Commit ab62f848 authored by msvensson@neptunus.(none)'s avatar msvensson@neptunus.(none)

Merge 192.168.0.20:mysql/my50-yassl_3/

into  neptunus.(none):/home/msvensson/mysql/mysql-5.0-maint
parents ba658599 3d61068f
AC_CONFIG_FILES(extra/yassl/Makefile dnl
extra/yassl/taocrypt/Makefile dnl
extra/yassl/taocrypt/src/Makefile dnl
extra/yassl/src/Makefile)
extra/yassl/src/Makefile dnl
extra/yassl/testsuite/Makefile dnl
extra/yassl/taocrypt/test/Makefile dnl
extra/yassl/taocrypt/benchmark/Makefile)
AC_DEFUN([MYSQL_CHECK_YASSL], [
AC_MSG_CHECKING(for yaSSL)
......
SUBDIRS = taocrypt src
SUBDIRS = taocrypt src testsuite
EXTRA_DIST = yassl.dsp yassl.dsw $(wildcard mySTL/*.hpp)
yaSSL Release notes, version 0.9.6
yaSSL Release notes, version 1.2.2 (03/27/06)
This release of yaSSL contains minor bug fixes and portability enhancements.
See build instructions below under 1.0.6:
*******************yaSSL Release notes, version 1.2.0
This release of yaSSL contains minor bug fixes, portability enhancements,
Diffie-Hellman compatibility fixes for other servers and client,
optimization improvements, and x86 ASM changes.
See build instructions below under 1.0.6:
*****************yaSSL Release notes, version 1.1.5
This release of yaSSL contains minor bug fixes, portability enhancements,
and user requested changes including the ability to add all certificates in
a directory, more robust socket handling, no new overloading unless
requested, and an SSL_VERIFY_NONE option.
See build instructions below under 1.0.6:
******************yaSSL Release notes, version 1.0.6
This release of yaSSL contains minor bug fixes, portability enhancements,
x86 assembly for ARC4, SHA, MD5, and RIPEMD, --enable-ia32-asm configure
option, and a security patch for certificate chain processing.
--To build on Linux, Solaris, *BSD, Mac OS X, or Cygwin:
./configure
make
run testsuite from yaSSL-Home/testsuite to test the build
to make a release build:
./configure --disable-debug
make
run testsuite from yaSSL-Home/testsuite to test the build
--To build on Win32
Choose (Re)Build All from the project workspace
run Debug\testsuite.exe from yaSSL-Home\testsuite to test the build
--To enable ia32 assembly for TaoCrypt ciphers and message digests
On MSVC this is always on
On GCC **, use ./configure --enable-ia32-asm
** This isn't on by default because of the use of intel syntax and the
problem that olders versions of gas have with some addressing statements.
If you enable this and get assemler errors during compilation or can't
pass the TaoCrypt tests, please send todd@yassl.com a message and disable
this option in the meantime.
***************** yaSSL Release notes, version 1.0.5
This release of yaSSL contains minor bug fixes, portability enhancements,
x86 assembly for AES, 3DES, BLOWFISH, and TWOFISH, --without-debug configure
option, and --enable-kernel-mode configure option for using TaoCrypt with
kernel modules.
--To build on Linux, Solaris, *BSD, Mac OS X, or Cygwin:
./configure
make
run testsuite from yaSSL-Home/testsuite to test the build
to make a release build:
./configure --without-debug
make
run testsuite from yaSSL-Home/testsuite to test the build
--To build on Win32
Choose (Re)Build All from the project workspace
run Debug\testsuite.exe from yaSSL-Home\testsuite to test the build
******************yaSSL Release notes, version 1.0.1
This release of yaSSL contains minor bug fixes, portability enhancements,
GCC 3.4.4 support, MSVC 2003 support, and more documentation.
Please see build instructions in the release notes for 0.9.6 below.
******************yaSSL Release notes, version 1.0
This release of yaSSL contains minor bug fixes, portability enhancements,
GCC 4.0 support, testsuite, improvements, and API additions.
Please see build instructions in the release notes for 0.9.6 below.
******************yaSSL Release notes, version 0.9.9
This release of yaSSL contains minor bug fixes, portability enchancements,
MSVC 7 support, memory improvements, and API additions.
Please see build instructions in the release notes for 0.9.6 below.
******************yaSSL Release notes, version 0.9.8
This release of yaSSL contains minor bug fixes and portability enchancements.
Please see build instructions in the release notes for 0.9.6 below.
******************yaSSL Release notes, version 0.9.6
This release of yaSSL contains minor bug fixes, removal of STL support, and
removal of exceptions and rtti so that the library can be linked without the
......
/* client.cpp */
#include "../../testsuite/test.hpp"
//#define TEST_RESUME
void client_test(void* args)
{
#ifdef _WIN32
WSADATA wsd;
WSAStartup(0x0002, &wsd);
#endif
SOCKET_T sockfd = 0;
int argc = 0;
char** argv = 0;
set_args(argc, argv, *static_cast<func_args*>(args));
tcp_connect(sockfd);
SSL_METHOD* method = TLSv1_client_method();
SSL_CTX* ctx = SSL_CTX_new(method);
set_certs(ctx);
SSL* ssl = SSL_new(ctx);
SSL_set_fd(ssl, sockfd);
if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed");
showPeer(ssl);
const char* cipher = 0;
int index = 0;
char list[1024];
strcpy(list, "cipherlist");
while ( (cipher = SSL_get_cipher_list(ssl, index++)) ) {
strcat(list, ":");
strcat(list, cipher);
}
printf("%s\n", list);
printf("Using Cipher Suite %s\n", SSL_get_cipher(ssl));
char msg[] = "hello yassl!";
if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
err_sys("SSL_write failed");
char reply[1024];
reply[SSL_read(ssl, reply, sizeof(reply))] = 0;
printf("Server response: %s\n", reply);
#ifdef TEST_RESUME
SSL_SESSION* session = SSL_get_session(ssl);
SSL* sslResume = SSL_new(ctx);
#endif
SSL_shutdown(ssl);
SSL_free(ssl);
#ifdef TEST_RESUME
tcp_connect(sockfd);
SSL_set_fd(sslResume, sockfd);
SSL_set_session(sslResume, session);
if (SSL_connect(sslResume) != SSL_SUCCESS) err_sys("SSL resume failed");
if (SSL_write(sslResume, msg, sizeof(msg)) != sizeof(msg))
err_sys("SSL_write failed");
reply[SSL_read(sslResume, reply, sizeof(reply))] = 0;
printf("Server response: %s\n", reply);
SSL_shutdown(sslResume);
SSL_free(sslResume);
#endif // TEST_RESUME
SSL_CTX_free(ctx);
((func_args*)args)->return_code = 0;
}
#ifndef NO_MAIN_DRIVER
int main(int argc, char** argv)
{
func_args args;
args.argc = argc;
args.argv = argv;
client_test(&args);
return args.return_code;
}
#endif // NO_MAIN_DRIVER
# Microsoft Developer Studio Project File - Name="client" - Package Owner=<4>
# Microsoft Developer Studio Generated Build File, Format Version 6.00
# ** DO NOT EDIT **
# TARGTYPE "Win32 (x86) Console Application" 0x0103
CFG=client - Win32 Debug
!MESSAGE This is not a valid makefile. To build this project using NMAKE,
!MESSAGE use the Export Makefile command and run
!MESSAGE
!MESSAGE NMAKE /f "client.mak".
!MESSAGE
!MESSAGE You can specify a configuration when running NMAKE
!MESSAGE by defining the macro CFG on the command line. For example:
!MESSAGE
!MESSAGE NMAKE /f "client.mak" CFG="client - Win32 Debug"
!MESSAGE
!MESSAGE Possible choices for configuration are:
!MESSAGE
!MESSAGE "client - Win32 Release" (based on "Win32 (x86) Console Application")
!MESSAGE "client - Win32 Debug" (based on "Win32 (x86) Console Application")
!MESSAGE
# Begin Project
# PROP AllowPerConfigDependencies 0
# PROP Scc_ProjName ""
# PROP Scc_LocalPath ""
CPP=cl.exe
RSC=rc.exe
!IF "$(CFG)" == "client - Win32 Release"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 0
# PROP BASE Output_Dir "Release"
# PROP BASE Intermediate_Dir "Release"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 0
# PROP Output_Dir "Release"
# PROP Intermediate_Dir "Release"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
# ADD CPP /nologo /MT /W3 /O2 /I "..\..\taocrypt\include" /I "..\..\include" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
# ADD BASE RSC /l 0x409 /d "NDEBUG"
# ADD RSC /l 0x409 /d "NDEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /machine:I386
!ELSEIF "$(CFG)" == "client - Win32 Debug"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 1
# PROP BASE Output_Dir "Debug"
# PROP BASE Intermediate_Dir "Debug"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 1
# PROP Output_Dir "Debug"
# PROP Intermediate_Dir "Debug"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "..\..\include" /I "..\..\taocrypt\include" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c
# ADD BASE RSC /l 0x409 /d "_DEBUG"
# ADD RSC /l 0x409 /d "_DEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
!ENDIF
# Begin Target
# Name "client - Win32 Release"
# Name "client - Win32 Debug"
# Begin Group "Source Files"
# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
# Begin Source File
SOURCE=.\client.cpp
# End Source File
# End Group
# Begin Group "Header Files"
# PROP Default_Filter "h;hpp;hxx;hm;inl"
# End Group
# Begin Group "Resource Files"
# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
# End Group
# End Target
# End Project
/* echoclient.cpp */
#include "../../testsuite/test.hpp"
void echoclient_test(void* args)
{
#ifdef _WIN32
WSADATA wsd;
WSAStartup(0x0002, &wsd);
#endif
SOCKET_T sockfd = 0;
int argc = 0;
char** argv = 0;
FILE* fin = stdin;
FILE* fout = stdout;
bool inCreated = false;
bool outCreated = false;
set_args(argc, argv, *static_cast<func_args*>(args));
if (argc >= 2) {
fin = fopen(argv[1], "r");
inCreated = true;
}
if (argc >= 3) {
fout = fopen(argv[2], "w");
outCreated = true;
}
if (!fin) err_sys("can't open input file");
if (!fout) err_sys("can't open output file");
tcp_connect(sockfd);
SSL_METHOD* method = TLSv1_client_method();
SSL_CTX* ctx = SSL_CTX_new(method);
set_certs(ctx);
SSL* ssl = SSL_new(ctx);
SSL_set_fd(ssl, sockfd);
if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed");
char send[1024];
char reply[1024];
while (fgets(send, sizeof(send), fin)) {
int sendSz = strlen(send) + 1;
if (SSL_write(ssl, send, sendSz) != sendSz)
err_sys("SSL_write failed");
if (strncmp(send, "quit", 4) == 0) {
fputs("sending server shutdown command: quit!\n", fout);
break;
}
if (SSL_read(ssl, reply, sizeof(reply)) > 0)
fputs(reply, fout);
}
SSL_CTX_free(ctx);
SSL_free(ssl);
fflush(fout);
if (inCreated) fclose(fin);
if (outCreated) fclose(fout);
((func_args*)args)->return_code = 0;
}
#ifndef NO_MAIN_DRIVER
int main(int argc, char** argv)
{
func_args args;
args.argc = argc;
args.argv = argv;
echoclient_test(&args);
return args.return_code;
}
#endif // NO_MAIN_DRIVER
# Microsoft Developer Studio Project File - Name="echoclient" - Package Owner=<4>
# Microsoft Developer Studio Generated Build File, Format Version 6.00
# ** DO NOT EDIT **
# TARGTYPE "Win32 (x86) Console Application" 0x0103
CFG=echoclient - Win32 Debug
!MESSAGE This is not a valid makefile. To build this project using NMAKE,
!MESSAGE use the Export Makefile command and run
!MESSAGE
!MESSAGE NMAKE /f "echoclient.mak".
!MESSAGE
!MESSAGE You can specify a configuration when running NMAKE
!MESSAGE by defining the macro CFG on the command line. For example:
!MESSAGE
!MESSAGE NMAKE /f "echoclient.mak" CFG="echoclient - Win32 Debug"
!MESSAGE
!MESSAGE Possible choices for configuration are:
!MESSAGE
!MESSAGE "echoclient - Win32 Release" (based on "Win32 (x86) Console Application")
!MESSAGE "echoclient - Win32 Debug" (based on "Win32 (x86) Console Application")
!MESSAGE
# Begin Project
# PROP AllowPerConfigDependencies 0
# PROP Scc_ProjName ""
# PROP Scc_LocalPath ""
CPP=cl.exe
RSC=rc.exe
!IF "$(CFG)" == "echoclient - Win32 Release"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 0
# PROP BASE Output_Dir "Release"
# PROP BASE Intermediate_Dir "Release"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 0
# PROP Output_Dir "Release"
# PROP Intermediate_Dir "Release"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
# ADD CPP /nologo /MT /W3 /O2 /I "..\..\include" /I "..\..\taocrypt\include" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
# ADD BASE RSC /l 0x409 /d "NDEBUG"
# ADD RSC /l 0x409 /d "NDEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /machine:I386
!ELSEIF "$(CFG)" == "echoclient - Win32 Debug"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 1
# PROP BASE Output_Dir "Debug"
# PROP BASE Intermediate_Dir "Debug"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 1
# PROP Output_Dir "Debug"
# PROP Intermediate_Dir "Debug"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "..\..\include" /I "..\..\taocrypt\include" /D "_DEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c
# ADD BASE RSC /l 0x409 /d "_DEBUG"
# ADD RSC /l 0x409 /d "_DEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
!ENDIF
# Begin Target
# Name "echoclient - Win32 Release"
# Name "echoclient - Win32 Debug"
# Begin Group "Source Files"
# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
# Begin Source File
SOURCE=.\echoclient.cpp
# End Source File
# End Group
# Begin Group "Header Files"
# PROP Default_Filter "h;hpp;hxx;hm;inl"
# End Group
# Begin Group "Resource Files"
# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
# End Group
# End Target
# End Project
/* echoclient.cpp */
#include "openssl/ssl.h" /* openssl compatibility test */
#include <stdio.h>
#include <stdlib.h>
#ifdef WIN32
#include <winsock2.h>
#else
#include <string.h>
#include <unistd.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <sys/ioctl.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/socket.h>
#endif /* WIN32 */
void err_sys(const char* msg)
{
fputs("yassl client error: ", stderr);
fputs(msg, stderr);
exit(EXIT_FAILURE);
}
const char* loopback = "127.0.0.1";
const short yasslPort = 11111;
using namespace yaSSL;
int main(int argc, char** argv)
{
#ifdef WIN32
WSADATA wsd;
WSAStartup(0x0002, &wsd);
int sockfd;
#else
unsigned int sockfd;
#endif /* WIN32 */
FILE* fin = stdin;
FILE* fout = stdout;
if (argc >= 2) fin = fopen(argv[1], "r");
if (argc >= 3) fout = fopen(argv[2], "w");
if (!fin) err_sys("can't open input file");
if (!fout) err_sys("can't open output file");
sockfd = socket(AF_INET, SOCK_STREAM, 0);
sockaddr_in servaddr;
memset(&servaddr, 0, sizeof(servaddr));
servaddr.sin_family = AF_INET;
servaddr.sin_port = htons(yasslPort);
servaddr.sin_addr.s_addr = inet_addr(loopback);
if (connect(sockfd, (const sockaddr*)&servaddr, sizeof(servaddr)) != 0)
err_sys("tcp connect failed");
SSL_METHOD* method = TLSv1_client_method();
SSL_CTX* ctx = SSL_CTX_new(method);
SSL* ssl = SSL_new(ctx);
SSL_set_fd(ssl, sockfd);
if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed");
char send[1024];
char reply[1024];
while (fgets(send, sizeof(send), fin)) {
int sendSz = strlen(send) + 1;
if (SSL_write(ssl, send, sendSz) != sendSz)
err_sys("SSL_write failed");
if (strncmp(send, "quit", 4) == 0) {
fputs("sending server shutdown command: quit!", fout);
break;
}
if (SSL_read(ssl, reply, sizeof(reply)) > 0)
fputs(reply, fout);
}
SSL_CTX_free(ctx);
SSL_free(ssl);
return 0;
}
/* echoserver.cpp */
#include "../../testsuite/test.hpp"
#ifndef NO_MAIN_DRIVER
#define ECHO_OUT
THREAD_RETURN YASSL_API echoserver_test(void*);
int main(int argc, char** argv)
{
func_args args;
args.argc = argc;
args.argv = argv;
echoserver_test(&args);
return args.return_code;
}
#endif // NO_MAIN_DRIVER
THREAD_RETURN YASSL_API echoserver_test(void* args)
{
#ifdef _WIN32
WSADATA wsd;
WSAStartup(0x0002, &wsd);
#endif
SOCKET_T sockfd = 0;
int argc = 0;
char** argv = 0;
set_args(argc, argv, *static_cast<func_args*>(args));
#ifdef ECHO_OUT
FILE* fout = stdout;
if (argc >= 2) fout = fopen(argv[1], "w");
if (!fout) err_sys("can't open output file");
#endif
tcp_listen(sockfd);
SSL_METHOD* method = TLSv1_server_method();
SSL_CTX* ctx = SSL_CTX_new(method);
set_serverCerts(ctx);
DH* dh = set_tmpDH(ctx);
bool shutdown(false);
#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER)
// signal ready to tcp_accept
func_args& server_args = *((func_args*)args);
tcp_ready& ready = *server_args.signal_;
pthread_mutex_lock(&ready.mutex_);
ready.ready_ = true;
pthread_cond_signal(&ready.cond_);
pthread_mutex_unlock(&ready.mutex_);
#endif
while (!shutdown) {
sockaddr_in client;
socklen_t client_len = sizeof(client);
int clientfd = accept(sockfd, (sockaddr*)&client, &client_len);
if (clientfd == -1) err_sys("tcp accept failed");
SSL* ssl = SSL_new(ctx);
SSL_set_fd(ssl, clientfd);
if (SSL_accept(ssl) != SSL_SUCCESS) err_sys("SSL_accept failed");
char command[1024];
int echoSz(0);
while ( (echoSz = SSL_read(ssl, command, sizeof(command))) > 0) {
if ( strncmp(command, "quit", 4) == 0) {
printf("client sent quit command: shutting down!\n");
shutdown = true;
break;
}
else if ( strncmp(command, "GET", 3) == 0) {
char type[] = "HTTP/1.0 200 ok\r\nContent-type:"
" text/html\r\n\r\n";
char header[] = "<html><body BGCOLOR=\"#ffffff\">\n<pre>\n";
char body[] = "greetings from yaSSL\n";
char footer[] = "</body></html>\r\n\r\n";
strncpy(command, type, sizeof(type));
echoSz = sizeof(type) - 1;
strncpy(&command[echoSz], header, sizeof(header));
echoSz += sizeof(header) - 1;
strncpy(&command[echoSz], body, sizeof(body));
echoSz += sizeof(body) - 1;
strncpy(&command[echoSz], footer, sizeof(footer));
echoSz += sizeof(footer);
if (SSL_write(ssl, command, echoSz) != echoSz)
err_sys("SSL_write failed");
break;
}
command[echoSz] = 0;
#ifdef ECHO_OUT
fputs(command, fout);
#endif
if (SSL_write(ssl, command, echoSz) != echoSz)
err_sys("SSL_write failed");
}
SSL_free(ssl);
}
#ifdef _WIN32
closesocket(sockfd);
#else
close(sockfd);
#endif
DH_free(dh);
SSL_CTX_free(ctx);
((func_args*)args)->return_code = 0;
return 0;
}
# Microsoft Developer Studio Project File - Name="echoserver" - Package Owner=<4>
# Microsoft Developer Studio Generated Build File, Format Version 6.00
# ** DO NOT EDIT **
# TARGTYPE "Win32 (x86) Console Application" 0x0103
CFG=echoserver - Win32 Debug
!MESSAGE This is not a valid makefile. To build this project using NMAKE,
!MESSAGE use the Export Makefile command and run
!MESSAGE
!MESSAGE NMAKE /f "echoserver.mak".
!MESSAGE
!MESSAGE You can specify a configuration when running NMAKE
!MESSAGE by defining the macro CFG on the command line. For example:
!MESSAGE
!MESSAGE NMAKE /f "echoserver.mak" CFG="echoserver - Win32 Debug"
!MESSAGE
!MESSAGE Possible choices for configuration are:
!MESSAGE
!MESSAGE "echoserver - Win32 Release" (based on "Win32 (x86) Console Application")
!MESSAGE "echoserver - Win32 Debug" (based on "Win32 (x86) Console Application")
!MESSAGE
# Begin Project
# PROP AllowPerConfigDependencies 0
# PROP Scc_ProjName ""
# PROP Scc_LocalPath ""
CPP=cl.exe
RSC=rc.exe
!IF "$(CFG)" == "echoserver - Win32 Release"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 0
# PROP BASE Output_Dir "Release"
# PROP BASE Intermediate_Dir "Release"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 0
# PROP Output_Dir "Release"
# PROP Intermediate_Dir "Release"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
# ADD CPP /nologo /G6 /MT /W3 /O2 /I "..\..\include" /I "..\..\taocrypt\include" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
# ADD BASE RSC /l 0x409 /d "NDEBUG"
# ADD RSC /l 0x409 /d "NDEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /machine:I386
!ELSEIF "$(CFG)" == "echoserver - Win32 Debug"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 1
# PROP BASE Output_Dir "Debug"
# PROP BASE Intermediate_Dir "Debug"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 1
# PROP Output_Dir "Debug"
# PROP Intermediate_Dir "Debug"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "..\..\include" /I "..\..\taocrypt\include" /D "_DEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c
# ADD BASE RSC /l 0x409 /d "_DEBUG"
# ADD RSC /l 0x409 /d "_DEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
!ENDIF
# Begin Target
# Name "echoserver - Win32 Release"
# Name "echoserver - Win32 Debug"
# Begin Group "Source Files"
# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
# Begin Source File
SOURCE=.\echoserver.cpp
# End Source File
# End Group
# Begin Group "Header Files"
# PROP Default_Filter "h;hpp;hxx;hm;inl"
# End Group
# Begin Group "Resource Files"
# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
# End Group
# End Target
# End Project
/* server.cpp */
#include "../../testsuite/test.hpp"
THREAD_RETURN YASSL_API server_test(void* args)
{
#ifdef _WIN32
WSADATA wsd;
WSAStartup(0x0002, &wsd);
#endif
SOCKET_T sockfd = 0;
int clientfd = 0;
int argc = 0;
char** argv = 0;
set_args(argc, argv, *static_cast<func_args*>(args));
tcp_accept(sockfd, clientfd, *static_cast<func_args*>(args));
#ifdef _WIN32
closesocket(sockfd);
#else
close(sockfd);
#endif
SSL_METHOD* method = TLSv1_server_method();
SSL_CTX* ctx = SSL_CTX_new(method);
//SSL_CTX_set_cipher_list(ctx, "RC4-SHA");
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
set_serverCerts(ctx);
DH* dh = set_tmpDH(ctx);
SSL* ssl = SSL_new(ctx);
SSL_set_fd(ssl, clientfd);
if (SSL_accept(ssl) != SSL_SUCCESS) err_sys("SSL_accept failed");
showPeer(ssl);
printf("Using Cipher Suite %s\n", SSL_get_cipher(ssl));
char command[1024];
command[SSL_read(ssl, command, sizeof(command))] = 0;
printf("First client command: %s\n", command);
char msg[] = "I hear you, fa shizzle!";
if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
err_sys("SSL_write failed");
DH_free(dh);
SSL_CTX_free(ctx);
SSL_free(ssl);
((func_args*)args)->return_code = 0;
return 0;
}
#ifndef NO_MAIN_DRIVER
int main(int argc, char** argv)
{
func_args args;
args.argc = argc;
args.argv = argv;
server_test(&args);
return args.return_code;
}
#endif // NO_MAIN_DRIVER
# Microsoft Developer Studio Project File - Name="server" - Package Owner=<4>
# Microsoft Developer Studio Generated Build File, Format Version 6.00
# ** DO NOT EDIT **
# TARGTYPE "Win32 (x86) Application" 0x0101
CFG=server - Win32 Debug
!MESSAGE This is not a valid makefile. To build this project using NMAKE,
!MESSAGE use the Export Makefile command and run
!MESSAGE
!MESSAGE NMAKE /f "server.mak".
!MESSAGE
!MESSAGE You can specify a configuration when running NMAKE
!MESSAGE by defining the macro CFG on the command line. For example:
!MESSAGE
!MESSAGE NMAKE /f "server.mak" CFG="server - Win32 Debug"
!MESSAGE
!MESSAGE Possible choices for configuration are:
!MESSAGE
!MESSAGE "server - Win32 Release" (based on "Win32 (x86) Application")
!MESSAGE "server - Win32 Debug" (based on "Win32 (x86) Application")
!MESSAGE
# Begin Project
# PROP AllowPerConfigDependencies 0
# PROP Scc_ProjName ""
# PROP Scc_LocalPath ""
CPP=cl.exe
MTL=midl.exe
RSC=rc.exe
!IF "$(CFG)" == "server - Win32 Release"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 0
# PROP BASE Output_Dir "Release"
# PROP BASE Intermediate_Dir "Release"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 0
# PROP Output_Dir "Release"
# PROP Intermediate_Dir "Release"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /YX /FD /c
# ADD CPP /nologo /MT /W3 /O2 /I "..\..\include" /I "..\..\taocrypt\include" /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /YX /FD /c
# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /win32
# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32
# ADD BASE RSC /l 0x409 /d "NDEBUG"
# ADD RSC /l 0x409 /d "NDEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /machine:I386
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /machine:I386
# SUBTRACT LINK32 /pdb:none
!ELSEIF "$(CFG)" == "server - Win32 Debug"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 1
# PROP BASE Output_Dir "Debug"
# PROP BASE Intermediate_Dir "Debug"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 1
# PROP Output_Dir "Debug"
# PROP Intermediate_Dir "Debug"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /YX /FD /GZ /c
# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "..\..\include" /I "..\..\taocrypt\include" /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /FR /YX /FD /GZ /c
# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /win32
# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32
# ADD BASE RSC /l 0x409 /d "_DEBUG"
# ADD RSC /l 0x409 /d "_DEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /debug /machine:I386 /pdbtype:sept
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
# SUBTRACT LINK32 /pdb:none /nodefaultlib
!ENDIF
# Begin Target
# Name "server - Win32 Release"
# Name "server - Win32 Debug"
# Begin Group "Source Files"
# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
# Begin Source File
SOURCE=.\server.cpp
# End Source File
# End Group
# Begin Group "Header Files"
# PROP Default_Filter "h;hpp;hxx;hm;inl"
# End Group
# Begin Group "Resource Files"
# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
# End Group
# End Target
# End Project
......@@ -83,6 +83,7 @@ class CertManager {
SignerList signers_; // decoded CA keys and names
// plus verified chained certs
bool verifyPeer_;
bool verifyNone_; // no error if verify fails
bool failNoCert_;
bool sendVerify_;
public:
......@@ -107,10 +108,12 @@ public:
uint get_privateKeyLength() const;
bool verifyPeer() const;
bool verifyNone() const;
bool failNoCert() const;
bool sendVerify() const;
void setVerifyPeer();
void setVerifyNone();
void setFailNoCert();
void setSendVerify();
private:
......
......@@ -41,8 +41,8 @@
namespace yaSSL {
// Digest policy should implement a get_digest, update, and get sizes for pad and
// digest
// Digest policy should implement a get_digest, update, and get sizes for pad
// and digest
struct Digest : public virtual_base {
virtual void get_digest(byte*) = 0;
virtual void get_digest(byte*, const byte*, unsigned int) = 0;
......@@ -380,7 +380,7 @@ public:
uint get_agreedKeyLength() const;
const byte* get_agreedKey() const;
const byte* get_publicKey() const;
void makeAgreement(const byte*);
void makeAgreement(const byte*, unsigned int);
void set_sizes(int&, int&, int&) const;
void get_parms(byte*, byte*, byte*) const;
......
/* rsa.h for openSSL */
#ifndef ysSSL_rsa_h__
#ifndef yaSSL_rsa_h__
#define yaSSL_rsa_h__
enum { RSA_F4 = 1 };
......
......@@ -23,7 +23,9 @@
*
*/
#ifndef ysSSL_openssl_h__
#ifndef yaSSL_openssl_h__
#define yaSSL_openssl_h__
#include <stdio.h> /* ERR_print fp */
......@@ -49,7 +51,7 @@ extern "C" {
class X509_NAME;
#else
typedef struct SSL SSL;
typedef struct SSL_SESION SSL_SESSION;
typedef struct SSL_SESSION SSL_SESSION;
typedef struct SSL_METHOD SSL_METHOD;
typedef struct SSL_CTX SSL_CTX;
typedef struct SSL_CIPHER SSL_CIPHER;
......@@ -258,6 +260,8 @@ int SSL_pending(SSL*);
enum { /* ssl Constants */
SSL_BAD_STAT = -7,
SSL_BAD_PATH = -6,
SSL_BAD_FILETYPE = -5,
SSL_BAD_FILE = -4,
SSL_NOT_IMPLEMENTED = -3,
......
......@@ -77,7 +77,7 @@ public:
uint send(const byte* buf, unsigned int len, int flags = 0) const;
uint receive(byte* buf, unsigned int len, int flags = 0) const;
void wait() const;
bool wait() const;
void closeSocket();
void shutDown(int how = SD_SEND);
......
/* yassl.hpp
*
* Copyright (C) 2003 Sawtooth Consulting Ltd.
*
* This file is part of yaSSL.
*
* yaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* yaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* yaSSL externel header defines yaSSL API
*/
#ifndef yaSSL_EXT_HPP
#define yaSSL_EXT_HPP
namespace yaSSL {
#ifdef _WIN32
typedef unsigned int SOCKET_T;
#else
typedef int SOCKET_T;
#endif
class Client {
public:
Client();
~Client();
// basics
int Connect(SOCKET_T);
int Write(const void*, int);
int Read(void*, int);
// options
void SetCA(const char*);
void SetCert(const char*);
void SetKey(const char*);
private:
struct ClientImpl;
ClientImpl* pimpl_;
Client(const Client&); // hide copy
Client& operator=(const Client&); // and assign
};
class Server {
public:
Server();
~Server();
// basics
int Accept(SOCKET_T);
int Write(const void*, int);
int Read(void*, int);
// options
void SetCA(const char*);
void SetCert(const char*);
void SetKey(const char*);
private:
struct ServerImpl;
ServerImpl* pimpl_;
Server(const Server&); // hide copy
Server& operator=(const Server&); // and assign
};
} // namespace yaSSL
#endif // yaSSL_EXT_HPP
......@@ -59,6 +59,10 @@ enum YasslError {
enum Library { yaSSL_Lib = 0, CryptoLib, SocketLib };
enum { MAX_ERROR_SZ = 80 };
void SetErrorString(YasslError, char*);
// Base class for all yaSSL exceptions
class Error : public mySTL::runtime_error {
......
......@@ -662,7 +662,7 @@ struct Parameters {
uint8 suites_size_;
Cipher suites_[MAX_SUITE_SZ];
char cipher_name_[MAX_SUITE_NAME];
char cipher_list_[MAX_CIPHER_LIST];
char cipher_list_[MAX_CIPHERS][MAX_SUITE_NAME];
Parameters(ConnectionEnd, const Ciphers&, ProtocolVersion);
......
......@@ -77,8 +77,6 @@ enum ServerState {
// combines all states
class States {
enum {MAX_ERROR_SZ = 80 };
RecordLayerState recordLayer_;
HandShakeState handshakeLayer_;
ClientState clientState_;
......@@ -123,8 +121,6 @@ public:
friend sslFactory& GetSSL_Factory(); // singleton creator
private:
static sslFactory instance_;
sslFactory(const sslFactory&); // hide copy
sslFactory& operator=(const sslFactory&); // and assign
};
......@@ -216,8 +212,6 @@ public:
friend Sessions& GetSessions(); // singleton creator
private:
static Sessions instance_;
Sessions(const Sessions&); // hide copy
Sessions& operator=(const Sessions&); // and assign
};
......@@ -231,7 +225,8 @@ sslFactory& GetSSL_Factory();
class SSL_METHOD {
ProtocolVersion version_;
ConnectionEnd side_;
bool verifyPeer_;
bool verifyPeer_; // request or send certificate
bool verifyNone_; // whether to verify certificate
bool failNoCert_;
public:
explicit SSL_METHOD(ConnectionEnd ce, ProtocolVersion pv);
......@@ -240,9 +235,11 @@ public:
ConnectionEnd getSide() const;
void setVerifyPeer();
void setVerifyNone();
void setFailNoCert();
bool verifyPeer() const;
bool verifyNone() const;
bool failNoCert() const;
private:
SSL_METHOD(const SSL_METHOD&); // hide copy
......@@ -335,6 +332,7 @@ public:
const Stats& GetStats() const;
void setVerifyPeer();
void setVerifyNone();
void setFailNoCert();
bool SetCipherList(const char*);
bool SetDH(const DH&);
......
......@@ -34,32 +34,39 @@
namespace yaSSL {
// library allocation
struct new_t {}; // yaSSL New type
extern new_t ys; // pass in parameter
} // namespace yaSSL
// Delete static singleton memory holders
void CleanUp();
void* operator new (size_t, yaSSL::new_t);
void* operator new[](size_t, yaSSL::new_t);
void operator delete (void*, yaSSL::new_t);
void operator delete[](void*, yaSSL::new_t);
#ifdef YASSL_PURE_C
// library allocation
struct new_t {}; // yaSSL New type
extern new_t ys; // pass in parameter
namespace yaSSL {
} // namespace yaSSL
void* operator new (size_t, yaSSL::new_t);
void* operator new[](size_t, yaSSL::new_t);
template<typename T>
void ysDelete(T* ptr)
{
void operator delete (void*, yaSSL::new_t);
void operator delete[](void*, yaSSL::new_t);
namespace yaSSL {
template<typename T>
void ysDelete(T* ptr)
{
if (ptr) ptr->~T();
::operator delete(ptr, yaSSL::ys);
}
}
template<typename T>
void ysArrayDelete(T* ptr)
{
template<typename T>
void ysArrayDelete(T* ptr)
{
// can't do array placement destruction since not tracking size in
// allocation, only allow builtins to use array placement since they
// don't need destructors called
......@@ -67,15 +74,40 @@ void ysArrayDelete(T* ptr)
(void)sizeof(builtin);
::operator delete[](ptr, yaSSL::ys);
}
}
#define NEW_YS new (ys)
// to resolve compiler generated operator delete on base classes with
// virtual destructors (when on stack), make sure doesn't get called
class virtual_base {
public:
// to resolve compiler generated operator delete on base classes with
// virtual destructors (when on stack), make sure doesn't get called
class virtual_base {
public:
static void operator delete(void*) { assert(0); }
};
};
#else // YASSL_PURE_C
template<typename T>
void ysDelete(T* ptr)
{
delete ptr;
}
template<typename T>
void ysArrayDelete(T* ptr)
{
delete[] ptr;
}
#define NEW_YS new
class virtual_base {};
#endif // YASSL_PURE_C
typedef unsigned char uint8;
......@@ -105,7 +137,7 @@ const int KEY_PREFIX = 7; // up to 7 prefix letters for key rounds
const int FORTEZZA_MAX = 128; // Maximum Fortezza Key length
const int MAX_SUITE_SZ = 64; // 32 max suites * sizeof(suite)
const int MAX_SUITE_NAME = 48; // max length of suite name
const int MAX_CIPHER_LIST = 512; // max length of cipher list names
const int MAX_CIPHERS = 32; // max supported ciphers for cipher list
const int SIZEOF_ENUM = 1; // SSL considers an enum 1 byte, not 4
const int SIZEOF_SENDER = 4; // Sender constant, for finished generation
const int PAD_MD5 = 48; // pad length 1 and 2 for md5 finished
......
......@@ -28,6 +28,9 @@
#define mySTL_HELPERS_HPP
#include <stdlib.h>
#ifdef _MSC_VER
#include <new>
#endif
/*
Workaround for the lack of operator new(size_t, void*)
......@@ -43,7 +46,6 @@
typedef Dummy* yassl_pointer;
namespace mySTL {
......
......@@ -24,6 +24,7 @@
* with SSL types and sockets
*/
#include <string.h> // memcpy
#include "runtime.hpp"
#include "buffer.hpp"
......@@ -63,13 +64,13 @@ input_buffer::input_buffer()
input_buffer::input_buffer(uint s)
: size_(0), current_(0), buffer_(new (ys) byte[s]), end_(buffer_ + s)
: size_(0), current_(0), buffer_(NEW_YS byte[s]), end_(buffer_ + s)
{}
// with assign
input_buffer::input_buffer(uint s, const byte* t, uint len)
: size_(0), current_(0), buffer_(new (ys) byte[s]), end_(buffer_ + s)
: size_(0), current_(0), buffer_(NEW_YS byte[s]), end_(buffer_ + s)
{
assign(t, len);
}
......@@ -85,7 +86,7 @@ input_buffer::~input_buffer()
void input_buffer::allocate(uint s)
{
assert(!buffer_); // find realloc error
buffer_ = new (ys) byte[s];
buffer_ = NEW_YS byte[s];
end_ = buffer_ + s;
}
......@@ -97,7 +98,7 @@ byte* input_buffer::get_buffer() const
}
// after a raw write user can set new (ys) size
// after a raw write user can set NEW_YS size
// if you know the size before the write use assign()
void input_buffer::add_size(uint i)
{
......@@ -199,13 +200,13 @@ output_buffer::output_buffer()
// with allocate
output_buffer::output_buffer(uint s)
: current_(0), buffer_(new (ys) byte[s]), end_(buffer_ + s)
: current_(0), buffer_(NEW_YS byte[s]), end_(buffer_ + s)
{}
// with assign
output_buffer::output_buffer(uint s, const byte* t, uint len)
: current_(0), buffer_(new (ys) byte[s]), end_(buffer_+ s)
: current_(0), buffer_(NEW_YS byte[s]), end_(buffer_+ s)
{
write(t, len);
}
......@@ -240,7 +241,7 @@ void output_buffer::set_current(uint c)
void output_buffer::allocate(uint s)
{
assert(!buffer_); // find realloc error
buffer_ = new (ys) byte[s]; end_ = buffer_ + s;
buffer_ = NEW_YS byte[s]; end_ = buffer_ + s;
}
......
......@@ -39,7 +39,7 @@
namespace yaSSL {
x509::x509(uint sz) : length_(sz), buffer_(new (ys) opaque[sz])
x509::x509(uint sz) : length_(sz), buffer_(NEW_YS opaque[sz])
{
}
......@@ -51,7 +51,7 @@ x509::~x509()
x509::x509(const x509& that) : length_(that.length_),
buffer_(new (ys) opaque[length_])
buffer_(NEW_YS opaque[length_])
{
memcpy(buffer_, that.buffer_, length_);
}
......@@ -92,7 +92,8 @@ opaque* x509::use_buffer()
//CertManager
CertManager::CertManager()
: peerX509_(0), verifyPeer_(false), failNoCert_(false), sendVerify_(false)
: peerX509_(0), verifyPeer_(false), verifyNone_(false), failNoCert_(false),
sendVerify_(false)
{}
......@@ -114,6 +115,12 @@ bool CertManager::verifyPeer() const
}
bool CertManager::verifyNone() const
{
return verifyNone_;
}
bool CertManager::failNoCert() const
{
return failNoCert_;
......@@ -132,6 +139,12 @@ void CertManager::setVerifyPeer()
}
void CertManager::setVerifyNone()
{
verifyNone_ = true;
}
void CertManager::setFailNoCert()
{
failNoCert_ = true;
......@@ -153,7 +166,7 @@ void CertManager::AddPeerCert(x509* x)
void CertManager::CopySelfCert(const x509* x)
{
if (x)
list_.push_back(new (ys) x509(*x));
list_.push_back(NEW_YS x509(*x));
}
......@@ -161,11 +174,12 @@ void CertManager::CopySelfCert(const x509* x)
int CertManager::CopyCaCert(const x509* x)
{
TaoCrypt::Source source(x->get_buffer(), x->get_length());
TaoCrypt::CertDecoder cert(source, true, &signers_);
TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_,
TaoCrypt::CertDecoder::CA);
if (!cert.GetError().What()) {
const TaoCrypt::PublicKey& key = cert.GetPublicKey();
signers_.push_back(new (ys) TaoCrypt::Signer(key.GetKey(), key.size(),
signers_.push_back(NEW_YS TaoCrypt::Signer(key.GetKey(), key.size(),
cert.GetCommonName(), cert.GetHash()));
}
return cert.GetError().What();
......@@ -228,13 +242,13 @@ int CertManager::Validate()
while ( count > 1 ) {
TaoCrypt::Source source((*last)->get_buffer(), (*last)->get_length());
TaoCrypt::CertDecoder cert(source, true, &signers_);
TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_);
if (int err = cert.GetError().What())
return err;
const TaoCrypt::PublicKey& key = cert.GetPublicKey();
signers_.push_back(new (ys) TaoCrypt::Signer(key.GetKey(), key.size(),
signers_.push_back(NEW_YS TaoCrypt::Signer(key.GetKey(), key.size(),
cert.GetCommonName(), cert.GetHash()));
--last;
--count;
......@@ -243,7 +257,7 @@ int CertManager::Validate()
if (count) {
// peer's is at the front
TaoCrypt::Source source((*last)->get_buffer(), (*last)->get_length());
TaoCrypt::CertDecoder cert(source, true, &signers_);
TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_);
if (int err = cert.GetError().What())
return err;
......@@ -259,7 +273,7 @@ int CertManager::Validate()
int iSz = cert.GetIssuer() ? strlen(cert.GetIssuer()) + 1 : 0;
int sSz = cert.GetCommonName() ? strlen(cert.GetCommonName()) + 1 : 0;
peerX509_ = new (ys) X509(cert.GetIssuer(), iSz, cert.GetCommonName(),
peerX509_ = NEW_YS X509(cert.GetIssuer(), iSz, cert.GetCommonName(),
sSz);
}
return 0;
......
......@@ -58,13 +58,13 @@ struct MD5::MD5Impl {
};
MD5::MD5() : pimpl_(new (ys) MD5Impl) {}
MD5::MD5() : pimpl_(NEW_YS MD5Impl) {}
MD5::~MD5() { ysDelete(pimpl_); }
MD5::MD5(const MD5& that) : Digest(), pimpl_(new (ys)
MD5::MD5(const MD5& that) : Digest(), pimpl_(NEW_YS
MD5Impl(that.pimpl_->md5_)) {}
......@@ -116,13 +116,13 @@ struct SHA::SHAImpl {
};
SHA::SHA() : pimpl_(new (ys) SHAImpl) {}
SHA::SHA() : pimpl_(NEW_YS SHAImpl) {}
SHA::~SHA() { ysDelete(pimpl_); }
SHA::SHA(const SHA& that) : Digest(), pimpl_(new (ys) SHAImpl(that.pimpl_->sha_)) {}
SHA::SHA(const SHA& that) : Digest(), pimpl_(NEW_YS SHAImpl(that.pimpl_->sha_)) {}
SHA& SHA::operator=(const SHA& that)
{
......@@ -173,13 +173,13 @@ struct RMD::RMDImpl {
};
RMD::RMD() : pimpl_(new (ys) RMDImpl) {}
RMD::RMD() : pimpl_(NEW_YS RMDImpl) {}
RMD::~RMD() { ysDelete(pimpl_); }
RMD::RMD(const RMD& that) : Digest(), pimpl_(new (ys) RMDImpl(that.pimpl_->rmd_)) {}
RMD::RMD(const RMD& that) : Digest(), pimpl_(NEW_YS RMDImpl(that.pimpl_->rmd_)) {}
RMD& RMD::operator=(const RMD& that)
{
......@@ -230,7 +230,7 @@ struct HMAC_MD5::HMAC_MD5Impl {
HMAC_MD5::HMAC_MD5(const byte* secret, unsigned int len)
: pimpl_(new (ys) HMAC_MD5Impl)
: pimpl_(NEW_YS HMAC_MD5Impl)
{
pimpl_->mac_.SetKey(secret, len);
}
......@@ -280,7 +280,7 @@ struct HMAC_SHA::HMAC_SHAImpl {
HMAC_SHA::HMAC_SHA(const byte* secret, unsigned int len)
: pimpl_(new (ys) HMAC_SHAImpl)
: pimpl_(NEW_YS HMAC_SHAImpl)
{
pimpl_->mac_.SetKey(secret, len);
}
......@@ -331,7 +331,7 @@ struct HMAC_RMD::HMAC_RMDImpl {
HMAC_RMD::HMAC_RMD(const byte* secret, unsigned int len)
: pimpl_(new (ys) HMAC_RMDImpl)
: pimpl_(NEW_YS HMAC_RMDImpl)
{
pimpl_->mac_.SetKey(secret, len);
}
......@@ -379,7 +379,7 @@ struct DES::DESImpl {
};
DES::DES() : pimpl_(new (ys) DESImpl) {}
DES::DES() : pimpl_(NEW_YS DESImpl) {}
DES::~DES() { ysDelete(pimpl_); }
......@@ -415,7 +415,7 @@ struct DES_EDE::DES_EDEImpl {
};
DES_EDE::DES_EDE() : pimpl_(new (ys) DES_EDEImpl) {}
DES_EDE::DES_EDE() : pimpl_(NEW_YS DES_EDEImpl) {}
DES_EDE::~DES_EDE() { ysDelete(pimpl_); }
......@@ -453,7 +453,7 @@ struct RC4::RC4Impl {
};
RC4::RC4() : pimpl_(new (ys) RC4Impl) {}
RC4::RC4() : pimpl_(NEW_YS RC4Impl) {}
RC4::~RC4() { ysDelete(pimpl_); }
......@@ -495,7 +495,7 @@ struct AES::AESImpl {
};
AES::AES(unsigned int ks) : pimpl_(new (ys) AESImpl(ks)) {}
AES::AES(unsigned int ks) : pimpl_(NEW_YS AESImpl(ks)) {}
AES::~AES() { ysDelete(pimpl_); }
......@@ -536,7 +536,7 @@ struct RandomPool::RandomImpl {
TaoCrypt::RandomNumberGenerator RNG_;
};
RandomPool::RandomPool() : pimpl_(new (ys) RandomImpl) {}
RandomPool::RandomPool() : pimpl_(NEW_YS RandomImpl) {}
RandomPool::~RandomPool() { ysDelete(pimpl_); }
......@@ -580,7 +580,7 @@ void DSS::DSSImpl::SetPrivate(const byte* key, unsigned int sz)
// Set public or private key
DSS::DSS(const byte* key, unsigned int sz, bool publicKey)
: pimpl_(new (ys) DSSImpl)
: pimpl_(NEW_YS DSSImpl)
{
if (publicKey)
pimpl_->SetPublic(key, sz);
......@@ -651,7 +651,7 @@ void RSA::RSAImpl::SetPrivate(const byte* key, unsigned int sz)
// Set public or private key
RSA::RSA(const byte* key, unsigned int sz, bool publicKey)
: pimpl_(new (ys) RSAImpl)
: pimpl_(NEW_YS RSAImpl)
{
if (publicKey)
pimpl_->SetPublic(key, sz);
......@@ -723,13 +723,13 @@ struct Integer::IntegerImpl {
explicit IntegerImpl(const TaoCrypt::Integer& i) : int_(i) {}
};
Integer::Integer() : pimpl_(new (ys) IntegerImpl) {}
Integer::Integer() : pimpl_(NEW_YS IntegerImpl) {}
Integer::~Integer() { ysDelete(pimpl_); }
Integer::Integer(const Integer& other) : pimpl_(new (ys)
Integer::Integer(const Integer& other) : pimpl_(NEW_YS
IntegerImpl(other.pimpl_->int_))
{}
......@@ -773,9 +773,9 @@ struct DiffieHellman::DHImpl {
void AllocKeys(unsigned int pubSz, unsigned int privSz, unsigned int agrSz)
{
publicKey_ = new (ys) byte[pubSz];
privateKey_ = new (ys) byte[privSz];
agreedKey_ = new (ys) byte[agrSz];
publicKey_ = NEW_YS byte[pubSz];
privateKey_ = NEW_YS byte[privSz];
agreedKey_ = NEW_YS byte[agrSz];
}
};
......@@ -784,7 +784,7 @@ struct DiffieHellman::DHImpl {
/*
// server Side DH, server's view
DiffieHellman::DiffieHellman(const char* file, const RandomPool& random)
: pimpl_(new (ys) DHImpl(random.pimpl_->RNG_))
: pimpl_(NEW_YS DHImpl(random.pimpl_->RNG_))
{
using namespace TaoCrypt;
Source source;
......@@ -808,12 +808,12 @@ DiffieHellman::DiffieHellman(const char* file, const RandomPool& random)
DiffieHellman::DiffieHellman(const byte* p, unsigned int pSz, const byte* g,
unsigned int gSz, const byte* pub,
unsigned int pubSz, const RandomPool& random)
: pimpl_(new (ys) DHImpl(random.pimpl_->RNG_))
: pimpl_(NEW_YS DHImpl(random.pimpl_->RNG_))
{
using TaoCrypt::Integer;
pimpl_->dh_.Initialize(Integer(p, pSz).Ref(), Integer(g, gSz).Ref());
pimpl_->publicKey_ = new (ys) opaque[pubSz];
pimpl_->publicKey_ = NEW_YS opaque[pubSz];
memcpy(pimpl_->publicKey_, pub, pubSz);
}
......@@ -821,7 +821,7 @@ DiffieHellman::DiffieHellman(const byte* p, unsigned int pSz, const byte* g,
// Server Side DH, server's view
DiffieHellman::DiffieHellman(const Integer& p, const Integer& g,
const RandomPool& random)
: pimpl_(new (ys) DHImpl(random.pimpl_->RNG_))
: pimpl_(NEW_YS DHImpl(random.pimpl_->RNG_))
{
using TaoCrypt::Integer;
......@@ -839,7 +839,7 @@ DiffieHellman::~DiffieHellman() { ysDelete(pimpl_); }
// Client side and view, use server that for p and g
DiffieHellman::DiffieHellman(const DiffieHellman& that)
: pimpl_(new (ys) DHImpl(*that.pimpl_))
: pimpl_(NEW_YS DHImpl(*that.pimpl_))
{
pimpl_->dh_.GenerateKeyPair(pimpl_->ranPool_, pimpl_->privateKey_,
pimpl_->publicKey_);
......@@ -855,9 +855,9 @@ DiffieHellman& DiffieHellman::operator=(const DiffieHellman& that)
}
void DiffieHellman::makeAgreement(const byte* other)
void DiffieHellman::makeAgreement(const byte* other, unsigned int otherSz)
{
pimpl_->dh_.Agree(pimpl_->agreedKey_, pimpl_->privateKey_, other);
pimpl_->dh_.Agree(pimpl_->agreedKey_, pimpl_->privateKey_, other, otherSz);
}
......@@ -960,7 +960,7 @@ x509* PemToDer(const char* fname, CertType type)
Base64Decoder b64Dec(der);
uint sz = der.size();
mySTL::auto_ptr<x509> x(new (ys) x509(sz), ysDelete);
mySTL::auto_ptr<x509> x(NEW_YS x509(sz), ysDelete);
memcpy(x->use_buffer(), der.get_buffer(), sz);
fclose(file);
......
......@@ -24,6 +24,8 @@
* the various handshake messages.
*/
#include "runtime.hpp"
#include "handshake.hpp"
#include "yassl_int.hpp"
......@@ -362,9 +364,9 @@ void p_hash(output_buffer& result, const output_buffer& secret,
if (lastLen) times += 1;
if (hash == md5)
hmac.reset(new (ys) HMAC_MD5(secret.get_buffer(), secret.get_size()));
hmac.reset(NEW_YS HMAC_MD5(secret.get_buffer(), secret.get_size()));
else
hmac.reset(new (ys) HMAC_SHA(secret.get_buffer(), secret.get_size()));
hmac.reset(NEW_YS HMAC_SHA(secret.get_buffer(), secret.get_size()));
// A0 = seed
hmac->get_digest(previous, seed.get_buffer(), seed.get_size());// A1
uint lastTime = times - 1;
......@@ -582,11 +584,11 @@ void TLS_hmac(SSL& ssl, byte* digest, const byte* buffer, uint sz,
MACAlgorithm algo = ssl.getSecurity().get_parms().mac_algorithm_;
if (algo == sha)
hmac.reset(new (ys) HMAC_SHA(ssl.get_macSecret(verify), SHA_LEN));
hmac.reset(NEW_YS HMAC_SHA(ssl.get_macSecret(verify), SHA_LEN));
else if (algo == rmd)
hmac.reset(new (ys) HMAC_RMD(ssl.get_macSecret(verify), RMD_LEN));
hmac.reset(NEW_YS HMAC_RMD(ssl.get_macSecret(verify), RMD_LEN));
else
hmac.reset(new (ys) HMAC_MD5(ssl.get_macSecret(verify), MD5_LEN));
hmac.reset(NEW_YS HMAC_MD5(ssl.get_macSecret(verify), MD5_LEN));
hmac->update(seq, SEQ_SZ); // seq_num
inner[0] = content; // type
......@@ -603,7 +605,7 @@ void TLS_hmac(SSL& ssl, byte* digest, const byte* buffer, uint sz,
void PRF(byte* digest, uint digLen, const byte* secret, uint secLen,
const byte* label, uint labLen, const byte* seed, uint seedLen)
{
uint half = secLen / 2 + secLen % 2;
uint half = (secLen + 1) / 2;
output_buffer md5_half(half);
output_buffer sha_half(half);
......@@ -648,29 +650,29 @@ void build_certHashes(SSL& ssl, Hashes& hashes)
}
mySTL::auto_ptr<input_buffer> null_buffer(ysDelete);
// do process input requests
mySTL::auto_ptr<input_buffer>
DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered)
{
ssl.getSocket().wait(); // wait for input if blocking
uint ready = ssl.getSocket().get_ready();
if (!ready) {
// Nothing to receive after blocking wait => error
// wait for input if blocking
if (!ssl.getSocket().wait()) {
ssl.SetError(receive_error);
return buffered= null_buffer;
buffered.reset(0);
return buffered;
}
uint ready = ssl.getSocket().get_ready();
if (!ready) return buffered;
// add buffered data if its there
uint buffSz = buffered.get() ? buffered.get()->get_size() : 0;
input_buffer buffer(buffSz + ready);
if (buffSz) {
buffer.assign(buffered.get()->get_buffer(), buffSz);
buffered = null_buffer;
buffered.reset(0);
}
// add new (ys) data
// add new data
uint read = ssl.getSocket().receive(buffer.get_buffer() + buffSz, ready);
buffer.add_size(read);
uint offset = 0;
......@@ -691,7 +693,7 @@ DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered)
// make sure we have enough input in buffer to process this record
if (hdr.length_ > buffer.get_remaining()) {
uint sz = buffer.get_remaining() + RECORD_HEADER;
buffered.reset(new (ys) input_buffer(sz, buffer.get_buffer() +
buffered.reset(NEW_YS input_buffer(sz, buffer.get_buffer() +
buffer.get_current() - RECORD_HEADER, sz));
break;
}
......@@ -703,11 +705,15 @@ DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered)
mySTL::auto_ptr<Message> msg(mf.CreateObject(hdr.type_), ysDelete);
if (!msg.get()) {
ssl.SetError(factory_error);
return buffered = null_buffer;
buffered.reset(0);
return buffered;
}
buffer >> *msg;
msg->Process(buffer, ssl);
if (ssl.GetError()) return buffered = null_buffer;
if (ssl.GetError()) {
buffered.reset(0);
return buffered;
}
}
offset += hdr.length_ + RECORD_HEADER;
}
......@@ -727,6 +733,7 @@ void processReply(SSL& ssl)
buffered = tmp;
else
break;
if (ssl.GetError()) return;
}
}
......@@ -764,7 +771,7 @@ void sendClientKeyExchange(SSL& ssl, BufferOutput buffer)
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer, ysDelete);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildHeaders(ssl, hsHeader, rlHeader, ck);
buildOutput(*out.get(), rlHeader, hsHeader, ck);
hashHandShake(ssl, *out.get());
......@@ -785,7 +792,7 @@ void sendServerKeyExchange(SSL& ssl, BufferOutput buffer)
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer, ysDelete);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildHeaders(ssl, hsHeader, rlHeader, sk);
buildOutput(*out.get(), rlHeader, hsHeader, sk);
hashHandShake(ssl, *out.get());
......@@ -810,7 +817,7 @@ void sendChangeCipher(SSL& ssl, BufferOutput buffer)
ChangeCipherSpec ccs;
RecordLayerHeader rlHeader;
buildHeader(ssl, rlHeader, ccs);
mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer, ysDelete);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildOutput(*out.get(), rlHeader, ccs);
if (buffer == buffered)
......@@ -827,7 +834,7 @@ void sendFinished(SSL& ssl, ConnectionEnd side, BufferOutput buffer)
Finished fin;
buildFinished(ssl, fin, side == client_end ? client : server);
mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer, ysDelete);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
cipherFinished(ssl, fin, *out.get()); // hashes handshake
if (ssl.getSecurity().get_resuming()) {
......@@ -911,7 +918,7 @@ void sendServerHello(SSL& ssl, BufferOutput buffer)
ServerHello sh(ssl.getSecurity().get_connection().version_);
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer, ysDelete);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildServerHello(ssl, sh);
ssl.set_random(sh.get_random(), server_end);
......@@ -934,7 +941,7 @@ void sendServerHelloDone(SSL& ssl, BufferOutput buffer)
ServerHelloDone shd;
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer, ysDelete);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildHeaders(ssl, hsHeader, rlHeader, shd);
buildOutput(*out.get(), rlHeader, hsHeader, shd);
......@@ -955,7 +962,7 @@ void sendCertificate(SSL& ssl, BufferOutput buffer)
Certificate cert(ssl.getCrypto().get_certManager().get_cert());
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer, ysDelete);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildHeaders(ssl, hsHeader, rlHeader, cert);
buildOutput(*out.get(), rlHeader, hsHeader, cert);
......@@ -977,7 +984,7 @@ void sendCertificateRequest(SSL& ssl, BufferOutput buffer)
request.Build();
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer, ysDelete);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildHeaders(ssl, hsHeader, rlHeader, request);
buildOutput(*out.get(), rlHeader, hsHeader, request);
......@@ -999,7 +1006,7 @@ void sendCertificateVerify(SSL& ssl, BufferOutput buffer)
verify.Build(ssl);
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer, ysDelete);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildHeaders(ssl, hsHeader, rlHeader, verify);
buildOutput(*out.get(), rlHeader, hsHeader, verify);
......
# quick and dirty build file for testing different MSDEVs
setlocal
set myFLAGS= /I../include /I../mySTL /I../taocrypt/include /W3 /c /ZI
cl %myFLAGS% buffer.cpp
cl %myFLAGS% cert_wrapper.cpp
cl %myFLAGS% crypto_wrapper.cpp
cl %myFLAGS% handshake.cpp
cl %myFLAGS% lock.cpp
cl %myFLAGS% log.cpp
cl %myFLAGS% socket_wrapper.cpp
cl %myFLAGS% ssl.cpp
cl %myFLAGS% template_instnt.cpp
cl %myFLAGS% timer.cpp
cl %myFLAGS% yassl.cpp
cl %myFLAGS% yassl_error.cpp
cl %myFLAGS% yassl_imp.cpp
cl %myFLAGS% yassl_int.cpp
link.exe -lib /out:yassl.lib buffer.obj cert_wrapper.obj crypto_wrapper.obj handshake.obj lock.obj log.obj socket_wrapper.obj ssl.obj template_instnt.obj timer.obj yassl.obj yassl_error.obj yassl_imp.obj yassl_int.obj
......@@ -46,9 +46,11 @@
#ifdef _WIN32
const int SOCKET_EINVAL = WSAEINVAL;
const int SOCKET_EWOULDBLOCK = WSAEWOULDBLOCK;
const int SOCKET_EAGAIN = WSAEWOULDBLOCK;
#else
const int SOCKET_EINVAL = EINVAL;
const int SOCKET_EWOULDBLOCK = EWOULDBLOCK;
const int SOCKET_EAGAIN = EAGAIN;
#endif // _WIN32
......@@ -98,10 +100,10 @@ uint Socket::get_ready() const
ioctlsocket(socket_, FIONREAD, &ready);
#else
/*
64-bit Solaris requires the variable passed to
FIONREAD be a 32-bit value.
64-bit Solaris requires the variable passed to
FIONREAD be a 32-bit value.
*/
int ready = 0;
unsigned int ready = 0;
ioctl(socket_, FIONREAD, &ready);
#endif
......@@ -126,18 +128,24 @@ uint Socket::receive(byte* buf, unsigned int sz, int flags) const
assert(socket_ != INVALID_SOCKET);
int recvd = ::recv(socket_, reinterpret_cast<char *>(buf), sz, flags);
if (recvd == -1)
// idea to seperate error from would block by arnetheduck@gmail.com
if (recvd == -1) {
if (get_lastError() == SOCKET_EWOULDBLOCK ||
get_lastError() == SOCKET_EAGAIN)
return 0;
}
else if (recvd == 0)
return static_cast<uint>(-1);
return recvd;
}
// wait if blocking for input, or error
void Socket::wait() const
// wait if blocking for input, return false for error
bool Socket::wait() const
{
byte b;
receive(&b, 1, MSG_PEEK);
return receive(&b, 1, MSG_PEEK) != static_cast<uint>(-1);
}
......
......@@ -38,6 +38,14 @@
#include "yassl_int.hpp"
#include <stdio.h>
#ifdef _WIN32
#include <windows.h> // FindFirstFile etc..
#else
#include <sys/types.h> // file helper
#include <sys/stat.h> // stat
#include <dirent.h> // opendir
#endif
namespace yaSSL {
......@@ -52,25 +60,25 @@ SSL_METHOD* SSLv3_method()
SSL_METHOD* SSLv3_server_method()
{
return new (ys) SSL_METHOD(server_end, ProtocolVersion(3,0));
return NEW_YS SSL_METHOD(server_end, ProtocolVersion(3,0));
}
SSL_METHOD* SSLv3_client_method()
{
return new (ys) SSL_METHOD(client_end, ProtocolVersion(3,0));
return NEW_YS SSL_METHOD(client_end, ProtocolVersion(3,0));
}
SSL_METHOD* TLSv1_server_method()
{
return new (ys) SSL_METHOD(server_end, ProtocolVersion(3,1));
return NEW_YS SSL_METHOD(server_end, ProtocolVersion(3,1));
}
SSL_METHOD* TLSv1_client_method()
{
return new (ys) SSL_METHOD(client_end, ProtocolVersion(3,1));
return NEW_YS SSL_METHOD(client_end, ProtocolVersion(3,1));
}
......@@ -83,7 +91,7 @@ SSL_METHOD* SSLv23_server_method()
SSL_CTX* SSL_CTX_new(SSL_METHOD* method)
{
return new (ys) SSL_CTX(method);
return NEW_YS SSL_CTX(method);
}
......@@ -95,7 +103,7 @@ void SSL_CTX_free(SSL_CTX* ctx)
SSL* SSL_new(SSL_CTX* ctx)
{
return new (ys) SSL(ctx);
return NEW_YS SSL(ctx);
}
......@@ -115,7 +123,12 @@ int SSL_set_fd(SSL* ssl, int fd)
int SSL_connect(SSL* ssl)
{
sendClientHello(*ssl);
ClientState neededState = ssl->getSecurity().get_resuming() ?
serverFinishedComplete : serverHelloDoneComplete;
while (ssl->getStates().getClient() < neededState) {
if (ssl->GetError()) break;
processReply(*ssl);
}
if(ssl->getCrypto().get_certManager().sendVerify())
sendCertificate(*ssl);
......@@ -130,7 +143,10 @@ int SSL_connect(SSL* ssl)
sendFinished(*ssl, client_end);
ssl->flushBuffer();
if (!ssl->getSecurity().get_resuming())
while (ssl->getStates().getClient() < serverFinishedComplete) {
if (ssl->GetError()) break;
processReply(*ssl);
}
ssl->verifyState(serverFinishedComplete);
ssl->useLog().ShowTCP(ssl->getSocket().get_fd());
......@@ -171,9 +187,7 @@ int SSL_accept(SSL* ssl)
sendServerHelloDone(*ssl);
ssl->flushBuffer();
// Java Client sends fragmented response
while (ssl->getStates().getServer() <
clientFinishedComplete) {
while (ssl->getStates().getServer() < clientFinishedComplete) {
if (ssl->GetError()) break;
processReply(*ssl);
}
......@@ -182,10 +196,7 @@ int SSL_accept(SSL* ssl)
sendFinished(*ssl, server_end);
ssl->flushBuffer();
if (ssl->getSecurity().get_resuming()) {
// Java Client sends fragmented response
while (ssl->getStates().getServer() <
clientFinishedComplete) {
while (ssl->getStates().getServer() < clientFinishedComplete) {
if (ssl->GetError()) break;
processReply(*ssl);
}
......@@ -281,9 +292,15 @@ char* SSL_get_shared_ciphers(SSL* /*ssl*/, char* buf, int len)
}
const char* SSL_get_cipher_list(SSL* ssl, int /*priority */)
const char* SSL_get_cipher_list(SSL* ssl, int priority)
{
return ssl->getSecurity().get_parms().cipher_list_;
if (priority < 0 || priority >= MAX_CIPHERS)
return 0;
if (ssl->getSecurity().get_parms().cipher_list_[priority][0])
return ssl->getSecurity().get_parms().cipher_list_[priority];
return 0;
}
......@@ -455,7 +472,7 @@ int read_file(SSL_CTX* ctx, const char* file, int format, CertType type)
fseek(input, 0, SEEK_END);
long sz = ftell(input);
rewind(input);
x = new (ys) x509(sz); // takes ownership
x = NEW_YS x509(sz); // takes ownership
size_t bytes = fread(x->use_buffer(), sz, 1, input);
if (bytes != 1) {
fclose(input);
......@@ -492,16 +509,74 @@ void SSL_CTX_set_verify(SSL_CTX* ctx, int mode, VerifyCallback /*vc*/)
if (mode & SSL_VERIFY_PEER)
ctx->setVerifyPeer();
if (mode == SSL_VERIFY_NONE)
ctx->setVerifyNone();
if (mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
ctx->setFailNoCert();
}
int SSL_CTX_load_verify_locations(SSL_CTX* ctx, const char* file,
const char* /*path*/)
const char* path)
{
// just files for now
return read_file(ctx, file, SSL_FILETYPE_PEM, CA);
int ret = SSL_SUCCESS;
const int HALF_PATH = 128;
if (file) ret = read_file(ctx, file, SSL_FILETYPE_PEM, CA);
if (ret == SSL_SUCCESS && path) {
// call read_file for each reqular file in path
#ifdef _WIN32
WIN32_FIND_DATA FindFileData;
HANDLE hFind;
char name[MAX_PATH + 1]; // directory specification
strncpy(name, path, MAX_PATH - 3);
strncat(name, "\\*", 3);
hFind = FindFirstFile(name, &FindFileData);
if (hFind == INVALID_HANDLE_VALUE) return SSL_BAD_PATH;
do {
if (FindFileData.dwFileAttributes != FILE_ATTRIBUTE_DIRECTORY) {
strncpy(name, path, MAX_PATH - 2 - HALF_PATH);
strncat(name, "\\", 2);
strncat(name, FindFileData.cFileName, HALF_PATH);
ret = read_file(ctx, name, SSL_FILETYPE_PEM, CA);
}
} while (ret == SSL_SUCCESS && FindNextFile(hFind, &FindFileData));
FindClose(hFind);
#else // _WIN32
const int MAX_PATH = 260;
DIR* dir = opendir(path);
if (!dir) return SSL_BAD_PATH;
struct dirent* entry;
struct stat buf;
char name[MAX_PATH + 1];
while (ret == SSL_SUCCESS && (entry = readdir(dir))) {
strncpy(name, path, MAX_PATH - 1 - HALF_PATH);
strncat(name, "/", 1);
strncat(name, entry->d_name, HALF_PATH);
if (stat(name, &buf) < 0) return SSL_BAD_STAT;
if (S_ISREG(buf.st_mode))
ret = read_file(ctx, name, SSL_FILETYPE_PEM, CA);
}
closedir(dir);
#endif
}
return ret;
}
......@@ -648,13 +723,13 @@ void OpenSSL_add_all_algorithms() // compatibility only
{}
void SSL_library_init() // compatibility only
void SSL_library_init() // compatiblity only
{}
DH* DH_new(void)
{
DH* dh = new (ys) DH;
DH* dh = NEW_YS DH;
if (dh)
dh->p = dh->g = 0;
return dh;
......@@ -679,7 +754,7 @@ BIGNUM* BN_bin2bn(const unsigned char* num, int sz, BIGNUM* retVal)
if (!retVal) {
created = true;
bn.reset(new (ys) BIGNUM);
bn.reset(NEW_YS BIGNUM);
retVal = bn.get();
}
......@@ -706,12 +781,14 @@ void ERR_print_errors_fp(FILE* /*fp*/)
}
char* ERR_error_string(unsigned long /*err*/, char* buffer)
char* ERR_error_string(unsigned long errNumber, char* buffer)
{
// TODO:
static char* msg = "Not Implemented";
if (buffer)
return strncpy(buffer, msg, strlen(msg));
static char* msg = "Please supply a buffer for error string";
if (buffer) {
SetErrorString(YasslError(errNumber), buffer);
return buffer;
}
return msg;
}
......@@ -728,14 +805,14 @@ const char* X509_verify_cert_error_string(long /* error */)
const EVP_MD* EVP_md5(void)
{
// TODO: FIX add to some list for destruction
return new (ys) MD5;
return NEW_YS MD5;
}
const EVP_CIPHER* EVP_des_ede3_cbc(void)
{
// TODO: FIX add to some list for destruction
return new (ys) DES_EDE;
return NEW_YS DES_EDE;
}
......
......@@ -87,6 +87,8 @@ template void ysDelete<BulkCipher>(BulkCipher*);
template void ysDelete<Digest>(Digest*);
template void ysDelete<X509>(X509*);
template void ysDelete<Message>(Message*);
template void ysDelete<sslFactory>(sslFactory*);
template void ysDelete<Sessions>(Sessions*);
template void ysArrayDelete<unsigned char>(unsigned char*);
template void ysArrayDelete<char>(char*);
}
......
......@@ -26,17 +26,13 @@
#include "runtime.hpp"
#include "timer.hpp"
#ifdef _WIN32
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#else
#include <sys/time.h>
#endif
namespace yaSSL {
#ifdef _WIN32
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
timer_d timer()
{
static bool init(false);
......@@ -61,6 +57,8 @@ namespace yaSSL {
#else // _WIN32
#include <sys/time.h>
timer_d timer()
{
struct timeval tv;
......
/* yassl.cpp
*
* Copyright (C) 2003 Sawtooth Consulting Ltd.
*
* This file is part of yaSSL.
*
* yaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* yaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* yaSSL implements external API
*/
#include "runtime.hpp"
#include "yassl.hpp"
#include "yassl_int.hpp"
#include "handshake.hpp"
#include <stdio.h>
#include "openssl/ssl.h" // get rid of this
// yaSSL overloads hide these
void* operator new[](size_t sz)
{
return ::operator new(sz);
}
void operator delete[](void* ptr)
{
::operator delete(ptr);
}
namespace yaSSL {
using mySTL::min;
struct Base {
SSL_METHOD* method_;
SSL_CTX* ctx_;
SSL* ssl_;
char* ca_;
char* cert_;
char* key_;
DH* dh_;
Base() : method_(0), ctx_(0), ssl_(0), ca_(0), cert_(0), key_(0), dh_(0)
{}
~Base()
{
if (dh_) DH_free(dh_);
delete[] key_;
delete[] cert_;
delete[] ca_;
SSL_CTX_free(ctx_); // frees method_ too
SSL_free(ssl_);
}
};
void SetDH(Base&);
void SetUpBase(Base& base, ConnectionEnd end, SOCKET_T s)
{
base.method_ = new SSL_METHOD(end, ProtocolVersion(3,1));
base.ctx_ = new SSL_CTX(base.method_);
if (base.ca_)
if (SSL_CTX_load_verify_locations(base.ctx_,
base.ca_, 0) != SSL_SUCCESS) assert(0);
if (base.cert_)
if (SSL_CTX_use_certificate_file(base.ctx_,
base.cert_, SSL_FILETYPE_PEM) != SSL_SUCCESS) assert(0);
if (base.key_)
if (SSL_CTX_use_PrivateKey_file(base.ctx_, base.key_,
SSL_FILETYPE_PEM) != SSL_SUCCESS) assert(0);
if (end == server_end) SetDH(base);
base.ssl_ = new SSL(base.ctx_);
base.ssl_->useSocket().set_fd(s);
}
void SetDH(Base& base)
{
static unsigned char dh512_p[] =
{
0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3,
0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C,
0x47,0x74,0xE8,0x33,
};
static unsigned char dh512_g[] =
{
0x02,
};
if ( (base.dh_ = DH_new()) ) {
base.dh_->p = BN_bin2bn(dh512_p, sizeof(dh512_p), 0);
base.dh_->g = BN_bin2bn(dh512_g, sizeof(dh512_g), 0);
}
if (!base.dh_->p || !base.dh_->g) {
DH_free(base.dh_);
base.dh_ = 0;
}
SSL_CTX_set_tmp_dh(base.ctx_, base.dh_);
}
void NewCopy(char*& dst, const char* src)
{
size_t len = strlen(src) + 1;
dst = new char[len];
strncpy(dst, src, len);
}
// Client Implementation
struct Client::ClientImpl {
Base base_;
};
Client::Client() : pimpl_(new ClientImpl)
{}
Client::~Client() { delete pimpl_; }
int Client::Connect(SOCKET_T s)
{
SetUpBase(pimpl_->base_, client_end, s);
return SSL_connect(pimpl_->base_.ssl_);
}
int Client::Write(const void* buffer, int sz)
{
return sendData(*pimpl_->base_.ssl_, buffer, sz);
}
int Client::Read(void* buffer, int sz)
{
Data data(min(sz, MAX_RECORD_SIZE), static_cast<opaque*>(buffer));
return receiveData(*pimpl_->base_.ssl_, data);
}
void Client::SetCA(const char* name)
{
NewCopy(pimpl_->base_.ca_, name);
}
void Client::SetCert(const char* name)
{
NewCopy(pimpl_->base_.cert_, name);
}
void Client::SetKey(const char* name)
{
NewCopy(pimpl_->base_.key_, name);
}
// Server Implementation
struct Server::ServerImpl {
Base base_;
};
Server::Server() : pimpl_(new ServerImpl)
{}
Server::~Server() { delete pimpl_; }
int Server::Accept(SOCKET_T s)
{
SetUpBase(pimpl_->base_, server_end, s);
return SSL_accept(pimpl_->base_.ssl_);
}
int Server::Write(const void* buffer, int sz)
{
return sendData(*pimpl_->base_.ssl_, buffer, sz);
}
int Server::Read(void* buffer, int sz)
{
Data data(min(sz, MAX_RECORD_SIZE), static_cast<opaque*>(buffer));
return receiveData(*pimpl_->base_.ssl_, data);
}
void Server::SetCA(const char* name)
{
NewCopy(pimpl_->base_.ca_, name);
}
void Server::SetCert(const char* name)
{
NewCopy(pimpl_->base_.cert_, name);
}
void Server::SetKey(const char* name)
{
NewCopy(pimpl_->base_.key_, name);
}
} // namespace yaSSL
......@@ -25,6 +25,7 @@
#include "runtime.hpp"
#include "yassl_error.hpp"
#include "error.hpp" // TaoCrypt error numbers
namespace yaSSL {
......@@ -48,6 +49,184 @@ Library Error::get_lib() const
}
void SetErrorString(YasslError error, char* buffer)
{
using namespace TaoCrypt;
const int max = MAX_ERROR_SZ; // shorthand
switch (error) {
// yaSSL proper errors
case range_error :
strncpy(buffer, "buffer index error, out of range", max);
break;
case realloc_error :
strncpy(buffer, "trying to realloc a fixed buffer", max);
break;
case factory_error :
strncpy(buffer, "unknown factory create request", max);
break;
case unknown_cipher :
strncpy(buffer, "trying to use an unknown cipher", max);
break;
case prefix_error :
strncpy(buffer, "bad master secret derivation, prefix too big", max);
break;
case record_layer :
strncpy(buffer, "record layer not ready yet", max);
break;
case handshake_layer :
strncpy(buffer, "handshake layer not ready yet", max);
break;
case out_of_order :
strncpy(buffer, "handshake message received in wrong order", max);
break;
case bad_input :
strncpy(buffer, "bad cipher suite input", max);
break;
case match_error :
strncpy(buffer, "unable to match a supported cipher suite", max);
break;
case no_key_file :
strncpy(buffer, "the server needs a private key file", max);
break;
case verify_error :
strncpy(buffer, "unable to verify peer checksum", max);
break;
case send_error :
strncpy(buffer, "socket layer send error", max);
break;
case receive_error :
strncpy(buffer, "socket layer receive error", max);
break;
case certificate_error :
strncpy(buffer, "unable to proccess cerificate", max);
break;
// TaoCrypt errors
case NO_ERROR :
strncpy(buffer, "not in error state", max);
break;
case WINCRYPT_E :
strncpy(buffer, "bad wincrypt acquire", max);
break;
case CRYPTGEN_E :
strncpy(buffer, "CryptGenRandom error", max);
break;
case OPEN_RAN_E :
strncpy(buffer, "unable to use random device", max);
break;
case READ_RAN_E :
strncpy(buffer, "unable to use random device", max);
break;
case INTEGER_E :
strncpy(buffer, "ASN: bad DER Integer Header", max);
break;
case SEQUENCE_E :
strncpy(buffer, "ASN: bad Sequence Header", max);
break;
case SET_E :
strncpy(buffer, "ASN: bad Set Header", max);
break;
case VERSION_E :
strncpy(buffer, "ASN: version length not 1", max);
break;
case SIG_OID_E :
strncpy(buffer, "ASN: signature OID mismatch", max);
break;
case BIT_STR_E :
strncpy(buffer, "ASN: bad BitString Header", max);
break;
case UNKNOWN_OID_E :
strncpy(buffer, "ASN: unknown key OID type", max);
break;
case OBJECT_ID_E :
strncpy(buffer, "ASN: bad Ojbect ID Header", max);
break;
case TAG_NULL_E :
strncpy(buffer, "ASN: expected TAG NULL", max);
break;
case EXPECT_0_E :
strncpy(buffer, "ASN: expected 0", max);
break;
case OCTET_STR_E :
strncpy(buffer, "ASN: bad Octet String Header", max);
break;
case TIME_E :
strncpy(buffer, "ASN: bad TIME", max);
break;
case DATE_SZ_E :
strncpy(buffer, "ASN: bad Date Size", max);
break;
case SIG_LEN_E :
strncpy(buffer, "ASN: bad Signature Length", max);
break;
case UNKOWN_SIG_E :
strncpy(buffer, "ASN: unknown signature OID", max);
break;
case UNKOWN_HASH_E :
strncpy(buffer, "ASN: unknown hash OID", max);
break;
case DSA_SZ_E :
strncpy(buffer, "ASN: bad DSA r or s size", max);
break;
case BEFORE_DATE_E :
strncpy(buffer, "ASN: before date in the future", max);
break;
case AFTER_DATE_E :
strncpy(buffer, "ASN: after date in the past", max);
break;
case SIG_CONFIRM_E :
strncpy(buffer, "ASN: bad self signature confirmation", max);
break;
case SIG_OTHER_E :
strncpy(buffer, "ASN: bad other signature confirmation", max);
break;
default :
strncpy(buffer, "unknown error number", max);
}
}
} // namespace yaSSL
This diff is collapsed.
This diff is collapsed.
SUBDIRS = src
SUBDIRS = src test benchmark
EXTRA_DIST = taocrypt.dsw taocrypt.dsp
INCLUDES = -I../include -I../../mySTL
bin_PROGRAMS = benchmark
benchmark_SOURCES = benchmark.cpp
benchmark_LDFLAGS = -L../src
benchmark_LDADD = -ltaocrypt
benchmark_CXXFLAGS = -DYASSL_PURE_C
benchmark_DEPENDENCIES = ../src/libtaocrypt.la
EXTRA_DIST = benchmark.dsp rsa1024.der dh1024.der dsa1024.der make.bat
// benchmark.cpp
// TaoCrypt benchmark
#include <string.h>
#include <stdio.h>
#include "runtime.hpp"
#include "des.hpp"
#include "aes.hpp"
#include "twofish.hpp"
#include "blowfish.hpp"
#include "arc4.hpp"
#include "md5.hpp"
#include "sha.hpp"
#include "ripemd.hpp"
#include "rsa.hpp"
#include "dh.hpp"
#include "dsa.hpp"
using namespace TaoCrypt;
void bench_aes(bool show);
void bench_des();
void bench_blowfish();
void bench_twofish();
void bench_arc4();
void bench_md5();
void bench_sha();
void bench_ripemd();
void bench_rsa();
void bench_dh();
void bench_dsa();
double current_time();
int main(int argc, char** argv)
{
bench_aes(false);
bench_aes(true);
bench_blowfish();
bench_twofish();
bench_arc4();
bench_des();
printf("\n");
bench_md5();
bench_sha();
bench_ripemd();
printf("\n");
bench_rsa();
bench_dh();
bench_dsa();
return 0;
}
const int megs = 5; // how much to test
const byte key[] =
{
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
};
const byte iv[] =
{
0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
};
byte plain [1024*1024];
byte cipher[1024*1024];
void bench_des()
{
DES_EDE3_CBC_Encryption enc;
enc.SetKey(key, 16, iv);
double start = current_time();
for(int i = 0; i < megs; i++)
enc.Process(plain, cipher, sizeof(plain));
double total = current_time() - start;
double persec = 1 / total * megs;
printf("3DES %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total,
persec);
}
void bench_aes(bool show)
{
AES_CBC_Encryption enc;
enc.SetKey(key, 16, iv);
double start = current_time();
for(int i = 0; i < megs; i++)
enc.Process(plain, cipher, sizeof(plain));
double total = current_time() - start;
double persec = 1 / total * megs;
if (show)
printf("AES %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total,
persec);
}
void bench_twofish()
{
Twofish_CBC_Encryption enc;
enc.SetKey(key, 16, iv);
double start = current_time();
for(int i = 0; i < megs; i++)
enc.Process(plain, cipher, sizeof(plain));
double total = current_time() - start;
double persec = 1 / total * megs;
printf("Twofish %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total,
persec);
}
void bench_blowfish()
{
Blowfish_CBC_Encryption enc;
enc.SetKey(key, 16, iv);
double start = current_time();
for(int i = 0; i < megs; i++)
enc.Process(plain, cipher, sizeof(plain));
double total = current_time() - start;
double persec = 1 / total * megs;
printf("Blowfish %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total,
persec);
}
void bench_arc4()
{
ARC4 enc;
enc.SetKey(key, 16);
double start = current_time();
for(int i = 0; i < megs; i++)
enc.Process(cipher, plain, sizeof(plain));
double total = current_time() - start;
double persec = 1 / total * megs;
printf("ARC4 %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total,
persec);
}
void bench_md5()
{
MD5 hash;
byte digest[MD5::DIGEST_SIZE];
double start = current_time();
for(int i = 0; i < megs; i++)
hash.Update(plain, sizeof(plain));
hash.Final(digest);
double total = current_time() - start;
double persec = 1 / total * megs;
printf("MD5 %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total,
persec);
}
void bench_sha()
{
SHA hash;
byte digest[SHA::DIGEST_SIZE];
double start = current_time();
for(int i = 0; i < megs; i++)
hash.Update(plain, sizeof(plain));
hash.Final(digest);
/*
for(int i = 0; i < megs; i++)
hash.AsmTransform(plain, 16384);
*/
double total = current_time() - start;
double persec = 1 / total * megs;
printf("SHA %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total,
persec);
}
void bench_ripemd()
{
RIPEMD160 hash;
byte digest[RIPEMD160::DIGEST_SIZE];
double start = current_time();
for(int i = 0; i < megs; i++)
hash.Update(plain, sizeof(plain));
hash.Final(digest);
double total = current_time() - start;
double persec = 1 / total * megs;
printf("RIPEMD %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total,
persec);
}
RandomNumberGenerator rng;
void bench_rsa()
{
const int times = 100;
Source source;
FileSource("./rsa1024.der", source);
if (source.size() == 0) {
printf("can't find ./rsa1024.der\n");
return;
}
RSA_PrivateKey priv(source);
RSAES_Encryptor enc(priv);
byte message[] = "Everyone gets Friday off.";
byte cipher[128]; // for 1024 bit
byte plain[128]; // for 1024 bit
const int len = strlen((char*)message);
int i;
double start = current_time();
for (i = 0; i < times; i++)
enc.Encrypt(message, len, cipher, rng);
double total = current_time() - start;
double each = total / times; // per second
double milliEach = each * 1000; // milliseconds
printf("RSA 1024 encryption took %6.2f milliseconds, avg over %d"
" iterations\n", milliEach, times);
RSAES_Decryptor dec(priv);
start = current_time();
for (i = 0; i < times; i++)
dec.Decrypt(cipher, 128, plain, rng);
total = current_time() - start;
each = total / times; // per second
milliEach = each * 1000; // milliseconds
printf("RSA 1024 decryption took %6.2f milliseconds, avg over %d"
" iterations\n", milliEach, times);
}
void bench_dh()
{
const int times = 100;
Source source;
FileSource("./dh1024.der", source);
if (source.size() == 0) {
printf("can't find ./dh1024.der\n");
return;
}
DH dh(source);
byte pub[128]; // for 1024 bit
byte priv[128]; // for 1024 bit
int i;
double start = current_time();
for (i = 0; i < times; i++)
dh.GenerateKeyPair(rng, priv, pub);
double total = current_time() - start;
double each = total / times; // per second
double milliEach = each * 1000; // milliseconds
printf("DH 1024 key generation %6.2f milliseconds, avg over %d"
" iterations\n", milliEach, times);
DH dh2(dh);
byte pub2[128]; // for 1024 bit
byte priv2[128]; // for 1024 bit
dh2.GenerateKeyPair(rng, priv2, pub2);
unsigned char key[256];
start = current_time();
for (i = 0; i < times; i++)
dh.Agree(key, priv, pub2);
total = current_time() - start;
each = total / times; // per second
milliEach = each * 1000; // in milliseconds
printf("DH 1024 key agreement %6.2f milliseconds, avg over %d"
" iterations\n", milliEach, times);
}
void bench_dsa()
{
const int times = 100;
Source source;
FileSource("./dsa1024.der", source);
if (source.size() == 0) {
printf("can't find ./dsa1024.der\n");
return;
}
DSA_PrivateKey key(source);
DSA_Signer signer(key);
SHA sha;
byte digest[SHA::DIGEST_SIZE];
byte signature[40];
const char msg[] = "this is the message";
sha.Update((byte*)msg, sizeof(msg));
sha.Final(digest);
int i;
double start = current_time();
for (i = 0; i < times; i++)
signer.Sign(digest, signature, rng);
double total = current_time() - start;
double each = total / times; // per second
double milliEach = each * 1000; // milliseconds
printf("DSA 1024 sign took %6.2f milliseconds, avg over %d"
" iterations\n", milliEach, times);
DSA_Verifier verifier(key);
start = current_time();
for (i = 0; i < times; i++)
verifier.Verify(digest, signature);
total = current_time() - start;
each = total / times; // per second
milliEach = each * 1000; // in milliseconds
printf("DSA 1024 verify took %6.2f milliseconds, avg over %d"
" iterations\n", milliEach, times);
}
#ifdef _WIN32
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
double current_time()
{
static bool init(false);
static LARGE_INTEGER freq;
if (!init) {
QueryPerformanceFrequency(&freq);
init = true;
}
LARGE_INTEGER count;
QueryPerformanceCounter(&count);
return static_cast<double>(count.QuadPart) / freq.QuadPart;
}
#else
#include <sys/time.h>
double current_time()
{
struct timeval tv;
gettimeofday(&tv, 0);
return static_cast<double>(tv.tv_sec)
+ static_cast<double>(tv.tv_usec) / 1000000;
}
#endif // _WIN32
# Microsoft Developer Studio Project File - Name="benchmark" - Package Owner=<4>
# Microsoft Developer Studio Generated Build File, Format Version 6.00
# ** DO NOT EDIT **
# TARGTYPE "Win32 (x86) Console Application" 0x0103
CFG=benchmark - Win32 Debug
!MESSAGE This is not a valid makefile. To build this project using NMAKE,
!MESSAGE use the Export Makefile command and run
!MESSAGE
!MESSAGE NMAKE /f "benchmark.mak".
!MESSAGE
!MESSAGE You can specify a configuration when running NMAKE
!MESSAGE by defining the macro CFG on the command line. For example:
!MESSAGE
!MESSAGE NMAKE /f "benchmark.mak" CFG="benchmark - Win32 Debug"
!MESSAGE
!MESSAGE Possible choices for configuration are:
!MESSAGE
!MESSAGE "benchmark - Win32 Release" (based on "Win32 (x86) Console Application")
!MESSAGE "benchmark - Win32 Debug" (based on "Win32 (x86) Console Application")
!MESSAGE
# Begin Project
# PROP AllowPerConfigDependencies 0
# PROP Scc_ProjName ""
# PROP Scc_LocalPath ""
CPP=cl.exe
RSC=rc.exe
!IF "$(CFG)" == "benchmark - Win32 Release"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 0
# PROP BASE Output_Dir "benchmark___Win32_Release"
# PROP BASE Intermediate_Dir "benchmark___Win32_Release"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 0
# PROP Output_Dir "Release"
# PROP Intermediate_Dir "Release"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
# ADD CPP /nologo /MT /W3 /GX /O2 /I "..\include" /I "..\..\mySTL" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
# ADD BASE RSC /l 0x409 /d "NDEBUG"
# ADD RSC /l 0x409 /d "NDEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
!ELSEIF "$(CFG)" == "benchmark - Win32 Debug"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 1
# PROP BASE Output_Dir "benchmark___Win32_Debug"
# PROP BASE Intermediate_Dir "benchmark___Win32_Debug"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 1
# PROP Output_Dir "Debug"
# PROP Intermediate_Dir "Debug"
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
# ADD CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /I "..\include" /I "..\..\mySTL" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
# ADD BASE RSC /l 0x409 /d "_DEBUG"
# ADD RSC /l 0x409 /d "_DEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
!ENDIF
# Begin Target
# Name "benchmark - Win32 Release"
# Name "benchmark - Win32 Debug"
# Begin Group "Source Files"
# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
# Begin Source File
SOURCE=.\benchmark.cpp
# End Source File
# End Group
# Begin Group "Header Files"
# PROP Default_Filter "h;hpp;hxx;hm;inl"
# End Group
# Begin Group "Resource Files"
# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
# End Group
# End Target
# End Project
# quick and dirty build file for testing different MSDEVs
setlocal
set myFLAGS= /I../include /I../../mySTL /c /W3 /G6 /O2
#set myFLAGS= /I../include /I../../mySTL /c /W3
cl %myFLAGS% benchmark.cpp
link.exe /out:benchmark.exe ../src/taocrypt.lib benchmark.obj
......@@ -26,13 +26,13 @@
#ifndef TAO_CRYPT_AES_HPP
#define TAO_CRYPT_AES_HPP
#include <string.h>
#include "misc.hpp"
#include "modes.hpp"
#include "block.hpp"
namespace TaoCrypt {
enum { AES_BLOCK_SIZE = 16 };
......@@ -45,32 +45,38 @@ public:
: Mode_BASE(BLOCK_SIZE), dir_(DIR), mode_(MODE) {}
void Process(byte*, const byte*, word32);
void SetKey(const byte* iv, word32 sz, CipherDir fake = ENCRYPTION);
void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION);
void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); }
private:
CipherDir dir_;
Mode mode_;
static const word32 Te0[256];
static const word32 Te1[256];
static const word32 Te2[256];
static const word32 Te3[256];
static const word32 Te4[256];
static const word32 Td0[256];
static const word32 Td1[256];
static const word32 Td2[256];
static const word32 Td3[256];
static const word32 Td4[256];
static const word32 rcon_[];
word32 rounds_;
Word32Block key_;
word32 key_[60]; // max size
static const word32 Te[5][256];
static const word32 Td[5][256];
static const word32* Te0;
static const word32* Te1;
static const word32* Te2;
static const word32* Te3;
static const word32* Te4;
static const word32* Td0;
static const word32* Td1;
static const word32* Td2;
static const word32* Td3;
static const word32* Td4;
void encrypt(const byte*, const byte*, byte*) const;
void AsmEncrypt(const byte*, byte*, void*) const;
void decrypt(const byte*, const byte*, byte*) const;
void AsmDecrypt(const byte*, byte*, void*) const;
void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
AES(const AES&); // hide copy
AES& operator=(const AES&); // and assign
......
......@@ -42,6 +42,7 @@ public:
ARC4() {}
void Process(byte*, const byte*, word32);
void AsmProcess(byte*, const byte*, word32);
void SetKey(const byte*, word32);
private:
byte x_;
......
......@@ -232,7 +232,12 @@ enum KeyType { DSAk = 515, RSAk = 645 }; // sums of algo OID
// an x509v Certificate BER Decoder
class CertDecoder : public BER_Decoder {
public:
explicit CertDecoder(Source&, bool decode = true, SignerList* = 0);
enum DateType { BEFORE, AFTER };
enum NameType { ISSUER, SUBJECT };
enum CertType { CA, USER };
explicit CertDecoder(Source&, bool decode = true, SignerList* sl = 0,
bool noVerify = false, CertType ct = USER);
~CertDecoder();
const PublicKey& GetPublicKey() const { return key_; }
......@@ -242,9 +247,6 @@ public:
const byte* GetHash() const { return subjectHash_; }
void DecodeToKey();
enum DateType { BEFORE, AFTER };
enum NameType { ISSUER, SUBJECT };
private:
PublicKey key_;
word32 certBegin_; // offset to start of cert
......@@ -257,9 +259,10 @@ private:
byte* signature_;
char* issuer_; // CommonName
char* subject_; // CommonName
bool verify_; // Default to yes, but could be off
void ReadHeader();
void Decode(SignerList*);
void Decode(SignerList*, CertType);
void StoreKey();
void AddDSA();
bool ValidateSelfSignature();
......
......@@ -99,7 +99,7 @@ public:
CheckSize(n);
if (n == 0)
return 0;
return new (tc) T[n];
return NEW_TC T[n];
}
void deallocate(void* p, size_type n)
......
/* blowfish.hpp
*
* Copyright (C) 2003 Sawtooth Consulting Ltd.
*
* This file is part of yaSSL.
*
* yaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* yaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* blowfish.hpp defines Blowfish
*/
#ifndef TAO_CRYPT_BLOWFISH_HPP
#define TAO_CRYPT_BLOWFISH_HPP
#include "misc.hpp"
#include "modes.hpp"
#include "algorithm.hpp"
namespace TaoCrypt {
enum { BLOWFISH_BLOCK_SIZE = 8 };
// Blowfish encryption and decryption, see
class Blowfish : public Mode_BASE {
public:
enum { BLOCK_SIZE = BLOWFISH_BLOCK_SIZE, ROUNDS = 16 };
Blowfish(CipherDir DIR, Mode MODE)
: Mode_BASE(BLOCK_SIZE), dir_(DIR), mode_(MODE) {}
void Process(byte*, const byte*, word32);
void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION);
void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); }
private:
CipherDir dir_;
Mode mode_;
static const word32 p_init_[ROUNDS + 2];
static const word32 s_init_[4 * 256];
word32 pbox_[ROUNDS + 2];
word32 sbox_[4 * 256];
void crypt_block(const word32 in[2], word32 out[2]) const;
void AsmProcess(const byte* in, byte* out) const;
void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
Blowfish(const Blowfish&); // hide copy
Blowfish& operator=(const Blowfish&); // and assign
};
typedef BlockCipher<ENCRYPTION, Blowfish, ECB> Blowfish_ECB_Encryption;
typedef BlockCipher<DECRYPTION, Blowfish, ECB> Blowfish_ECB_Decryption;
typedef BlockCipher<ENCRYPTION, Blowfish, CBC> Blowfish_CBC_Encryption;
typedef BlockCipher<DECRYPTION, Blowfish, CBC> Blowfish_CBC_Decryption;
} // naemspace
#endif // TAO_CRYPT_BLOWFISH_HPP
......@@ -27,73 +27,87 @@
#ifndef TAO_CRYPT_DES_HPP
#define TAO_CRYPT_DES_HPP
#include <string.h>
#include "misc.hpp"
#include "modes.hpp"
namespace TaoCrypt {
enum { DES_BLOCK_SIZE = 8 };
// Base for all DES types
class DES_BASE : public Mode_BASE {
public:
enum { BLOCK_SIZE = DES_BLOCK_SIZE, KEY_SIZE = 32, BOXES = 8,
BOX_SIZE = 64 };
enum { DES_BLOCK_SIZE = 8, DES_KEY_SIZE = 32 };
DES_BASE(CipherDir DIR, Mode MODE)
: Mode_BASE(BLOCK_SIZE), dir_(DIR), mode_(MODE) {}
void Process(byte*, const byte*, word32);
class BasicDES {
public:
void SetKey(const byte*, word32, CipherDir dir);
void RawProcessBlock(word32&, word32&) const;
protected:
CipherDir dir_;
Mode mode_;
private:
DES_BASE(const DES_BASE&); // hide copy
DES_BASE& operator=(const DES_BASE&); // and assign
word32 k_[DES_KEY_SIZE];
};
// DES
class DES : public DES_BASE {
class DES : public Mode_BASE, public BasicDES {
public:
DES(CipherDir DIR, Mode MODE) : DES_BASE(DIR, MODE) {}
DES(CipherDir DIR, Mode MODE)
: Mode_BASE(DES_BLOCK_SIZE), dir_(DIR), mode_(MODE) {}
void SetKey(const byte*, word32, CipherDir dir);
void RawProcessBlock(word32&, word32&) const;
void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
void Process(byte*, const byte*, word32);
private:
word32 k_[KEY_SIZE];
CipherDir dir_;
Mode mode_;
void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
DES(const DES&); // hide copy
DES& operator=(const DES&); // and assign
};
// DES_EDE2
class DES_EDE2 : public DES_BASE {
class DES_EDE2 : public Mode_BASE {
public:
DES_EDE2(CipherDir DIR, Mode MODE)
: DES_BASE(DIR, MODE), des1_(DIR, MODE), des2_(DIR, MODE) {}
: Mode_BASE(DES_BLOCK_SIZE), dir_(DIR), mode_(MODE) {}
void SetKey(const byte*, word32, CipherDir dir);
void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
void Process(byte*, const byte*, word32);
private:
DES des1_;
DES des2_;
CipherDir dir_;
Mode mode_;
BasicDES des1_;
BasicDES des2_;
void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
DES_EDE2(const DES_EDE2&); // hide copy
DES_EDE2& operator=(const DES_EDE2&); // and assign
};
// DES_EDE3
class DES_EDE3 : public DES_BASE {
class DES_EDE3 : public Mode_BASE {
public:
DES_EDE3(CipherDir DIR, Mode MODE)
: DES_BASE(DIR, MODE), des1_(DIR, MODE), des2_(DIR, MODE),
des3_(DIR, MODE) {}
: Mode_BASE(DES_BLOCK_SIZE), dir_(DIR), mode_(MODE) {}
void SetKey(const byte*, word32, CipherDir dir);
void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
void SetIV(const byte* iv) { memcpy(r_, iv, DES_BLOCK_SIZE); }
void Process(byte*, const byte*, word32);
private:
DES des1_;
DES des2_;
DES des3_;
CipherDir dir_;
Mode mode_;
BasicDES des1_;
BasicDES des2_;
BasicDES des3_;
void AsmProcess(const byte* in, byte* out, void* box) const;
void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
DES_EDE3(const DES_EDE3&); // hide copy
DES_EDE3& operator=(const DES_EDE3&); // and assign
};
......
......@@ -64,7 +64,7 @@ public:
}
void GenerateKeyPair(RandomNumberGenerator&, byte*, byte*);
void Agree(byte*, const byte*, const byte*);
void Agree(byte*, const byte*, const byte*, word32 otherSz = 0);
void SetP(const Integer& p) { p_ = p; }
void SetG(const Integer& g) { g_ = g; }
......
......@@ -57,17 +57,26 @@ public:
virtual void Update(const byte*, word32);
virtual void Final(byte*);
word32 GetBitCountLo() const { return loLen_ << 3; }
word32 GetBitCountHi() const { return (loLen_ >> (8*sizeof(loLen_) - 3)) +
(hiLen_ << 3); }
enum { MaxDigestSz = 5, MaxBufferSz = 64 };
protected:
word32 buffLen_;
word32 length_; // in Bits
typedef word32 HashLengthType;
word32 buffLen_; // in bytes
HashLengthType loLen_; // length in bytes
HashLengthType hiLen_; // length in bytes
word32 digest_[MaxDigestSz];
word32 buffer_[MaxBufferSz / sizeof(word32)];
virtual void Transform() = 0;
void AddLength(word32);
};
} // namespace
#endif // TAO_CRYPT_HASH_HPP
......@@ -56,12 +56,12 @@ private:
T mac_;
// MSVC 6 HACK, gives compiler error if calculated in array
enum { HMAC_BSIZE = T::BLOCK_SIZE / sizeof(word32),
HMAC_DSIZE = T::DIGEST_SIZE / sizeof(word32) };
enum { BSIZE = T::BLOCK_SIZE / sizeof(word32),
DSIZE = T::DIGEST_SIZE / sizeof(word32) };
word32 ip_[HMAC_BSIZE]; // align ipad_ on word32
word32 op_[HMAC_BSIZE]; // align opad_ on word32
word32 innerH_[HMAC_DSIZE]; // align innerHash_ on word32
word32 ip_[BSIZE]; // align ipad_ on word32
word32 op_[BSIZE]; // align opad_ on word32
word32 innerH_[DSIZE]; // align innerHash_ on word32
void KeyInnerHash();
......
......@@ -274,9 +274,6 @@ private:
Integer& dividend, const Integer& divisor);
AlignedWordBlock reg_;
Sign sign_;
static const Integer zero_;
static const Integer one_;
};
inline bool operator==(const Integer& a, const Integer& b)
......
/* kernelc.hpp
*
* Copyright (C) 2003 Sawtooth Consulting Ltd.
*
* This file is part of yaSSL.
*
* yaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* yaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* kernelc.hpp provides support for C std lib when compiled in kernel mode
*/
#ifndef TAOCRYPT_KERNELC_HPP
#define TAOCRYPT_KERNELC_HPP
#include <linux/types.h> // get right size_t
// system functions that c++ doesn't like headers for
extern "C" void* memcpy(void*, const void*, size_t);
extern "C" void* memset(void*, int, size_t);
extern "C" void printk(char *fmt, ...);
#define KERN_ERR "<3>" /* error conditions */
#if defined(NDEBUG)
#define assert(p) ((void)0)
#else
#define assert(expr) \
if (!(expr)) { \
printk(KERN_ERR "Assertion failed! %s,%s,%s,line=%d\n", \
#expr,__FILE__,__FUNCTION__,__LINE__); }
#endif
#endif // TAOCRYPT_KERNELC_HPP
......@@ -45,10 +45,13 @@ public:
MD5(const MD5&);
MD5& operator= (const MD5&);
void Update(const byte*, word32);
void Init();
void Swap(MD5&);
private:
void Transform();
void AsmTransform(const byte* data, word32 times);
};
inline void swap(MD5& a, MD5& b)
......
......@@ -24,9 +24,15 @@
#ifndef TAO_CRYPT_MISC_HPP
#define TAO_CRYPT_MISC_HPP
#include <stdlib.h>
#include <assert.h>
#include <string.h>
#if !defined(DO_TAOCRYPT_KERNEL_MODE)
#include <stdlib.h>
#include <assert.h>
#include <string.h>
#else
#include "kernelc.hpp"
#endif
#include "types.hpp"
#include "type_traits.hpp"
......@@ -34,31 +40,38 @@
namespace TaoCrypt {
// library allocation
struct new_t {}; // TaoCrypt New type
extern new_t tc; // pass in parameter
} // namespace TaoCrypt
// Delete static singleton holders
void CleanUp();
void* operator new (size_t, TaoCrypt::new_t);
void* operator new[](size_t, TaoCrypt::new_t);
void operator delete (void*, TaoCrypt::new_t);
void operator delete[](void*, TaoCrypt::new_t);
#ifdef YASSL_PURE_C
// library allocation
struct new_t {}; // TaoCrypt New type
extern new_t tc; // pass in parameter
namespace TaoCrypt {
} // namespace TaoCrypt
template<typename T>
void tcDelete(T* ptr)
{
void* operator new (size_t, TaoCrypt::new_t);
void* operator new[](size_t, TaoCrypt::new_t);
void operator delete (void*, TaoCrypt::new_t);
void operator delete[](void*, TaoCrypt::new_t);
namespace TaoCrypt {
template<typename T>
void tcDelete(T* ptr)
{
if (ptr) ptr->~T();
::operator delete(ptr, TaoCrypt::tc);
}
}
template<typename T>
void tcArrayDelete(T* ptr)
{
template<typename T>
void tcArrayDelete(T* ptr)
{
// can't do array placement destruction since not tracking size in
// allocation, only allow builtins to use array placement since they
// don't need destructors called
......@@ -66,15 +79,39 @@ void tcArrayDelete(T* ptr)
(void)sizeof(builtin);
::operator delete[](ptr, TaoCrypt::tc);
}
}
#define NEW_TC new (TaoCrypt::tc)
// to resolve compiler generated operator delete on base classes with
// virtual destructors (when on stack), make sure doesn't get called
class virtual_base {
public:
// to resolve compiler generated operator delete on base classes with
// virtual destructors (when on stack), make sure doesn't get called
class virtual_base {
public:
static void operator delete(void*) { assert(0); }
};
};
#else // YASSL_PURE_C
template<typename T>
void tcDelete(T* ptr)
{
delete ptr;
}
template<typename T>
void tcArrayDelete(T* ptr)
{
delete[] ptr;
}
#define NEW_TC new
class virtual_base {};
#endif // YASSL_PURE_C
#if defined(_MSC_VER) || defined(__BCPLUSPLUS__)
......@@ -95,15 +132,13 @@ public:
#define TAOCRYPT_DISABLE_X86ASM
#endif
// Disable assmebler when compiling with icc
// Temporary workaround for bug12717
// icc problem with -03 and integer, disable for now
#if defined(__INTEL_COMPILER)
#define TAOCRYPT_DISABLE_X86ASM
#endif
// Turn on ia32 ASM for Big Integer
// CodeWarrior defines _MSC_VER
#if !defined(TAOCRYPT_DISABLE_X86ASM) && ((defined(_MSC_VER) && \
!defined(__MWERKS__) && defined(_M_IX86)) || \
......@@ -112,6 +147,20 @@ public:
#endif
// Turn on ia32 ASM for Ciphers and Message Digests
// Seperate define since these are more complex, use member offsets
// and user may want to turn off while leaving Big Integer optos on
#if defined(TAOCRYPT_X86ASM_AVAILABLE) && !defined(DISABLE_TAO_ASM)
#define TAO_ASM
#endif
// Extra word in older vtable implementations, for ASM member offset
#if defined(__GNUC__) && __GNUC__ < 3
#define OLD_GCC_OFFSET
#endif
#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__)
# define TAOCRYPT_MALLOC_ALIGNMENT_IS_16
#endif
......@@ -432,6 +481,58 @@ inline void ByteReverseIf(T* out, const T* in, word32 bc, ByteOrder order)
}
// do Asm Reverse is host is Little and x86asm
#ifdef LITTLE_ENDIAN_ORDER
#ifdef TAOCRYPT_X86ASM_AVAILABLE
#define LittleReverse AsmReverse
#else
#define LittleReverse ByteReverse
#endif
#else
#define LittleReverse
#endif
// do Asm Reverse is host is Big and x86asm
#ifdef BIG_ENDIAN_ORDER
#ifdef TAOCRYPT_X86ASM_AVAILABLE
#define BigReverse AsmReverse
#else
#define BigReverse ByteReverse
#endif
#else
#define BigReverse
#endif
#ifdef TAOCRYPT_X86ASM_AVAILABLE
// faster than rotate, use bswap
inline word32 AsmReverse(word32 wd)
{
#ifdef __GNUC__
__asm__
(
"bswap %1"
: "=r"(wd)
: "0"(wd)
);
#else
__asm
{
mov eax, wd
bswap eax
mov wd, eax
}
#endif
return wd;
}
#endif
template <class T>
inline void GetUserKey(ByteOrder order, T* out, word32 outlen, const byte* in,
word32 inlen)
......
......@@ -26,7 +26,6 @@
#ifndef TAO_CRYPT_MODES_HPP
#define TAO_CRYPT_MODES_HPP
#include <string.h>
#include "misc.hpp"
namespace TaoCrypt {
......@@ -68,14 +67,8 @@ public:
}
virtual ~Mode_BASE() {}
virtual void ProcessAndXorBlock(const byte*, const byte*, byte*) const = 0;
void ECB_Process(byte*, const byte*, word32);
void CBC_Encrypt(byte*, const byte*, word32);
void CBC_Decrypt(byte*, const byte*, word32);
void SetIV(const byte* iv) { memcpy(reg_, iv, blockSz_); }
private:
protected:
int blockSz_;
byte* reg_;
byte* tmp_;
......@@ -83,9 +76,15 @@ private:
word32 r_[MaxBlockSz / sizeof(word32)]; // align reg_ on word32
word32 t_[MaxBlockSz / sizeof(word32)]; // align tmp_ on word32
void ECB_Process(byte*, const byte*, word32);
void CBC_Encrypt(byte*, const byte*, word32);
void CBC_Decrypt(byte*, const byte*, word32);
Mode_BASE(const Mode_BASE&); // hide copy
Mode_BASE& operator=(const Mode_BASE&); // and assign
private:
virtual void ProcessAndXorBlock(const byte*, const byte*, byte*) const = 0;
};
......
/* pwdbased.hpp
*
* Copyright (C) 2003 Sawtooth Consulting Ltd.
*
* This file is part of yaSSL.
*
* yaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* yaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* pwdbased.hpp defines PBKDF2 from PKCS #5
*/
#ifndef TAO_CRYPT_PWDBASED_HPP
#define TAO_CRYPT_PWDBASED_HPP
#include <string.h>
#include "misc.hpp"
#include "block.hpp"
#include "hmac.hpp"
namespace TaoCrypt {
// From PKCS #5, T must be type suitable for HMAC<T>
template <class T>
class PBKDF2_HMAC {
public:
word32 MaxDerivedKeyLength() const { return 0xFFFFFFFFU;} // avoid overflow
word32 DeriveKey(byte* derived, word32 dLen, const byte* pwd, word32 pLen,
const byte* salt, word32 sLen, word32 iterations) const;
};
template <class T>
word32 PBKDF2_HMAC<T>::DeriveKey(byte* derived, word32 dLen, const byte* pwd,
word32 pLen, const byte* salt, word32 sLen,
word32 iterations) const
{
assert(dLen <= MaxDerivedKeyLength());
assert(iterations > 0);
ByteBlock buffer(T::DIGEST_SIZE);
HMAC<T> hmac;
hmac.SetKey(pwd, pLen);
word32 i = 1;
while (dLen > 0) {
hmac.Update(salt, sLen);
word32 j;
for (j = 0; j < 4; j++) {
byte b = i >> ((3-j)*8);
hmac.Update(&b, 1);
}
hmac.Final(buffer.get_buffer());
word32 segmentLen = mySTL::min(dLen, buffer.size());
memcpy(derived, buffer.get_buffer(), segmentLen);
for (j = 1; j < iterations; j++) {
hmac.Update(buffer.get_buffer(), buffer.size());
hmac.Final(buffer.get_buffer());
xorbuf(derived, buffer.get_buffer(), segmentLen);
}
derived += segmentLen;
dLen -= segmentLen;
i++;
}
return iterations;
}
} // naemspace
#endif // TAO_CRYPT_PWDBASED_HPP
......@@ -45,10 +45,12 @@ public:
RIPEMD160(const RIPEMD160&);
RIPEMD160& operator= (const RIPEMD160&);
void Update(const byte*, word32);
void Init();
void Swap(RIPEMD160&);
private:
void Transform();
void AsmTransform(const byte* data, word32 times);
};
inline void swap(RIPEMD160& a, RIPEMD160& b)
......
......@@ -25,15 +25,35 @@
#if !defined(yaSSL_NEW_HPP) && defined(__GNUC__)
#if !(defined(__ICC) || defined(__INTEL_COMPILER))
#ifndef yaSSL_NEW_HPP
#define yaSSL_NEW_HPP
#ifdef __sun
#include <assert.h>
// Handler for pure virtual functions
namespace __Crun {
static void pure_error(void)
{
assert("Pure virtual method called." == "Aborted");
}
} // namespace __Crun
#endif // __sun
#if defined(__GNUC__) && !(defined(__ICC) || defined(__INTEL_COMPILER))
#if __GNUC__ > 2
extern "C" {
#include <assert.h>
#if !defined(DO_TAOCRYPT_KERNEL_MODE)
#include <assert.h>
#else
#include "kernelc.hpp"
#endif
/* Disallow inline __cxa_pure_virtual() */
static int __cxa_pure_virtual() __attribute__((noinline, used));
......@@ -47,6 +67,6 @@ static int __cxa_pure_virtual()
} // extern "C"
#endif // __GNUC__ > 2
#endif // ! _ICC
#endif // yaSSL_NEW_HPP && __GNUC__
#endif // compiler check
#endif // yaSSL_NEW_HPP
......@@ -42,6 +42,7 @@ public:
word32 getDigestSize() const { return DIGEST_SIZE; }
word32 getPadSize() const { return PAD_SIZE; }
void Update(const byte* data, word32 len);
void Init();
SHA(const SHA&);
......@@ -50,6 +51,7 @@ public:
void Swap(SHA&);
private:
void Transform();
void AsmTransform(const byte* data, word32 times);
};
......
/* twofish.hpp
*
* Copyright (C) 2003 Sawtooth Consulting Ltd.
*
* This file is part of yaSSL.
*
* yaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* yaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* twofish.hpp defines Twofish
*/
#ifndef TAO_CRYPT_TWOFISH_HPP
#define TAO_CRYPT_TWOFISH_HPP
#include "misc.hpp"
#include "modes.hpp"
#include "algorithm.hpp"
namespace TaoCrypt {
enum { TWOFISH_BLOCK_SIZE = 16 };
// Twofish encryption and decryption, see
class Twofish : public Mode_BASE {
public:
enum { BLOCK_SIZE = TWOFISH_BLOCK_SIZE };
Twofish(CipherDir DIR, Mode MODE)
: Mode_BASE(BLOCK_SIZE), dir_(DIR), mode_(MODE) {}
void Process(byte*, const byte*, word32);
void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION);
void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); }
private:
CipherDir dir_;
Mode mode_;
static const byte q_[2][256];
static const word32 mds_[4][256];
word32 k_[40];
word32 s_[4][256];
static word32 h0(word32 x, const word32 *key, unsigned int kLen);
static word32 h(word32 x, const word32 *key, unsigned int kLen);
void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
void encrypt(const byte*, const byte*, byte*) const;
void decrypt(const byte*, const byte*, byte*) const;
void AsmEncrypt(const byte* inBlock, byte* outBlock) const;
void AsmDecrypt(const byte* inBlock, byte* outBlock) const;
Twofish(const Twofish&); // hide copy
Twofish& operator=(const Twofish&); // and assign
};
typedef BlockCipher<ENCRYPTION, Twofish, ECB> Twofish_ECB_Encryption;
typedef BlockCipher<DECRYPTION, Twofish, ECB> Twofish_ECB_Decryption;
typedef BlockCipher<ENCRYPTION, Twofish, CBC> Twofish_CBC_Encryption;
typedef BlockCipher<DECRYPTION, Twofish, CBC> Twofish_CBC_Decryption;
} // naemspace
#endif // TAO_CRYPT_TWOFISH_HPP
......@@ -61,10 +61,11 @@ typedef unsigned int word32;
// compilers we've found 64-bit multiply insructions for
#if defined(__GNUC__) || defined(_MSC_VER) || defined(__DECCXX)
#if !(defined(__ICC) || defined(__INTEL_COMPILER))
#if !(defined(__ICC) || defined(__INTEL_COMPILER))
#define HAVE_64_MULTIPLY
#endif
#endif
#endif
#if defined(HAVE_64_MULTIPLY) && (defined(__alpha__) || defined(__ia64__) \
|| defined(_ARCH_PPC64) || defined(__mips64) || defined(__x86_64__))
......
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment