/include/sha256.h
View File

@@ -55,9 +55,9 @@ typedef struct Sha256 {
} Sha256;
void InitSha256(Sha256*);
void Sha256Update(Sha256*, const byte*, word32);
void Sha256Final(Sha256*, byte*);
CYASSL_API void InitSha256(Sha256*);
CYASSL_API void Sha256Update(Sha256*, const byte*, word32);
CYASSL_API void Sha256Final(Sha256*, byte*);
#ifdef __cplusplus

6
ctaocrypt/include/sha512.h
View File

@@ -52,9 +52,9 @@ typedef struct Sha512 {
} Sha512;
void InitSha512(Sha512*);
void Sha512Update(Sha512*, const byte*, word32);
void Sha512Final(Sha512*, byte*);
CYASSL_API void InitSha512(Sha512*);
CYASSL_API void Sha512Update(Sha512*, const byte*, word32);
CYASSL_API void Sha512Final(Sha512*, byte*);
#ifdef __cplusplus

5
ctaocrypt/include/tfm.h
View File

@@ -402,7 +402,7 @@ int fp_mod(fp_int *a, fp_int *b, fp_int *c);
int fp_cmp_d(fp_int *a, fp_digit b);
/* c = a + b */
/*void fp_add_d(fp_int *a, fp_digit b, fp_int *c);*/
void fp_add_d(fp_int *a, fp_digit b, fp_int *c);
/* c = a - b */
/*void fp_sub_d(fp_int *a, fp_digit b, fp_int *c);*/
@@ -427,7 +427,7 @@ void fp_mul_d(fp_int *a, fp_digit b, fp_int *c);
int fp_mulmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
/* c = a * a (mod b) */
/*int fp_sqrmod(fp_int *a, fp_int *b, fp_int *c);*/
int fp_sqrmod(fp_int *a, fp_int *b, fp_int *c);
/* c = 1/a (mod b) */
int fp_invmod(fp_int *a, fp_int *b, fp_int *c);
@@ -620,6 +620,7 @@ int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e, mp_int*
int mp_add (mp_int * a, mp_int * b, mp_int * c);
int mp_sub (mp_int * a, mp_int * b, mp_int * c);
int mp_add_d (mp_int * a, mp_digit b, mp_int * c);
int mp_mul (mp_int * a, mp_int * b, mp_int * c);
int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);

17
ctaocrypt/include/types.h
View File

@@ -134,11 +134,11 @@ enum {
extern void *XREALLOC(void *p, size_t n, void* heap, int type);
extern void XFREE(void *p, void* heap, int type);
#elif !defined(MICRIUM_MALLOC)
/* defaults to C runtime if user doesn't override and not Micrium */
#include <stdlib.h>
#define XMALLOC(s, h, t) malloc((s))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));}
#define XREALLOC(p, n, h, t) realloc((p), (n))
/* default C runtime, can install different routines at runtime */
#include "cyassl_memory.h"
#define XMALLOC(s, h, t) CyaSSL_Malloc((s))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) CyaSSL_Free((xp));}
#define XREALLOC(p, n, h, t) CyaSSL_Realloc((p), (n))
#endif
#ifndef STRING_USER
@@ -170,7 +170,7 @@ enum {
DYNAMIC_TYPE_CERT = 2,
DYNAMIC_TYPE_KEY = 3,
DYNAMIC_TYPE_FILE = 4,
DYNAMIC_TYPE_ISSUER_CN = 5,
DYNAMIC_TYPE_SUBJECT_CN = 5,
DYNAMIC_TYPE_PUBLIC_KEY = 6,
DYNAMIC_TYPE_SIGNER = 7,
DYNAMIC_TYPE_NONE = 8,
@@ -188,6 +188,11 @@ enum {
DYNAMIC_TYPE_OPENSSL = 20
};
/* stack protection */
enum {
MIN_STACK_BUFFER = 8
};
#ifdef __cplusplus
} /* extern "C" */

67
ctaocrypt/include/visibility.h Normal file
View File

@@ -0,0 +1,67 @@
/* visibility.h
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* Visibility control macros */
#ifndef CTAO_CRYPT_VISIBILITY_H
#define CTAO_CRYPT_VISIBILITY_H
/* CYASSL_API is used for the public API symbols.
It either imports or exports (or does nothing for static builds)
CYASSL_LOCAL is used for non-API symbols (private).
*/
#if defined(BUILDING_CYASSL)
#if defined(HAVE_VISIBILITY) && HAVE_VISIBILITY
#define CYASSL_API __attribute__ ((visibility("default")))
#define CYASSL_LOCAL __attribute__ ((visibility("hidden")))
#elif defined(__SUNPRO_C) && (__SUNPRO_C >= 0x550)
#define CYASSL_API __global
#define CYASSL_LOCAL __hidden
#elif defined(_MSC_VER)
#ifdef CYASSL_DLL
#define CYASSL_API extern __declspec(dllexport)
#else
#define CYASSL_API
#endif
#define CYASSL_LOCAL
#else
#define CYASSL_API
#define CYASSL_LOCAL
#endif /* HAVE_VISIBILITY */
#else /* BUILDING_CYASSL */
#if defined(_MSC_VER)
#ifdef CYASSL_DLL
#define CYASSL_API extern __declspec(dllimport)
#else
#define CYASSL_API
#endif
#define CYASSL_LOCAL
#else
#define CYASSL_API
#define CYASSL_LOCAL
#endif
#endif /* BUILDING_CYASSL */
#endif /* CTAO_CRYPT_VISIBILITY_H */

2
ctaocrypt/src/Makefile.am
View File

@@ -1,2 +0,0 @@
EXTRA_DIST = ../include/*.h *.c *.i

26
ctaocrypt/src/aes.c
View File

@@ -22,6 +22,8 @@
#ifndef NO_AES
#include "ctc_aes.h"
#include "error.h"
#include "logging.h"
#ifdef NO_INLINE
#include "misc.h"
#else
@@ -754,7 +756,7 @@ int AES_set_encrypt_key (const unsigned char *userKey, const int bits,
Aes* aes)
{
if (!userKey || !aes)
return -1;
return BAD_FUNC_ARG;
if (bits == 128) {
AES_128_Key_Expansion (userKey,(byte*)aes->key); aes->rounds = 10;
@@ -768,7 +770,7 @@ int AES_set_encrypt_key (const unsigned char *userKey, const int bits,
AES_256_Key_Expansion (userKey,(byte*)aes->key); aes->rounds = 14;
return 0;
}
return -1;
return BAD_FUNC_ARG;
}
@@ -781,10 +783,10 @@ int AES_set_decrypt_key (const unsigned char* userKey, const int bits,
__m128i *Temp_Key_Schedule = (__m128i*)temp_key.key;
if (!userKey || !aes)
return -1;
return BAD_FUNC_ARG;
if (AES_set_encrypt_key(userKey,bits,&temp_key) == -1)
return -1;
if (AES_set_encrypt_key(userKey,bits,&temp_key) == BAD_FUNC_ARG)
return BAD_FUNC_ARG;
nr = temp_key.rounds;
aes->rounds = nr;
@@ -827,7 +829,7 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
unsigned int i = 0;
if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
return -1;
return BAD_FUNC_ARG;
#ifdef CYASSL_AESNI
if (checkAESNI == 0) {
@@ -966,15 +968,17 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
}
void AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock)
static void AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock)
{
word32 s0, s1, s2, s3;
word32 t0, t1, t2, t3;
word32 r = aes->rounds >> 1;
const word32* rk = aes->key;
if (r > 7)
if (r > 7) {
CYASSL_MSG("AesEncrypt encountered improper key, set it up");
return; /* stop instead of segfaulting, set up your keys! */
}
/*
* map byte array block to cipher state
* and add initial round key:
@@ -1102,15 +1106,17 @@ void AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock)
}
void AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
static void AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
{
word32 s0, s1, s2, s3;
word32 t0, t1, t2, t3;
word32 r = aes->rounds >> 1;
const word32* rk = aes->key;
if (r > 7)
if (r > 7) {
CYASSL_MSG("AesDecrypt encountered improper key, set it up");
return; /* stop instead of segfaulting, set up your keys! */
}
/*
* map byte array block to cipher state
* and add initial round key:

568
ctaocrypt/src/asn.c
View File

@@ -29,6 +29,10 @@
#include "ctc_sha.h"
#include "ctc_md5.h"
#include "error.h"
#include "pwdbased.h"
#include "des3.h"
#include "sha256.h"
#include "logging.h"
#ifdef HAVE_NTRU
#include "crypto_ntru.h"
@@ -67,7 +71,7 @@ enum {
#define NO_TIME_H
/* since Micrium not defining XTIME or XGMTIME, CERT_GEN not available */
#elif defined(USER_TIME)
/* no <time.h> strucutres used */
/* no <time.h> structures used */
#define NO_TIME_H
/* user time, and gmtime compatible functions, there is a gmtime
implementation here that WINCE uses, so really just need some ticks
@@ -268,7 +272,7 @@ CPU_INT32S NetSecure_ValidateDateHandler(CPU_INT08U *date, CPU_INT08U format,
#endif /* MICRIUM */
int GetLength(const byte* input, word32* inOutIdx, int* len)
static int GetLength(const byte* input, word32* inOutIdx, int* len)
{
int length = 0;
word32 i = *inOutIdx;
@@ -292,7 +296,7 @@ int GetLength(const byte* input, word32* inOutIdx, int* len)
}
int GetSequence(const byte* input, word32* inOutIdx, int* len)
static int GetSequence(const byte* input, word32* inOutIdx, int* len)
{
int length = -1;
word32 idx = *inOutIdx;
@@ -308,7 +312,7 @@ int GetSequence(const byte* input, word32* inOutIdx, int* len)
}
int GetSet(const byte* input, word32* inOutIdx, int* len)
static int GetSet(const byte* input, word32* inOutIdx, int* len)
{
int length = -1;
word32 idx = *inOutIdx;
@@ -325,7 +329,7 @@ int GetSet(const byte* input, word32* inOutIdx, int* len)
/* winodws header clash for WinCE using GetVersion */
int GetMyVersion(const byte* input, word32* inOutIdx, int* version)
static int GetMyVersion(const byte* input, word32* inOutIdx, int* version)
{
word32 idx = *inOutIdx;
@@ -342,8 +346,33 @@ int GetMyVersion(const byte* input, word32* inOutIdx, int* version)
}
/* Get small count integer, 32 bits or less */
static int GetShortInt(const byte* input, word32* inOutIdx, int* number)
{
word32 idx = *inOutIdx;
word32 len;
*number = 0;
if (input[idx++] != ASN_INTEGER)
return ASN_PARSE_E;
len = input[idx++];
if (len > 4)
return ASN_PARSE_E;
while (len--) {
*number = *number << 8 | input[idx++];
}
*inOutIdx = idx;
return *number;
}
/* May not have one, not an error */
int GetExplicitVersion(const byte* input, word32* inOutIdx, int* version)
static int GetExplicitVersion(const byte* input, word32* inOutIdx, int* version)
{
word32 idx = *inOutIdx;
@@ -359,7 +388,7 @@ int GetExplicitVersion(const byte* input, word32* inOutIdx, int* version)
}
int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx )
static int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx )
{
word32 i = *inOutIdx;
byte b = input[i++];
@@ -489,6 +518,289 @@ int ToTraditional(byte* input, word32 sz)
}
#ifndef NO_PWDBASED
/* Check To see if PKCS version algo is supported, set id if it is return 0
< 0 on error */
static int CheckAlgo(int first, int second, int* id, int* version)
{
*id = ALGO_ID_E;
*version = PKCS5; /* default */
if (first == 1) {
switch (second) {
case 1:
*id = PBE_SHA1_RC4_128;
*version = PKCS12;
return 0;
case 3:
*id = PBE_SHA1_DES3;
*version = PKCS12;
return 0;
default:
return ALGO_ID_E;
}
}
if (first != PKCS5)
return ASN_INPUT_E; /* VERSION ERROR */
if (second == PBES2) {
*version = PKCS5v2;
return 0;
}
switch (second) {
case 3: /* see RFC 2898 for ids */
*id = PBE_MD5_DES;
return 0;
case 10:
*id = PBE_SHA1_DES;
return 0;
default:
return ALGO_ID_E;
}
}
/* Check To see if PKCS v2 algo is supported, set id if it is return 0
< 0 on error */
static int CheckAlgoV2(int oid, int* id)
{
switch (oid) {
case 69:
*id = PBE_SHA1_DES;
return 0;
case 652:
*id = PBE_SHA1_DES3;
return 0;
default:
return ALGO_ID_E;
}
}
/* Decrypt intput in place from parameters based on id */
static int DecryptKey(const char* password, int passwordSz, byte* salt,
int saltSz, int iterations, int id, byte* input,
int length, int version, byte* cbcIv)
{
byte key[MAX_KEY_SIZE];
int hashType;
int derivedLen;
int decryptionType;
int ret = 0;
switch (id) {
case PBE_MD5_DES:
hashType = MD5;
derivedLen = 16; /* may need iv for v1.5 */
decryptionType = DES_TYPE;
break;
case PBE_SHA1_DES:
hashType = SHA;
derivedLen = 16; /* may need iv for v1.5 */
decryptionType = DES_TYPE;
break;
case PBE_SHA1_DES3:
hashType = SHA;
derivedLen = 32; /* may need iv for v1.5 */
decryptionType = DES3_TYPE;
break;
case PBE_SHA1_RC4_128:
hashType = SHA;
derivedLen = 16;
decryptionType = RC4_TYPE;
break;
default:
return ALGO_ID_E;
}
if (version == PKCS5v2)
ret = PBKDF2(key, (byte*)password, passwordSz, salt, saltSz, iterations,
derivedLen, hashType);
else if (version == PKCS5)
ret = PBKDF1(key, (byte*)password, passwordSz, salt, saltSz, iterations,
derivedLen, hashType);
else if (version == PKCS12) {
int i, idx = 0;
byte unicodePasswd[MAX_UNICODE_SZ];
if ( (passwordSz * 2 + 2) > (int)sizeof(unicodePasswd))
return UNICODE_SIZE_E;
for (i = 0; i < passwordSz; i++) {
unicodePasswd[idx++] = 0x00;
unicodePasswd[idx++] = (byte)password[i];
}
/* add trailing NULL */
unicodePasswd[idx++] = 0x00;
unicodePasswd[idx++] = 0x00;
ret = PKCS12_PBKDF(key, unicodePasswd, idx, salt, saltSz,
iterations, derivedLen, hashType, 1);
if (decryptionType != RC4_TYPE)
ret += PKCS12_PBKDF(cbcIv, unicodePasswd, idx, salt, saltSz,
iterations, 8, hashType, 2);
}
if (ret != 0)
return ret;
switch (decryptionType) {
#ifndef NO_DES3
case DES_TYPE:
{
Des dec;
byte* desIv = key + 8;
if (version == PKCS5v2 || version == PKCS12)
desIv = cbcIv;
Des_SetKey(&dec, key, desIv, DES_DECRYPTION);
Des_CbcDecrypt(&dec, input, input, length);
break;
}
case DES3_TYPE:
{
Des3 dec;
byte* desIv = key + 24;
if (version == PKCS5v2 || version == PKCS12)
desIv = cbcIv;
Des3_SetKey(&dec, key, desIv, DES_DECRYPTION);
Des3_CbcDecrypt(&dec, input, input, length);
break;
}
#endif
case RC4_TYPE:
{
Arc4 dec;
Arc4SetKey(&dec, key, derivedLen);
Arc4Process(&dec, input, input, length);
break;
}
default:
return ALGO_ID_E;
}
return 0;
}
/* Remove Encrypted PKCS8 header, move beginning of traditional to beginning
of input */
int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz)
{
word32 inOutIdx = 0, oid;
int first, second, length, iterations, saltSz, id;
int version;
byte salt[MAX_SALT_SIZE];
byte cbcIv[MAX_IV_SIZE];
if (GetSequence(input, &inOutIdx, &length) < 0)
return ASN_PARSE_E;
if ((word32)length > (sz - inOutIdx))
return ASN_INPUT_E;
if (GetAlgoId(input, &inOutIdx, &oid) < 0)
return ASN_PARSE_E;
first = input[inOutIdx - 2]; /* PKCS version alwyas 2nd to last byte */
second = input[inOutIdx - 1]; /* version.algo, algo id last byte */
if (CheckAlgo(first, second, &id, &version) < 0)
return ASN_INPUT_E; /* Algo ID error */
if (version == PKCS5v2) {
if (GetSequence(input, &inOutIdx, &length) < 0)
return ASN_PARSE_E;
if ((word32)length > (sz - inOutIdx))
return ASN_INPUT_E;
if (GetAlgoId(input, &inOutIdx, &oid) < 0)
return ASN_PARSE_E;
if (oid != PBKDF2_OID)
return ASN_PARSE_E;
}
if (GetSequence(input, &inOutIdx, &length) < 0)
return ASN_PARSE_E;
if ((word32)length > (sz - inOutIdx))
return ASN_INPUT_E;
if (input[inOutIdx++] != ASN_OCTET_STRING)
return ASN_PARSE_E;
if (GetLength(input, &inOutIdx, &saltSz) < 0)
return ASN_PARSE_E;
if (saltSz > MAX_SALT_SIZE)
return ASN_PARSE_E;
if ((word32)length > (sz - inOutIdx))
return ASN_INPUT_E;
XMEMCPY(salt, &input[inOutIdx], saltSz);
inOutIdx += saltSz;
if (GetShortInt(input, &inOutIdx, &iterations) < 0)
return ASN_PARSE_E;
if (version == PKCS5v2) {
/* get encryption algo */
if (GetAlgoId(input, &inOutIdx, &oid) < 0)
return ASN_PARSE_E;
if (CheckAlgoV2(oid, &id) < 0)
return ASN_PARSE_E; /* PKCS v2 algo id error */
if (input[inOutIdx++] != ASN_OCTET_STRING)
return ASN_PARSE_E;
if (GetLength(input, &inOutIdx, &length) < 0)
return ASN_PARSE_E;
if ((word32)length > (sz - inOutIdx))
return ASN_INPUT_E;
XMEMCPY(cbcIv, &input[inOutIdx], length);
inOutIdx += length;
}
if (input[inOutIdx++] != ASN_OCTET_STRING)
return ASN_PARSE_E;
if (GetLength(input, &inOutIdx, &length) < 0)
return ASN_PARSE_E;
if ((word32)length > (sz - inOutIdx))
return ASN_INPUT_E;
if (DecryptKey(password, passwordSz, salt, saltSz, iterations, id,
input + inOutIdx, length, version, cbcIv) < 0)
return ASN_INPUT_E; /* decrypt failure */
XMEMMOVE(input, input + inOutIdx, length);
return ToTraditional(input, length);
}
#endif /* NO_PWDBASED */
int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
word32 inSz)
{
@@ -668,6 +980,8 @@ void InitDecodedCert(DecodedCert* cert, byte* source, void* heap)
cert->source = source; /* don't own */
cert->srcIdx = 0;
cert->heap = heap;
XMEMSET(cert->serial, 0, EXTERNAL_SERIAL_SIZE);
cert->serialSz = 0;
#ifdef CYASSL_CERT_GEN
cert->subjectSN = 0;
cert->subjectSNLen = 0;
@@ -700,6 +1014,7 @@ static int GetCertHeader(DecodedCert* cert, word32 inSz)
{
int ret = 0, version, len;
word32 begin = cert->srcIdx;
byte serialTmp[EXTERNAL_SERIAL_SIZE];
mp_int mpi;
if (GetSequence(cert->source, &cert->srcIdx, &len) < 0)
@@ -716,8 +1031,17 @@ static int GetCertHeader(DecodedCert* cert, word32 inSz)
return ASN_PARSE_E;
if (GetInt(&mpi, cert->source, &cert->srcIdx) < 0)
ret = ASN_PARSE_E;
return ASN_PARSE_E;
len = mp_unsigned_bin_size(&mpi);
if (len < (int)sizeof(serialTmp)) {
if (mp_to_unsigned_bin(&mpi, serialTmp) == MP_OKAY) {
if (len > EXTERNAL_SERIAL_SIZE)
len = EXTERNAL_SERIAL_SIZE;
XMEMCPY(cert->serial, serialTmp, len);
cert->serialSz = len;
}
}
mp_clear(&mpi);
return ret;
}
@@ -753,7 +1077,7 @@ static int StoreRsaKey(DecodedCert* cert)
{
if (oid != ECC_256R1 && oid != ECC_384R1 && oid != ECC_521R1 && oid !=
ECC_160R1 && oid != ECC_192R1 && oid != ECC_224R1)
return -1;
return ALGO_ID_E;
return 0;
}
@@ -816,7 +1140,7 @@ static int GetKey(DecodedCert* cert)
DYNAMIC_TYPE_PUBLIC_KEY);
if (cert->publicKey == NULL)
return MEMORY_E;
memcpy(cert->publicKey, keyBlob, keyLen);
XMEMCPY(cert->publicKey, keyBlob, keyLen);
cert->pubKeyStored = 1;
cert->pubKeySize = keyLen;
}
@@ -854,7 +1178,7 @@ static int GetKey(DecodedCert* cert)
DYNAMIC_TYPE_PUBLIC_KEY);
if (cert->publicKey == NULL)
return MEMORY_E;
memcpy(cert->publicKey, &cert->source[cert->srcIdx], length - 1);
XMEMCPY(cert->publicKey, &cert->source[cert->srcIdx], length - 1);
cert->pubKeyStored = 1;
cert->pubKeySize = length - 1;
@@ -1013,11 +1337,15 @@ static int GetName(DecodedCert* cert, int nameType)
else {
/* skip */
byte email = FALSE;
byte uid = FALSE;
int adv;
if (joint[0] == 0x2a && joint[1] == 0x86) /* email id hdr */
email = TRUE;
if (joint[0] == 0x9 && joint[1] == 0x92) /* uid id hdr */
uid = TRUE;
cert->srcIdx += oidSz + 1;
if (GetLength(cert->source, &cert->srcIdx, &adv) < 0)
@@ -1043,6 +1371,16 @@ static int GetName(DecodedCert* cert, int nameType)
idx += adv;
}
if (uid) {
if (5 > (ASN_NAME_MAX - idx))
return ASN_PARSE_E;
XMEMCPY(&full[idx], "/UID=", 5);
idx += 5;
XMEMCPY(&full[idx], &cert->source[cert->srcIdx], adv);
idx += adv;
}
cert->srcIdx += adv;
}
}
@@ -1126,8 +1464,10 @@ static int ValidateDate(const byte* date, byte format, int dateType)
GetTime(&certTime.tm_min, date, &i);
GetTime(&certTime.tm_sec, date, &i);
if (date[i] != 'Z') /* only Zulu supported for this profile */
if (date[i] != 'Z') { /* only Zulu supported for this profile */
CYASSL_MSG("Only Zulu time supported for this profile");
return 0;
}
localTime = XGMTIME(&ltime);
@@ -1302,12 +1642,14 @@ static word32 SetAlgoID(int algoOID, byte* output, int type)
/* adding TAG_NULL and 0 to end */
/* hashTypes */
static const byte shaAlgoID[] = { 0x2b, 0x0e, 0x03, 0x02, 0x1a,
0x05, 0x00 };
static const byte md5AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
0x02, 0x05, 0x05, 0x00 };
static const byte md2AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
0x02, 0x02, 0x05, 0x00};
static const byte shaAlgoID[] = { 0x2b, 0x0e, 0x03, 0x02, 0x1a,
0x05, 0x00 };
static const byte sha256AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
0x04, 0x02, 0x01, 0x05, 0x00 };
static const byte md5AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
0x02, 0x05, 0x05, 0x00 };
static const byte md2AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
0x02, 0x02, 0x05, 0x00};
/* sigTypes */
static const byte md5wRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
@@ -1330,6 +1672,11 @@ static word32 SetAlgoID(int algoOID, byte* output, int type)
algoName = shaAlgoID;
break;
case SHA256h:
algoSz = sizeof(sha256AlgoID);
algoName = sha256AlgoID;
break;
case MD2h:
algoSz = sizeof(md2AlgoID);
algoName = md2AlgoID;
@@ -1341,6 +1688,7 @@ static word32 SetAlgoID(int algoOID, byte* output, int type)
break;
default:
CYASSL_MSG("Unknown Hash Algo");
return 0; /* UNKOWN_HASH_E; */
}
}
@@ -1352,7 +1700,8 @@ static word32 SetAlgoID(int algoOID, byte* output, int type)
break;
default:
return 0; /* UNKOWN_HASH_E; */
CYASSL_MSG("Unknown Signature Algo");
return 0;
}
}
else if (type == keyType) { /* keyType */
@@ -1363,12 +1712,14 @@ static word32 SetAlgoID(int algoOID, byte* output, int type)
break;
default:
return 0; /* UNKOWN_HASH_E; */
CYASSL_MSG("Unknown Key Algo");
return 0;
}
}
else
return 0; /* UNKNOWN_TYPE */
else {
CYASSL_MSG("Unknown Algo type");
return 0;
}
idSz = SetLength(algoSz - 2, ID_Length); /* don't include TAG_NULL/0 */
seqSz = SetSequence(idSz + algoSz + 1, seqArray);
@@ -1406,7 +1757,11 @@ word32 EncodeSignature(byte* out, const byte* digest, word32 digSz, int hashOID)
static int ConfirmSignature(DecodedCert* cert, const byte* key, word32 keySz,
word32 keyOID)
{
byte digest[SHA_DIGEST_SIZE]; /* max size */
#ifndef NO_SHA256
byte digest[SHA256_DIGEST_SIZE]; /* max size */
#else
byte digest[SHA_DIGEST_SIZE]; /* max size */
#endif
int hashType, digestSz, ret;
if (cert->signatureOID == MD5wRSA) {
@@ -1428,8 +1783,22 @@ static int ConfirmSignature(DecodedCert* cert, const byte* key, word32 keySz,
hashType = SHAh;
digestSz = SHA_DIGEST_SIZE;
}
else
return 0; /* ASN_SIG_HASH_E; */
#ifndef NO_SHA256
else if (cert->signatureOID == SHA256wRSA ||
cert->signatureOID == SHA256wECDSA) {
Sha256 sha256;
InitSha256(&sha256);
Sha256Update(&sha256, cert->source + cert->certBegin,
cert->sigIndex - cert->certBegin);
Sha256Final(&sha256, digest);
hashType = SHA256h;
digestSz = SHA256_DIGEST_SIZE;
}
#endif
else {
CYASSL_MSG("Verify Signautre has unsupported type");
return 0;
}
if (keyOID == RSAk) {
RsaKey pubKey;
@@ -1439,25 +1808,52 @@ static int ConfirmSignature(DecodedCert* cert, const byte* key, word32 keySz,
int sigSz, verifySz;
byte* out;
if (cert->sigLength > MAX_ENCODED_SIG_SZ)
return 0; /* the key is too big */
if (cert->sigLength > MAX_ENCODED_SIG_SZ) {
CYASSL_MSG("Verify Signautre is too big");
return 0;
}
InitRsaKey(&pubKey, cert->heap);
if (RsaPublicKeyDecode(key, &idx, &pubKey, keySz) < 0)
ret = 0; /* ASN_KEY_DECODE_E; */
if (RsaPublicKeyDecode(key, &idx, &pubKey, keySz) < 0) {
CYASSL_MSG("ASN Key decode error RSA");
ret = 0;
}
else {
XMEMCPY(plain, cert->signature, cert->sigLength);
if ( (verifySz = RsaSSL_VerifyInline(plain, cert->sigLength, &out,
&pubKey)) < 0)
ret = 0; /* ASN_VERIFY_E; */
&pubKey)) < 0) {
CYASSL_MSG("Rsa SSL verify error");
ret = 0;
}
else {
/* make sure we're right justified */
sigSz = EncodeSignature(encodedSig, digest, digestSz, hashType);
if (sigSz != verifySz || XMEMCMP(out, encodedSig, sigSz) != 0)
ret = 0; /* ASN_VERIFY_MATCH_E; */
if (sigSz != verifySz || XMEMCMP(out, encodedSig, sigSz) != 0){
CYASSL_MSG("Rsa SSL verify match encode error");
ret = 0;
}
else
ret = 1; /* match */
#ifdef CYASSL_DEBUG_ENCODING
{
int x;
printf("cyassl encodedSig:\n");
for (x = 0; x < sigSz; x++) {
printf("%02x ", encodedSig[x]);
if ( (x % 16) == 15)
printf("\n");
}
printf("\n");
printf("actual digest:\n");
for (x = 0; x < verifySz; x++) {
printf("%02x ", out[x]);
if ( (x % 16) == 15)
printf("\n");
}
printf("\n");
}
#endif /* CYASSL_DEBUG_ENCODING */
}
}
FreeRsaKey(&pubKey);
@@ -1468,8 +1864,10 @@ static int ConfirmSignature(DecodedCert* cert, const byte* key, word32 keySz,
ecc_key pubKey;
int verify = 0;
if (ecc_import_x963(key, keySz, &pubKey) < 0)
return 0; /* ASN_KEY_DECODE_E */
if (ecc_import_x963(key, keySz, &pubKey) < 0) {
CYASSL_MSG("ASN Key import error ECC");
return 0;
}
ret = ecc_verify_hash(cert->signature, cert->sigLength, digest,
digestSz, &verify, &pubKey);
@@ -1477,11 +1875,14 @@ static int ConfirmSignature(DecodedCert* cert, const byte* key, word32 keySz,
if (ret == 0 && verify == 1)
return 1; /* match */
return 0; /* ASN_VERIFY_E */
CYASSL_MSG("ECC Verify didn't match");
return 0;
}
#endif /* HAVE_ECC */
else
return 0; /* ASN_SIG_KEY_E; */
else {
CYASSL_MSG("Verify Key type unknown");
return 0;
}
}
@@ -1520,13 +1921,16 @@ int ParseCert(DecodedCert* cert, word32 inSz, int type, int verify,
}
/* from SSL proper, for locking can't do find here anymore */
CYASSL_LOCAL Signer* GetCA(Signer* signers, byte* hash);
int ParseCertRelative(DecodedCert* cert, word32 inSz, int type, int verify,
Signer* signers)
{
word32 confirmOID;
int ret;
int badDate = 0;
int confirm = 0;
if ((ret = DecodeToKey(cert, inSz, verify)) < 0) {
if (ret == ASN_BEFORE_DATE_E || ret == ASN_AFTER_DATE_E)
@@ -1548,23 +1952,24 @@ int ParseCertRelative(DecodedCert* cert, word32 inSz, int type, int verify,
return ASN_SIG_OID_E;
if (verify && type != CA_TYPE) {
while (signers) {
if (XMEMCMP(cert->issuerHash, signers->hash, SHA_DIGEST_SIZE)
== 0) {
/* other confirm */
if (!ConfirmSignature(cert, signers->publicKey,
signers->pubKeySize, signers->keyOID))
return ASN_SIG_CONFIRM_E;
else {
confirm = 1;
break;
}
Signer* ca = GetCA(signers, cert->issuerHash);
CYASSL_MSG("About to verify certificate signature");
if (ca) {
/* try to confirm/verify signature */
if (!ConfirmSignature(cert, ca->publicKey,
ca->pubKeySize, ca->keyOID)) {
CYASSL_MSG("Confirm signature failed");
return ASN_SIG_CONFIRM_E;
}
signers = signers->next;
}
if (!confirm)
else {
/* no signer */
CYASSL_MSG("No CA signer to verify with");
return ASN_SIG_CONFIRM_E;
}
}
if (badDate != 0)
return badDate;
@@ -1581,6 +1986,7 @@ Signer* MakeSigner(void* heap)
signer->publicKey = 0;
signer->next = 0;
}
(void)heap;
return signer;
}
@@ -1596,6 +2002,7 @@ void FreeSigners(Signer* signer, void* heap)
XFREE(signer->publicKey, heap, DYNAMIC_TYPE_PUBLIC_KEY);
XFREE(signer, heap, DYNAMIC_TYPE_SIGNER);
}
(void)heap;
}
@@ -1675,6 +2082,10 @@ void CTaoCryptErrorString(int error, char* buffer)
XSTRNCPY(buffer, "mp_cmp error state", max);
break;
case MP_ZERO_E :
XSTRNCPY(buffer, "mp zero result, not expected", max);
break;
case MEMORY_E :
XSTRNCPY(buffer, "out of memory error", max);
break;
@@ -1689,7 +2100,7 @@ void CTaoCryptErrorString(int error, char* buffer)
break;
case BUFFER_E :
XSTRNCPY(buffer, "Buffer error, output too small or input too big", max);
XSTRNCPY(buffer, "Buffer error, output too small or input too big",max);
break;
case ALGO_ID_E :
@@ -1804,6 +2215,22 @@ void CTaoCryptErrorString(int error, char* buffer)
XSTRNCPY(buffer, "ECC curve sum OID unsupported, invalid input", max);
break;
case BAD_FUNC_ARG :
XSTRNCPY(buffer, "Bad function argument", max);
break;
case NOT_COMPILED_IN :
XSTRNCPY(buffer, "Feature not compiled in", max);
break;
case UNICODE_SIZE_E :
XSTRNCPY(buffer, "Unicode password too big", max);
break;
case NO_PASSWORD :
XSTRNCPY(buffer, "No password provided by user", max);
break;
default:
XSTRNCPY(buffer, "unknown error number", max);
@@ -1841,6 +2268,7 @@ int DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
int headerLen;
int footerLen;
int i;
int err;
int outLen; /* return length or error */
if (type == CERT_TYPE) {
@@ -1855,11 +2283,11 @@ int DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
footerLen = XSTRLEN(footer);
if (!der || !output)
return -1;
return BAD_FUNC_ARG;
/* don't even try if outSz too short */
if (outSz < headerLen + footerLen + derSz)
return -1;
return BAD_FUNC_ARG;
/* header */
XMEMCPY(output, header, headerLen);
@@ -1867,13 +2295,13 @@ int DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
/* body */
outLen = outSz; /* input to Base64Encode */
if (Base64Encode(der, derSz, output + i, (word32*)&outLen) < 0)
return -1;
if ( (err = Base64Encode(der, derSz, output + i, (word32*)&outLen)) < 0)
return err;
i += outLen;
/* footer */
if ( (i + footerLen) > (int)outSz)
return -1;
return BAD_FUNC_ARG;
XMEMCPY(output + i, footer, footerLen);
return outLen + headerLen + footerLen;
@@ -1922,10 +2350,10 @@ int RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
byte tmps[RSA_INTS][MAX_RSA_INT_SZ];
if (!key || !output)
return -1;
return BAD_FUNC_ARG;
if (key->type != RSA_PRIVATE)
return -1;
return BAD_FUNC_ARG;
/* write all big ints from key to DER tmps */
for (i = 0; i < RSA_INTS; i++) {
@@ -1945,7 +2373,7 @@ int RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
return err;
}
else
return -1;
return ASN_INPUT_E;
}
/* make headers */
@@ -1954,7 +2382,7 @@ int RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
outLen = seqSz + verSz + intTotalLen;
if (outLen > (int)inLen)
return -1;
return BAD_FUNC_ARG;
/* write to output */
XMEMCPY(output, seq, seqSz);
@@ -2078,7 +2506,7 @@ static int SetPublicKey(byte* output, RsaKey* key)
n[0] = ASN_INTEGER;
nSz = SetLength(rawLen, n + 1) + 1; /* int tag */
if ( (nSz + rawLen) < sizeof(n)) {
if ( (nSz + rawLen) < (int)sizeof(n)) {
int err = mp_to_unsigned_bin(&key->n, n + nSz);
if (err == MP_OKAY)
nSz += rawLen;
@@ -2093,7 +2521,7 @@ static int SetPublicKey(byte* output, RsaKey* key)
e[0] = ASN_INTEGER;
eSz = SetLength(rawLen, e + 1) + 1; /* int tag */
if ( (eSz + rawLen) < sizeof(e)) {
if ( (eSz + rawLen) < (int)sizeof(e)) {
int err = mp_to_unsigned_bin(&key->e, e + eSz);
if (err == MP_OKAY)
eSz += rawLen;
@@ -2165,7 +2593,7 @@ static void SetTime(struct tm* date, byte* output)
output[i++] = itob(date->tm_sec / 10);
output[i++] = itob(date->tm_sec % 10);
output[i] = 'Z'; /* Zulu profiel */
output[i] = 'Z'; /* Zulu profile */
}
@@ -2352,7 +2780,7 @@ static int SetName(byte* output, CertName* name)
setSz = SetSet(thisLen, set);
thisLen += setSz;
if (thisLen > sizeof(names[i].encoded))
if (thisLen > (int)sizeof(names[i].encoded))
return BUFFER_E;
/* store it */
@@ -2419,6 +2847,8 @@ static int SetName(byte* output, CertName* name)
static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, RNG* rng,
const byte* ntruKey, word16 ntruSz)
{
(void)ntruKey;
(void)ntruSz;
/* version */
der->versionSz = SetMyVersion(cert->version, der->version, TRUE);
@@ -2728,7 +3158,7 @@ int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, mp_int* s)
int err;
if (*outLen < (rLen + sLen + headerSz + 2)) /* SEQ_TAG + LEN(ENUM) */
return -1;
return BAD_FUNC_ARG;
idx = SetSequence(rLen + sLen + headerSz, out);

24
ctaocrypt/src/coding.c
View File

@@ -21,6 +21,8 @@
#include "coding.h"
#include "error.h"
#include "logging.h"
enum {
@@ -51,7 +53,7 @@ int Base64Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
word32 plainSz = inLen - ((inLen + (PEM_LINE_SZ - 1)) / PEM_LINE_SZ );
plainSz = (plainSz * 3 + 3) / 4;
if (plainSz > *outLen) return -1;
if (plainSz > *outLen) return BAD_FUNC_ARG;
while (inLen > 3) {
byte b1, b2, b3;
@@ -99,8 +101,10 @@ int Base64Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
endLine = in[j++];
inLen--;
}
if (endLine != '\n')
return -1;
if (endLine != '\n') {
CYASSL_MSG("Bad end of line in Base64 Decode");
return ASN_INPUT_E;
}
}
}
*outLen = i;
@@ -133,7 +137,7 @@ int Base64Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
word32 outSz = (inLen + 3 - 1) / 3 * 4;
outSz += (outSz + PEM_LINE_SZ - 1) / PEM_LINE_SZ; /* new lines */
if (outSz > *outLen) return -1;
if (outSz > *outLen) return BAD_FUNC_ARG;
while (inLen > 2) {
byte b1 = in[j++];
@@ -177,7 +181,7 @@ int Base64Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
out[i++] = '\n';
if (i != outSz)
return -1;
return ASN_INPUT_E;
*outLen = outSz;
return 0;
@@ -196,10 +200,10 @@ int Base16Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
word32 outIdx = 0;
if (inLen % 2)
return -1;
return BAD_FUNC_ARG;
if (*outLen < (inLen / 2))
return -1;
return BAD_FUNC_ARG;
while (inLen) {
byte b = in[inIdx++] - 0x30; /* 0 starts at 0x30 */
@@ -207,15 +211,15 @@ int Base16Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
/* sanity checks */
if (b >= sizeof(hexDecode)/sizeof(hexDecode[0]))
return -1;
return ASN_INPUT_E;
if (b2 >= sizeof(hexDecode)/sizeof(hexDecode[0]))
return -1;
return ASN_INPUT_E;
b = hexDecode[b];
b2 = hexDecode[b2];
if (b == BAD || b2 == BAD)
return -1;
return ASN_INPUT_E;
out[outIdx++] = (b << 4) | b2;
inLen -= 2;

95
ctaocrypt/src/cyassl_memory.c Normal file
View File

@@ -0,0 +1,95 @@
/* cyassl_memory.c
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* submitted by eof */
#include "os_settings.h"
#ifdef USE_CYASSL_MEMORY
#include "cyassl_memory.h"
#include "error.h"
/* Set these to default values initially. */
static CyaSSL_Malloc_cb malloc_function = 0;
static CyaSSL_Free_cb free_function = 0;
static CyaSSL_Realloc_cb realloc_function = 0;
int CyaSSL_SetAllocators(CyaSSL_Malloc_cb mf,
CyaSSL_Free_cb ff,
CyaSSL_Realloc_cb rf)
{
int res = 0;
if (mf)
malloc_function = mf;
else
res = BAD_FUNC_ARG;
if (ff)
free_function = ff;
else
res = BAD_FUNC_ARG;
if (rf)
realloc_function = rf;
else
res = BAD_FUNC_ARG;
return res;
}
void* CyaSSL_Malloc(size_t size)
{
void* res = 0;
if (malloc_function)
res = malloc_function(size);
else
res = malloc(size);
return res;
}
void CyaSSL_Free(void *ptr)
{
if (free_function)
free_function(ptr);
else
free(ptr);
}
void* CyaSSL_Realloc(void *ptr, size_t size)
{
void* res = 0;
if (realloc_function)
res = realloc_function(ptr, size);
else
res = realloc(ptr, size);
return res;
}
#endif /* USE_CYASSL_MEMORY */

2
ctaocrypt/src/des3.c
View File

@@ -341,7 +341,7 @@ void Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
}
void DesRawProcessBlock(word32* lIn, word32* rIn, const word32* kptr)
static void DesRawProcessBlock(word32* lIn, word32* rIn, const word32* kptr)
{
word32 l = *lIn, r = *rIn, i;

2
ctaocrypt/src/dh.c
View File

@@ -47,6 +47,7 @@
void InitDhKey(DhKey* key)
{
(void)key;
/* TomsFastMath doesn't use memory allocation */
#ifndef USE_FAST_MATH
key->p.dp = 0;
@@ -57,6 +58,7 @@ void InitDhKey(DhKey* key)
void FreeDhKey(DhKey* key)
{
(void)key;
/* TomsFastMath doesn't use memory allocation */
#ifndef USE_FAST_MATH
mp_clear(&key->p);

2
ctaocrypt/src/dsa.c
View File

@@ -45,7 +45,7 @@ enum {
void InitDsaKey(DsaKey* key)
{
key->type = -1; /* haven't decdied yet */
key->type = -1; /* haven't decided yet */
/* TomsFastMath doesn't use memory allocation */
#ifndef USE_FAST_MATH

1
ctaocrypt/src/ecc.c Normal file
View File

@@ -0,0 +1 @@
/* dummy ecc.c for dist */

1
ctaocrypt/src/ecc_fp.c Normal file
View File

@@ -0,0 +1 @@
/* dummy ecc_fp.c for dist */

3
ctaocrypt/src/hmac.c
View File

@@ -23,6 +23,7 @@
#ifndef NO_HMAC
#include "ctc_hmac.h"
#include "error.h"
@@ -32,7 +33,7 @@ static int InitHmac(Hmac* hmac, int type)
hmac->macType = type;
if (!(type == MD5 || type == SHA || type == SHA256))
return -1;
return BAD_FUNC_ARG;
if (type == MD5)
InitMd5(&hmac->hash.md5);

12
ctaocrypt/src/integer.c
View File

@@ -3612,8 +3612,10 @@ int mp_sqrmod (mp_int * a, mp_int * b, mp_int * c)
return res;
}
#endif
int mp_sub_d (mp_int* a, mp_digit b, mp_int* c);
#if defined(CYASSL_KEY_GEN) || defined(HAVE_ECC) || !defined(NO_PWDBASED)
/* single digit addition */
int mp_add_d (mp_int* a, mp_digit b, mp_int* c)
@@ -3801,7 +3803,7 @@ static int s_is_power_of_two(mp_digit b, int *p)
}
/* single digit division (based on routine from MPI) */
int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
static int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
{
mp_int q;
mp_word w;
@@ -3876,7 +3878,7 @@ int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
}
int mp_mod_d (mp_int * a, mp_digit b, mp_digit * c)
static int mp_mod_d (mp_int * a, mp_digit b, mp_digit * c)
{
return mp_div_d(a, b, NULL, c);
}
@@ -3931,7 +3933,7 @@ const mp_digit ltm_prime_tab[] = {
* Randomly the chance of error is no more than 1/4 and often
* very much lower.
*/
int mp_prime_miller_rabin (mp_int * a, mp_int * b, int *result)
static int mp_prime_miller_rabin (mp_int * a, mp_int * b, int *result)
{
mp_int n1, y, r;
int s, j, err;
@@ -4012,7 +4014,7 @@ LBL_N1:mp_clear (&n1);
*
* sets result to 0 if not, 1 if yes
*/
int mp_prime_is_divisible (mp_int * a, int *result)
static int mp_prime_is_divisible (mp_int * a, int *result)
{
int err, ix;
mp_digit res;

130
ctaocrypt/src/logging.c Normal file
View File

@@ -0,0 +1,130 @@
/* logging.c
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* submitted by eof */
#include "os_settings.h"
#include "logging.h"
#include "error.h"
CYASSL_API int CyaSSL_Debugging_ON(void);
CYASSL_API void CyaSSL_Debugging_OFF(void);
/* Set these to default values initially. */
static CyaSSL_Logging_cb log_function = 0;
static int loggingEnabled = 0;
int CyaSSL_SetLoggingCb(CyaSSL_Logging_cb f)
{
int res = 0;
if (f)
log_function = f;
else
res = BAD_FUNC_ARG;
return res;
}
int CyaSSL_Debugging_ON(void)
{
#ifdef DEBUG_CYASSL
loggingEnabled = 1;
return 0;
#else
return NOT_COMPILED_IN;
#endif
}
void CyaSSL_Debugging_OFF(void)
{
loggingEnabled = 0;
}
#ifdef DEBUG_CYASSL
#include <stdio.h> /* for default printf stuff */
#ifdef THREADX
int dc_log_printf(char*, ...);
#endif
static void log(const int logLevel, const char *const logMessage)
{
if (log_function)
log_function(logLevel, logMessage);
else {
if (loggingEnabled) {
#ifdef THREADX
dc_log_printf("%s\n", logMessage);
#elif defined(MICRIUM)
#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
NetSecure_TraceOut((CPU_CHAR *)logMessage);
#endif
#else
fprintf(stderr, "%s\n", logMessage);
#endif
}
}
}
void CYASSL_MSG(const char* msg)
{
log(INFO_LOG , msg);
}
void CYASSL_ENTER(const char* msg)
{
if (loggingEnabled) {
char buffer[80];
sprintf(buffer, "CyaSSL Entering %s", msg);
log(ENTER_LOG , buffer);
}
}
void CYASSL_LEAVE(const char* msg, int ret)
{
if (loggingEnabled) {
char buffer[80];
sprintf(buffer, "CyaSSL Leaving %s, return %d", msg, ret);
log(LEAVE_LOG , buffer);
}
}
void CYASSL_ERROR(int error)
{
if (loggingEnabled) {
char buffer[80];
sprintf(buffer, "CyaSSL error occured, error = %d", error);
log(ERROR_LOG , buffer);
}
}
#endif /* DEBUG_CYASSL */

2
ctaocrypt/src/misc.c
View File

@@ -158,7 +158,7 @@ STATIC INLINE void XorWords(word* r, const word* a, word32 n)
STATIC INLINE void xorbuf(byte* buf, const byte* mask, word32 count)
{
if (((size_t)buf | (size_t)mask | count) % WORD_SIZE == 0)
if (((word)buf | (word)mask | count) % WORD_SIZE == 0)
XorWords( (word*)buf, (const word*)mask, count / WORD_SIZE);
else {
word32 i;

238
ctaocrypt/src/pwdbased.c
View File

@@ -23,6 +23,28 @@
#ifndef NO_PWDBASED
#include "pwdbased.h"
#include "ctc_hmac.h"
#include "integer.h"
#include "error.h"
#ifdef CYASSL_SHA512
#include "sha512.h"
#endif
#ifdef NO_INLINE
#include "misc.h"
#else
#include "misc.c"
#endif
#ifndef min
static INLINE word32 min(word32 a, word32 b)
{
return a > b ? b : a;
}
#endif /* min */
int PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt,
@@ -35,13 +57,13 @@ int PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt,
byte buffer[SHA_DIGEST_SIZE]; /* max size */
if (hashType != MD5 && hashType != SHA)
return -1;
return BAD_FUNC_ARG;
if (kLen > hLen)
return -1;
return BAD_FUNC_ARG;
if (iterations < 1)
return -1;
return BAD_FUNC_ARG;
if (hashType == MD5) {
InitMd5(&md5);
@@ -72,5 +94,215 @@ int PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt,
}
int PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt,
int sLen, int iterations, int kLen, int hashType)
{
word32 i = 1;
int hLen;
int j;
Hmac hmac;
byte buffer[INNER_HASH_SIZE]; /* max size */
if (hashType == MD5) {
hLen = MD5_DIGEST_SIZE;
}
else if (hashType == SHA) {
hLen = SHA_DIGEST_SIZE;
}
else if (hashType == SHA256) {
hLen = SHA256_DIGEST_SIZE;
}
#ifdef CYASSL_SHA512
else if (hashType == SHA512) {
hLen = SHA512_DIGEST_SIZE;
}
#endif
else
return BAD_FUNC_ARG;
HmacSetKey(&hmac, hashType, passwd, pLen);
while (kLen) {
int currentLen;
HmacUpdate(&hmac, salt, sLen);
/* encode i */
for (j = 0; j < 4; j++) {
byte b = i >> ((3-j) * 8);
HmacUpdate(&hmac, &b, 1);
}
HmacFinal(&hmac, buffer);
currentLen = min(kLen, hLen);
XMEMCPY(output, buffer, currentLen);
for (j = 1; j < iterations; j++) {
HmacUpdate(&hmac, buffer, hLen);
HmacFinal(&hmac, buffer);
xorbuf(output, buffer, currentLen);
}
output += currentLen;
kLen -= currentLen;
i++;
}
return 0;
}
int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt,
int saltLen, int iterations, int kLen, int hashType, int id)
{
/* all in bytes instead of bits */
word32 u, v, dLen, pLen, iLen, sLen, totalLen;
int dynamic = 0;
int ret = 0;
int i;
byte *D, *S, *P, *I;
byte staticBuffer[1024];
byte* buffer = staticBuffer;
#ifdef CYASSL_SHA512
byte Ai[SHA512_DIGEST_SIZE];
byte B[SHA512_BLOCK_SIZE];
#else
byte Ai[SHA256_DIGEST_SIZE];
byte B[SHA256_BLOCK_SIZE];
#endif
if (!iterations)
iterations = 1;
if (hashType == MD5) {
v = MD5_BLOCK_SIZE;
u = MD5_DIGEST_SIZE;
}
else if (hashType == SHA) {
v = SHA_BLOCK_SIZE;
u = SHA_DIGEST_SIZE;
}
else if (hashType == SHA256) {
v = SHA256_BLOCK_SIZE;
u = SHA256_DIGEST_SIZE;
}
#ifdef CYASSL_SHA512
else if (hashType == SHA512) {
v = SHA512_BLOCK_SIZE;
u = SHA512_DIGEST_SIZE;
}
#endif
else
return BAD_FUNC_ARG;
dLen = v;
sLen = v * ((saltLen + v - 1) / v);
if (passLen)
pLen = v * ((passLen + v - 1) / v);
else
pLen = 0;
iLen = sLen + pLen;
totalLen = dLen + sLen + pLen;
if (totalLen > sizeof(staticBuffer)) {
buffer = (byte*)XMALLOC(totalLen, 0, DYNAMIC_TYPE_KEY);
if (buffer == NULL) return MEMORY_E;
dynamic = 1;
}
D = buffer;
S = D + dLen;
P = S + sLen;
I = S;
XMEMSET(D, id, dLen);
for (i = 0; i < (int)sLen; i++)
S[i] = salt[i % saltLen];
for (i = 0; i < (int)pLen; i++)
P[i] = passwd[i % passLen];
while (kLen > 0) {
word32 currentLen;
mp_int B1;
if (hashType == MD5) {
}
else if (hashType == SHA) {
Sha sha;
InitSha(&sha);
ShaUpdate(&sha, buffer, totalLen);
ShaFinal(&sha, Ai);
for (i = 1; i < iterations; i++) {
ShaUpdate(&sha, Ai, u);
ShaFinal(&sha, Ai);
}
}
else if (hashType == SHA256) {
}
#ifdef CYASSL_SHA512
else if (hashType == SHA512) {
}
#endif
for (i = 0; i < (int)v; i++)
B[i] = Ai[i % u];
mp_init(&B1);
if (mp_read_unsigned_bin(&B1, B, v) != MP_OKAY)
ret = MP_READ_E;
else if (mp_add_d(&B1, (mp_digit)1, &B1) != MP_OKAY) {
ret = MP_ADD_E;
mp_clear(&B1);
break;
}
for (i = 0; i < (int)iLen; i += v) {
int outSz;
mp_int i1;
mp_int res;
mp_init(&i1);
mp_init(&res);
if (mp_read_unsigned_bin(&i1, I + i, v) != MP_OKAY)
ret = MP_READ_E;
else if (mp_add(&i1, &B1, &res) != MP_OKAY)
ret = MP_ADD_E;
else if ( (outSz = mp_unsigned_bin_size(&res)) < 0)
ret = MP_TO_E;
else {
if (outSz > (int)v) {
/* take off MSB */
byte tmp[129];
mp_to_unsigned_bin(&res, tmp);
XMEMCPY(I + i, tmp + 1, v);
}
else if (outSz < (int)v) {
XMEMSET(I + i, 0, v - outSz);
mp_to_unsigned_bin(&res, I + i + v - outSz);
}
else
mp_to_unsigned_bin(&res, I + i);
}
mp_clear(&i1);
mp_clear(&res);
if (ret < 0) break;
}
currentLen = min(kLen, (int)u);
XMEMCPY(output, Ai, currentLen);
output += currentLen;
kLen -= currentLen;
mp_clear(&B1);
}
if (dynamic) XFREE(buffer, 0, DYNAMIC_TYPE_KEY);
return ret;
}
#endif /* NO_PWDBASED */

16
ctaocrypt/src/random.c
View File

@@ -150,6 +150,8 @@ int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
/* may block */
int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
int ret = 0;
os->fd = open("/dev/urandom",O_RDONLY);
if (os->fd == -1) {
/* may still have /dev/random */
@@ -160,22 +162,26 @@ int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
while (sz) {
int len = read(os->fd, output, sz);
if (len == -1)
return READ_RAN_E;
if (len == -1) {
ret = READ_RAN_E;
break;
}
sz -= len;
output += len;
if (sz)
if (sz) {
#ifdef BLOCKING
sleep(0); /* context switch */
#else
return RAN_BLOCK_E;
ret = RAN_BLOCK_E;
break;
#endif
}
}
close(os->fd);
return 0;
return ret;
}
#endif /* USE_WINDOWS_API */

37
ctaocrypt/src/rsa.c
View File

@@ -24,6 +24,7 @@
#include "ctc_rsa.h"
#include "random.h"
#include "error.h"
#include "logging.h"
#ifdef SHOW_GEN
#include <stdio.h>
@@ -48,7 +49,7 @@ enum {
void InitRsaKey(RsaKey* key, void* heap)
{
key->type = -1; /* haven't decdied yet */
key->type = -1; /* haven't decided yet */
key->heap = heap;
/* TomsFastMath doesn't use memory allocation */
@@ -64,6 +65,7 @@ void InitRsaKey(RsaKey* key, void* heap)
void FreeRsaKey(RsaKey* key)
{
(void)key;
/* TomsFastMath doesn't use memory allocation */
#ifndef USE_FAST_MATH
if (key->type == RSA_PRIVATE) {
@@ -124,14 +126,18 @@ static word32 RsaUnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen,
/* skip past the padding until we find the separator */
while (i<pkcsBlockLen && pkcsBlock[i++]) { /* null body */
}
if(!(i==pkcsBlockLen || pkcsBlock[i-1]==0))
if(!(i==pkcsBlockLen || pkcsBlock[i-1]==0)) {
CYASSL_MSG("RsaUnPad error, bad formatting");
return 0;
}
outputLen = pkcsBlockLen - i;
invalid = (outputLen > maxOutputLen) || invalid;
if (invalid)
if (invalid) {
CYASSL_MSG("RsaUnPad error, bad formatting");
return 0;
}
*output = (byte *)(pkcsBlock + i);
return outputLen;
@@ -283,7 +289,10 @@ int RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
return ret;
}
XMEMCPY(out, pad, plainLen);
if (plainLen > (int)outLen)
plainLen = BAD_FUNC_ARG;
else
XMEMCPY(out, pad, plainLen);
XMEMSET(tmp, 0x00, inLen);
XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
@@ -323,8 +332,11 @@ int RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
return ret;
}
XMEMCPY(out, pad, plainLen);
if (plainLen > (int)outLen)
plainLen = BAD_FUNC_ARG;
else
XMEMCPY(out, pad, plainLen);
XMEMSET(tmp, 0x00, inLen);
XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
@@ -368,8 +380,9 @@ static int rand_prime(mp_int* N, int len, RNG* rng, void* heap)
int err, res, type;
byte* buf;
(void)heap;
if (N == NULL || rng == NULL)
return -1;
return BAD_FUNC_ARG;
/* get type */
if (len < 0) {
@@ -381,13 +394,13 @@ static int rand_prime(mp_int* N, int len, RNG* rng, void* heap)
/* allow sizes between 2 and 512 bytes for a prime size */
if (len < 2 || len > 512) {
return -1;
return BAD_FUNC_ARG;
}
/* allocate buffer to work with */
buf = XMALLOC(len, heap, DYNAMIC_TYPE_RSA);
if (buf == NULL) {
return -1;
return MEMORY_E;
}
XMEMSET(buf, 0, len);
@@ -432,13 +445,13 @@ int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng)
int err;
if (key == NULL || rng == NULL)
return -1;
return BAD_FUNC_ARG;
if (size < RSA_MIN_SIZE || size > RSA_MAX_SIZE)
return -1;
return BAD_FUNC_ARG;
if (e < 3 || (e & 1) == 0)
return -1;
return BAD_FUNC_ARG;
if ((err = mp_init_multi(&p, &q, &tmp1, &tmp2, &tmp3, NULL)) != MP_OKAY)
return err;

29
ctaocrypt/src/tfm.c
View File

@@ -1972,6 +1972,7 @@ int mp_sub_d(fp_int *a, fp_digit b, fp_int *c)
int mp_prime_is_prime(mp_int* a, int t, int* result)
{
(void)t;
*result = fp_isprime(a);
return MP_OKAY;
}
@@ -2006,7 +2007,7 @@ static int s_is_power_of_two(fp_digit b, int *p)
}
/* a/b => cb + d == a */
int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d)
static int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d)
{
fp_int q;
fp_word w;
@@ -2072,7 +2073,7 @@ int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d)
/* c = a mod b, 0 <= c < b */
int fp_mod_d(fp_int *a, fp_digit b, fp_digit *c)
static int fp_mod_d(fp_int *a, fp_digit b, fp_digit *c)
{
return fp_div_d(a, b, NULL, c);
}
@@ -2085,7 +2086,7 @@ int fp_mod_d(fp_int *a, fp_digit b, fp_digit *c)
* Randomly the chance of error is no more than 1/4 and often
* very much lower.
*/
void fp_prime_miller_rabin (fp_int * a, fp_int * b, int *result)
static void fp_prime_miller_rabin (fp_int * a, fp_int * b, int *result)
{
fp_int n1, y, r;
int s, j;
@@ -2302,11 +2303,7 @@ void fp_gcd(fp_int *a, fp_int *b, fp_int *c)
#endif /* CYASSL_KEY_GEN */
#ifdef HAVE_ECC
/* chars used in radix conversions */
const char *fp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
#if defined(HAVE_ECC) || !defined(NO_PWDBASED)
/* c = a + b */
void fp_add_d(fp_int *a, fp_digit b, fp_int *c)
{
@@ -2315,8 +2312,22 @@ void fp_add_d(fp_int *a, fp_digit b, fp_int *c)
fp_add(a,&tmp,c);
}
/* external compatibility */
int mp_add_d(fp_int *a, fp_digit b, fp_int *c)
{
fp_add_d(a, b, c);
return MP_OKAY;
}
int fp_read_radix(fp_int *a, const char *str, int radix)
#endif /* HAVE_ECC || !NO_PWDBASED */
#ifdef HAVE_ECC
/* chars used in radix conversions */
const char *fp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
static int fp_read_radix(fp_int *a, const char *str, int radix)
{
int y, neg;
char ch;

7
ctaocrypt/test/Makefile.am
View File

@@ -1,7 +0,0 @@
INCLUDES = -I../include -I../../include -I../../include/openssl
bin_PROGRAMS = test
test_SOURCES = test.c
test_LDFLAGS = -L../src
test_LDADD = ../../src/libcyassl.la
test_DEPENDENCIES = ../../src/libcyassl.la
EXTRA_DIST = test.sln test.vcproj

11
ctaocrypt/test/include.am Normal file
View File

@@ -0,0 +1,11 @@
# vim:ft=automake
# included from Top Level Makefile.am
# All paths should be given relative to the root
bin_PROGRAMS = ctaocrypt/test/test
ctaocrypt_test_test_SOURCES = ctaocrypt/test/test.c
ctaocrypt_test_test_LDFLAGS = -Lsrc
ctaocrypt_test_test_LDADD = src/libcyassl.la
ctaocrypt_test_test_DEPENDENCIES = src/libcyassl.la
EXTRA_DIST += ctaocrypt/test/test.sln ctaocrypt/test/test.vcproj

54
ctaocrypt/test/test.c
View File

@@ -1647,12 +1647,55 @@ int openssl_test()
#ifndef NO_PWDBASED
int pkcs12_test()
{
const byte passwd[] = { 0x00, 0x73, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x67,
0x00, 0x00 };
const byte salt[] = { 0x0a, 0x58, 0xCF, 0x64, 0x53, 0x0d, 0x82, 0x3f };
const byte passwd2[] = { 0x00, 0x71, 0x00, 0x75, 0x00, 0x65, 0x00, 0x65,
0x00, 0x67, 0x00, 0x00 };
const byte salt2[] = { 0x16, 0x82, 0xC0, 0xfC, 0x5b, 0x3f, 0x7e, 0xc5 };
byte derived[64];
const byte verify[] = {
0x8A, 0xAA, 0xE6, 0x29, 0x7B, 0x6C, 0xB0, 0x46,
0x42, 0xAB, 0x5B, 0x07, 0x78, 0x51, 0x28, 0x4E,
0xB7, 0x12, 0x8F, 0x1A, 0x2A, 0x7F, 0xBC, 0xA3
};
const byte verify2[] = {
0x48, 0x3D, 0xD6, 0xE9, 0x19, 0xD7, 0xDE, 0x2E,
0x8E, 0x64, 0x8B, 0xA8, 0xF8, 0x62, 0xF3, 0xFB,
0xFB, 0xDC, 0x2B, 0xCB, 0x2C, 0x02, 0x95, 0x7F
};
int id = 1;
int kLen = 24;
int iterations = 1;
int ret = PKCS12_PBKDF(derived, passwd, sizeof(passwd), salt, 8, iterations,
kLen, SHA, id);
if ( (ret = memcmp(derived, verify, kLen)) != 0)
return -103;
iterations = 1000;
ret = PKCS12_PBKDF(derived, passwd2, sizeof(passwd2), salt2, 8, iterations,
kLen, SHA, id);
if ( (ret = memcmp(derived, verify2, 24)) != 0)
return -104;
return 0;
}
int pbkdf2_test()
{
char passwd[] = "password";
const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 };
int iterations = 2048;
int kLen = 24;
byte derived[64];
const byte verify[] = {
0xBF, 0xDE, 0x6B, 0xE9, 0x4D, 0xF7, 0xE1, 0x1D, 0xD4, 0x09, 0xBC, 0xE2,
@@ -1660,6 +1703,12 @@ int pbkdf2_test()
};
PBKDF2(derived, (byte*)passwd, strlen(passwd), salt, 8, iterations, kLen,
SHA);
if (memcmp(derived, verify, sizeof(verify)) != 0)
return -102;
return 0;
}
@@ -1689,7 +1738,10 @@ int pbkdf1_test()
int pwdbased_test()
{
return pbkdf1_test();
int ret = pbkdf1_test();
ret += pbkdf2_test();
return ret + pkcs12_test();
}
#endif /* NO_PWDBASED */

19
cyassl-iphone.xcodeproj/project.pbxproj
View File

@@ -9,6 +9,8 @@
/* Begin PBXBuildFile section */
43809E9B0FB7AD1C0050922E /* md4.c in Sources */ = {isa = PBXBuildFile; fileRef = 43809E9A0FB7AD1C0050922E /* md4.c */; };
43962ADF0DE7ED48003C5E5B /* ssl.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2790DDF984100F2D488 /* ssl.c */; };
439B381E136B390A004C965E /* cyassl_memory.c in Sources */ = {isa = PBXBuildFile; fileRef = 439B381D136B390A004C965E /* cyassl_memory.c */; };
439B3820136B391E004C965E /* logging.c in Sources */ = {isa = PBXBuildFile; fileRef = 439B381F136B391E004C965E /* logging.c */; };
43AC92CA0EB154210049F588 /* cyassl_io.c in Sources */ = {isa = PBXBuildFile; fileRef = 43AC92C90EB154210049F588 /* cyassl_io.c */; };
43C6C27B0DDF984100F2D488 /* cyassl_int.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2770DDF984100F2D488 /* cyassl_int.c */; };
43C6C27C0DDF984100F2D488 /* keys.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2780DDF984100F2D488 /* keys.c */; };
@@ -76,6 +78,8 @@
/* Begin PBXFileReference section */
4368F6E40E9EA1140002A123 /* test.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = test.c; path = ctaocrypt/test/test.c; sourceTree = "<group>"; };
43809E9A0FB7AD1C0050922E /* md4.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = md4.c; path = ctaocrypt/src/md4.c; sourceTree = "<group>"; };
439B381D136B390A004C965E /* cyassl_memory.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = cyassl_memory.c; path = ctaocrypt/src/cyassl_memory.c; sourceTree = "<group>"; };
439B381F136B391E004C965E /* logging.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = logging.c; path = ctaocrypt/src/logging.c; sourceTree = "<group>"; };
43AC92C90EB154210049F588 /* cyassl_io.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 0; name = cyassl_io.c; path = src/cyassl_io.c; sourceTree = "<group>"; };
43C6C2770DDF984100F2D488 /* cyassl_int.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 0; name = cyassl_int.c; path = src/cyassl_int.c; sourceTree = "<group>"; };
43C6C2780DDF984100F2D488 /* keys.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = keys.c; path = src/keys.c; sourceTree = "<group>"; };
@@ -173,6 +177,8 @@
43CA25720EA3F9B20011ECA2 /* src */ = {
isa = PBXGroup;
children = (
439B381F136B391E004C965E /* logging.c */,
439B381D136B390A004C965E /* cyassl_memory.c */,
43809E9A0FB7AD1C0050922E /* md4.c */,
43D565660F1EC9CC00550C88 /* rabbit.c */,
43D565640F1EC9A600550C88 /* hc128.c */,
@@ -298,7 +304,14 @@
};
buildConfigurationList = 1DEB91EF08733DB70010E9CD /* Build configuration list for PBXProject "cyassl-iphone" */;
compatibilityVersion = "Xcode 3.1";
developmentRegion = English;
hasScannedForEncodings = 1;
knownRegions = (
English,
Japanese,
French,
German,
);
mainGroup = 08FB7794FE84155DC02AAC07 /* cyassl */;
projectDirPath = "";
projectRoot = "";
@@ -336,6 +349,8 @@
43D565650F1EC9A600550C88 /* hc128.c in Sources */,
43D565670F1EC9CC00550C88 /* rabbit.c in Sources */,
43809E9B0FB7AD1C0050922E /* md4.c in Sources */,
439B381E136B390A004C965E /* cyassl_memory.c in Sources */,
439B3820136B391E004C965E /* logging.c in Sources */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@@ -354,7 +369,7 @@
GCC_PREPROCESSOR_DEFINITIONS = IPHONE;
INSTALL_PATH = /usr/local/lib;
PRODUCT_NAME = cyassl;
SDKROOT = iphonesimulator3.1.2;
SDKROOT = iphoneos;
USER_HEADER_SEARCH_PATHS = "include/openssl include ctaocrypt/include";
WARNING_CFLAGS = "-Wall";
ZERO_LINK = YES;
@@ -384,7 +399,7 @@
GCC_WARN_ABOUT_RETURN_TYPE = YES;
GCC_WARN_UNUSED_VARIABLE = YES;
PREBINDING = NO;
SDKROOT = iphonesimulator2.2;
SDKROOT = iphoneos;
USER_HEADER_SEARCH_PATHS = "include ctaocrypt/include";
};
name = Debug;

762
cyassl-ntru.vcproj
View File

@@ -1,377 +1,385 @@
<?xml version="1.0" encoding="Windows-1252"?>
<VisualStudioProject
ProjectType="Visual C++"
Version="9.00"
Name="cyassl"
ProjectGUID="{73973223-5EE8-41CA-8E88-1D60E89A237B}"
RootNamespace="cyassl"
Keyword="Win32Proj"
TargetFrameworkVersion="196613"
>
<Platforms>
<Platform
Name="Win32"
/>
</Platforms>
<ToolFiles>
</ToolFiles>
<Configurations>
<Configuration
Name="Debug|Win32"
OutputDirectory="$(SolutionDir)$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="4"
CharacterSet="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
Optimization="0"
AdditionalIncludeDirectories="ctaocrypt/include;include;NTRU/include;include/openssl"
PreprocessorDefinitions="OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;HAVE_NTRU;WIN32"
MinimalRebuild="true"
BasicRuntimeChecks="3"
RuntimeLibrary="3"
UsePrecompiledHeader="0"
WarningLevel="3"
DebugInformationFormat="4"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLibrarianTool"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
<Configuration
Name="Release|Win32"
OutputDirectory="$(SolutionDir)$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="4"
CharacterSet="1"
WholeProgramOptimization="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
Optimization="2"
EnableIntrinsicFunctions="true"
AdditionalIncludeDirectories="ctaocrypt/include;include;NTRU/include;include/openssl"
PreprocessorDefinitions="OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;HAVE_NTRU;WIN32"
RuntimeLibrary="2"
EnableFunctionLevelLinking="true"
UsePrecompiledHeader="0"
WarningLevel="3"
DebugInformationFormat="3"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLibrarianTool"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
</Configurations>
<References>
</References>
<Files>
<Filter
Name="Source Files"
Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
>
<File
RelativePath=".\ctaocrypt\src\aes.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\arc4.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\asm.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\asn.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\coding.c"
>
</File>
<File
RelativePath=".\src\cyassl_int.c"
>
</File>
<File
RelativePath=".\src\cyassl_io.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\des3.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\dh.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\dsa.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\hc128.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\hmac.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\integer.c"
>
</File>
<File
RelativePath=".\src\keys.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\md4.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\md5.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\misc.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\pwdbased.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\rabbit.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\random.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\ripemd.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\rsa.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\sha.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\sha256.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\sha512.c"
>
</File>
<File
RelativePath=".\src\ssl.c"
>
</File>
<File
RelativePath=".\src\tls.c"
>
</File>
</Filter>
<Filter
Name="Header Files"
Filter="h;hpp;hxx;hm;inl;inc;xsd"
UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
>
<File
RelativePath=".\ctaocrypt\include\arc4.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\asn.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\coding.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_aes.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_dh.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_dsa.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_hmac.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_md4.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_md5.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_ripemd.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_rsa.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_sha.h"
>
</File>
<File
RelativePath=".\include\cyassl_error.h"
>
</File>
<File
RelativePath=".\include\cyassl_int.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\des3.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\error.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\hc128.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\integer.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\misc.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\pwdbased.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\rabbit.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\random.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\sha256.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\tfm.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\types.h"
>
</File>
</Filter>
<Filter
Name="Resource Files"
Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
>
</Filter>
</Files>
<Globals>
</Globals>
</VisualStudioProject>
<?xml version="1.0" encoding="Windows-1252"?>
<VisualStudioProject
ProjectType="Visual C++"
Version="9.00"
Name="cyassl"
ProjectGUID="{73973223-5EE8-41CA-8E88-1D60E89A237B}"
RootNamespace="cyassl"
Keyword="Win32Proj"
TargetFrameworkVersion="196613"
>
<Platforms>
<Platform
Name="Win32"
/>
</Platforms>
<ToolFiles>
</ToolFiles>
<Configurations>
<Configuration
Name="Debug|Win32"
OutputDirectory="$(SolutionDir)$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="4"
CharacterSet="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
Optimization="0"
AdditionalIncludeDirectories="ctaocrypt/include;include;NTRU/include;include/openssl"
PreprocessorDefinitions="OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;HAVE_NTRU;NO_PSK;WIN32"
MinimalRebuild="true"
BasicRuntimeChecks="3"
RuntimeLibrary="3"
UsePrecompiledHeader="0"
WarningLevel="3"
DebugInformationFormat="4"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLibrarianTool"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
<Configuration
Name="Release|Win32"
OutputDirectory="$(SolutionDir)$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="4"
CharacterSet="1"
WholeProgramOptimization="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
Optimization="2"
EnableIntrinsicFunctions="true"
AdditionalIncludeDirectories="ctaocrypt/include;include;NTRU/include;include/openssl"
PreprocessorDefinitions="OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;HAVE_NTRU;NO_PSK;WIN32"
RuntimeLibrary="2"
EnableFunctionLevelLinking="true"
UsePrecompiledHeader="0"
WarningLevel="3"
DebugInformationFormat="3"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLibrarianTool"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
</Configurations>
<References>
</References>
<Files>
<Filter
Name="Source Files"
Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
>
<File
RelativePath=".\ctaocrypt\src\aes.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\arc4.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\asm.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\asn.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\coding.c"
>
</File>
<File
RelativePath=".\src\cyassl_int.c"
>
</File>
<File
RelativePath=".\src\cyassl_io.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\cyassl_memory.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\des3.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\dh.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\dsa.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\hc128.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\hmac.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\integer.c"
>
</File>
<File
RelativePath=".\src\keys.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\logging.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\md4.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\md5.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\misc.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\pwdbased.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\rabbit.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\random.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\ripemd.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\rsa.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\sha.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\sha256.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\sha512.c"
>
</File>
<File
RelativePath=".\src\ssl.c"
>
</File>
<File
RelativePath=".\src\tls.c"
>
</File>
</Filter>
<Filter
Name="Header Files"
Filter="h;hpp;hxx;hm;inl;inc;xsd"
UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
>
<File
RelativePath=".\ctaocrypt\include\arc4.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\asn.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\coding.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_aes.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_dh.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_dsa.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_hmac.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_md4.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_md5.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_ripemd.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_rsa.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_sha.h"
>
</File>
<File
RelativePath=".\include\cyassl_error.h"
>
</File>
<File
RelativePath=".\include\cyassl_int.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\des3.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\error.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\hc128.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\integer.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\misc.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\pwdbased.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\rabbit.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\random.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\sha256.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\tfm.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\types.h"
>
</File>
</Filter>
<Filter
Name="Resource Files"
Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
>
</Filter>
</Files>
<Globals>
</Globals>
</VisualStudioProject>

762
cyassl.vcproj
View File

@@ -1,377 +1,385 @@
<?xml version="1.0" encoding="Windows-1252"?>
<VisualStudioProject
ProjectType="Visual C++"
Version="9.00"
Name="cyassl"
ProjectGUID="{73973223-5EE8-41CA-8E88-1D60E89A237B}"
RootNamespace="cyassl"
Keyword="Win32Proj"
TargetFrameworkVersion="196613"
>
<Platforms>
<Platform
Name="Win32"
/>
</Platforms>
<ToolFiles>
</ToolFiles>
<Configurations>
<Configuration
Name="Debug|Win32"
OutputDirectory="$(SolutionDir)$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="4"
CharacterSet="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
Optimization="0"
AdditionalIncludeDirectories="ctaocrypt/include;include;include/openssl"
PreprocessorDefinitions="OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512"
MinimalRebuild="true"
BasicRuntimeChecks="3"
RuntimeLibrary="3"
UsePrecompiledHeader="0"
WarningLevel="3"
DebugInformationFormat="4"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLibrarianTool"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
<Configuration
Name="Release|Win32"
OutputDirectory="$(SolutionDir)$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="4"
CharacterSet="1"
WholeProgramOptimization="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
Optimization="2"
EnableIntrinsicFunctions="true"
AdditionalIncludeDirectories="ctaocrypt/include;include;include/openssl"
PreprocessorDefinitions="OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512"
RuntimeLibrary="2"
EnableFunctionLevelLinking="true"
UsePrecompiledHeader="0"
WarningLevel="3"
DebugInformationFormat="3"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLibrarianTool"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
</Configurations>
<References>
</References>
<Files>
<Filter
Name="Source Files"
Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
>
<File
RelativePath=".\ctaocrypt\src\aes.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\arc4.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\asm.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\asn.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\coding.c"
>
</File>
<File
RelativePath=".\src\cyassl_int.c"
>
</File>
<File
RelativePath=".\src\cyassl_io.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\des3.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\dh.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\dsa.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\hc128.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\hmac.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\integer.c"
>
</File>
<File
RelativePath=".\src\keys.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\md4.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\md5.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\misc.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\pwdbased.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\rabbit.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\random.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\ripemd.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\rsa.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\sha.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\sha256.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\sha512.c"
>
</File>
<File
RelativePath=".\src\ssl.c"
>
</File>
<File
RelativePath=".\src\tls.c"
>
</File>
</Filter>
<Filter
Name="Header Files"
Filter="h;hpp;hxx;hm;inl;inc;xsd"
UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
>
<File
RelativePath=".\ctaocrypt\include\arc4.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\asn.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\coding.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_aes.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_dh.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_dsa.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_hmac.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_md4.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_md5.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_ripemd.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_rsa.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_sha.h"
>
</File>
<File
RelativePath=".\include\cyassl_error.h"
>
</File>
<File
RelativePath=".\include\cyassl_int.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\des3.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\error.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\hc128.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\integer.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\misc.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\pwdbased.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\rabbit.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\random.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\sha256.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\tfm.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\types.h"
>
</File>
</Filter>
<Filter
Name="Resource Files"
Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
>
</Filter>
</Files>
<Globals>
</Globals>
</VisualStudioProject>
<?xml version="1.0" encoding="Windows-1252"?>
<VisualStudioProject
ProjectType="Visual C++"
Version="9.00"
Name="cyassl"
ProjectGUID="{73973223-5EE8-41CA-8E88-1D60E89A237B}"
RootNamespace="cyassl"
Keyword="Win32Proj"
TargetFrameworkVersion="196613"
>
<Platforms>
<Platform
Name="Win32"
/>
</Platforms>
<ToolFiles>
</ToolFiles>
<Configurations>
<Configuration
Name="Debug|Win32"
OutputDirectory="$(SolutionDir)$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="4"
CharacterSet="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
Optimization="0"
AdditionalIncludeDirectories="ctaocrypt/include;include;include/openssl"
PreprocessorDefinitions="OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512"
MinimalRebuild="true"
BasicRuntimeChecks="3"
RuntimeLibrary="3"
UsePrecompiledHeader="0"
WarningLevel="3"
DebugInformationFormat="4"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLibrarianTool"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
<Configuration
Name="Release|Win32"
OutputDirectory="$(SolutionDir)$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="4"
CharacterSet="1"
WholeProgramOptimization="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
Optimization="2"
EnableIntrinsicFunctions="true"
AdditionalIncludeDirectories="ctaocrypt/include;include;include/openssl"
PreprocessorDefinitions="OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512"
RuntimeLibrary="2"
EnableFunctionLevelLinking="true"
UsePrecompiledHeader="0"
WarningLevel="3"
DebugInformationFormat="3"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLibrarianTool"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
</Configurations>
<References>
</References>
<Files>
<Filter
Name="Source Files"
Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
>
<File
RelativePath=".\ctaocrypt\src\aes.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\arc4.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\asm.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\asn.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\coding.c"
>
</File>
<File
RelativePath=".\src\cyassl_int.c"
>
</File>
<File
RelativePath=".\src\cyassl_io.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\cyassl_memory.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\des3.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\dh.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\dsa.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\hc128.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\hmac.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\integer.c"
>
</File>
<File
RelativePath=".\src\keys.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\logging.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\md4.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\md5.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\misc.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\pwdbased.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\rabbit.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\random.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\ripemd.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\rsa.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\sha.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\sha256.c"
>
</File>
<File
RelativePath=".\ctaocrypt\src\sha512.c"
>
</File>
<File
RelativePath=".\src\ssl.c"
>
</File>
<File
RelativePath=".\src\tls.c"
>
</File>
</Filter>
<Filter
Name="Header Files"
Filter="h;hpp;hxx;hm;inl;inc;xsd"
UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
>
<File
RelativePath=".\ctaocrypt\include\arc4.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\asn.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\coding.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_aes.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_dh.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_dsa.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_hmac.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_md4.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_md5.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_ripemd.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_rsa.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\ctc_sha.h"
>
</File>
<File
RelativePath=".\include\cyassl_error.h"
>
</File>
<File
RelativePath=".\include\cyassl_int.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\des3.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\error.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\hc128.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\integer.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\misc.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\pwdbased.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\rabbit.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\random.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\sha256.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\tfm.h"
>
</File>
<File
RelativePath=".\ctaocrypt\include\types.h"
>
</File>
</Filter>
<Filter
Name="Resource Files"
Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
>
</Filter>
</Files>
<Globals>
</Globals>
</VisualStudioProject>

BIN
doc/CyaSSL-Manual.pdf
View File

Binary file not shown.

3
doc/README.txt Normal file
View File

@@ -0,0 +1,3 @@
The CyaSSL manual is availalbe at:
http://www.yassl.com/documentation/CyaSSL-Manual.pdf

2
examples/Makefile.am
View File

@@ -1,2 +0,0 @@
SUBDIRS = client server echoclient echoserver

7
examples/client/Makefile.am
View File

@@ -1,7 +0,0 @@
INCLUDES = -I../../include -I../../include/openssl
bin_PROGRAMS = client
client_SOURCES = client.c
client_LDFLAGS = -L../../src
client_LDADD = ../../src/libcyassl.la
client_DEPENDENCIES = ../../src/libcyassl.la
EXTRA_DIST = client.sln *.vcproj

398
examples/client/client-ntru.vcproj
View File

@@ -1,199 +1,199 @@
<?xml version="1.0" encoding="Windows-1252"?>
<VisualStudioProject
ProjectType="Visual C++"
Version="9.00"
Name="client"
ProjectGUID="{3ADE9549-582D-4D8E-9826-B172197A7959}"
RootNamespace="client"
Keyword="Win32Proj"
TargetFrameworkVersion="196613"
>
<Platforms>
<Platform
Name="Win32"
/>
</Platforms>
<ToolFiles>
</ToolFiles>
<Configurations>
<Configuration
Name="Debug|Win32"
OutputDirectory="$(SolutionDir)$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="1"
CharacterSet="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
Optimization="0"
AdditionalIncludeDirectories="../../ctaocrypt/include;../../include;../../include/openssl"
PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE"
MinimalRebuild="true"
BasicRuntimeChecks="3"
RuntimeLibrary="3"
UsePrecompiledHeader="0"
WarningLevel="3"
DebugInformationFormat="4"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLinkerTool"
AdditionalDependencies="Ws2_32.lib neo.lib"
LinkIncremental="2"
AdditionalLibraryDirectories="..\..\NTRU\bin"
GenerateDebugInformation="true"
SubSystem="1"
TargetMachine="1"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCManifestTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCAppVerifierTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
<Configuration
Name="Release|Win32"
OutputDirectory="$(SolutionDir)$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="1"
CharacterSet="1"
WholeProgramOptimization="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
Optimization="2"
EnableIntrinsicFunctions="true"
AdditionalIncludeDirectories="../../ctaocrypt/include;../../include;../../include/openssl"
PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE"
RuntimeLibrary="2"
EnableFunctionLevelLinking="true"
UsePrecompiledHeader="0"
WarningLevel="3"
DebugInformationFormat="3"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLinkerTool"
AdditionalDependencies="Ws2_32.lib neo.lib"
LinkIncremental="1"
AdditionalLibraryDirectories="..\..\NTRU\bin"
GenerateDebugInformation="true"
SubSystem="1"
OptimizeReferences="2"
EnableCOMDATFolding="2"
TargetMachine="1"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCManifestTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCAppVerifierTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
</Configurations>
<References>
</References>
<Files>
<Filter
Name="Source Files"
Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
>
<File
RelativePath=".\client.c"
>
</File>
</Filter>
<Filter
Name="Header Files"
Filter="h;hpp;hxx;hm;inl;inc;xsd"
UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
>
</Filter>
<Filter
Name="Resource Files"
Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
>
</Filter>
</Files>
<Globals>
</Globals>
</VisualStudioProject>
<?xml version="1.0" encoding="Windows-1252"?>
<VisualStudioProject
ProjectType="Visual C++"
Version="9.00"
Name="client"
ProjectGUID="{3ADE9549-582D-4D8E-9826-B172197A7959}"
RootNamespace="client"
Keyword="Win32Proj"
TargetFrameworkVersion="196613"
>
<Platforms>
<Platform
Name="Win32"
/>
</Platforms>
<ToolFiles>
</ToolFiles>
<Configurations>
<Configuration
Name="Debug|Win32"
OutputDirectory="$(SolutionDir)$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="1"
CharacterSet="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
Optimization="0"
AdditionalIncludeDirectories="../../ctaocrypt/include;../../include;../../include/openssl"
PreprocessorDefinitions="NO_PSK"
MinimalRebuild="true"
BasicRuntimeChecks="3"
RuntimeLibrary="3"
UsePrecompiledHeader="0"
WarningLevel="3"
DebugInformationFormat="4"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLinkerTool"
AdditionalDependencies="Ws2_32.lib neo.lib"
LinkIncremental="2"
AdditionalLibraryDirectories="..\..\NTRU\bin"
GenerateDebugInformation="true"
SubSystem="1"
TargetMachine="1"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCManifestTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCAppVerifierTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
<Configuration
Name="Release|Win32"
OutputDirectory="$(SolutionDir)$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="1"
CharacterSet="1"
WholeProgramOptimization="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
Optimization="2"
EnableIntrinsicFunctions="true"
AdditionalIncludeDirectories="../../ctaocrypt/include;../../include;../../include/openssl"
PreprocessorDefinitions="NO_PSK"
RuntimeLibrary="2"
EnableFunctionLevelLinking="true"
UsePrecompiledHeader="0"
WarningLevel="3"
DebugInformationFormat="3"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLinkerTool"
AdditionalDependencies="Ws2_32.lib neo.lib"
LinkIncremental="1"
AdditionalLibraryDirectories="..\..\NTRU\bin"
GenerateDebugInformation="true"
SubSystem="1"
OptimizeReferences="2"
EnableCOMDATFolding="2"
TargetMachine="1"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCManifestTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCAppVerifierTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
</Configurations>
<References>
</References>
<Files>
<Filter
Name="Source Files"
Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
>
<File
RelativePath=".\client.c"
>
</File>
</Filter>
<Filter
Name="Header Files"
Filter="h;hpp;hxx;hm;inl;inc;xsd"
UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
>
</Filter>
<Filter
Name="Resource Files"
Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
>
</Filter>
</Files>
<Globals>
</Globals>
</VisualStudioProject>

32
examples/client/client.c
View File

@@ -62,10 +62,10 @@ void client_test(void* args)
int resumeSz = sizeof(resumeMsg);
#endif
char msg[] = "hello cyassl!";
char msg[64] = "hello cyassl!";
char reply[1024];
int input;
int msgSz = sizeof(msg);
int msgSz = strlen(msg);
int argc = ((func_args*)args)->argc;
char** argv = ((func_args*)args)->argv;
@@ -75,7 +75,7 @@ void client_test(void* args)
#if defined(CYASSL_DTLS)
method = DTLSv1_client_method();
#elif !defined(NO_TLS)
method = TLSv1_client_method();
method = SSLv23_client_method();
#else
method = SSLv3_client_method();
#endif
@@ -89,6 +89,11 @@ void client_test(void* args)
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#ifdef CYASSL_SNIFFER
/* don't use EDH, can't sniff tmp keys */
SSL_CTX_set_cipher_list(ctx, "AES256-SHA");
#endif
#ifndef NO_FILESYSTEM
if (SSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS)
err_sys("can't load ca file");
@@ -160,7 +165,8 @@ void client_test(void* args)
ssl = SSL_new(ctx);
SSL_set_fd(ssl, sockfd);
CyaSSL_check_domain_name(ssl, "www.yassl.com");
if (argc != 3)
CyaSSL_check_domain_name(ssl, "www.yassl.com");
#ifdef NON_BLOCKING
tcp_set_nonblocking(&sockfd);
NonBlockingSSL_Connect(ssl);
@@ -182,8 +188,8 @@ void client_test(void* args)
if (argc == 3) {
printf("SSL connect ok, sending GET...\n");
strncpy(msg, "GET\r\n", 6);
msgSz = 6;
msgSz = 28;
strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz);
}
if (SSL_write(ssl, msg, msgSz) != msgSz)
err_sys("SSL_write failed");
@@ -192,8 +198,20 @@ void client_test(void* args)
if (input > 0) {
reply[input] = 0;
printf("Server response: %s\n", reply);
if (argc == 3) { /* get html */
while (1) {
input = SSL_read(ssl, reply, sizeof(reply));
if (input > 0) {
reply[input] = 0;
printf("%s\n", reply);
}
else
break;
}
}
}
#ifdef TEST_RESUME
#ifdef CYASSL_DTLS
strncpy(msg, "break", 6);

11
examples/client/include.am Normal file
View File

@@ -0,0 +1,11 @@
# vim:ft=automake
# included from Top Level Makefile.am
# All paths should be given relative to the root
bin_PROGRAMS += examples/client/client
examples_client_client_SOURCES = examples/client/client.c
examples_client_client_LDFLAGS = -Lsrc
examples_client_client_LDADD = src/libcyassl.la
examples_client_client_DEPENDENCIES = src/libcyassl.la
EXTRA_DIST += examples/client/client.sln examples/client/*.vcproj

7
examples/echoclient/Makefile.am
View File

@@ -1,7 +0,0 @@
INCLUDES = -I../../include -I../../include/openssl
bin_PROGRAMS = echoclient
echoclient_SOURCES = echoclient.c
echoclient_LDFLAGS = -L../../src
echoclient_LDADD = ../../src/libcyassl.la
echoclient_DEPENDENCIES= ../../src/libcyassl.la
EXTRA_DIST = input quit echoclient.sln *.vcproj

5
examples/echoclient/echoclient.c
View File

@@ -63,6 +63,11 @@ void echoclient_test(void* args)
load_buffer(ctx, caCert, CYASSL_CA);
#endif
#ifdef CYASSL_SNIFFER
/* don't use EDH, can't sniff tmp keys */
SSL_CTX_set_cipher_list(ctx, "AES256-SHA");
#endif
#ifdef OPENSSL_EXTRA
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif

12
examples/echoclient/include.am Normal file
View File

@@ -0,0 +1,12 @@
vim:ft=automake
# included from Top Level Makefile.am
# All paths should be given relative to the root
bin_PROGRAMS += examples/echoclient/echoclient
examples_echoclient_echoclient_SOURCES = examples/echoclient/echoclient.c
examples_echoclient_echoclient_LDFLAGS = -Lsrc
examples_echoclient_echoclient_LDADD = src/libcyassl.la
examples_echoclient_echoclient_DEPENDENCIES = src/libcyassl.la
EXTRA_DIST += examples/echoclient/echoclient.sln examples/echoclient/*.vcproj \
examples/echoclient/input examples/echoclient/quit

7
examples/echoserver/Makefile.am
View File

@@ -1,7 +0,0 @@
INCLUDES = -I../../include -I../../include/openssl
bin_PROGRAMS = echoserver
echoserver_SOURCES = echoserver.c
echoserver_LDFLAGS = -L../../src
echoserver_LDADD = ../../src/libcyassl.la
echoserver_DEPENDENCIES= ../../src/libcyassl.la
EXTRA_DIST = echoserver.sln *.vcproj

8
examples/echoserver/echoserver.c
View File

@@ -27,7 +27,7 @@ static void SignalReady(void* args)
}
THREAD_RETURN CYASSL_API echoserver_test(void* args)
THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
{
SOCKET_T sockfd = 0;
SSL_METHOD* method = 0;
@@ -120,12 +120,16 @@ THREAD_RETURN CYASSL_API echoserver_test(void* args)
ssl = SSL_new(ctx);
if (ssl == NULL) err_sys("SSL_new failed");
SSL_set_fd(ssl, clientfd);
SetDH(ssl);
if (SSL_accept(ssl) != SSL_SUCCESS) {
printf("SSL_accept failed");
printf("SSL_accept failed\n");
SSL_free(ssl);
CloseSocket(clientfd);
continue;
}
#if defined(PEER_INFO)
showPeer(ssl);
#endif
while ( (echoSz = SSL_read(ssl, command, sizeof(command))) > 0) {

11
examples/echoserver/include.am Normal file
View File

@@ -0,0 +1,11 @@
vim:ft=automake
# included from Top Level Makefile.am
# All paths should be given relative to the root
bin_PROGRAMS += examples/echoserver/echoserver
examples_echoserver_echoserver_SOURCES = examples/echoserver/echoserver.c
examples_echoserver_echoserver_LDFLAGS = -Lsrc
examples_echoserver_echoserver_LDADD = src/libcyassl.la
examples_echoserver_echoserver_DEPENDENCIES = src/libcyassl.la
EXTRA_DIST += examples/echoserver/echoserver.sln examples/echoserver/*.vcproj

7
examples/server/Makefile.am
View File

@@ -1,7 +0,0 @@
INCLUDES = -I../../include -I../../include/openssl
bin_PROGRAMS = server
server_SOURCES = server.c
server_LDFLAGS = -L../../src
server_LDADD = ../../src/libcyassl.la
server_DEPENDENCIES = ../../src/libcyassl.la
EXTRA_DIST = server.sln *.vcproj

11
examples/server/include.am Normal file
View File

@@ -0,0 +1,11 @@
# vim:ft=automake
# included from Top Level Makefile.am
# All paths should be given relative to the root
bin_PROGRAMS += examples/server/server
examples_server_server_SOURCES = examples/server/server.c
examples_server_server_LDFLAGS = -Lsrc
examples_server_server_LDADD = src/libcyassl.la
examples_server_server_DEPENDENCIES = src/libcyassl.la
EXTRA_DIST += examples/server/server.sln examples/server/*.vcproj

398
examples/server/server-ntru.vcproj
View File

@@ -1,199 +1,199 @@
<?xml version="1.0" encoding="Windows-1252"?>
<VisualStudioProject
ProjectType="Visual C++"
Version="9.00"
Name="server"
ProjectGUID="{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}"
RootNamespace="server"
Keyword="Win32Proj"
TargetFrameworkVersion="196613"
>
<Platforms>
<Platform
Name="Win32"
/>
</Platforms>
<ToolFiles>
</ToolFiles>
<Configurations>
<Configuration
Name="Debug|Win32"
OutputDirectory="$(SolutionDir)$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="1"
CharacterSet="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
Optimization="0"
AdditionalIncludeDirectories="../../ctaocrypt/include;../../include;../../include/openssl"
PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE"
MinimalRebuild="true"
BasicRuntimeChecks="3"
RuntimeLibrary="3"
UsePrecompiledHeader="0"
WarningLevel="3"
DebugInformationFormat="4"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLinkerTool"
AdditionalDependencies="Ws2_32.lib neo.lib"
LinkIncremental="2"
AdditionalLibraryDirectories="..\..\NTRU\bin"
GenerateDebugInformation="true"
SubSystem="1"
TargetMachine="1"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCManifestTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCAppVerifierTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
<Configuration
Name="Release|Win32"
OutputDirectory="$(SolutionDir)$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="1"
CharacterSet="1"
WholeProgramOptimization="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
Optimization="2"
EnableIntrinsicFunctions="true"
AdditionalIncludeDirectories="../../ctaocrypt/include;../../include;../../include/openssl"
PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE"
RuntimeLibrary="2"
EnableFunctionLevelLinking="true"
UsePrecompiledHeader="0"
WarningLevel="3"
DebugInformationFormat="3"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLinkerTool"
AdditionalDependencies="Ws2_32.lib neo.lib"
LinkIncremental="1"
AdditionalLibraryDirectories="..\..\NTRU\bin"
GenerateDebugInformation="true"
SubSystem="1"
OptimizeReferences="2"
EnableCOMDATFolding="2"
TargetMachine="1"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCManifestTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCAppVerifierTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
</Configurations>
<References>
</References>
<Files>
<Filter
Name="Source Files"
Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
>
<File
RelativePath=".\server.c"
>
</File>
</Filter>
<Filter
Name="Header Files"
Filter="h;hpp;hxx;hm;inl;inc;xsd"
UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
>
</Filter>
<Filter
Name="Resource Files"
Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
>
</Filter>
</Files>
<Globals>
</Globals>
</VisualStudioProject>
<?xml version="1.0" encoding="Windows-1252"?>
<VisualStudioProject
ProjectType="Visual C++"
Version="9.00"
Name="server"
ProjectGUID="{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}"
RootNamespace="server"
Keyword="Win32Proj"
TargetFrameworkVersion="196613"
>
<Platforms>
<Platform
Name="Win32"
/>
</Platforms>
<ToolFiles>
</ToolFiles>
<Configurations>
<Configuration
Name="Debug|Win32"
OutputDirectory="$(SolutionDir)$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="1"
CharacterSet="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
Optimization="0"
AdditionalIncludeDirectories="../../ctaocrypt/include;../../include;../../include/openssl"
PreprocessorDefinitions="NO_PSK"
MinimalRebuild="true"
BasicRuntimeChecks="3"
RuntimeLibrary="3"
UsePrecompiledHeader="0"
WarningLevel="3"
DebugInformationFormat="4"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLinkerTool"
AdditionalDependencies="Ws2_32.lib neo.lib"
LinkIncremental="2"
AdditionalLibraryDirectories="..\..\NTRU\bin"
GenerateDebugInformation="true"
SubSystem="1"
TargetMachine="1"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCManifestTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCAppVerifierTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
<Configuration
Name="Release|Win32"
OutputDirectory="$(SolutionDir)$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="1"
CharacterSet="1"
WholeProgramOptimization="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
Optimization="2"
EnableIntrinsicFunctions="true"
AdditionalIncludeDirectories="../../ctaocrypt/include;../../include;../../include/openssl"
PreprocessorDefinitions="NO_PSK"
RuntimeLibrary="2"
EnableFunctionLevelLinking="true"
UsePrecompiledHeader="0"
WarningLevel="3"
DebugInformationFormat="3"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLinkerTool"
AdditionalDependencies="Ws2_32.lib neo.lib"
LinkIncremental="1"
AdditionalLibraryDirectories="..\..\NTRU\bin"
GenerateDebugInformation="true"
SubSystem="1"
OptimizeReferences="2"
EnableCOMDATFolding="2"
TargetMachine="1"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCManifestTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCAppVerifierTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
</Configurations>
<References>
</References>
<Files>
<Filter
Name="Source Files"
Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
>
<File
RelativePath=".\server.c"
>
</File>
</Filter>
<Filter
Name="Header Files"
Filter="h;hpp;hxx;hm;inl;inc;xsd"
UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
>
</Filter>
<Filter
Name="Resource Files"
Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
>
</Filter>
</Files>
<Globals>
</Globals>
</VisualStudioProject>

19
examples/server/server.c
View File

@@ -39,7 +39,7 @@
#endif
THREAD_RETURN CYASSL_API server_test(void* args)
THREAD_RETURN CYASSL_THREAD server_test(void* args)
{
SOCKET_T sockfd = 0;
int clientfd = 0;
@@ -56,24 +56,26 @@ THREAD_RETURN CYASSL_API server_test(void* args)
#if defined(CYASSL_DTLS)
method = DTLSv1_server_method();
#elif !defined(NO_TLS)
method = TLSv1_server_method();
method = SSLv23_server_method();
#else
method = SSLv3_server_method();
#endif
ctx = SSL_CTX_new(method);
#ifndef NO_PSK
/* do PSK */
SSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
SSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
SSL_CTX_set_cipher_list(ctx, "PSK-AES256-CBC-SHA");
#else
/* not using PSK, verify peer with certs */
SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,0);
#endif
#ifdef OPENSSL_EXTRA
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,0);
#ifndef NO_FILESYSTEM
/* for client auth */
if (SSL_CTX_load_verify_locations(ctx, cliCert, 0) != SSL_SUCCESS)
@@ -96,9 +98,9 @@ THREAD_RETURN CYASSL_API server_test(void* args)
!= SSL_SUCCESS)
err_sys("can't load ntru key file");
#else /* normal */
if (SSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)
if (SSL_CTX_use_certificate_chain_file(ctx, svrCert)
!= SSL_SUCCESS)
err_sys("can't load server cert file");
err_sys("can't load server cert chain file");
if (SSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
@@ -117,6 +119,9 @@ THREAD_RETURN CYASSL_API server_test(void* args)
#endif
SSL_set_fd(ssl, clientfd);
#ifdef NO_PSK
SetDH(ssl); /* will repick suites with DHE, higher priority than PSK */
#endif
#ifdef NON_BLOCKING
tcp_set_nonblocking(&clientfd);

3
include/cyassl_error.h
View File

@@ -49,6 +49,7 @@ enum CyaSSL_ErrorCodes {
NO_PEER_KEY = -216, /* need peer's key */
NO_PRIVATE_KEY = -217, /* need the private key */
RSA_PRIVATE_ERROR = -218, /* error during rsa priv op */
NO_DH_PARAMS = -219, /* server missging DH params */
BUILD_MSG_ERROR = -220, /* build message failure */
BAD_HELLO = -221, /* client hello malformed */
@@ -87,6 +88,7 @@ enum CyaSSL_ErrorCodes {
ECC_MAKEKEY_ERROR = -253, /* Bad Make ECC Key */
ECC_EXPORT_ERROR = -254, /* Bad ECC Export Key */
ECC_SHARED_ERROR = -255, /* Bad ECC Shared Secret */
BAD_MUTEX_ERROR = -256, /* Bad mutex */
/* add strings to SetErrorString !!!!! */
/* begin negotiation parameter errors */
@@ -105,6 +107,7 @@ enum CyaSSL_ErrorCodes {
#endif
CYASSL_LOCAL
void SetErrorString(int error, char* buffer);

197
include/cyassl_int.h
View File

@@ -33,6 +33,7 @@
#include "asn.h"
#include "ctc_md5.h"
#include "ctc_aes.h"
#include "logging.h"
#ifdef HAVE_ECC
#include "ctc_ecc.h"
#endif
@@ -78,6 +79,10 @@
#endif
#endif
#ifdef NO_SHA256
#define SHA256_DIGEST_SIZE 32
#endif
#ifdef __cplusplus
extern "C" {
#endif
@@ -92,6 +97,9 @@
typedef byte word24[3];
/* used by ssl.c and cyassl_int.c */
void c32to24(word32 in, word24 out);
/* Define or comment out the cipher suites you'd like to be compiled in
make sure to use at least one BUILD_SSL_xxx or BUILD_TLS_xxx is defined
@@ -123,6 +131,10 @@ typedef byte word24[3];
#define BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
#define BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
#endif
#if !defined (NO_SHA256)
#define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
#define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
#endif
#endif
#if !defined(NO_HC128) && !defined(NO_TLS)
@@ -137,6 +149,10 @@ typedef byte word24[3];
#if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && defined(OPENSSL_EXTRA)
#define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
#define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
#if !defined (NO_SHA256)
#define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
#define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
#endif
#endif
#if defined(HAVE_ECC) && !defined(NO_TLS)
@@ -217,10 +233,16 @@ enum {
TLS_RSA_WITH_RABBIT_CBC_SHA = 0xFD,
/* CyaSSL extension - NTRU */
TLS_NTRU_RSA_WITH_RC4_128_SHA = 0x65,
TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA = 0x66,
TLS_NTRU_RSA_WITH_AES_128_CBC_SHA = 0x67,
TLS_NTRU_RSA_WITH_AES_256_CBC_SHA = 0x68
TLS_NTRU_RSA_WITH_RC4_128_SHA = 0xe5,
TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA = 0xe6,
TLS_NTRU_RSA_WITH_AES_128_CBC_SHA = 0xe7, /* clases w/ official SHA-256 */
TLS_NTRU_RSA_WITH_AES_256_CBC_SHA = 0xe8,
/* SHA256 */
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x6b,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x67,
TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x3d,
TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x3c
};
@@ -247,10 +269,10 @@ enum Misc {
SIZEOF_SENDER = 4, /* clnt or srvr */
FINISHED_SZ = MD5_DIGEST_SIZE + SHA_DIGEST_SIZE,
MAX_RECORD_SIZE = 16384, /* 2^14, max size by standard */
MAX_UDP_SIZE = 1400, /* don't exceed MTU */
MAX_MSG_EXTRA = 68, /* max added to msg, mac + pad */
MAX_COMP_EXTRA = 1024, /* max compression extra */
MAX_MTU = 1500, /* max expected MTU */
MAX_UDP_SIZE = MAX_MTU - 100, /* don't exceed MTU w/ 100 byte header */
MAX_DH_SZ = 612, /* 2240 p, pub, g + 2 byte size for each */
MAX_STR_VERSION = 8, /* string rep of protocol version */
@@ -292,7 +314,7 @@ enum Misc {
KEY_LABEL_SZ = 13, /* TLS key block expansion sz */
MAX_PRF_HALF = 128, /* Maximum half secret len */
MAX_PRF_LABSEED = 80, /* Maximum label + seed len */
MAX_PRF_DIG = 148, /* Maximum digest len */
MAX_PRF_DIG = 224, /* Maximum digest len */
MAX_REQUEST_SZ = 256, /* Maximum cert req len (no auth yet */
SESSION_FLUSH_COUNT = 256, /* Flush session cache unless user turns off */
@@ -327,6 +349,7 @@ enum Misc {
MAX_CHAIN_DEPTH = 4, /* max cert chain peer depth */
MAX_X509_SIZE = 2048, /* max static x509 buffer size */
CERT_MIN_SIZE = 256, /* min PEM cert size with header/footer */
FILE_BUFFER_SIZE = 1024, /* default static file buffer size for input,
will use dynamic buffer if not big enough */
@@ -405,13 +428,13 @@ typedef struct ProtocolVersion {
} ProtocolVersion;
ProtocolVersion MakeSSLv3(void);
ProtocolVersion MakeTLSv1(void);
ProtocolVersion MakeTLSv1_1(void);
ProtocolVersion MakeTLSv1_2(void);
CYASSL_LOCAL ProtocolVersion MakeSSLv3(void);
CYASSL_LOCAL ProtocolVersion MakeTLSv1(void);
CYASSL_LOCAL ProtocolVersion MakeTLSv1_1(void);
CYASSL_LOCAL ProtocolVersion MakeTLSv1_2(void);
#ifdef CYASSL_DTLS
ProtocolVersion MakeDTLSv1(void);
CYASSL_LOCAL ProtocolVersion MakeDTLSv1(void);
#endif
@@ -452,11 +475,12 @@ struct SSL_METHOD {
/* defautls to client */
void InitSSL_Method(SSL_METHOD*, ProtocolVersion);
CYASSL_LOCAL void InitSSL_Method(SSL_METHOD*, ProtocolVersion);
/* for sniffer */
int DoFinished(SSL* ssl, const byte* input, word32* inOutIdx, int sniff);
int DoApplicationData(SSL* ssl, byte* input, word32* inOutIdx);
CYASSL_LOCAL int DoFinished(SSL* ssl, const byte* input, word32* inOutIdx,
int sniff);
CYASSL_LOCAL int DoApplicationData(SSL* ssl, byte* input, word32* inOutIdx);
/* CyaSSL buffer type */
@@ -491,7 +515,7 @@ enum {
#define RECORD_SIZE MAX_RECORD_SIZE
#else
#ifdef CYASSL_DTLS
#define RECORD_SIZE 1500
#define RECORD_SIZE MAX_MTU
#else
#define RECORD_SIZE 128
#endif
@@ -536,7 +560,9 @@ typedef struct Suites {
} Suites;
CYASSL_LOCAL
void InitSuites(Suites*, ProtocolVersion, byte, byte, byte, byte, int);
CYASSL_LOCAL
int SetCipherList(SSL_CTX* ctx, const char* list);
#ifndef PSK_TYPES_DEFINED
@@ -549,11 +575,14 @@ int SetCipherList(SSL_CTX* ctx, const char* list);
#ifndef CYASSL_USER_IO
/* default IO callbacks */
CYASSL_LOCAL
int EmbedReceive(char *buf, int sz, void *ctx);
CYASSL_LOCAL
int EmbedSend(char *buf, int sz, void *ctx);
#endif
#ifdef CYASSL_DTLS
CYASSL_LOCAL
int IsUDP(void*);
#endif
@@ -568,6 +597,8 @@ struct SSL_CIPHER {
struct SSL_CTX {
SSL_METHOD* method;
buffer certificate;
buffer certChain;
/* chain after self, in DER, with leading size for each cert */
buffer privateKey;
Signer* caList; /* SSL_CTX owns this, SSL will reference */
Suites suites;
@@ -599,13 +630,22 @@ struct SSL_CTX {
};
CYASSL_LOCAL
void InitSSL_Ctx(SSL_CTX*, SSL_METHOD*);
CYASSL_LOCAL
void FreeSSL_Ctx(SSL_CTX*);
CYASSL_LOCAL
void SSL_CtxResourceFree(SSL_CTX*);
CYASSL_LOCAL
int DeriveTlsKeys(SSL* ssl);
CYASSL_LOCAL
int ProcessOldClientHello(SSL* ssl, const byte* input, word32* inOutIdx,
word32 inSz, word16 sz);
CYASSL_LOCAL
int AddCA(SSL_CTX* ctx, buffer der);
CYASSL_LOCAL
int IsCA(SSL_CTX* ctx, byte* hash);
/* All cipher suite related info */
typedef struct CipherSpecs {
@@ -707,8 +747,8 @@ enum CipherType { stream, block };
/* keys and secrets */
typedef struct Keys {
byte client_write_MAC_secret[SHA_DIGEST_SIZE]; /* max sizes */
byte server_write_MAC_secret[SHA_DIGEST_SIZE];
byte client_write_MAC_secret[SHA256_DIGEST_SIZE]; /* max sizes */
byte server_write_MAC_secret[SHA256_DIGEST_SIZE];
byte client_write_key[AES_256_KEY_SIZE]; /* max sizes */
byte server_write_key[AES_256_KEY_SIZE];
byte client_write_IV[AES_IV_SIZE]; /* max sizes */
@@ -786,7 +826,9 @@ struct SSL_SESSION {
};
CYASSL_LOCAL
SSL_SESSION* GetSession(SSL*, byte*);
CYASSL_LOCAL
int SetSession(SSL*, SSL_SESSION*);
typedef void (*hmacfp) (SSL*, byte*, const byte*, word32, int, int);
@@ -827,8 +869,10 @@ enum AcceptState {
typedef struct Buffers {
buffer certificate; /* SSL_CTX owns */
buffer key; /* SSL_CTX owns */
buffer certificate; /* SSL_CTX owns, unless we own */
buffer key; /* SSL_CTX owns, unless we own */
buffer certChain; /* SSL_CTX owns */
/* chain after self, in DER, with leading size for each cert */
buffer domainName; /* for client check */
buffer serverDH_P;
buffer serverDH_G;
@@ -841,6 +885,8 @@ typedef struct Buffers {
when got WANT_WRITE */
int plainSz; /* plain text bytes in buffer to send
when got WANT_WRITE */
byte weOwnCert; /* SSL own cert flag */
byte weOwnKey; /* SSL own key flag */
} Buffers;
@@ -916,6 +962,8 @@ struct X509_NAME {
struct X509 {
X509_NAME issuer;
X509_NAME subject;
int serialSz;
byte serial[EXTERNAL_SERIAL_SIZE];
};
@@ -962,7 +1010,6 @@ struct SSL {
#endif
Hashes verifyHashes;
Hashes certHashes; /* for cert verify */
Signer* caList; /* SSL_CTX owns */
Buffers buffers;
Options options;
Arrays arrays;
@@ -1006,9 +1053,11 @@ struct SSL {
};
CYASSL_LOCAL
int InitSSL(SSL*, SSL_CTX*);
CYASSL_LOCAL
void FreeSSL(SSL*);
void SSL_ResourceFree(SSL*);
CYASSL_API void SSL_ResourceFree(SSL*); /* Micrium uses */
enum {
@@ -1018,22 +1067,32 @@ enum {
typedef struct EncryptedInfo {
char name[NAME_SZ];
byte iv[IV_SZ];
word32 ivSz;
byte set;
char name[NAME_SZ]; /* encryption name */
byte iv[IV_SZ]; /* encrypted IV */
word32 ivSz; /* encrypted IV size */
long consumed; /* tracks PEM bytes consumed */
byte set; /* if encryption set */
SSL_CTX* ctx; /* CTX owner */
} EncryptedInfo;
#ifdef CYASSL_CALLBACKS
CYASSL_LOCAL
void InitHandShakeInfo(HandShakeInfo*);
CYASSL_LOCAL
void FinishHandShakeInfo(HandShakeInfo*, const SSL*);
CYASSL_LOCAL
void AddPacketName(const char*, HandShakeInfo*);
CYASSL_LOCAL
void InitTimeoutInfo(TimeoutInfo*);
CYASSL_LOCAL
void FreeTimeoutInfo(TimeoutInfo*, void*);
CYASSL_LOCAL
void AddPacketInfo(const char*, TimeoutInfo*, const byte*, int, void*);
CYASSL_LOCAL
void AddLateName(const char*, TimeoutInfo*);
CYASSL_LOCAL
void AddLateRecordHeader(const RecordLayerHeader* rl, TimeoutInfo* info);
#endif
@@ -1124,41 +1183,50 @@ static const byte tls_server[FINISHED_LABEL_SZ + 1] = "server finished";
/* internal functions */
int SendChangeCipher(SSL*);
int SendData(SSL*, const void*, int);
int SendCertificate(SSL*);
int SendCertificateRequest(SSL*);
int SendServerKeyExchange(SSL*);
int SendBuffered(SSL*);
int ReceiveData(SSL*, byte*, int);
int SendFinished(SSL*);
int SendAlert(SSL*, int, int);
int ProcessReply(SSL*);
CYASSL_LOCAL int SendChangeCipher(SSL*);
CYASSL_LOCAL int SendData(SSL*, const void*, int);
CYASSL_LOCAL int SendCertificate(SSL*);
CYASSL_LOCAL int SendCertificateRequest(SSL*);
CYASSL_LOCAL int SendServerKeyExchange(SSL*);
CYASSL_LOCAL int SendBuffered(SSL*);
CYASSL_LOCAL int ReceiveData(SSL*, byte*, int);
CYASSL_LOCAL int SendFinished(SSL*);
CYASSL_LOCAL int SendAlert(SSL*, int, int);
CYASSL_LOCAL int ProcessReply(SSL*);
int SetCipherSpecs(SSL*);
int MakeMasterSecret(SSL*);
CYASSL_LOCAL int SetCipherSpecs(SSL*);
CYASSL_LOCAL int MakeMasterSecret(SSL*);
int AddSession(SSL*);
int DeriveKeys(SSL* ssl);
int StoreKeys(SSL* ssl, const byte* keyData);
CYASSL_LOCAL int AddSession(SSL*);
CYASSL_LOCAL int DeriveKeys(SSL* ssl);
CYASSL_LOCAL int StoreKeys(SSL* ssl, const byte* keyData);
int IsTLS(const SSL* ssl);
int IsAtLeastTLSv1_2(const SSL* ssl);
CYASSL_LOCAL int IsTLS(const SSL* ssl);
CYASSL_LOCAL int IsAtLeastTLSv1_2(const SSL* ssl);
void ShrinkInputBuffer(SSL* ssl, int forcedFree);
void ShrinkOutputBuffer(SSL* ssl);
CYASSL_LOCAL void ShrinkInputBuffer(SSL* ssl, int forcedFree);
CYASSL_LOCAL void ShrinkOutputBuffer(SSL* ssl);
CYASSL_LOCAL int SendHelloVerifyRequest(SSL* ssl);
CYASSL_LOCAL Signer* GetCA(Signer* signers, byte* hash);
#ifndef NO_TLS
CYASSL_LOCAL int MakeTlsMasterSecret(SSL*);
CYASSL_LOCAL void TLS_hmac(SSL* ssl, byte* digest, const byte* buffer,
word32 sz, int content, int verify);
CYASSL_LOCAL void BuildTlsFinished(SSL* ssl, Hashes* hashes,
const byte* sender);
#endif
#ifndef NO_CYASSL_CLIENT
int SendClientHello(SSL*);
int SendClientKeyExchange(SSL*);
int SendCertificateVerify(SSL*);
CYASSL_LOCAL int SendClientHello(SSL*);
CYASSL_LOCAL int SendClientKeyExchange(SSL*);
CYASSL_LOCAL int SendCertificateVerify(SSL*);
#endif /* NO_CYASSL_CLIENT */
#ifndef NO_CYASSL_SERVER
int SendServerHello(SSL*);
int SendServerHelloDone(SSL*);
CYASSL_LOCAL int SendServerHello(SSL*);
CYASSL_LOCAL int SendServerHelloDone(SSL*);
#ifdef CYASSL_DTLS
int SendHelloVerifyRequest(SSL*);
CYASSL_LOCAL int SendHelloVerifyRequest(SSL*);
#endif
#endif /* NO_CYASSL_SERVER */
@@ -1172,8 +1240,8 @@ void ShrinkOutputBuffer(SSL* ssl);
typedef double timer_d;
timer_d Timer(void);
word32 LowResTimer(void);
CYASSL_LOCAL timer_d Timer(void);
CYASSL_LOCAL word32 LowResTimer(void);
#ifdef SINGLE_THREADED
@@ -1192,29 +1260,12 @@ word32 LowResTimer(void);
#endif /* USE_WINDOWS_API */
#endif /* SINGLE_THREADED */
int InitMutex(CyaSSL_Mutex*);
int FreeMutex(CyaSSL_Mutex*);
int LockMutex(CyaSSL_Mutex*);
int UnLockMutex(CyaSSL_Mutex*);
CYASSL_LOCAL int InitMutex(CyaSSL_Mutex*);
CYASSL_LOCAL int FreeMutex(CyaSSL_Mutex*);
CYASSL_LOCAL int LockMutex(CyaSSL_Mutex*);
CYASSL_LOCAL int UnLockMutex(CyaSSL_Mutex*);
#ifdef DEBUG_CYASSL
void CYASSL_ENTER(const char* msg);
void CYASSL_LEAVE(const char* msg, int ret);
void CYASSL_ERROR(int);
void CYASSL_MSG(const char* msg);
#else /* DEBUG_CYASSL */
#define CYASSL_ENTER(m)
#define CYASSL_LEAVE(m, r)
#define CYASSL_ERROR(e)
#define CYASSL_MSG(m)
#endif /* DEBUG_CYASSL */
#ifdef __cplusplus

4
include/openssl/crypto.h
View File

@@ -7,8 +7,8 @@
#include "prefix_crypto.h"
#endif
const char* SSLeay_version(int type);
unsigned long SSLeay(void);
CYASSL_API const char* SSLeay_version(int type);
CYASSL_API unsigned long SSLeay(void);
#define SSLEAY_VERSION 0x0090600fL

51
include/openssl/cyassl_test.h
View File

@@ -71,16 +71,16 @@
#ifdef SINGLE_THREADED
typedef unsigned int THREAD_RETURN;
typedef void* THREAD_TYPE;
#define CYASSL_API
#define CYASSL_THREAD
#else
#ifndef _POSIX_THREADS
typedef unsigned int THREAD_RETURN;
typedef HANDLE THREAD_TYPE;
#define CYASSL_API __stdcall
#define CYASSL_THREAD __stdcall
#else
typedef void* THREAD_RETURN;
typedef pthread_t THREAD_TYPE;
#define CYASSL_API
#define CYASSL_THREAD
#endif
#endif
@@ -137,7 +137,7 @@ typedef struct func_args {
} func_args;
typedef THREAD_RETURN CYASSL_API THREAD_FUNC(void*);
typedef THREAD_RETURN CYASSL_THREAD THREAD_FUNC(void*);
void start_thread(THREAD_FUNC, func_args*, THREAD_TYPE*);
void join_thread(THREAD_TYPE);
@@ -174,9 +174,26 @@ static INLINE void showPeer(SSL* ssl)
if (peer) {
char* issuer = X509_NAME_oneline(X509_get_issuer_name(peer), 0, 0);
char* subject = X509_NAME_oneline(X509_get_subject_name(peer), 0, 0);
byte serial[32];
int ret;
int sz = sizeof(serial);
printf("peer's cert info:\n issuer : %s\n subject: %s\n", issuer,
subject);
ret = CyaSSL_X509_get_serial_number(peer, serial, &sz);
if (ret == 0) {
int i;
int strLen;
char serialMsg[80];
/* testsuite has multiple threads writing to stdout, get output
message ready to write once */
strLen = sprintf(serialMsg, " serial number");
for (i = 0; i < sz; i++)
sprintf(serialMsg + strLen + (i*3), ":%02x ", serial[i]);
printf("%s\n", serialMsg);
}
XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
XFREE(issuer, 0, DYNAMIC_TYPE_OPENSSL);
}
@@ -558,6 +575,32 @@ static int myVerify(int preverify, X509_STORE_CTX* store)
#endif /* VERIFY_CALLBACK */
static INLINE void SetDH(SSL* ssl)
{
/* dh1024 p */
static unsigned char p[] =
{
0xE6, 0x96, 0x9D, 0x3D, 0x49, 0x5B, 0xE3, 0x2C, 0x7C, 0xF1, 0x80, 0xC3,
0xBD, 0xD4, 0x79, 0x8E, 0x91, 0xB7, 0x81, 0x82, 0x51, 0xBB, 0x05, 0x5E,
0x2A, 0x20, 0x64, 0x90, 0x4A, 0x79, 0xA7, 0x70, 0xFA, 0x15, 0xA2, 0x59,
0xCB, 0xD5, 0x23, 0xA6, 0xA6, 0xEF, 0x09, 0xC4, 0x30, 0x48, 0xD5, 0xA2,
0x2F, 0x97, 0x1F, 0x3C, 0x20, 0x12, 0x9B, 0x48, 0x00, 0x0E, 0x6E, 0xDD,
0x06, 0x1C, 0xBC, 0x05, 0x3E, 0x37, 0x1D, 0x79, 0x4E, 0x53, 0x27, 0xDF,
0x61, 0x1E, 0xBB, 0xBE, 0x1B, 0xAC, 0x9B, 0x5C, 0x60, 0x44, 0xCF, 0x02,
0x3D, 0x76, 0xE0, 0x5E, 0xEA, 0x9B, 0xAD, 0x99, 0x1B, 0x13, 0xA6, 0x3C,
0x97, 0x4E, 0x9E, 0xF1, 0x83, 0x9E, 0xB5, 0xDB, 0x12, 0x51, 0x36, 0xF7,
0x26, 0x2E, 0x56, 0xA8, 0x87, 0x15, 0x38, 0xDF, 0xD8, 0x23, 0xC6, 0x50,
0x50, 0x85, 0xE2, 0x1F, 0x0D, 0xD5, 0xC8, 0x6B,
};
/* dh1024 g */
static unsigned char g[] =
{
0x02,
};
CyaSSL_SetTmpDH(ssl, p, sizeof(p), g, sizeof(g));
}
#endif /* CyaSSL_TEST_H */

22
include/openssl/des.h
View File

@@ -49,18 +49,18 @@ enum {
};
void DES_set_key_unchecked(const_DES_cblock*, DES_key_schedule*);
int DES_key_sched(const_DES_cblock* key, DES_key_schedule* schedule);
void DES_cbc_encrypt(const unsigned char* input, unsigned char* output,
long length, DES_key_schedule* schedule, DES_cblock* ivec,
int enc);
void DES_ncbc_encrypt(const unsigned char* input, unsigned char* output,
long length, DES_key_schedule* schedule, DES_cblock* ivec,
int enc);
CYASSL_API void DES_set_key_unchecked(const_DES_cblock*, DES_key_schedule*);
CYASSL_API int DES_key_sched(const_DES_cblock* key,DES_key_schedule* schedule);
CYASSL_API void DES_cbc_encrypt(const unsigned char* input,
unsigned char* output, long length,
DES_key_schedule* schedule, DES_cblock* ivec, int enc);
CYASSL_API void DES_ncbc_encrypt(const unsigned char* input,
unsigned char* output, long length,
DES_key_schedule* schedule, DES_cblock* ivec, int enc);
void DES_set_odd_parity(DES_cblock*);
void DES_ecb_encrypt(DES_cblock*, DES_cblock*, DES_key_schedule*, int);
CYASSL_API void DES_set_odd_parity(DES_cblock*);
CYASSL_API void DES_ecb_encrypt(DES_cblock*, DES_cblock*, DES_key_schedule*,
int);
#ifdef __cplusplus
} /* extern "C" */

25
include/openssl/evp.h
View File

@@ -44,8 +44,8 @@
typedef char EVP_MD;
typedef char EVP_CIPHER;
const EVP_MD* EVP_md5(void);
const EVP_MD* EVP_sha1(void);
CYASSL_API const EVP_MD* EVP_md5(void);
CYASSL_API const EVP_MD* EVP_sha1(void);
typedef union {
@@ -60,16 +60,19 @@ typedef struct EVP_MD_CTX {
} EVP_MD_CTX;
void EVP_MD_CTX_init(EVP_MD_CTX* ctx);
int EVP_MD_CTX_cleanup(EVP_MD_CTX* ctx);
CYASSL_API void EVP_MD_CTX_init(EVP_MD_CTX* ctx);
CYASSL_API int EVP_MD_CTX_cleanup(EVP_MD_CTX* ctx);
int EVP_DigestInit(EVP_MD_CTX* ctx, const EVP_MD* type);
int EVP_DigestUpdate(EVP_MD_CTX* ctx, const void* data, size_t sz);
int EVP_DigestFinal(EVP_MD_CTX* ctx, unsigned char* md, unsigned int* s);
int EVP_DigestFinal_ex(EVP_MD_CTX* ctx, unsigned char* md, unsigned int* s);
int EVP_BytesToKey(const EVP_CIPHER*, const EVP_MD*, const unsigned char*,
const unsigned char*, int, int, unsigned char*, unsigned char*);
CYASSL_API int EVP_DigestInit(EVP_MD_CTX* ctx, const EVP_MD* type);
CYASSL_API int EVP_DigestUpdate(EVP_MD_CTX* ctx, const void* data,
unsigned long sz);
CYASSL_API int EVP_DigestFinal(EVP_MD_CTX* ctx, unsigned char* md,
unsigned int* s);
CYASSL_API int EVP_DigestFinal_ex(EVP_MD_CTX* ctx, unsigned char* md,
unsigned int* s);
CYASSL_API int EVP_BytesToKey(const EVP_CIPHER*, const EVP_MD*,
const unsigned char*, const unsigned char*,
int, int, unsigned char*, unsigned char*);
#ifdef __cplusplus
} /* extern "C" */

8
include/openssl/hmac.h
View File

@@ -33,15 +33,17 @@
#include "prefix_hmac.h"
#endif
unsigned char* HMAC(const EVP_MD* evp_md, const void* key, int key_len,
const unsigned char* d, int n, unsigned char* md, unsigned int* md_len);
#include "evp.h"
#ifdef __cplusplus
extern "C" {
#endif
CYASSL_API unsigned char* HMAC(const EVP_MD* evp_md, const void* key,
int key_len, const unsigned char* d, int n,
unsigned char* md, unsigned int* md_len);
#ifdef __cplusplus
} /* extern "C" */

6
include/openssl/md5.h
View File

@@ -17,9 +17,9 @@ typedef struct MD5_CTX {
int holder[24]; /* big enough to hold ctaocrypt md5, but check on init */
} MD5_CTX;
void MD5_Init(MD5_CTX*);
void MD5_Update(MD5_CTX*, const void*, unsigned long);
void MD5_Final(unsigned char*, MD5_CTX*);
CYASSL_API void MD5_Init(MD5_CTX*);
CYASSL_API void MD5_Update(MD5_CTX*, const void*, unsigned long);
CYASSL_API void MD5_Final(unsigned char*, MD5_CTX*);

14
include/openssl/sha.h
View File

@@ -17,10 +17,18 @@ typedef struct SHA_CTX {
int holder[24]; /* big enough to hold ctaocrypt sha, but check on init */
} SHA_CTX;
void SHA_Init(SHA_CTX*);
void SHA_Update(SHA_CTX*, const void*, unsigned long);
void SHA_Final(unsigned char*, SHA_CTX*);
CYASSL_API void SHA_Init(SHA_CTX*);
CYASSL_API void SHA_Update(SHA_CTX*, const void*, unsigned long);
CYASSL_API void SHA_Final(unsigned char*, SHA_CTX*);
/* SHA1 points to above, shouldn't use SHA0 ever */
CYASSL_API void SHA1_Init(SHA_CTX*);
CYASSL_API void SHA1_Update(SHA_CTX*, const void*, unsigned long);
CYASSL_API void SHA1_Final(unsigned char*, SHA_CTX*);
enum {
SHA_DIGEST_LENGTH = 20
};
#ifdef __cplusplus

541
include/openssl/ssl.h
View File

@@ -39,9 +39,14 @@
#include "prefix_ssl.h"
#endif
#define CYASSL_VERSION "1.9.0"
#define CYASSL_VERSION "2.0.0rc1"
#undef X509_NAME /* wincrypt.h clash */
#ifdef _WIN32
/* wincrypt.h clashes */
#undef X509_NAME
#undef OCSP_REQUEST
#undef OCSP_RESPONSE
#endif
#ifdef __cplusplus
extern "C" {
@@ -120,246 +125,252 @@ typedef struct X509_STORE_CTX {
} X509_STORE_CTX;
SSL_METHOD *SSLv3_server_method(void);
SSL_METHOD *SSLv3_client_method(void);
SSL_METHOD *TLSv1_server_method(void);
SSL_METHOD *TLSv1_client_method(void);
SSL_METHOD *TLSv1_1_server_method(void);
SSL_METHOD *TLSv1_1_client_method(void);
SSL_METHOD *TLSv1_2_server_method(void);
SSL_METHOD *TLSv1_2_client_method(void);
CYASSL_API SSL_METHOD *SSLv3_server_method(void);
CYASSL_API SSL_METHOD *SSLv3_client_method(void);
CYASSL_API SSL_METHOD *TLSv1_server_method(void);
CYASSL_API SSL_METHOD *TLSv1_client_method(void);
CYASSL_API SSL_METHOD *TLSv1_1_server_method(void);
CYASSL_API SSL_METHOD *TLSv1_1_client_method(void);
CYASSL_API SSL_METHOD *TLSv1_2_server_method(void);
CYASSL_API SSL_METHOD *TLSv1_2_client_method(void);
#ifdef CYASSL_DTLS
SSL_METHOD *DTLSv1_client_method(void);
SSL_METHOD *DTLSv1_server_method(void);
CYASSL_API SSL_METHOD *DTLSv1_client_method(void);
CYASSL_API SSL_METHOD *DTLSv1_server_method(void);
#endif
#ifndef NO_FILESYSTEM
int SSL_CTX_use_certificate_file(SSL_CTX*, const char*, int);
int SSL_CTX_use_PrivateKey_file(SSL_CTX*, const char*, int);
int SSL_CTX_load_verify_locations(SSL_CTX*, const char*, const char*);
int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX*, const char*, int);
CYASSL_API int SSL_CTX_use_certificate_file(SSL_CTX*, const char*, int);
CYASSL_API int SSL_CTX_use_PrivateKey_file(SSL_CTX*, const char*, int);
CYASSL_API int SSL_CTX_load_verify_locations(SSL_CTX*, const char*,const char*);
CYASSL_API int SSL_CTX_use_certificate_chain_file(SSL_CTX *, const char *file);
CYASSL_API int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX*, const char*, int);
#ifdef CYASSL_DER_LOAD
int CyaSSL_CTX_load_verify_locations(SSL_CTX*, const char*, int);
CYASSL_API int CyaSSL_CTX_load_verify_locations(SSL_CTX*, const char*, int);
#endif
#ifdef HAVE_NTRU
int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX*, const char*); /* load NTRU
private key blob */
CYASSL_API int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX*, const char*);
/* load NTRU private key blob */
#endif
int CyaSSL_PemCertToDer(const char*, unsigned char*, int);
CYASSL_API int CyaSSL_PemCertToDer(const char*, unsigned char*, int);
#endif /* NO_FILESYSTEM */
SSL_CTX* SSL_CTX_new(SSL_METHOD*);
SSL* SSL_new(SSL_CTX*);
int SSL_set_fd (SSL*, int);
int SSL_get_fd(const SSL*);
int SSL_connect(SSL*); /* please see note at top of README
CYASSL_API SSL_CTX* SSL_CTX_new(SSL_METHOD*);
CYASSL_API SSL* SSL_new(SSL_CTX*);
CYASSL_API int SSL_set_fd (SSL*, int);
CYASSL_API int SSL_get_fd(const SSL*);
CYASSL_API int SSL_connect(SSL*); /* please see note at top of README
if you get an error from connect */
int SSL_write(SSL*, const void*, int);
int SSL_read(SSL*, void*, int);
int SSL_accept(SSL*);
void SSL_CTX_free(SSL_CTX*);
void SSL_free(SSL*);
int SSL_shutdown(SSL*);
CYASSL_API int SSL_write(SSL*, const void*, int);
CYASSL_API int SSL_read(SSL*, void*, int);
CYASSL_API int SSL_accept(SSL*);
CYASSL_API void SSL_CTX_free(SSL_CTX*);
CYASSL_API void SSL_free(SSL*);
CYASSL_API int SSL_shutdown(SSL*);
void SSL_CTX_set_quiet_shutdown(SSL_CTX*, int);
CYASSL_API void SSL_CTX_set_quiet_shutdown(SSL_CTX*, int);
int SSL_get_error(SSL*, int);
CYASSL_API int SSL_get_error(SSL*, int);
int SSL_set_session(SSL *ssl, SSL_SESSION *session);
SSL_SESSION* SSL_get_session(SSL* ssl);
void SSL_flush_sessions(SSL_CTX *ctx, long tm);
CYASSL_API int SSL_set_session(SSL *ssl, SSL_SESSION *session);
CYASSL_API SSL_SESSION* SSL_get_session(SSL* ssl);
CYASSL_API void SSL_flush_sessions(SSL_CTX *ctx, long tm);
typedef int (*VerifyCallback)(int, X509_STORE_CTX*);
typedef int (*pem_password_cb)(char*, int, int, void*);
void SSL_CTX_set_verify(SSL_CTX*, int, VerifyCallback verify_callback);
CYASSL_API void SSL_CTX_set_verify(SSL_CTX*,int,VerifyCallback verify_callback);
int SSL_pending(SSL*);
CYASSL_API int SSL_pending(SSL*);
void SSL_load_error_strings(void);
int SSL_library_init(void);
long SSL_CTX_set_session_cache_mode(SSL_CTX*, long);
CYASSL_API void SSL_load_error_strings(void);
CYASSL_API int SSL_library_init(void);
CYASSL_API long SSL_CTX_set_session_cache_mode(SSL_CTX*, long);
/* only supports full name from cipher_name[] delimited by : */
int SSL_CTX_set_cipher_list(SSL_CTX*, const char*);
CYASSL_API int SSL_CTX_set_cipher_list(SSL_CTX*, const char*);
char* ERR_error_string(unsigned long,char*);
void ERR_error_string_n(unsigned long e, char *buf, size_t len);
CYASSL_API char* ERR_error_string(unsigned long,char*);
CYASSL_API void ERR_error_string_n(unsigned long e,char *buf,unsigned long sz);
/* extras */
#define STACK_OF(x) x
int SSL_set_ex_data(SSL*, int, void*);
int SSL_get_shutdown(const SSL*);
int SSL_set_rfd(SSL*, int);
int SSL_set_wfd(SSL*, int);
void SSL_set_shutdown(SSL*, int);
int SSL_set_session_id_context(SSL*, const unsigned char*, unsigned int);
void SSL_set_connect_state(SSL*);
void SSL_set_accept_state(SSL*);
int SSL_session_reused(SSL*);
void SSL_SESSION_free(SSL_SESSION* session);
CYASSL_API int SSL_set_ex_data(SSL*, int, void*);
CYASSL_API int SSL_get_shutdown(const SSL*);
CYASSL_API int SSL_set_rfd(SSL*, int);
CYASSL_API int SSL_set_wfd(SSL*, int);
CYASSL_API void SSL_set_shutdown(SSL*, int);
CYASSL_API int SSL_set_session_id_context(SSL*, const unsigned char*,
unsigned int);
CYASSL_API void SSL_set_connect_state(SSL*);
CYASSL_API void SSL_set_accept_state(SSL*);
CYASSL_API int SSL_session_reused(SSL*);
CYASSL_API void SSL_SESSION_free(SSL_SESSION* session);
const char* SSL_get_version(SSL*);
SSL_CIPHER* SSL_get_current_cipher(SSL*);
char* SSL_CIPHER_description(SSL_CIPHER*, char*, int);
const char* SSL_CIPHER_get_name(const SSL_CIPHER* cipher);
SSL_SESSION* SSL_get1_session(SSL* ssl); /* what's ref count */
CYASSL_API const char* SSL_get_version(SSL*);
CYASSL_API SSL_CIPHER* SSL_get_current_cipher(SSL*);
CYASSL_API char* SSL_CIPHER_description(SSL_CIPHER*, char*, int);
CYASSL_API const char* SSL_CIPHER_get_name(const SSL_CIPHER* cipher);
CYASSL_API SSL_SESSION* SSL_get1_session(SSL* ssl); /* what's ref count */
void X509_free(X509*);
void OPENSSL_free(void*);
CYASSL_API void X509_free(X509*);
CYASSL_API void OPENSSL_free(void*);
int OCSP_parse_url(char* url, char** host, char** port, char** path, int* ssl);
CYASSL_API int OCSP_parse_url(char* url, char** host, char** port, char** path,
int* ssl);
SSL_METHOD* SSLv23_client_method(void);
SSL_METHOD* SSLv2_client_method(void);
SSL_METHOD* SSLv2_server_method(void);
CYASSL_API SSL_METHOD* SSLv23_client_method(void);
CYASSL_API SSL_METHOD* SSLv2_client_method(void);
CYASSL_API SSL_METHOD* SSLv2_server_method(void);
void MD4_Init(MD4_CTX*);
void MD4_Update(MD4_CTX*, const void*, size_t);
void MD4_Final(unsigned char*, MD4_CTX*);
CYASSL_API void MD4_Init(MD4_CTX*);
CYASSL_API void MD4_Update(MD4_CTX*, const void*, unsigned long);
CYASSL_API void MD4_Final(unsigned char*, MD4_CTX*);
BIO* BIO_new(BIO_METHOD*);
int BIO_free(BIO*);
int BIO_free_all(BIO*);
int BIO_read(BIO*, void*, int);
int BIO_write(BIO*, const void*, int);
BIO* BIO_push(BIO*, BIO* append);
BIO* BIO_pop(BIO*);
int BIO_flush(BIO*);
int BIO_pending(BIO*);
CYASSL_API BIO* BIO_new(BIO_METHOD*);
CYASSL_API int BIO_free(BIO*);
CYASSL_API int BIO_free_all(BIO*);
CYASSL_API int BIO_read(BIO*, void*, int);
CYASSL_API int BIO_write(BIO*, const void*, int);
CYASSL_API BIO* BIO_push(BIO*, BIO* append);
CYASSL_API BIO* BIO_pop(BIO*);
CYASSL_API int BIO_flush(BIO*);
CYASSL_API int BIO_pending(BIO*);
BIO_METHOD* BIO_f_buffer(void);
long BIO_set_write_buffer_size(BIO*, long size);
BIO_METHOD* BIO_f_ssl(void);
BIO* BIO_new_socket(int sfd, int flag);
void SSL_set_bio(SSL*, BIO* rd, BIO* wr);
int BIO_eof(BIO*);
long BIO_set_ssl(BIO*, SSL*, int flag);
CYASSL_API BIO_METHOD* BIO_f_buffer(void);
CYASSL_API long BIO_set_write_buffer_size(BIO*, long size);
CYASSL_API BIO_METHOD* BIO_f_ssl(void);
CYASSL_API BIO* BIO_new_socket(int sfd, int flag);
CYASSL_API void SSL_set_bio(SSL*, BIO* rd, BIO* wr);
CYASSL_API int BIO_eof(BIO*);
CYASSL_API long BIO_set_ssl(BIO*, SSL*, int flag);
BIO_METHOD* BIO_s_mem(void);
BIO_METHOD* BIO_f_base64(void);
void BIO_set_flags(BIO*, int);
CYASSL_API BIO_METHOD* BIO_s_mem(void);
CYASSL_API BIO_METHOD* BIO_f_base64(void);
CYASSL_API void BIO_set_flags(BIO*, int);
void OpenSSL_add_all_algorithms(void);
int SSLeay_add_ssl_algorithms(void);
int SSLeay_add_all_algorithms(void);
CYASSL_API void OpenSSL_add_all_algorithms(void);
CYASSL_API int SSLeay_add_ssl_algorithms(void);
CYASSL_API int SSLeay_add_all_algorithms(void);
void RAND_screen(void);
const char* RAND_file_name(char*, size_t);
int RAND_write_file(const char*);
int RAND_load_file(const char*, long);
int RAND_egd(const char*);
CYASSL_API void RAND_screen(void);
CYASSL_API const char* RAND_file_name(char*, unsigned long);
CYASSL_API int RAND_write_file(const char*);
CYASSL_API int RAND_load_file(const char*, long);
CYASSL_API int RAND_egd(const char*);
COMP_METHOD* COMP_zlib(void);
COMP_METHOD* COMP_rle(void);
int SSL_COMP_add_compression_method(int, void*);
CYASSL_API COMP_METHOD* COMP_zlib(void);
CYASSL_API COMP_METHOD* COMP_rle(void);
CYASSL_API int SSL_COMP_add_compression_method(int, void*);
int SSL_get_ex_new_index(long, void*, void*, void*, void*);
CYASSL_API int SSL_get_ex_new_index(long, void*, void*, void*, void*);
void CRYPTO_set_id_callback(unsigned long (*f)(void));
void CRYPTO_set_locking_callback(void (*f)(int, int, const char*, int));
void CRYPTO_set_dynlock_create_callback(CRYPTO_dynlock_value* (*f)(const char*,
int));
void CRYPTO_set_dynlock_lock_callback(void (*f)(int, CRYPTO_dynlock_value*,
const char*, int));
void CRYPTO_set_dynlock_destroy_callback(void (*f)(CRYPTO_dynlock_value*,
const char*, int));
CYASSL_API void CRYPTO_set_id_callback(unsigned long (*f)(void));
CYASSL_API void CRYPTO_set_locking_callback(void (*f)(int, int, const char*,
int));
CYASSL_API void CRYPTO_set_dynlock_create_callback(CRYPTO_dynlock_value* (*f)
(const char*, int));
CYASSL_API void CRYPTO_set_dynlock_lock_callback(void (*f)(int,
CRYPTO_dynlock_value*, const char*, int));
CYASSL_API void CRYPTO_set_dynlock_destroy_callback(void (*f)
(CRYPTO_dynlock_value*, const char*, int));
CYASSL_API int CRYPTO_num_locks(void);
X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX*);
int X509_STORE_CTX_get_error(X509_STORE_CTX*);
int X509_STORE_CTX_get_error_depth(X509_STORE_CTX*);
CYASSL_API X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX*);
CYASSL_API int X509_STORE_CTX_get_error(X509_STORE_CTX*);
CYASSL_API int X509_STORE_CTX_get_error_depth(X509_STORE_CTX*);
char* X509_NAME_oneline(X509_NAME*, char*, int);
X509_NAME* X509_get_issuer_name(X509*);
X509_NAME* X509_get_subject_name(X509*);
const char* X509_verify_cert_error_string(long);
CYASSL_API char* X509_NAME_oneline(X509_NAME*, char*, int);
CYASSL_API X509_NAME* X509_get_issuer_name(X509*);
CYASSL_API X509_NAME* X509_get_subject_name(X509*);
CYASSL_API const char* X509_verify_cert_error_string(long);
int X509_LOOKUP_add_dir(X509_LOOKUP*, const char*, long);
int X509_LOOKUP_load_file(X509_LOOKUP*, const char*, long);
X509_LOOKUP_METHOD* X509_LOOKUP_hash_dir(void);
X509_LOOKUP_METHOD* X509_LOOKUP_file(void);
CYASSL_API int X509_LOOKUP_add_dir(X509_LOOKUP*, const char*, long);
CYASSL_API int X509_LOOKUP_load_file(X509_LOOKUP*, const char*, long);
CYASSL_API X509_LOOKUP_METHOD* X509_LOOKUP_hash_dir(void);
CYASSL_API X509_LOOKUP_METHOD* X509_LOOKUP_file(void);
X509_LOOKUP* X509_STORE_add_lookup(X509_STORE*, X509_LOOKUP_METHOD*);
X509_STORE* X509_STORE_new(void);
int X509_STORE_get_by_subject(X509_STORE_CTX*, int, X509_NAME*,
X509_OBJECT*);
int X509_STORE_CTX_init(X509_STORE_CTX*, X509_STORE*, X509*, STACK_OF(X509)*);
void X509_STORE_CTX_cleanup(X509_STORE_CTX*);
CYASSL_API X509_LOOKUP* X509_STORE_add_lookup(X509_STORE*, X509_LOOKUP_METHOD*);
CYASSL_API X509_STORE* X509_STORE_new(void);
CYASSL_API int X509_STORE_get_by_subject(X509_STORE_CTX*, int,
X509_NAME*, X509_OBJECT*);
CYASSL_API int X509_STORE_CTX_init(X509_STORE_CTX*, X509_STORE*, X509*,
STACK_OF(X509)*);
CYASSL_API void X509_STORE_CTX_cleanup(X509_STORE_CTX*);
ASN1_TIME* X509_CRL_get_lastUpdate(X509_CRL*);
ASN1_TIME* X509_CRL_get_nextUpdate(X509_CRL*);
CYASSL_API ASN1_TIME* X509_CRL_get_lastUpdate(X509_CRL*);
CYASSL_API ASN1_TIME* X509_CRL_get_nextUpdate(X509_CRL*);
EVP_PKEY* X509_get_pubkey(X509*);
int X509_CRL_verify(X509_CRL*, EVP_PKEY*);
void X509_STORE_CTX_set_error(X509_STORE_CTX*, int);
void X509_OBJECT_free_contents(X509_OBJECT*);
void EVP_PKEY_free(EVP_PKEY*);
int X509_cmp_current_time(const ASN1_TIME*);
int sk_X509_REVOKED_num(X509_REVOKED*);
CYASSL_API EVP_PKEY* X509_get_pubkey(X509*);
CYASSL_API int X509_CRL_verify(X509_CRL*, EVP_PKEY*);
CYASSL_API void X509_STORE_CTX_set_error(X509_STORE_CTX*, int);
CYASSL_API void X509_OBJECT_free_contents(X509_OBJECT*);
CYASSL_API void EVP_PKEY_free(EVP_PKEY*);
CYASSL_API int X509_cmp_current_time(const ASN1_TIME*);
CYASSL_API int sk_X509_REVOKED_num(X509_REVOKED*);
X509_REVOKED* X509_CRL_get_REVOKED(X509_CRL*);
X509_REVOKED* sk_X509_REVOKED_value(X509_REVOKED*, int);
CYASSL_API X509_REVOKED* X509_CRL_get_REVOKED(X509_CRL*);
CYASSL_API X509_REVOKED* sk_X509_REVOKED_value(X509_REVOKED*, int);
ASN1_INTEGER* X509_get_serialNumber(X509*);
CYASSL_API ASN1_INTEGER* X509_get_serialNumber(X509*);
int ASN1_TIME_print(BIO*, const ASN1_TIME*);
CYASSL_API int ASN1_TIME_print(BIO*, const ASN1_TIME*);
int ASN1_INTEGER_cmp(const ASN1_INTEGER*, const ASN1_INTEGER*);
long ASN1_INTEGER_get(const ASN1_INTEGER*);
CYASSL_API int ASN1_INTEGER_cmp(const ASN1_INTEGER*, const ASN1_INTEGER*);
CYASSL_API long ASN1_INTEGER_get(const ASN1_INTEGER*);
STACK_OF(X509_NAME)* SSL_load_client_CA_file(const char*);
CYASSL_API STACK_OF(X509_NAME)* SSL_load_client_CA_file(const char*);
void SSL_CTX_set_client_CA_list(SSL_CTX*, STACK_OF(X509_NAME)*);
void* X509_STORE_CTX_get_ex_data(X509_STORE_CTX*, int);
int SSL_get_ex_data_X509_STORE_CTX_idx(void);
void* SSL_get_ex_data(const SSL*, int);
CYASSL_API void SSL_CTX_set_client_CA_list(SSL_CTX*, STACK_OF(X509_NAME)*);
CYASSL_API void* X509_STORE_CTX_get_ex_data(X509_STORE_CTX*, int);
CYASSL_API int SSL_get_ex_data_X509_STORE_CTX_idx(void);
CYASSL_API void* SSL_get_ex_data(const SSL*, int);
void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX*, void* userdata);
void SSL_CTX_set_default_passwd_cb(SSL_CTX*, pem_password_cb);
CYASSL_API void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX*,void* userdata);
CYASSL_API void SSL_CTX_set_default_passwd_cb(SSL_CTX*, pem_password_cb);
long SSL_CTX_set_timeout(SSL_CTX*, long);
void SSL_CTX_set_info_callback(SSL_CTX*, void (*)());
CYASSL_API long SSL_CTX_set_timeout(SSL_CTX*, long);
CYASSL_API void SSL_CTX_set_info_callback(SSL_CTX*, void (*)(void));
unsigned long ERR_peek_error(void);
int ERR_GET_REASON(int);
CYASSL_API unsigned long ERR_peek_error(void);
CYASSL_API int ERR_GET_REASON(int);
char* SSL_alert_type_string_long(int);
char* SSL_alert_desc_string_long(int);
char* SSL_state_string_long(SSL*);
CYASSL_API char* SSL_alert_type_string_long(int);
CYASSL_API char* SSL_alert_desc_string_long(int);
CYASSL_API char* SSL_state_string_long(SSL*);
void RSA_free(RSA*);
RSA* RSA_generate_key(int, unsigned long, void(*)(int, int, void*), void*);
void SSL_CTX_set_tmp_rsa_callback(SSL_CTX*, RSA*(*)(SSL*, int, int));
CYASSL_API void RSA_free(RSA*);
CYASSL_API RSA* RSA_generate_key(int, unsigned long, void(*)(int, int, void*),
void*);
CYASSL_API void SSL_CTX_set_tmp_rsa_callback(SSL_CTX*, RSA*(*)(SSL*, int, int));
int PEM_def_callback(char*, int num, int w, void* key);
CYASSL_API int PEM_def_callback(char*, int num, int w, void* key);
long SSL_CTX_sess_accept(SSL_CTX*);
long SSL_CTX_sess_connect(SSL_CTX*);
long SSL_CTX_sess_accept_good(SSL_CTX*);
long SSL_CTX_sess_connect_good(SSL_CTX*);
long SSL_CTX_sess_accept_renegotiate(SSL_CTX*);
long SSL_CTX_sess_connect_renegotiate(SSL_CTX*);
long SSL_CTX_sess_hits(SSL_CTX*);
long SSL_CTX_sess_cb_hits(SSL_CTX*);
long SSL_CTX_sess_cache_full(SSL_CTX*);
long SSL_CTX_sess_misses(SSL_CTX*);
long SSL_CTX_sess_timeouts(SSL_CTX*);
long SSL_CTX_sess_number(SSL_CTX*);
long SSL_CTX_sess_get_cache_size(SSL_CTX*);
CYASSL_API long SSL_CTX_sess_accept(SSL_CTX*);
CYASSL_API long SSL_CTX_sess_connect(SSL_CTX*);
CYASSL_API long SSL_CTX_sess_accept_good(SSL_CTX*);
CYASSL_API long SSL_CTX_sess_connect_good(SSL_CTX*);
CYASSL_API long SSL_CTX_sess_accept_renegotiate(SSL_CTX*);
CYASSL_API long SSL_CTX_sess_connect_renegotiate(SSL_CTX*);
CYASSL_API long SSL_CTX_sess_hits(SSL_CTX*);
CYASSL_API long SSL_CTX_sess_cb_hits(SSL_CTX*);
CYASSL_API long SSL_CTX_sess_cache_full(SSL_CTX*);
CYASSL_API long SSL_CTX_sess_misses(SSL_CTX*);
CYASSL_API long SSL_CTX_sess_timeouts(SSL_CTX*);
CYASSL_API long SSL_CTX_sess_number(SSL_CTX*);
CYASSL_API long SSL_CTX_sess_get_cache_size(SSL_CTX*);
#define SSL_DEFAULT_CIPHER_LIST "" /* default all */
@@ -450,8 +461,7 @@ enum {
X509_V_OK = 0,
CRYPTO_LOCK = 1,
CRYPTO_NUM_LOCKS = 10,
CRYPTO_NUM_LOCKS = 10
};
/* extras end */
@@ -459,7 +469,7 @@ enum {
#ifndef NO_FILESYSTEM
/* CyaSSL extension, provide last error from SSL_get_error
since not using thread storage error queue */
void ERR_print_errors_fp(FILE*, int err);
CYASSL_API void ERR_print_errors_fp(FILE*, int err);
#endif
enum { /* ssl Constants */
@@ -512,26 +522,28 @@ enum { /* ssl Constants */
SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 103,
SSL_R_SSLV3_ALERT_BAD_CERTIFICATE = 104,
PEM_BUFSIZE = 1024,
PEM_BUFSIZE = 1024
};
#ifndef NO_PSK
typedef unsigned int (*psk_client_callback)(SSL*, const char*, char*,
unsigned int, unsigned char*, unsigned int);
void SSL_CTX_set_psk_client_callback(SSL_CTX*, psk_client_callback);
void SSL_set_psk_client_callback(SSL*, psk_client_callback);
unsigned int, unsigned char*, unsigned int);
CYASSL_API void SSL_CTX_set_psk_client_callback(SSL_CTX*,
psk_client_callback);
CYASSL_API void SSL_set_psk_client_callback(SSL*, psk_client_callback);
const char* SSL_get_psk_identity_hint(const SSL*);
const char* SSL_get_psk_identity(const SSL*);
CYASSL_API const char* SSL_get_psk_identity_hint(const SSL*);
CYASSL_API const char* SSL_get_psk_identity(const SSL*);
int SSL_CTX_use_psk_identity_hint(SSL_CTX*, const char*);
int SSL_use_psk_identity_hint(SSL*, const char*);
CYASSL_API int SSL_CTX_use_psk_identity_hint(SSL_CTX*, const char*);
CYASSL_API int SSL_use_psk_identity_hint(SSL*, const char*);
typedef unsigned int (*psk_server_callback)(SSL*, const char*,
unsigned char*, unsigned int);
void SSL_CTX_set_psk_server_callback(SSL_CTX*, psk_server_callback);
void SSL_set_psk_server_callback(SSL*, psk_server_callback);
CYASSL_API void SSL_CTX_set_psk_server_callback(SSL_CTX*,
psk_server_callback);
CYASSL_API void SSL_set_psk_server_callback(SSL*, psk_server_callback);
#define PSK_TYPES_DEFINED
#endif /* NO_PSK */
@@ -540,62 +552,65 @@ enum { /* ssl Constants */
/* extra begins */
enum { /* ERR Constants */
ERR_TXT_STRING = 1,
ERR_TXT_STRING = 1
};
unsigned long ERR_get_error_line_data(const char**, int*, const char**, int *);
CYASSL_API unsigned long ERR_get_error_line_data(const char**, int*,
const char**, int *);
unsigned long ERR_get_error(void);
void ERR_clear_error(void);
CYASSL_API unsigned long ERR_get_error(void);
CYASSL_API void ERR_clear_error(void);
int RAND_status(void);
int RAND_bytes(unsigned char* buf, int num);
SSL_METHOD *SSLv23_server_method(void);
long SSL_CTX_set_options(SSL_CTX*, long);
int SSL_CTX_check_private_key(SSL_CTX*);
CYASSL_API int RAND_status(void);
CYASSL_API int RAND_bytes(unsigned char* buf, int num);
CYASSL_API SSL_METHOD *SSLv23_server_method(void);
CYASSL_API long SSL_CTX_set_options(SSL_CTX*, long);
CYASSL_API int SSL_CTX_check_private_key(SSL_CTX*);
void ERR_free_strings(void);
void ERR_remove_state(unsigned long);
void EVP_cleanup(void);
CYASSL_API void ERR_free_strings(void);
CYASSL_API void ERR_remove_state(unsigned long);
CYASSL_API void EVP_cleanup(void);
void CRYPTO_cleanup_all_ex_data(void);
long SSL_CTX_set_mode(SSL_CTX* ctx, long mode);
long SSL_CTX_get_mode(SSL_CTX* ctx);
void SSL_CTX_set_default_read_ahead(SSL_CTX* ctx, int m);
CYASSL_API void CRYPTO_cleanup_all_ex_data(void);
CYASSL_API long SSL_CTX_set_mode(SSL_CTX* ctx, long mode);
CYASSL_API long SSL_CTX_get_mode(SSL_CTX* ctx);
CYASSL_API void SSL_CTX_set_default_read_ahead(SSL_CTX* ctx, int m);
long SSL_CTX_sess_set_cache_size(SSL_CTX*, long);
CYASSL_API long SSL_CTX_sess_set_cache_size(SSL_CTX*, long);
int SSL_CTX_set_default_verify_paths(SSL_CTX*);
int SSL_CTX_set_session_id_context(SSL_CTX*, const unsigned char*,
CYASSL_API int SSL_CTX_set_default_verify_paths(SSL_CTX*);
CYASSL_API int SSL_CTX_set_session_id_context(SSL_CTX*, const unsigned char*,
unsigned int);
X509* SSL_get_peer_certificate(SSL* ssl);
CYASSL_API X509* SSL_get_peer_certificate(SSL* ssl);
int SSL_want_read(SSL*);
int SSL_want_write(SSL*);
CYASSL_API int SSL_want_read(SSL*);
CYASSL_API int SSL_want_write(SSL*);
int BIO_printf(BIO*, const char*, ...);
int ASN1_UTCTIME_print(BIO*, const ASN1_UTCTIME*);
CYASSL_API int BIO_printf(BIO*, const char*, ...);
CYASSL_API int ASN1_UTCTIME_print(BIO*, const ASN1_UTCTIME*);
int sk_num(X509_REVOKED*);
void* sk_value(X509_REVOKED*, int);
CYASSL_API int sk_num(X509_REVOKED*);
CYASSL_API void* sk_value(X509_REVOKED*, int);
/* stunnel 4.28 needs */
void* SSL_CTX_get_ex_data(const SSL_CTX*, int);
int SSL_CTX_set_ex_data(SSL_CTX*, int, void*);
void SSL_CTX_sess_set_get_cb(SSL_CTX*, SSL_SESSION*(*f)(SSL*, unsigned char*,
int, int*));
void SSL_CTX_sess_set_new_cb(SSL_CTX*, int (*f)(SSL*, SSL_SESSION*));
void SSL_CTX_sess_set_remove_cb(SSL_CTX*, void (*f)(SSL_CTX*, SSL_SESSION*));
CYASSL_API void* SSL_CTX_get_ex_data(const SSL_CTX*, int);
CYASSL_API int SSL_CTX_set_ex_data(SSL_CTX*, int, void*);
CYASSL_API void SSL_CTX_sess_set_get_cb(SSL_CTX*, SSL_SESSION*(*f)(SSL*,
unsigned char*, int, int*));
CYASSL_API void SSL_CTX_sess_set_new_cb(SSL_CTX*, int (*f)(SSL*,SSL_SESSION*));
CYASSL_API void SSL_CTX_sess_set_remove_cb(SSL_CTX*, void (*f)(SSL_CTX*,
SSL_SESSION*));
int i2d_SSL_SESSION(SSL_SESSION*, unsigned char**);
SSL_SESSION* d2i_SSL_SESSION(SSL_SESSION**,const unsigned char**, long);
CYASSL_API int i2d_SSL_SESSION(SSL_SESSION*, unsigned char**);
CYASSL_API SSL_SESSION* d2i_SSL_SESSION(SSL_SESSION**,const unsigned char**,
long);
long SSL_SESSION_get_timeout(const SSL_SESSION*);
long SSL_SESSION_get_time(const SSL_SESSION*);
int SSL_CTX_get_ex_new_index(long, void*, void*, void*, void*);
CYASSL_API long SSL_SESSION_get_timeout(const SSL_SESSION*);
CYASSL_API long SSL_SESSION_get_time(const SSL_SESSION*);
CYASSL_API int SSL_CTX_get_ex_new_index(long, void*, void*, void*, void*);
/* extra ends */
@@ -604,53 +619,77 @@ int SSL_CTX_get_ex_new_index(long, void*, void*, void*, void*);
/* call before SSL_connect, if verifying will add name check to
date check and signature check */
int CyaSSL_check_domain_name(SSL* ssl, const char* dn);
CYASSL_API int CyaSSL_check_domain_name(SSL* ssl, const char* dn);
int InitCyaSSL(void); /* need to call once to load library (session cache) */
int FreeCyaSSL(void); /* call when done to free session cache mutex */
/* need to call once to load library (session cache) */
CYASSL_API int InitCyaSSL(void);
/* call when done to free session cache mutex */
CYASSL_API int FreeCyaSSL(void);
int CyaSSL_Debugging_ON(void); /* turn logging on, only if compiled in */
void CyaSSL_Debugging_OFF(void); /* turn logging off */
/* turn logging on, only if compiled in */
CYASSL_API int CyaSSL_Debugging_ON(void);
/* turn logging off */
CYASSL_API void CyaSSL_Debugging_OFF(void);
int CyaSSL_set_compression(SSL* ssl); /* turn on CyaSSL data compression */
/* do accept or connect depedning on side */
CYASSL_API int CyaSSL_negotiate(SSL* ssl);
/* turn on CyaSSL data compression */
CYASSL_API int CyaSSL_set_compression(SSL* ssl);
int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX*, const char*); /* load NTRU
private key blob */
X509_CHAIN* CyaSSL_get_peer_chain(SSL* ssl); /* get CyaSSL peer X509_CHAIN */
int CyaSSL_get_chain_count(X509_CHAIN* chain); /* peer chain count */
int CyaSSL_get_chain_length(X509_CHAIN*, int idx); /* index cert length */
unsigned char* CyaSSL_get_chain_cert(X509_CHAIN*, int idx); /* index cert */
int CyaSSL_get_chain_cert_pem(X509_CHAIN*, int idx, unsigned char* buffer,
int inLen, int* outLen); /* get index cert in PEM */
const unsigned char* CyaSSL_get_sessionID(const SSL_SESSION* session);
/* get CyaSSL peer X509_CHAIN */
CYASSL_API X509_CHAIN* CyaSSL_get_peer_chain(SSL* ssl);
/* peer chain count */
CYASSL_API int CyaSSL_get_chain_count(X509_CHAIN* chain);
/* index cert length */
CYASSL_API int CyaSSL_get_chain_length(X509_CHAIN*, int idx);
/* index cert */
CYASSL_API unsigned char* CyaSSL_get_chain_cert(X509_CHAIN*, int idx);
/* get index cert in PEM */
CYASSL_API int CyaSSL_get_chain_cert_pem(X509_CHAIN*, int idx,
unsigned char* buffer, int inLen, int* outLen);
CYASSL_API const unsigned char* CyaSSL_get_sessionID(const SSL_SESSION* sess);
CYASSL_API int CyaSSL_X509_get_serial_number(X509*, unsigned char*, int*);
/* server CTX Diffie-Hellman parameters */
CYASSL_API int CyaSSL_SetTmpDH(SSL*, unsigned char* p, int pSz,
unsigned char* g, int gSz);
#ifndef _WIN32
#ifndef NO_WRITEV
#include <sys/uio.h>
/* allow writev style writing */
int CyaSSL_writev(SSL* ssl, const struct iovec* iov, int iovcnt);
CYASSL_API int CyaSSL_writev(SSL* ssl, const struct iovec* iov,
int iovcnt);
#endif
#endif
#if defined(NO_FILESYSTEM) || defined(MICRIUM)
int CyaSSL_CTX_load_verify_buffer(SSL_CTX*, const unsigned char*, long, int);
int CyaSSL_CTX_use_certificate_buffer(SSL_CTX*, const unsigned char*, long,int);
int CyaSSL_CTX_use_PrivateKey_buffer(SSL_CTX*, const unsigned char*, long, int);
int CyaSSL_CTX_use_certificate_chain_buffer(SSL_CTX*,const unsigned char*,long);
#endif /* NO_FILESYSTEM || MICRIUM */
/* SSL_CTX versions */
CYASSL_API int CyaSSL_CTX_load_verify_buffer(SSL_CTX*, const unsigned char*,
long, int);
CYASSL_API int CyaSSL_CTX_use_certificate_buffer(SSL_CTX*, const unsigned char*, long,int);
CYASSL_API int CyaSSL_CTX_use_PrivateKey_buffer(SSL_CTX*, const unsigned char*,
long, int);
CYASSL_API int CyaSSL_CTX_use_certificate_chain_buffer(SSL_CTX*,
const unsigned char*, long);
/* SSL versions */
CYASSL_API int CyaSSL_use_certificate_buffer(SSL*, const unsigned char*, long,
int);
CYASSL_API int CyaSSL_use_PrivateKey_buffer(SSL*, const unsigned char*, long,
int);
CYASSL_API int CyaSSL_use_certificate_chain_buffer(SSL*,const unsigned char*,
long);
/* I/O callbacks */
typedef int (*CallbackIORecv)(char *buf, int sz, void *ctx);
typedef int (*CallbackIOSend)(char *buf, int sz, void *ctx);
void CyaSSL_SetIORecv(SSL_CTX*, CallbackIORecv);
void CyaSSL_SetIOSend(SSL_CTX*, CallbackIOSend);
CYASSL_API void CyaSSL_SetIORecv(SSL_CTX*, CallbackIORecv);
CYASSL_API void CyaSSL_SetIOSend(SSL_CTX*, CallbackIOSend);
void CyaSSL_SetIOReadCtx(SSL* ssl, void *ctx);
void CyaSSL_SetIOWriteCtx(SSL* ssl, void *ctx);
CYASSL_API void CyaSSL_SetIOReadCtx(SSL* ssl, void *ctx);
CYASSL_API void CyaSSL_SetIOWriteCtx(SSL* ssl, void *ctx);
#ifdef CYASSL_CALLBACKS
@@ -663,8 +702,10 @@ typedef int (*TimeoutCallBack)(TimeoutInfo*);
/* CyaSSL connect extension allowing HandShakeCallBack and/or TimeoutCallBack
for diagnostics */
int CyaSSL_connect_ex(SSL*, HandShakeCallBack, TimeoutCallBack, Timeval);
int CyaSSL_accept_ex(SSL*, HandShakeCallBack, TimeoutCallBack, Timeval);
CYASSL_API int CyaSSL_connect_ex(SSL*, HandShakeCallBack, TimeoutCallBack,
Timeval);
CYASSL_API int CyaSSL_accept_ex(SSL*, HandShakeCallBack, TimeoutCallBack,
Timeval);
#endif /* CYASSL_CALLBACKS */

8
include/sniffer.h
View File

@@ -24,6 +24,7 @@
#ifndef CYASSL_SNIFFER_H
#define CYASSL_SNIFFER_H
#include "os_settings.h"
#ifdef _WIN32
#ifdef SSL_SNIFFER_EXPORTS
@@ -42,19 +43,22 @@
CYASSL_API
SSL_SNIFFER_API int ssl_SetPrivateKey(const char* address, int port,
const char* keyFile, int keyType,
const char* password, char* error);
CYASSL_API
SSL_SNIFFER_API int ssl_DecodePacket(const unsigned char* packet, int length,
unsigned char* data, char* error);
CYASSL_API
SSL_SNIFFER_API int ssl_Trace(const char* traceFile, char* error);
void ssl_InitSniffer(void);
CYASSL_API void ssl_InitSniffer(void);
void ssl_FreeSniffer(void);
CYASSL_API void ssl_FreeSniffer(void);
/* ssl_SetPrivateKey keyTypes */

56
m4/pandora_visibility.m4 Normal file
View File

@@ -0,0 +1,56 @@
dnl Copyright (C) 2005, 2008 Free Software Foundation, Inc.
dnl Copyright (C) 2009 Monty Taylor
dnl This file is free software; the Free Software Foundation
dnl gives unlimited permission to copy and/or distribute it,
dnl with or without modifications, as long as this notice is preserved.
dnl From Bruno Haible.
dnl Tests whether the compiler supports the command-line option
dnl -fvisibility=hidden and the function and variable attributes
dnl __attribute__((__visibility__("hidden"))) and
dnl __attribute__((__visibility__("default"))).
dnl Does *not* test for __visibility__("protected") - which has tricky
dnl semantics (see the 'vismain' test in glibc) and does not exist e.g. on
dnl MacOS X.
dnl Does *not* test for __visibility__("internal") - which has processor
dnl dependent semantics.
dnl Does *not* test for #pragma GCC visibility push(hidden) - which is
dnl "really only recommended for legacy code".
dnl Set the variable CFLAG_VISIBILITY.
dnl Defines and sets the variable HAVE_VISIBILITY.
AC_DEFUN([PANDORA_VISIBILITY],
[
AC_REQUIRE([AC_PROG_CC])
CFLAG_VISIBILITY=
HAVE_VISIBILITY=0
AS_IF([test -n "$GCC"],[
AC_MSG_CHECKING([for simple visibility declarations])
AC_CACHE_VAL([gl_cv_cc_visibility], [
gl_save_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS -fvisibility=hidden"
AC_TRY_COMPILE(
[extern __attribute__((__visibility__("hidden"))) int hiddenvar;
extern __attribute__((__visibility__("default"))) int exportedvar;
extern __attribute__((__visibility__("hidden"))) int hiddenfunc (void);
extern __attribute__((__visibility__("default"))) int exportedfunc (void);],
[],
[gl_cv_cc_visibility=yes],
[gl_cv_cc_visibility=no])
CFLAGS="$gl_save_CFLAGS"])
AC_MSG_RESULT([$gl_cv_cc_visibility])
if test $gl_cv_cc_visibility = yes; then
CFLAG_VISIBILITY="-fvisibility=hidden"
HAVE_VISIBILITY=1
fi
])
AS_IF([test "x$SUNCC" = "xyes"],[
CFLAG_VISIBILITY="-xldscope=hidden"
HAVE_VISIBILITY=1
])
AC_SUBST([CFLAG_VISIBILITY])
AC_SUBST([HAVE_VISIBILITY])
AC_DEFINE_UNQUOTED([HAVE_VISIBILITY], [$HAVE_VISIBILITY],
[Define to 1 or 0, depending whether the compiler supports simple visibility declarations.])
])

43
src/Makefile.am
View File

@@ -1,43 +0,0 @@
INCLUDES = -I../include -I../ctaocrypt/include -I../include/openssl
lib_LTLIBRARIES = libcyassl.la
libcyassl_la_SOURCES = \
cyassl_int.c cyassl_io.c keys.c ssl.c tls.c \
../ctaocrypt/src/asn.c ../ctaocrypt/src/coding.c ../ctaocrypt/src/des3.c \
../ctaocrypt/src/hmac.c ../ctaocrypt/src/md5.c ../ctaocrypt/src/md4.c \
../ctaocrypt/src/random.c ../ctaocrypt/src/rsa.c ../ctaocrypt/src/sha.c \
../ctaocrypt/src/aes.c ../ctaocrypt/src/sha256.c ../ctaocrypt/src/dh.c \
../ctaocrypt/src/dsa.c ../ctaocrypt/src/arc4.c ../ctaocrypt/src/rabbit.c \
../ctaocrypt/src/pwdbased.c
libcyassl_la_LDFLAGS = -no-undefined -version-info 0:0:0
EXTRA_DIST = ../include/*.h ../include/openssl/*.h ../include/*.rc
if BUILD_AESNI
libcyassl_la_SOURCES += ../ctaocrypt/src/aes_asm.s
endif
if BUILD_RIPEMD
libcyassl_la_SOURCES += ../ctaocrypt/src/ripemd.c
endif
if BUILD_SHA512
libcyassl_la_SOURCES += ../ctaocrypt/src/sha512.c
endif
if BUILD_SNIFFER
libcyassl_la_SOURCES += sniffer.c
endif
if BUILD_HC128
libcyassl_la_SOURCES += ../ctaocrypt/src/hc128.c
endif
if BUILD_FASTMATH
libcyassl_la_SOURCES += ../ctaocrypt/src/tfm.c
else
libcyassl_la_SOURCES += ../ctaocrypt/src/integer.c
endif
if BUILD_ECC
libcyassl_la_SOURCES += ../ctaocrypt/src/ecc.c
endif

797
src/cyassl_int.c
View File

File diff suppressed because it is too large Load Diff

57
src/cyassl_io.c
View File

@@ -29,7 +29,7 @@
/* if user writes own I/O callbacks they can define CYASSL_USER_IO to remove
automatic setting of default I/O functions EmbedSend() and EmbedReceive()
but they'll still nedd SetCallback xxx() at end of file
but they'll still need SetCallback xxx() at end of file
*/
#ifndef CYASSL_USER_IO
@@ -111,21 +111,29 @@ int EmbedReceive(char *buf, int sz, void *ctx)
if (recvd == -1) {
err = LastError();
if (err == SOCKET_EWOULDBLOCK ||
err == SOCKET_EAGAIN)
CYASSL_MSG("Embed Receive error");
if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) {
CYASSL_MSG(" Would block");
return IO_ERR_WANT_READ;
else if (err == SOCKET_ECONNRESET)
}
else if (err == SOCKET_ECONNRESET) {
CYASSL_MSG(" Connection reset");
return IO_ERR_CONN_RST;
else if (err == SOCKET_EINTR)
}
else if (err == SOCKET_EINTR) {
CYASSL_MSG(" Socket interrupted");
return IO_ERR_ISR;
else
}
else {
CYASSL_MSG(" General error");
return IO_ERR_GENERAL;
}
}
else if (recvd == 0)
else if (recvd == 0) {
CYASSL_MSG("Embed receive connection closed");
return IO_ERR_CONN_CLOSE;
}
return recvd;
}
@@ -138,25 +146,34 @@ int EmbedSend(char *buf, int sz, void *ctx)
int socket = *(int*)ctx;
int sent;
int len = sz;
int err;
sent = SEND_FUNCTION(socket, &buf[sz - len], len, 0);
if (sent == -1) {
if (LastError() == SOCKET_EWOULDBLOCK ||
LastError() == SOCKET_EAGAIN)
err = LastError();
CYASSL_MSG("Embed Send error");
if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) {
CYASSL_MSG(" Would Block");
return IO_ERR_WANT_WRITE;
else if (LastError() == SOCKET_ECONNRESET)
}
else if (err == SOCKET_ECONNRESET) {
CYASSL_MSG(" Connection reset");
return IO_ERR_CONN_RST;
else if (LastError() == SOCKET_EINTR)
}
else if (err == SOCKET_EINTR) {
CYASSL_MSG(" Socket interrupted");
return IO_ERR_ISR;
else if (LastError() == SOCKET_EPIPE)
}
else if (err == SOCKET_EPIPE) {
CYASSL_MSG(" Socket EPIPE");
return IO_ERR_CONN_CLOSE;
else
}
else {
CYASSL_MSG(" General error");
return IO_ERR_GENERAL;
}
}
return sent;

Some files were not shown because too many files have changed in this diff Show More