Import yaSSL version 1.5.8

 - Includes patch for Bug#25189
parent 4bb6151a
yaSSL Release notes, version 1.5.0 (11/09/06)
*****************yaSSL Release notes, version 1.5.0 (1/10/07)
This release of yaSSL contains bug fixes, portability enhancements, and
support for GCC 4.1.1 and vs2005 sp1.
Since yaSSL now supports zlib, as does libcur, the libcurl build test can
fail if yaSSL is built with zlib support since the zlib library isn't
passed. You can do two things to fix this:
1) build yaSSL w/o zlib --without-zlib
2) or add flags to curl configure LDFLAGS="-lm -lz"
*****************yaSSL Release notes, version 1.5.0 (11/09/06)
This release of yaSSL contains bug fixes, portability enhancements,
and full TLS 1.1 support. Use the functions:
......
......@@ -41,7 +41,7 @@
#include "rsa.h"
#define YASSL_VERSION "1.5.0"
#define YASSL_VERSION "1.5.8"
#if defined(__cplusplus)
......
REM quick and dirty build file for testing different MSDEVs
@echo off
REM Copyright (C) 2006 MySQL AB
REM
REM This program is free software; you can redistribute it and/or modify
REM it under the terms of the GNU General Public License as published by
REM the Free Software Foundation; version 2 of the License.
REM
REM This program is distributed in the hope that it will be useful,
REM but WITHOUT ANY WARRANTY; without even the implied warranty of
REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
REM GNU General Public License for more details.
REM
REM You should have received a copy of the GNU General Public License
REM along with this program; if not, write to the Free Software
REM Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
@echo on
setlocal
set myFLAGS= /I../include /I../taocrypt/mySTL /I../taocrypt/include /W3 /c /ZI
......
......@@ -958,7 +958,7 @@ void ERR_print_errors_fp(FILE* /*fp*/)
char* ERR_error_string(unsigned long errNumber, char* buffer)
{
static char* msg = (char*) "Please supply a buffer for error string";
static char* msg = "Please supply a buffer for error string";
if (buffer) {
SetErrorString(YasslError(errNumber), buffer);
......
......@@ -150,6 +150,10 @@ void SetErrorString(YasslError error, char* buffer)
strncpy(buffer, "the read operation would block", max);
break;
case CERTFICATE_ERROR :
strncpy(buffer, "Unable to verify certificate", max);
break;
// TaoCrypt errors
case NO_ERROR_E :
strncpy(buffer, "not in error state", max);
......@@ -255,8 +259,12 @@ void SetErrorString(YasslError error, char* buffer)
strncpy(buffer, "ASN: bad other signature confirmation", max);
break;
case CERTFICATE_ERROR :
strncpy(buffer, "Unable to verify certificate", max);
case CONTENT_E :
strncpy(buffer, "bad content processing", max);
break;
case PEM_E :
strncpy(buffer, "bad PEM format processing", max);
break;
default :
......
REM quick and dirty build file for testing different MSDEVs
@echo off
REM Copyright (C) 2006 MySQL AB
REM
REM This program is free software; you can redistribute it and/or modify
REM it under the terms of the GNU General Public License as published by
REM the Free Software Foundation; version 2 of the License.
REM
REM This program is distributed in the hope that it will be useful,
REM but WITHOUT ANY WARRANTY; without even the implied warranty of
REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
REM GNU General Public License for more details.
REM
REM You should have received a copy of the GNU General Public License
REM along with this program; if not, write to the Free Software
REM Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
@echo on
setlocal
set myFLAGS= /I../include /I../mySTL /c /W3 /G6 /O2
......
......@@ -99,6 +99,17 @@ enum DNTags
};
enum PCKS12_Tags
{
/* DATA = 1, */ // from ASN1
SIGNED_DATA = 2,
ENVELOPED_DATA = 3,
SIGNED_AND_ENVELOPED_DATA = 4,
DIGESTED_DATA = 5,
ENCRYPTED_DATA = 6
};
enum Constants
{
MIN_DATE_SZ = 13,
......@@ -195,6 +206,16 @@ private:
};
// PKCS12 BER Decoder
class PKCS12_Decoder : public BER_Decoder {
public:
explicit PKCS12_Decoder(Source& s) : BER_Decoder(s) {}
void Decode();
private:
void ReadHeader();
};
// General PublicKey
class PublicKey {
byte* key_;
......@@ -241,6 +262,7 @@ private:
typedef STL::list<Signer*> SignerList;
enum ContentType { HUH = 651 };
enum SigType { SHAwDSA = 517, MD2wRSA = 646, MD5wRSA = 648, SHAwRSA =649};
enum HashType { MD2h = 646, MD5h = 649, SHAh = 88 };
enum KeyType { DSAk = 515, RSAk = 645 }; // sums of algo OID
......@@ -345,6 +367,12 @@ private:
};
// Get Cert in PEM format from BEGIN to END
int GetCert(Source&);
// Get Cert in PEM format from pkcs12 file
int GetPKCS_Cert(const char* password, Source&);
} // namespace
......
......@@ -70,8 +70,12 @@ DSA_SZ_E = 1035, // "bad DSA r or s size"
BEFORE_DATE_E = 1036, // "before date in the future"
AFTER_DATE_E = 1037, // "after date in the past"
SIG_CONFIRM_E = 1038, // "bad self signature confirmation"
SIG_OTHER_E = 1039 // "bad other signature confirmation"
SIG_OTHER_E = 1039, // "bad other signature confirmation"
CONTENT_E = 1040, // "bad content processing"
PEM_E = 1041 // "bad pem format error"
// add error string to yassl/src/yassl_error.cpp !!!
};
......
......@@ -71,8 +71,10 @@ public:
void SetError(ErrorNumber w) { error_.SetError(w); }
friend class FileSource; // for get()
private:
Source(const Source& that) : buffer_(that.buffer_), current_(that.current_) {}
Source(const Source& that)
: buffer_(that.buffer_), current_(that.current_) {}
Source& operator=(const Source& that)
{
Source tmp(that);
......
......@@ -1098,4 +1098,83 @@ word32 DecodeDSA_Signature(byte* decoded, const byte* encoded, word32 sz)
}
// Get Cert in PEM format from BEGIN to END
int GetCert(Source& source)
{
char header[] = "-----BEGIN CERTIFICATE-----";
char footer[] = "-----END CERTIFICATE-----";
char* begin = strstr((char*)source.get_buffer(), header);
char* end = strstr((char*)source.get_buffer(), footer);
if (!begin || !end || begin >= end) return -1;
end += strlen(footer);
if (*end == '\r') end++;
Source tmp((byte*)begin, end - begin + 1);
source.Swap(tmp);
return 0;
}
// Decode a BER encoded PKCS12 structure
void PKCS12_Decoder::Decode()
{
ReadHeader();
if (source_.GetError().What()) return;
// Get AuthSafe
GetSequence();
// get object id
byte obj_id = source_.next();
if (obj_id != OBJECT_IDENTIFIER) {
source_.SetError(OBJECT_ID_E);
return;
}
word32 length = GetLength(source_);
word32 algo_sum = 0;
while (length--)
algo_sum += source_.next();
// Get MacData optional
/*
mac digestInfo like certdecoder::getdigest?
macsalt octet string
iter integer
*/
}
void PKCS12_Decoder::ReadHeader()
{
// Gets Version
GetSequence();
GetVersion();
}
// Get Cert in PEM format from pkcs12 file
int GetPKCS_Cert(const char* password, Source& source)
{
PKCS12_Decoder pkcs12(source);
pkcs12.Decode();
return 0;
}
} // namespace
......@@ -131,8 +131,7 @@ void HexDecoder::Decode()
void Base64Encoder::Encode()
{
word32 bytes = plain_.size();
word32 outSz = bytes * 4 / 3;
outSz += (outSz % 4); // 4 byte integrals
word32 outSz = (bytes + 3 - 1) / 3 * 4;
outSz += (outSz + pemLineSz - 1) / pemLineSz; // new lines
encoded_.New(outSz);
......@@ -159,7 +158,7 @@ void Base64Encoder::Encode()
bytes -= 3;
if ((++j % 16) == 0)
if ((++j % 16) == 0 && bytes)
encoded_[i++] = '\n';
}
......@@ -236,11 +235,18 @@ void Base64Decoder::Decode()
if ((++j % 16) == 0) {
byte endLine = coded_.next();
bytes--;
while (endLine == ' ') { // remove possible whitespace
endLine = coded_.next();
bytes--;
}
if (endLine == '\r') {
endLine = coded_.next();
bytes--;
}
assert(endLine == '\n');
if (endLine != '\n') {
coded_.SetError(PEM_E);
return;
}
}
}
......
......@@ -88,7 +88,7 @@ namespace TaoCrypt {
#ifdef SSE2_INTRINSICS_AVAILABLE
template <class T>
CPP_TYPENAME AllocatorBase<T>::pointer AlignedAllocator<T>::allocate(
CPP_TYPENAME AlignedAllocator<T>::pointer AlignedAllocator<T>::allocate(
size_type n, const void *)
{
CheckSize(n);
......@@ -572,24 +572,29 @@ static word AtomicInverseModPower2(word A)
class Portable
{
public:
static word Add(word *C, const word *A, const word *B, unsigned int N);
static word Subtract(word *C, const word *A, const word*B, unsigned int N);
static void Multiply2(word *C, const word *A, const word *B);
static word Multiply2Add(word *C, const word *A, const word *B);
static void Multiply4(word *C, const word *A, const word *B);
static void Multiply8(word *C, const word *A, const word *B);
static unsigned int MultiplyRecursionLimit() {return 8;}
static void Multiply2Bottom(word *C, const word *A, const word *B);
static void Multiply4Bottom(word *C, const word *A, const word *B);
static void Multiply8Bottom(word *C, const word *A, const word *B);
static unsigned int MultiplyBottomRecursionLimit() {return 8;}
static void Square2(word *R, const word *A);
static void Square4(word *R, const word *A);
static void Square8(word *R, const word *A) {assert(false);}
static unsigned int SquareRecursionLimit() {return 4;}
static word TAOCRYPT_CDECL Add(word *C, const word *A, const word *B,
unsigned int N);
static word TAOCRYPT_CDECL Subtract(word *C, const word *A, const word*B,
unsigned int N);
static void TAOCRYPT_CDECL Multiply2(word *C, const word *A, const word *B);
static word TAOCRYPT_CDECL Multiply2Add(word *C,
const word *A, const word *B);
static void TAOCRYPT_CDECL Multiply4(word *C, const word *A, const word *B);
static void TAOCRYPT_CDECL Multiply8(word *C, const word *A, const word *B);
static unsigned int TAOCRYPT_CDECL MultiplyRecursionLimit() {return 8;}
static void TAOCRYPT_CDECL Multiply2Bottom(word *C, const word *A,
const word *B);
static void TAOCRYPT_CDECL Multiply4Bottom(word *C, const word *A,
const word *B);
static void TAOCRYPT_CDECL Multiply8Bottom(word *C, const word *A,
const word *B);
static unsigned int TAOCRYPT_CDECL MultiplyBottomRecursionLimit(){return 8;}
static void TAOCRYPT_CDECL Square2(word *R, const word *A);
static void TAOCRYPT_CDECL Square4(word *R, const word *A);
static void TAOCRYPT_CDECL Square8(word *R, const word *A) {assert(false);}
static unsigned int TAOCRYPT_CDECL SquareRecursionLimit() {return 4;}
};
word Portable::Add(word *C, const word *A, const word *B, unsigned int N)
......
REM quick and dirty build file for testing different MSDEVs
@echo off
REM Copyright (C) 2006 MySQL AB
REM
REM This program is free software; you can redistribute it and/or modify
REM it under the terms of the GNU General Public License as published by
REM the Free Software Foundation; version 2 of the License.
REM
REM This program is distributed in the hope that it will be useful,
REM but WITHOUT ANY WARRANTY; without even the implied warranty of
REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
REM GNU General Public License for more details.
REM
REM You should have received a copy of the GNU General Public License
REM along with this program; if not, write to the Free Software
REM Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
@echo on
setlocal
set myFLAGS= /I../include /I../mySTL /c /W3 /G6 /O2
......
REM quick and dirty build file for testing different MSDEVs
@echo off
REM Copyright (C) 2006 MySQL AB
REM
REM This program is free software; you can redistribute it and/or modify
REM it under the terms of the GNU General Public License as published by
REM the Free Software Foundation; version 2 of the License.
REM
REM This program is distributed in the hope that it will be useful,
REM but WITHOUT ANY WARRANTY; without even the implied warranty of
REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
REM GNU General Public License for more details.
REM
REM You should have received a copy of the GNU General Public License
REM along with this program; if not, write to the Free Software
REM Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
@echo on
setlocal
set myFLAGS= /I../include /I../mySTL /c /W3 /G6 /O2
......
......@@ -74,7 +74,8 @@ using TaoCrypt::EncodeDSA_Signature;
using TaoCrypt::DecodeDSA_Signature;
using TaoCrypt::PBKDF2_HMAC;
using TaoCrypt::tcArrayDelete;
using TaoCrypt::GetCert;
using TaoCrypt::GetPKCS_Cert;
struct testVector {
......@@ -103,6 +104,7 @@ int rsa_test();
int dsa_test();
int dh_test();
int pwdbased_test();
int pkcs12_test();
TaoCrypt::RandomNumberGenerator rng;
......@@ -228,6 +230,13 @@ void taocrypt_test(void* args)
else
printf( "PBKDF2 test passed!\n");
/* not ready yet
if ( (ret = pkcs12_test()) )
err_sys("PKCS12 test failed!\n", ret);
else
printf( "PKCS12 test passed!\n");
*/
tcArrayDelete(cipher);
tcArrayDelete(plain);
tcArrayDelete(msg);
......@@ -994,3 +1003,38 @@ int pwdbased_test()
return 0;
}
int pkcs12_test()
{
Source cert;
FileSource("../certs/server-cert.pem", cert);
if (cert.size() == 0) {
FileSource("../../certs/server-cert.pem", cert); // for testsuite
if (cert.size() == 0) {
FileSource("../../../certs/server-cert.pem", cert); // Debug dir
if (cert.size() == 0)
err_sys("where's your certs dir?", -109);
}
}
if (GetCert(cert) != 0)
return -110;
Source source;
FileSource("../certs/server.p12", source);
if (source.size() == 0) {
FileSource("../../certs/server.p12", source); // for testsuite
if (source.size() == 0) {
FileSource("../../../certs/server.p12", source); // Debug dir
if (source.size() == 0)
err_sys("where's your certs dir?", -111);
}
}
if (GetPKCS_Cert("password", source) != 0)
return -112;
return 0;
}
REM quick and dirty build file for testing different MSDEVs
@echo off
REM Copyright (C) 2006 MySQL AB
REM
REM This program is free software; you can redistribute it and/or modify
REM it under the terms of the GNU General Public License as published by
REM the Free Software Foundation; version 2 of the License.
REM
REM This program is distributed in the hope that it will be useful,
REM but WITHOUT ANY WARRANTY; without even the implied warranty of
REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
REM GNU General Public License for more details.
REM
REM You should have received a copy of the GNU General Public License
REM along with this program; if not, write to the Free Software
REM Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
@echo on
setlocal
set myFLAGS= /I../include /I../taocrypt/include /I../taocrypt/mySTL /c /W3 /G6 /O2 /MT /D"WIN32" /D"NO_MAIN_DRIVER"
......
......@@ -86,8 +86,8 @@ int main(int argc, char** argv)
// input output compare
byte input[TaoCrypt::MD5::DIGEST_SIZE];
byte output[TaoCrypt::MD5::DIGEST_SIZE];
file_test((char*) "input", input);
file_test((char*) "output", output);
file_test("input", input);
file_test("output", output);
assert(memcmp(input, output, sizeof(input)) == 0);
printf("\nAll tests passed!\n");
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment