Update yassl to 1.2.2

parent cd15f309
yaSSL Release notes, version 0.9.6 yaSSL Release notes, version 1.2.2 (03/27/06)
This release of yaSSL contains minor bug fixes and portability enhancements.
See build instructions below under 1.0.6:
*******************yaSSL Release notes, version 1.2.0
This release of yaSSL contains minor bug fixes, portability enhancements,
Diffie-Hellman compatibility fixes for other servers and client,
optimization improvements, and x86 ASM changes.
See build instructions below under 1.0.6:
*****************yaSSL Release notes, version 1.1.5
This release of yaSSL contains minor bug fixes, portability enhancements,
and user requested changes including the ability to add all certificates in
a directory, more robust socket handling, no new overloading unless
requested, and an SSL_VERIFY_NONE option.
See build instructions below under 1.0.6:
******************yaSSL Release notes, version 1.0.6
This release of yaSSL contains minor bug fixes, portability enhancements,
x86 assembly for ARC4, SHA, MD5, and RIPEMD, --enable-ia32-asm configure
option, and a security patch for certificate chain processing.
--To build on Linux, Solaris, *BSD, Mac OS X, or Cygwin:
./configure
make
run testsuite from yaSSL-Home/testsuite to test the build
to make a release build:
./configure --disable-debug
make
run testsuite from yaSSL-Home/testsuite to test the build
--To build on Win32
Choose (Re)Build All from the project workspace
run Debug\testsuite.exe from yaSSL-Home\testsuite to test the build
--To enable ia32 assembly for TaoCrypt ciphers and message digests
On MSVC this is always on
On GCC **, use ./configure --enable-ia32-asm
** This isn't on by default because of the use of intel syntax and the
problem that olders versions of gas have with some addressing statements.
If you enable this and get assemler errors during compilation or can't
pass the TaoCrypt tests, please send todd@yassl.com a message and disable
this option in the meantime.
***************** yaSSL Release notes, version 1.0.5
This release of yaSSL contains minor bug fixes, portability enhancements,
x86 assembly for AES, 3DES, BLOWFISH, and TWOFISH, --without-debug configure
option, and --enable-kernel-mode configure option for using TaoCrypt with
kernel modules.
--To build on Linux, Solaris, *BSD, Mac OS X, or Cygwin:
./configure
make
run testsuite from yaSSL-Home/testsuite to test the build
to make a release build:
./configure --without-debug
make
run testsuite from yaSSL-Home/testsuite to test the build
--To build on Win32
Choose (Re)Build All from the project workspace
run Debug\testsuite.exe from yaSSL-Home\testsuite to test the build
******************yaSSL Release notes, version 1.0.1
This release of yaSSL contains minor bug fixes, portability enhancements,
GCC 3.4.4 support, MSVC 2003 support, and more documentation.
Please see build instructions in the release notes for 0.9.6 below.
******************yaSSL Release notes, version 1.0
This release of yaSSL contains minor bug fixes, portability enhancements,
GCC 4.0 support, testsuite, improvements, and API additions.
Please see build instructions in the release notes for 0.9.6 below.
******************yaSSL Release notes, version 0.9.9
This release of yaSSL contains minor bug fixes, portability enchancements,
MSVC 7 support, memory improvements, and API additions.
Please see build instructions in the release notes for 0.9.6 below.
******************yaSSL Release notes, version 0.9.8
This release of yaSSL contains minor bug fixes and portability enchancements.
Please see build instructions in the release notes for 0.9.6 below.
******************yaSSL Release notes, version 0.9.6
This release of yaSSL contains minor bug fixes, removal of STL support, and This release of yaSSL contains minor bug fixes, removal of STL support, and
removal of exceptions and rtti so that the library can be linked without the removal of exceptions and rtti so that the library can be linked without the
......
/* client.cpp */
#include "../../testsuite/test.hpp"
//#define TEST_RESUME
void client_test(void* args)
{
#ifdef _WIN32
WSADATA wsd;
WSAStartup(0x0002, &wsd);
#endif
SOCKET_T sockfd = 0;
int argc = 0;
char** argv = 0;
set_args(argc, argv, *static_cast<func_args*>(args));
tcp_connect(sockfd);
SSL_METHOD* method = TLSv1_client_method();
SSL_CTX* ctx = SSL_CTX_new(method);
set_certs(ctx);
SSL* ssl = SSL_new(ctx);
SSL_set_fd(ssl, sockfd);
if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed");
showPeer(ssl);
const char* cipher = 0;
int index = 0;
char list[1024];
strcpy(list, "cipherlist");
while ( (cipher = SSL_get_cipher_list(ssl, index++)) ) {
strcat(list, ":");
strcat(list, cipher);
}
printf("%s\n", list);
printf("Using Cipher Suite %s\n", SSL_get_cipher(ssl));
char msg[] = "hello yassl!";
if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
err_sys("SSL_write failed");
char reply[1024];
reply[SSL_read(ssl, reply, sizeof(reply))] = 0;
printf("Server response: %s\n", reply);
#ifdef TEST_RESUME
SSL_SESSION* session = SSL_get_session(ssl);
SSL* sslResume = SSL_new(ctx);
#endif
SSL_shutdown(ssl);
SSL_free(ssl);
#ifdef TEST_RESUME
tcp_connect(sockfd);
SSL_set_fd(sslResume, sockfd);
SSL_set_session(sslResume, session);
if (SSL_connect(sslResume) != SSL_SUCCESS) err_sys("SSL resume failed");
if (SSL_write(sslResume, msg, sizeof(msg)) != sizeof(msg))
err_sys("SSL_write failed");
reply[SSL_read(sslResume, reply, sizeof(reply))] = 0;
printf("Server response: %s\n", reply);
SSL_shutdown(sslResume);
SSL_free(sslResume);
#endif // TEST_RESUME
SSL_CTX_free(ctx);
((func_args*)args)->return_code = 0;
}
#ifndef NO_MAIN_DRIVER
int main(int argc, char** argv)
{
func_args args;
args.argc = argc;
args.argv = argv;
client_test(&args);
return args.return_code;
}
#endif // NO_MAIN_DRIVER
# Microsoft Developer Studio Project File - Name="client" - Package Owner=<4>
# Microsoft Developer Studio Generated Build File, Format Version 6.00
# ** DO NOT EDIT **
# TARGTYPE "Win32 (x86) Console Application" 0x0103
CFG=client - Win32 Debug
!MESSAGE This is not a valid makefile. To build this project using NMAKE,
!MESSAGE use the Export Makefile command and run
!MESSAGE
!MESSAGE NMAKE /f "client.mak".
!MESSAGE
!MESSAGE You can specify a configuration when running NMAKE
!MESSAGE by defining the macro CFG on the command line. For example:
!MESSAGE
!MESSAGE NMAKE /f "client.mak" CFG="client - Win32 Debug"
!MESSAGE
!MESSAGE Possible choices for configuration are:
!MESSAGE
!MESSAGE "client - Win32 Release" (based on "Win32 (x86) Console Application")
!MESSAGE "client - Win32 Debug" (based on "Win32 (x86) Console Application")
!MESSAGE
# Begin Project
# PROP AllowPerConfigDependencies 0
# PROP Scc_ProjName ""
# PROP Scc_LocalPath ""
CPP=cl.exe
RSC=rc.exe
!IF "$(CFG)" == "client - Win32 Release"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 0
# PROP BASE Output_Dir "Release"
# PROP BASE Intermediate_Dir "Release"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 0
# PROP Output_Dir "Release"
# PROP Intermediate_Dir "Release"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
# ADD CPP /nologo /MT /W3 /O2 /I "..\..\taocrypt\include" /I "..\..\include" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
# ADD BASE RSC /l 0x409 /d "NDEBUG"
# ADD RSC /l 0x409 /d "NDEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /machine:I386
!ELSEIF "$(CFG)" == "client - Win32 Debug"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 1
# PROP BASE Output_Dir "Debug"
# PROP BASE Intermediate_Dir "Debug"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 1
# PROP Output_Dir "Debug"
# PROP Intermediate_Dir "Debug"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "..\..\include" /I "..\..\taocrypt\include" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c
# ADD BASE RSC /l 0x409 /d "_DEBUG"
# ADD RSC /l 0x409 /d "_DEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
!ENDIF
# Begin Target
# Name "client - Win32 Release"
# Name "client - Win32 Debug"
# Begin Group "Source Files"
# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
# Begin Source File
SOURCE=.\client.cpp
# End Source File
# End Group
# Begin Group "Header Files"
# PROP Default_Filter "h;hpp;hxx;hm;inl"
# End Group
# Begin Group "Resource Files"
# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
# End Group
# End Target
# End Project
/* echoclient.cpp */
#include "../../testsuite/test.hpp"
void echoclient_test(void* args)
{
#ifdef _WIN32
WSADATA wsd;
WSAStartup(0x0002, &wsd);
#endif
SOCKET_T sockfd = 0;
int argc = 0;
char** argv = 0;
FILE* fin = stdin;
FILE* fout = stdout;
bool inCreated = false;
bool outCreated = false;
set_args(argc, argv, *static_cast<func_args*>(args));
if (argc >= 2) {
fin = fopen(argv[1], "r");
inCreated = true;
}
if (argc >= 3) {
fout = fopen(argv[2], "w");
outCreated = true;
}
if (!fin) err_sys("can't open input file");
if (!fout) err_sys("can't open output file");
tcp_connect(sockfd);
SSL_METHOD* method = TLSv1_client_method();
SSL_CTX* ctx = SSL_CTX_new(method);
set_certs(ctx);
SSL* ssl = SSL_new(ctx);
SSL_set_fd(ssl, sockfd);
if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed");
char send[1024];
char reply[1024];
while (fgets(send, sizeof(send), fin)) {
int sendSz = strlen(send) + 1;
if (SSL_write(ssl, send, sendSz) != sendSz)
err_sys("SSL_write failed");
if (strncmp(send, "quit", 4) == 0) {
fputs("sending server shutdown command: quit!\n", fout);
break;
}
if (SSL_read(ssl, reply, sizeof(reply)) > 0)
fputs(reply, fout);
}
SSL_CTX_free(ctx);
SSL_free(ssl);
fflush(fout);
if (inCreated) fclose(fin);
if (outCreated) fclose(fout);
((func_args*)args)->return_code = 0;
}
#ifndef NO_MAIN_DRIVER
int main(int argc, char** argv)
{
func_args args;
args.argc = argc;
args.argv = argv;
echoclient_test(&args);
return args.return_code;
}
#endif // NO_MAIN_DRIVER
# Microsoft Developer Studio Project File - Name="echoclient" - Package Owner=<4>
# Microsoft Developer Studio Generated Build File, Format Version 6.00
# ** DO NOT EDIT **
# TARGTYPE "Win32 (x86) Console Application" 0x0103
CFG=echoclient - Win32 Debug
!MESSAGE This is not a valid makefile. To build this project using NMAKE,
!MESSAGE use the Export Makefile command and run
!MESSAGE
!MESSAGE NMAKE /f "echoclient.mak".
!MESSAGE
!MESSAGE You can specify a configuration when running NMAKE
!MESSAGE by defining the macro CFG on the command line. For example:
!MESSAGE
!MESSAGE NMAKE /f "echoclient.mak" CFG="echoclient - Win32 Debug"
!MESSAGE
!MESSAGE Possible choices for configuration are:
!MESSAGE
!MESSAGE "echoclient - Win32 Release" (based on "Win32 (x86) Console Application")
!MESSAGE "echoclient - Win32 Debug" (based on "Win32 (x86) Console Application")
!MESSAGE
# Begin Project
# PROP AllowPerConfigDependencies 0
# PROP Scc_ProjName ""
# PROP Scc_LocalPath ""
CPP=cl.exe
RSC=rc.exe
!IF "$(CFG)" == "echoclient - Win32 Release"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 0
# PROP BASE Output_Dir "Release"
# PROP BASE Intermediate_Dir "Release"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 0
# PROP Output_Dir "Release"
# PROP Intermediate_Dir "Release"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
# ADD CPP /nologo /MT /W3 /O2 /I "..\..\include" /I "..\..\taocrypt\include" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
# ADD BASE RSC /l 0x409 /d "NDEBUG"
# ADD RSC /l 0x409 /d "NDEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /machine:I386
!ELSEIF "$(CFG)" == "echoclient - Win32 Debug"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 1
# PROP BASE Output_Dir "Debug"
# PROP BASE Intermediate_Dir "Debug"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 1
# PROP Output_Dir "Debug"
# PROP Intermediate_Dir "Debug"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "..\..\include" /I "..\..\taocrypt\include" /D "_DEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c
# ADD BASE RSC /l 0x409 /d "_DEBUG"
# ADD RSC /l 0x409 /d "_DEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
!ENDIF
# Begin Target
# Name "echoclient - Win32 Release"
# Name "echoclient - Win32 Debug"
# Begin Group "Source Files"
# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
# Begin Source File
SOURCE=.\echoclient.cpp
# End Source File
# End Group
# Begin Group "Header Files"
# PROP Default_Filter "h;hpp;hxx;hm;inl"
# End Group
# Begin Group "Resource Files"
# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
# End Group
# End Target
# End Project
/* echoclient.cpp */
#include "openssl/ssl.h" /* openssl compatibility test */
#include <stdio.h>
#include <stdlib.h>
#ifdef WIN32
#include <winsock2.h>
#else
#include <string.h>
#include <unistd.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <sys/ioctl.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/socket.h>
#endif /* WIN32 */
void err_sys(const char* msg)
{
fputs("yassl client error: ", stderr);
fputs(msg, stderr);
exit(EXIT_FAILURE);
}
const char* loopback = "127.0.0.1";
const short yasslPort = 11111;
using namespace yaSSL;
int main(int argc, char** argv)
{
#ifdef WIN32
WSADATA wsd;
WSAStartup(0x0002, &wsd);
int sockfd;
#else
unsigned int sockfd;
#endif /* WIN32 */
FILE* fin = stdin;
FILE* fout = stdout;
if (argc >= 2) fin = fopen(argv[1], "r");
if (argc >= 3) fout = fopen(argv[2], "w");
if (!fin) err_sys("can't open input file");
if (!fout) err_sys("can't open output file");
sockfd = socket(AF_INET, SOCK_STREAM, 0);
sockaddr_in servaddr;
memset(&servaddr, 0, sizeof(servaddr));
servaddr.sin_family = AF_INET;
servaddr.sin_port = htons(yasslPort);
servaddr.sin_addr.s_addr = inet_addr(loopback);
if (connect(sockfd, (const sockaddr*)&servaddr, sizeof(servaddr)) != 0)
err_sys("tcp connect failed");
SSL_METHOD* method = TLSv1_client_method();
SSL_CTX* ctx = SSL_CTX_new(method);
SSL* ssl = SSL_new(ctx);
SSL_set_fd(ssl, sockfd);
if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed");
char send[1024];
char reply[1024];
while (fgets(send, sizeof(send), fin)) {
int sendSz = strlen(send) + 1;
if (SSL_write(ssl, send, sendSz) != sendSz)
err_sys("SSL_write failed");
if (strncmp(send, "quit", 4) == 0) {
fputs("sending server shutdown command: quit!", fout);
break;
}
if (SSL_read(ssl, reply, sizeof(reply)) > 0)
fputs(reply, fout);
}
SSL_CTX_free(ctx);
SSL_free(ssl);
return 0;
}
/* echoserver.cpp */
#include "../../testsuite/test.hpp"
#ifndef NO_MAIN_DRIVER
#define ECHO_OUT
THREAD_RETURN YASSL_API echoserver_test(void*);
int main(int argc, char** argv)
{
func_args args;
args.argc = argc;
args.argv = argv;
echoserver_test(&args);
return args.return_code;
}
#endif // NO_MAIN_DRIVER
THREAD_RETURN YASSL_API echoserver_test(void* args)
{
#ifdef _WIN32
WSADATA wsd;
WSAStartup(0x0002, &wsd);
#endif
SOCKET_T sockfd = 0;
int argc = 0;
char** argv = 0;
set_args(argc, argv, *static_cast<func_args*>(args));
#ifdef ECHO_OUT
FILE* fout = stdout;
if (argc >= 2) fout = fopen(argv[1], "w");
if (!fout) err_sys("can't open output file");
#endif
tcp_listen(sockfd);
SSL_METHOD* method = TLSv1_server_method();
SSL_CTX* ctx = SSL_CTX_new(method);
set_serverCerts(ctx);
DH* dh = set_tmpDH(ctx);
bool shutdown(false);
#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER)
// signal ready to tcp_accept
func_args& server_args = *((func_args*)args);
tcp_ready& ready = *server_args.signal_;
pthread_mutex_lock(&ready.mutex_);
ready.ready_ = true;
pthread_cond_signal(&ready.cond_);
pthread_mutex_unlock(&ready.mutex_);
#endif
while (!shutdown) {
sockaddr_in client;
socklen_t client_len = sizeof(client);
int clientfd = accept(sockfd, (sockaddr*)&client, &client_len);
if (clientfd == -1) err_sys("tcp accept failed");
SSL* ssl = SSL_new(ctx);
SSL_set_fd(ssl, clientfd);
if (SSL_accept(ssl) != SSL_SUCCESS) err_sys("SSL_accept failed");
char command[1024];
int echoSz(0);
while ( (echoSz = SSL_read(ssl, command, sizeof(command))) > 0) {
if ( strncmp(command, "quit", 4) == 0) {
printf("client sent quit command: shutting down!\n");
shutdown = true;
break;
}
else if ( strncmp(command, "GET", 3) == 0) {
char type[] = "HTTP/1.0 200 ok\r\nContent-type:"
" text/html\r\n\r\n";
char header[] = "<html><body BGCOLOR=\"#ffffff\">\n<pre>\n";
char body[] = "greetings from yaSSL\n";
char footer[] = "</body></html>\r\n\r\n";
strncpy(command, type, sizeof(type));
echoSz = sizeof(type) - 1;
strncpy(&command[echoSz], header, sizeof(header));
echoSz += sizeof(header) - 1;
strncpy(&command[echoSz], body, sizeof(body));
echoSz += sizeof(body) - 1;
strncpy(&command[echoSz], footer, sizeof(footer));
echoSz += sizeof(footer);
if (SSL_write(ssl, command, echoSz) != echoSz)
err_sys("SSL_write failed");
break;
}
command[echoSz] = 0;
#ifdef ECHO_OUT
fputs(command, fout);
#endif
if (SSL_write(ssl, command, echoSz) != echoSz)
err_sys("SSL_write failed");
}
SSL_free(ssl);
}
#ifdef _WIN32
closesocket(sockfd);
#else
close(sockfd);
#endif
DH_free(dh);
SSL_CTX_free(ctx);
((func_args*)args)->return_code = 0;
return 0;
}
# Microsoft Developer Studio Project File - Name="echoserver" - Package Owner=<4>
# Microsoft Developer Studio Generated Build File, Format Version 6.00
# ** DO NOT EDIT **
# TARGTYPE "Win32 (x86) Console Application" 0x0103
CFG=echoserver - Win32 Debug
!MESSAGE This is not a valid makefile. To build this project using NMAKE,
!MESSAGE use the Export Makefile command and run
!MESSAGE
!MESSAGE NMAKE /f "echoserver.mak".
!MESSAGE
!MESSAGE You can specify a configuration when running NMAKE
!MESSAGE by defining the macro CFG on the command line. For example:
!MESSAGE
!MESSAGE NMAKE /f "echoserver.mak" CFG="echoserver - Win32 Debug"
!MESSAGE
!MESSAGE Possible choices for configuration are:
!MESSAGE
!MESSAGE "echoserver - Win32 Release" (based on "Win32 (x86) Console Application")
!MESSAGE "echoserver - Win32 Debug" (based on "Win32 (x86) Console Application")
!MESSAGE
# Begin Project
# PROP AllowPerConfigDependencies 0
# PROP Scc_ProjName ""
# PROP Scc_LocalPath ""
CPP=cl.exe
RSC=rc.exe
!IF "$(CFG)" == "echoserver - Win32 Release"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 0
# PROP BASE Output_Dir "Release"
# PROP BASE Intermediate_Dir "Release"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 0
# PROP Output_Dir "Release"
# PROP Intermediate_Dir "Release"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
# ADD CPP /nologo /G6 /MT /W3 /O2 /I "..\..\include" /I "..\..\taocrypt\include" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
# ADD BASE RSC /l 0x409 /d "NDEBUG"
# ADD RSC /l 0x409 /d "NDEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /machine:I386
!ELSEIF "$(CFG)" == "echoserver - Win32 Debug"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 1
# PROP BASE Output_Dir "Debug"
# PROP BASE Intermediate_Dir "Debug"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 1
# PROP Output_Dir "Debug"
# PROP Intermediate_Dir "Debug"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "..\..\include" /I "..\..\taocrypt\include" /D "_DEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c
# ADD BASE RSC /l 0x409 /d "_DEBUG"
# ADD RSC /l 0x409 /d "_DEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
!ENDIF
# Begin Target
# Name "echoserver - Win32 Release"
# Name "echoserver - Win32 Debug"
# Begin Group "Source Files"
# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
# Begin Source File
SOURCE=.\echoserver.cpp
# End Source File
# End Group
# Begin Group "Header Files"
# PROP Default_Filter "h;hpp;hxx;hm;inl"
# End Group
# Begin Group "Resource Files"
# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
# End Group
# End Target
# End Project
/* server.cpp */
#include "../../testsuite/test.hpp"
THREAD_RETURN YASSL_API server_test(void* args)
{
#ifdef _WIN32
WSADATA wsd;
WSAStartup(0x0002, &wsd);
#endif
SOCKET_T sockfd = 0;
int clientfd = 0;
int argc = 0;
char** argv = 0;
set_args(argc, argv, *static_cast<func_args*>(args));
tcp_accept(sockfd, clientfd, *static_cast<func_args*>(args));
#ifdef _WIN32
closesocket(sockfd);
#else
close(sockfd);
#endif
SSL_METHOD* method = TLSv1_server_method();
SSL_CTX* ctx = SSL_CTX_new(method);
//SSL_CTX_set_cipher_list(ctx, "RC4-SHA");
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
set_serverCerts(ctx);
DH* dh = set_tmpDH(ctx);
SSL* ssl = SSL_new(ctx);
SSL_set_fd(ssl, clientfd);
if (SSL_accept(ssl) != SSL_SUCCESS) err_sys("SSL_accept failed");
showPeer(ssl);
printf("Using Cipher Suite %s\n", SSL_get_cipher(ssl));
char command[1024];
command[SSL_read(ssl, command, sizeof(command))] = 0;
printf("First client command: %s\n", command);
char msg[] = "I hear you, fa shizzle!";
if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
err_sys("SSL_write failed");
DH_free(dh);
SSL_CTX_free(ctx);
SSL_free(ssl);
((func_args*)args)->return_code = 0;
return 0;
}
#ifndef NO_MAIN_DRIVER
int main(int argc, char** argv)
{
func_args args;
args.argc = argc;
args.argv = argv;
server_test(&args);
return args.return_code;
}
#endif // NO_MAIN_DRIVER
# Microsoft Developer Studio Project File - Name="server" - Package Owner=<4>
# Microsoft Developer Studio Generated Build File, Format Version 6.00
# ** DO NOT EDIT **
# TARGTYPE "Win32 (x86) Application" 0x0101
CFG=server - Win32 Debug
!MESSAGE This is not a valid makefile. To build this project using NMAKE,
!MESSAGE use the Export Makefile command and run
!MESSAGE
!MESSAGE NMAKE /f "server.mak".
!MESSAGE
!MESSAGE You can specify a configuration when running NMAKE
!MESSAGE by defining the macro CFG on the command line. For example:
!MESSAGE
!MESSAGE NMAKE /f "server.mak" CFG="server - Win32 Debug"
!MESSAGE
!MESSAGE Possible choices for configuration are:
!MESSAGE
!MESSAGE "server - Win32 Release" (based on "Win32 (x86) Application")
!MESSAGE "server - Win32 Debug" (based on "Win32 (x86) Application")
!MESSAGE
# Begin Project
# PROP AllowPerConfigDependencies 0
# PROP Scc_ProjName ""
# PROP Scc_LocalPath ""
CPP=cl.exe
MTL=midl.exe
RSC=rc.exe
!IF "$(CFG)" == "server - Win32 Release"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 0
# PROP BASE Output_Dir "Release"
# PROP BASE Intermediate_Dir "Release"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 0
# PROP Output_Dir "Release"
# PROP Intermediate_Dir "Release"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /YX /FD /c
# ADD CPP /nologo /MT /W3 /O2 /I "..\..\include" /I "..\..\taocrypt\include" /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /YX /FD /c
# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /win32
# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32
# ADD BASE RSC /l 0x409 /d "NDEBUG"
# ADD RSC /l 0x409 /d "NDEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /machine:I386
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /machine:I386
# SUBTRACT LINK32 /pdb:none
!ELSEIF "$(CFG)" == "server - Win32 Debug"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 1
# PROP BASE Output_Dir "Debug"
# PROP BASE Intermediate_Dir "Debug"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 1
# PROP Output_Dir "Debug"
# PROP Intermediate_Dir "Debug"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /YX /FD /GZ /c
# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "..\..\include" /I "..\..\taocrypt\include" /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /FR /YX /FD /GZ /c
# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /win32
# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32
# ADD BASE RSC /l 0x409 /d "_DEBUG"
# ADD RSC /l 0x409 /d "_DEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /debug /machine:I386 /pdbtype:sept
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
# SUBTRACT LINK32 /pdb:none /nodefaultlib
!ENDIF
# Begin Target
# Name "server - Win32 Release"
# Name "server - Win32 Debug"
# Begin Group "Source Files"
# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
# Begin Source File
SOURCE=.\server.cpp
# End Source File
# End Group
# Begin Group "Header Files"
# PROP Default_Filter "h;hpp;hxx;hm;inl"
# End Group
# Begin Group "Resource Files"
# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
# End Group
# End Target
# End Project
...@@ -83,6 +83,7 @@ class CertManager { ...@@ -83,6 +83,7 @@ class CertManager {
SignerList signers_; // decoded CA keys and names SignerList signers_; // decoded CA keys and names
// plus verified chained certs // plus verified chained certs
bool verifyPeer_; bool verifyPeer_;
bool verifyNone_; // no error if verify fails
bool failNoCert_; bool failNoCert_;
bool sendVerify_; bool sendVerify_;
public: public:
...@@ -107,10 +108,12 @@ public: ...@@ -107,10 +108,12 @@ public:
uint get_privateKeyLength() const; uint get_privateKeyLength() const;
bool verifyPeer() const; bool verifyPeer() const;
bool verifyNone() const;
bool failNoCert() const; bool failNoCert() const;
bool sendVerify() const; bool sendVerify() const;
void setVerifyPeer(); void setVerifyPeer();
void setVerifyNone();
void setFailNoCert(); void setFailNoCert();
void setSendVerify(); void setSendVerify();
private: private:
......
...@@ -41,8 +41,8 @@ ...@@ -41,8 +41,8 @@
namespace yaSSL { namespace yaSSL {
// Digest policy should implement a get_digest, update, and get sizes for pad and // Digest policy should implement a get_digest, update, and get sizes for pad
// digest // and digest
struct Digest : public virtual_base { struct Digest : public virtual_base {
virtual void get_digest(byte*) = 0; virtual void get_digest(byte*) = 0;
virtual void get_digest(byte*, const byte*, unsigned int) = 0; virtual void get_digest(byte*, const byte*, unsigned int) = 0;
...@@ -380,7 +380,7 @@ public: ...@@ -380,7 +380,7 @@ public:
uint get_agreedKeyLength() const; uint get_agreedKeyLength() const;
const byte* get_agreedKey() const; const byte* get_agreedKey() const;
const byte* get_publicKey() const; const byte* get_publicKey() const;
void makeAgreement(const byte*); void makeAgreement(const byte*, unsigned int);
void set_sizes(int&, int&, int&) const; void set_sizes(int&, int&, int&) const;
void get_parms(byte*, byte*, byte*) const; void get_parms(byte*, byte*, byte*) const;
......
...@@ -23,6 +23,8 @@ ...@@ -23,6 +23,8 @@
* *
*/ */
#ifndef ysSSL_openssl_h__ #ifndef ysSSL_openssl_h__
#define yaSSL_openssl_h__ #define yaSSL_openssl_h__
...@@ -49,7 +51,7 @@ extern "C" { ...@@ -49,7 +51,7 @@ extern "C" {
class X509_NAME; class X509_NAME;
#else #else
typedef struct SSL SSL; typedef struct SSL SSL;
typedef struct SSL_SESION SSL_SESSION; typedef struct SSL_SESSION SSL_SESSION;
typedef struct SSL_METHOD SSL_METHOD; typedef struct SSL_METHOD SSL_METHOD;
typedef struct SSL_CTX SSL_CTX; typedef struct SSL_CTX SSL_CTX;
typedef struct SSL_CIPHER SSL_CIPHER; typedef struct SSL_CIPHER SSL_CIPHER;
...@@ -258,6 +260,8 @@ int SSL_pending(SSL*); ...@@ -258,6 +260,8 @@ int SSL_pending(SSL*);
enum { /* ssl Constants */ enum { /* ssl Constants */
SSL_BAD_STAT = -7,
SSL_BAD_PATH = -6,
SSL_BAD_FILETYPE = -5, SSL_BAD_FILETYPE = -5,
SSL_BAD_FILE = -4, SSL_BAD_FILE = -4,
SSL_NOT_IMPLEMENTED = -3, SSL_NOT_IMPLEMENTED = -3,
...@@ -341,7 +345,6 @@ long SSL_CTX_sess_set_cache_size(SSL_CTX*, long); ...@@ -341,7 +345,6 @@ long SSL_CTX_sess_set_cache_size(SSL_CTX*, long);
long SSL_CTX_set_tmp_dh(SSL_CTX*, DH*); long SSL_CTX_set_tmp_dh(SSL_CTX*, DH*);
void OpenSSL_add_all_algorithms(void); void OpenSSL_add_all_algorithms(void);
void SSL_library_init();
void SSLeay_add_ssl_algorithms(void); void SSLeay_add_ssl_algorithms(void);
......
...@@ -77,7 +77,7 @@ public: ...@@ -77,7 +77,7 @@ public:
uint send(const byte* buf, unsigned int len, int flags = 0) const; uint send(const byte* buf, unsigned int len, int flags = 0) const;
uint receive(byte* buf, unsigned int len, int flags = 0) const; uint receive(byte* buf, unsigned int len, int flags = 0) const;
void wait() const; bool wait() const;
void closeSocket(); void closeSocket();
void shutDown(int how = SD_SEND); void shutDown(int how = SD_SEND);
......
/* yassl.hpp
*
* Copyright (C) 2003 Sawtooth Consulting Ltd.
*
* This file is part of yaSSL.
*
* yaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* yaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* yaSSL externel header defines yaSSL API
*/
#ifndef yaSSL_EXT_HPP
#define yaSSL_EXT_HPP
namespace yaSSL {
#ifdef _WIN32
typedef unsigned int SOCKET_T;
#else
typedef int SOCKET_T;
#endif
class Client {
public:
Client();
~Client();
// basics
int Connect(SOCKET_T);
int Write(const void*, int);
int Read(void*, int);
// options
void SetCA(const char*);
void SetCert(const char*);
void SetKey(const char*);
private:
struct ClientImpl;
ClientImpl* pimpl_;
Client(const Client&); // hide copy
Client& operator=(const Client&); // and assign
};
class Server {
public:
Server();
~Server();
// basics
int Accept(SOCKET_T);
int Write(const void*, int);
int Read(void*, int);
// options
void SetCA(const char*);
void SetCert(const char*);
void SetKey(const char*);
private:
struct ServerImpl;
ServerImpl* pimpl_;
Server(const Server&); // hide copy
Server& operator=(const Server&); // and assign
};
} // namespace yaSSL
#endif // yaSSL_EXT_HPP
...@@ -59,6 +59,10 @@ enum YasslError { ...@@ -59,6 +59,10 @@ enum YasslError {
enum Library { yaSSL_Lib = 0, CryptoLib, SocketLib }; enum Library { yaSSL_Lib = 0, CryptoLib, SocketLib };
enum { MAX_ERROR_SZ = 80 };
void SetErrorString(YasslError, char*);
// Base class for all yaSSL exceptions // Base class for all yaSSL exceptions
class Error : public mySTL::runtime_error { class Error : public mySTL::runtime_error {
......
...@@ -662,7 +662,7 @@ struct Parameters { ...@@ -662,7 +662,7 @@ struct Parameters {
uint8 suites_size_; uint8 suites_size_;
Cipher suites_[MAX_SUITE_SZ]; Cipher suites_[MAX_SUITE_SZ];
char cipher_name_[MAX_SUITE_NAME]; char cipher_name_[MAX_SUITE_NAME];
char cipher_list_[MAX_CIPHER_LIST]; char cipher_list_[MAX_CIPHERS][MAX_SUITE_NAME];
Parameters(ConnectionEnd, const Ciphers&, ProtocolVersion); Parameters(ConnectionEnd, const Ciphers&, ProtocolVersion);
......
...@@ -77,8 +77,6 @@ enum ServerState { ...@@ -77,8 +77,6 @@ enum ServerState {
// combines all states // combines all states
class States { class States {
enum {MAX_ERROR_SZ = 80 };
RecordLayerState recordLayer_; RecordLayerState recordLayer_;
HandShakeState handshakeLayer_; HandShakeState handshakeLayer_;
ClientState clientState_; ClientState clientState_;
...@@ -231,7 +229,8 @@ sslFactory& GetSSL_Factory(); ...@@ -231,7 +229,8 @@ sslFactory& GetSSL_Factory();
class SSL_METHOD { class SSL_METHOD {
ProtocolVersion version_; ProtocolVersion version_;
ConnectionEnd side_; ConnectionEnd side_;
bool verifyPeer_; bool verifyPeer_; // request or send certificate
bool verifyNone_; // whether to verify certificate
bool failNoCert_; bool failNoCert_;
public: public:
explicit SSL_METHOD(ConnectionEnd ce, ProtocolVersion pv); explicit SSL_METHOD(ConnectionEnd ce, ProtocolVersion pv);
...@@ -240,9 +239,11 @@ public: ...@@ -240,9 +239,11 @@ public:
ConnectionEnd getSide() const; ConnectionEnd getSide() const;
void setVerifyPeer(); void setVerifyPeer();
void setVerifyNone();
void setFailNoCert(); void setFailNoCert();
bool verifyPeer() const; bool verifyPeer() const;
bool verifyNone() const;
bool failNoCert() const; bool failNoCert() const;
private: private:
SSL_METHOD(const SSL_METHOD&); // hide copy SSL_METHOD(const SSL_METHOD&); // hide copy
...@@ -335,6 +336,7 @@ public: ...@@ -335,6 +336,7 @@ public:
const Stats& GetStats() const; const Stats& GetStats() const;
void setVerifyPeer(); void setVerifyPeer();
void setVerifyNone();
void setFailNoCert(); void setFailNoCert();
bool SetCipherList(const char*); bool SetCipherList(const char*);
bool SetDH(const DH&); bool SetDH(const DH&);
......
...@@ -34,32 +34,34 @@ ...@@ -34,32 +34,34 @@
namespace yaSSL { namespace yaSSL {
// library allocation #ifdef YASSL_PURE_C
struct new_t {}; // yaSSL New type
extern new_t ys; // pass in parameter
} // namespace yaSSL // library allocation
struct new_t {}; // yaSSL New type
extern new_t ys; // pass in parameter
void* operator new (size_t, yaSSL::new_t); } // namespace yaSSL
void* operator new[](size_t, yaSSL::new_t);
void operator delete (void*, yaSSL::new_t); void* operator new (size_t, yaSSL::new_t);
void operator delete[](void*, yaSSL::new_t); void* operator new[](size_t, yaSSL::new_t);
void operator delete (void*, yaSSL::new_t);
void operator delete[](void*, yaSSL::new_t);
namespace yaSSL {
namespace yaSSL {
template<typename T>
void ysDelete(T* ptr) template<typename T>
{ void ysDelete(T* ptr)
{
if (ptr) ptr->~T(); if (ptr) ptr->~T();
::operator delete(ptr, yaSSL::ys); ::operator delete(ptr, yaSSL::ys);
} }
template<typename T> template<typename T>
void ysArrayDelete(T* ptr) void ysArrayDelete(T* ptr)
{ {
// can't do array placement destruction since not tracking size in // can't do array placement destruction since not tracking size in
// allocation, only allow builtins to use array placement since they // allocation, only allow builtins to use array placement since they
// don't need destructors called // don't need destructors called
...@@ -67,15 +69,40 @@ void ysArrayDelete(T* ptr) ...@@ -67,15 +69,40 @@ void ysArrayDelete(T* ptr)
(void)sizeof(builtin); (void)sizeof(builtin);
::operator delete[](ptr, yaSSL::ys); ::operator delete[](ptr, yaSSL::ys);
} }
#define NEW_YS new (ys)
// to resolve compiler generated operator delete on base classes with // to resolve compiler generated operator delete on base classes with
// virtual destructors (when on stack), make sure doesn't get called // virtual destructors (when on stack), make sure doesn't get called
class virtual_base { class virtual_base {
public: public:
static void operator delete(void*) { assert(0); } static void operator delete(void*) { assert(0); }
}; };
#else // YASSL_PURE_C
template<typename T>
void ysDelete(T* ptr)
{
delete ptr;
}
template<typename T>
void ysArrayDelete(T* ptr)
{
delete[] ptr;
}
#define NEW_YS new
class virtual_base {};
#endif // YASSL_PURE_C
typedef unsigned char uint8; typedef unsigned char uint8;
...@@ -105,7 +132,7 @@ const int KEY_PREFIX = 7; // up to 7 prefix letters for key rounds ...@@ -105,7 +132,7 @@ const int KEY_PREFIX = 7; // up to 7 prefix letters for key rounds
const int FORTEZZA_MAX = 128; // Maximum Fortezza Key length const int FORTEZZA_MAX = 128; // Maximum Fortezza Key length
const int MAX_SUITE_SZ = 64; // 32 max suites * sizeof(suite) const int MAX_SUITE_SZ = 64; // 32 max suites * sizeof(suite)
const int MAX_SUITE_NAME = 48; // max length of suite name const int MAX_SUITE_NAME = 48; // max length of suite name
const int MAX_CIPHER_LIST = 512; // max length of cipher list names const int MAX_CIPHERS = 32; // max supported ciphers for cipher list
const int SIZEOF_ENUM = 1; // SSL considers an enum 1 byte, not 4 const int SIZEOF_ENUM = 1; // SSL considers an enum 1 byte, not 4
const int SIZEOF_SENDER = 4; // Sender constant, for finished generation const int SIZEOF_SENDER = 4; // Sender constant, for finished generation
const int PAD_MD5 = 48; // pad length 1 and 2 for md5 finished const int PAD_MD5 = 48; // pad length 1 and 2 for md5 finished
......
...@@ -28,11 +28,14 @@ ...@@ -28,11 +28,14 @@
#define mySTL_HELPERS_HPP #define mySTL_HELPERS_HPP
#include <stdlib.h> #include <stdlib.h>
#include <new> // placement new
#ifdef __IBMCPP__
/* /*
Workaround for the lack of operator new(size_t, void*) Workaround for the lack of operator new(size_t, void*)
in IBM VA C++ 6.0 in IBM VA C++ 6.0
Also used as a workaround to avoid including <new>
*/ */
struct Dummy {}; struct Dummy {};
...@@ -42,6 +45,9 @@ ...@@ -42,6 +45,9 @@
} }
typedef Dummy* yassl_pointer; typedef Dummy* yassl_pointer;
#else
typedef void* yassl_pointer;
#endif
namespace mySTL { namespace mySTL {
......
...@@ -164,7 +164,7 @@ void list<T>::push_front(T t) ...@@ -164,7 +164,7 @@ void list<T>::push_front(T t)
{ {
void* mem = malloc(sizeof(node)); void* mem = malloc(sizeof(node));
if (!mem) abort(); if (!mem) abort();
node* add = new (reinterpret_cast<yassl_pointer>(mem)) node(t); node* add = new (mem) node(t);
if (head_) { if (head_) {
add->next_ = head_; add->next_ = head_;
...@@ -210,7 +210,7 @@ void list<T>::push_back(T t) ...@@ -210,7 +210,7 @@ void list<T>::push_back(T t)
{ {
void* mem = malloc(sizeof(node)); void* mem = malloc(sizeof(node));
if (!mem) abort(); if (!mem) abort();
node* add = new (reinterpret_cast<yassl_pointer>(mem)) node(t); node* add = new (mem) node(t);
if (tail_) { if (tail_) {
tail_->next_ = add; tail_->next_ = add;
......
...@@ -45,8 +45,7 @@ struct vector_base { ...@@ -45,8 +45,7 @@ struct vector_base {
vector_base() : start_(0), finish_(0), end_of_storage_(0) {} vector_base() : start_(0), finish_(0), end_of_storage_(0) {}
vector_base(size_t n) vector_base(size_t n)
{ {
// Don't allow malloc(0), if n is 0 use 1 start_ = static_cast<T*>(malloc(n * sizeof(T)));
start_ = static_cast<T*>(malloc((n ? n : 1) * sizeof(T)));
if (!start_) abort(); if (!start_) abort();
finish_ = start_; finish_ = start_;
end_of_storage_ = start_ + n; end_of_storage_ = start_ + n;
......
...@@ -24,6 +24,7 @@ ...@@ -24,6 +24,7 @@
* with SSL types and sockets * with SSL types and sockets
*/ */
#include <string.h> // memcpy #include <string.h> // memcpy
#include "runtime.hpp" #include "runtime.hpp"
#include "buffer.hpp" #include "buffer.hpp"
...@@ -63,13 +64,13 @@ input_buffer::input_buffer() ...@@ -63,13 +64,13 @@ input_buffer::input_buffer()
input_buffer::input_buffer(uint s) input_buffer::input_buffer(uint s)
: size_(0), current_(0), buffer_(new (ys) byte[s]), end_(buffer_ + s) : size_(0), current_(0), buffer_(NEW_YS byte[s]), end_(buffer_ + s)
{} {}
// with assign // with assign
input_buffer::input_buffer(uint s, const byte* t, uint len) input_buffer::input_buffer(uint s, const byte* t, uint len)
: size_(0), current_(0), buffer_(new (ys) byte[s]), end_(buffer_ + s) : size_(0), current_(0), buffer_(NEW_YS byte[s]), end_(buffer_ + s)
{ {
assign(t, len); assign(t, len);
} }
...@@ -85,7 +86,7 @@ input_buffer::~input_buffer() ...@@ -85,7 +86,7 @@ input_buffer::~input_buffer()
void input_buffer::allocate(uint s) void input_buffer::allocate(uint s)
{ {
assert(!buffer_); // find realloc error assert(!buffer_); // find realloc error
buffer_ = new (ys) byte[s]; buffer_ = NEW_YS byte[s];
end_ = buffer_ + s; end_ = buffer_ + s;
} }
...@@ -97,7 +98,7 @@ byte* input_buffer::get_buffer() const ...@@ -97,7 +98,7 @@ byte* input_buffer::get_buffer() const
} }
// after a raw write user can set new (ys) size // after a raw write user can set NEW_YS size
// if you know the size before the write use assign() // if you know the size before the write use assign()
void input_buffer::add_size(uint i) void input_buffer::add_size(uint i)
{ {
...@@ -199,13 +200,13 @@ output_buffer::output_buffer() ...@@ -199,13 +200,13 @@ output_buffer::output_buffer()
// with allocate // with allocate
output_buffer::output_buffer(uint s) output_buffer::output_buffer(uint s)
: current_(0), buffer_(new (ys) byte[s]), end_(buffer_ + s) : current_(0), buffer_(NEW_YS byte[s]), end_(buffer_ + s)
{} {}
// with assign // with assign
output_buffer::output_buffer(uint s, const byte* t, uint len) output_buffer::output_buffer(uint s, const byte* t, uint len)
: current_(0), buffer_(new (ys) byte[s]), end_(buffer_+ s) : current_(0), buffer_(NEW_YS byte[s]), end_(buffer_+ s)
{ {
write(t, len); write(t, len);
} }
...@@ -240,7 +241,7 @@ void output_buffer::set_current(uint c) ...@@ -240,7 +241,7 @@ void output_buffer::set_current(uint c)
void output_buffer::allocate(uint s) void output_buffer::allocate(uint s)
{ {
assert(!buffer_); // find realloc error assert(!buffer_); // find realloc error
buffer_ = new (ys) byte[s]; end_ = buffer_ + s; buffer_ = NEW_YS byte[s]; end_ = buffer_ + s;
} }
......
...@@ -39,7 +39,7 @@ ...@@ -39,7 +39,7 @@
namespace yaSSL { namespace yaSSL {
x509::x509(uint sz) : length_(sz), buffer_(new (ys) opaque[sz]) x509::x509(uint sz) : length_(sz), buffer_(NEW_YS opaque[sz])
{ {
} }
...@@ -51,7 +51,7 @@ x509::~x509() ...@@ -51,7 +51,7 @@ x509::~x509()
x509::x509(const x509& that) : length_(that.length_), x509::x509(const x509& that) : length_(that.length_),
buffer_(new (ys) opaque[length_]) buffer_(NEW_YS opaque[length_])
{ {
memcpy(buffer_, that.buffer_, length_); memcpy(buffer_, that.buffer_, length_);
} }
...@@ -92,7 +92,8 @@ opaque* x509::use_buffer() ...@@ -92,7 +92,8 @@ opaque* x509::use_buffer()
//CertManager //CertManager
CertManager::CertManager() CertManager::CertManager()
: peerX509_(0), verifyPeer_(false), failNoCert_(false), sendVerify_(false) : peerX509_(0), verifyPeer_(false), verifyNone_(false), failNoCert_(false),
sendVerify_(false)
{} {}
...@@ -114,6 +115,12 @@ bool CertManager::verifyPeer() const ...@@ -114,6 +115,12 @@ bool CertManager::verifyPeer() const
} }
bool CertManager::verifyNone() const
{
return verifyNone_;
}
bool CertManager::failNoCert() const bool CertManager::failNoCert() const
{ {
return failNoCert_; return failNoCert_;
...@@ -132,6 +139,12 @@ void CertManager::setVerifyPeer() ...@@ -132,6 +139,12 @@ void CertManager::setVerifyPeer()
} }
void CertManager::setVerifyNone()
{
verifyNone_ = true;
}
void CertManager::setFailNoCert() void CertManager::setFailNoCert()
{ {
failNoCert_ = true; failNoCert_ = true;
...@@ -153,7 +166,7 @@ void CertManager::AddPeerCert(x509* x) ...@@ -153,7 +166,7 @@ void CertManager::AddPeerCert(x509* x)
void CertManager::CopySelfCert(const x509* x) void CertManager::CopySelfCert(const x509* x)
{ {
if (x) if (x)
list_.push_back(new (ys) x509(*x)); list_.push_back(NEW_YS x509(*x));
} }
...@@ -161,11 +174,12 @@ void CertManager::CopySelfCert(const x509* x) ...@@ -161,11 +174,12 @@ void CertManager::CopySelfCert(const x509* x)
int CertManager::CopyCaCert(const x509* x) int CertManager::CopyCaCert(const x509* x)
{ {
TaoCrypt::Source source(x->get_buffer(), x->get_length()); TaoCrypt::Source source(x->get_buffer(), x->get_length());
TaoCrypt::CertDecoder cert(source, true, &signers_); TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_,
TaoCrypt::CertDecoder::CA);
if (!cert.GetError().What()) { if (!cert.GetError().What()) {
const TaoCrypt::PublicKey& key = cert.GetPublicKey(); const TaoCrypt::PublicKey& key = cert.GetPublicKey();
signers_.push_back(new (ys) TaoCrypt::Signer(key.GetKey(), key.size(), signers_.push_back(NEW_YS TaoCrypt::Signer(key.GetKey(), key.size(),
cert.GetCommonName(), cert.GetHash())); cert.GetCommonName(), cert.GetHash()));
} }
return cert.GetError().What(); return cert.GetError().What();
...@@ -228,13 +242,13 @@ int CertManager::Validate() ...@@ -228,13 +242,13 @@ int CertManager::Validate()
while ( count > 1 ) { while ( count > 1 ) {
TaoCrypt::Source source((*last)->get_buffer(), (*last)->get_length()); TaoCrypt::Source source((*last)->get_buffer(), (*last)->get_length());
TaoCrypt::CertDecoder cert(source, true, &signers_); TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_);
if (int err = cert.GetError().What()) if (int err = cert.GetError().What())
return err; return err;
const TaoCrypt::PublicKey& key = cert.GetPublicKey(); const TaoCrypt::PublicKey& key = cert.GetPublicKey();
signers_.push_back(new (ys) TaoCrypt::Signer(key.GetKey(), key.size(), signers_.push_back(NEW_YS TaoCrypt::Signer(key.GetKey(), key.size(),
cert.GetCommonName(), cert.GetHash())); cert.GetCommonName(), cert.GetHash()));
--last; --last;
--count; --count;
...@@ -243,7 +257,7 @@ int CertManager::Validate() ...@@ -243,7 +257,7 @@ int CertManager::Validate()
if (count) { if (count) {
// peer's is at the front // peer's is at the front
TaoCrypt::Source source((*last)->get_buffer(), (*last)->get_length()); TaoCrypt::Source source((*last)->get_buffer(), (*last)->get_length());
TaoCrypt::CertDecoder cert(source, true, &signers_); TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_);
if (int err = cert.GetError().What()) if (int err = cert.GetError().What())
return err; return err;
...@@ -259,7 +273,7 @@ int CertManager::Validate() ...@@ -259,7 +273,7 @@ int CertManager::Validate()
int iSz = cert.GetIssuer() ? strlen(cert.GetIssuer()) + 1 : 0; int iSz = cert.GetIssuer() ? strlen(cert.GetIssuer()) + 1 : 0;
int sSz = cert.GetCommonName() ? strlen(cert.GetCommonName()) + 1 : 0; int sSz = cert.GetCommonName() ? strlen(cert.GetCommonName()) + 1 : 0;
peerX509_ = new (ys) X509(cert.GetIssuer(), iSz, cert.GetCommonName(), peerX509_ = NEW_YS X509(cert.GetIssuer(), iSz, cert.GetCommonName(),
sSz); sSz);
} }
return 0; return 0;
......
...@@ -58,13 +58,13 @@ struct MD5::MD5Impl { ...@@ -58,13 +58,13 @@ struct MD5::MD5Impl {
}; };
MD5::MD5() : pimpl_(new (ys) MD5Impl) {} MD5::MD5() : pimpl_(NEW_YS MD5Impl) {}
MD5::~MD5() { ysDelete(pimpl_); } MD5::~MD5() { ysDelete(pimpl_); }
MD5::MD5(const MD5& that) : Digest(), pimpl_(new (ys) MD5::MD5(const MD5& that) : Digest(), pimpl_(NEW_YS
MD5Impl(that.pimpl_->md5_)) {} MD5Impl(that.pimpl_->md5_)) {}
...@@ -116,13 +116,13 @@ struct SHA::SHAImpl { ...@@ -116,13 +116,13 @@ struct SHA::SHAImpl {
}; };
SHA::SHA() : pimpl_(new (ys) SHAImpl) {} SHA::SHA() : pimpl_(NEW_YS SHAImpl) {}
SHA::~SHA() { ysDelete(pimpl_); } SHA::~SHA() { ysDelete(pimpl_); }
SHA::SHA(const SHA& that) : Digest(), pimpl_(new (ys) SHAImpl(that.pimpl_->sha_)) {} SHA::SHA(const SHA& that) : Digest(), pimpl_(NEW_YS SHAImpl(that.pimpl_->sha_)) {}
SHA& SHA::operator=(const SHA& that) SHA& SHA::operator=(const SHA& that)
{ {
...@@ -173,13 +173,13 @@ struct RMD::RMDImpl { ...@@ -173,13 +173,13 @@ struct RMD::RMDImpl {
}; };
RMD::RMD() : pimpl_(new (ys) RMDImpl) {} RMD::RMD() : pimpl_(NEW_YS RMDImpl) {}
RMD::~RMD() { ysDelete(pimpl_); } RMD::~RMD() { ysDelete(pimpl_); }
RMD::RMD(const RMD& that) : Digest(), pimpl_(new (ys) RMDImpl(that.pimpl_->rmd_)) {} RMD::RMD(const RMD& that) : Digest(), pimpl_(NEW_YS RMDImpl(that.pimpl_->rmd_)) {}
RMD& RMD::operator=(const RMD& that) RMD& RMD::operator=(const RMD& that)
{ {
...@@ -230,7 +230,7 @@ struct HMAC_MD5::HMAC_MD5Impl { ...@@ -230,7 +230,7 @@ struct HMAC_MD5::HMAC_MD5Impl {
HMAC_MD5::HMAC_MD5(const byte* secret, unsigned int len) HMAC_MD5::HMAC_MD5(const byte* secret, unsigned int len)
: pimpl_(new (ys) HMAC_MD5Impl) : pimpl_(NEW_YS HMAC_MD5Impl)
{ {
pimpl_->mac_.SetKey(secret, len); pimpl_->mac_.SetKey(secret, len);
} }
...@@ -280,7 +280,7 @@ struct HMAC_SHA::HMAC_SHAImpl { ...@@ -280,7 +280,7 @@ struct HMAC_SHA::HMAC_SHAImpl {
HMAC_SHA::HMAC_SHA(const byte* secret, unsigned int len) HMAC_SHA::HMAC_SHA(const byte* secret, unsigned int len)
: pimpl_(new (ys) HMAC_SHAImpl) : pimpl_(NEW_YS HMAC_SHAImpl)
{ {
pimpl_->mac_.SetKey(secret, len); pimpl_->mac_.SetKey(secret, len);
} }
...@@ -331,7 +331,7 @@ struct HMAC_RMD::HMAC_RMDImpl { ...@@ -331,7 +331,7 @@ struct HMAC_RMD::HMAC_RMDImpl {
HMAC_RMD::HMAC_RMD(const byte* secret, unsigned int len) HMAC_RMD::HMAC_RMD(const byte* secret, unsigned int len)
: pimpl_(new (ys) HMAC_RMDImpl) : pimpl_(NEW_YS HMAC_RMDImpl)
{ {
pimpl_->mac_.SetKey(secret, len); pimpl_->mac_.SetKey(secret, len);
} }
...@@ -379,7 +379,7 @@ struct DES::DESImpl { ...@@ -379,7 +379,7 @@ struct DES::DESImpl {
}; };
DES::DES() : pimpl_(new (ys) DESImpl) {} DES::DES() : pimpl_(NEW_YS DESImpl) {}
DES::~DES() { ysDelete(pimpl_); } DES::~DES() { ysDelete(pimpl_); }
...@@ -415,7 +415,7 @@ struct DES_EDE::DES_EDEImpl { ...@@ -415,7 +415,7 @@ struct DES_EDE::DES_EDEImpl {
}; };
DES_EDE::DES_EDE() : pimpl_(new (ys) DES_EDEImpl) {} DES_EDE::DES_EDE() : pimpl_(NEW_YS DES_EDEImpl) {}
DES_EDE::~DES_EDE() { ysDelete(pimpl_); } DES_EDE::~DES_EDE() { ysDelete(pimpl_); }
...@@ -453,7 +453,7 @@ struct RC4::RC4Impl { ...@@ -453,7 +453,7 @@ struct RC4::RC4Impl {
}; };
RC4::RC4() : pimpl_(new (ys) RC4Impl) {} RC4::RC4() : pimpl_(NEW_YS RC4Impl) {}
RC4::~RC4() { ysDelete(pimpl_); } RC4::~RC4() { ysDelete(pimpl_); }
...@@ -495,7 +495,7 @@ struct AES::AESImpl { ...@@ -495,7 +495,7 @@ struct AES::AESImpl {
}; };
AES::AES(unsigned int ks) : pimpl_(new (ys) AESImpl(ks)) {} AES::AES(unsigned int ks) : pimpl_(NEW_YS AESImpl(ks)) {}
AES::~AES() { ysDelete(pimpl_); } AES::~AES() { ysDelete(pimpl_); }
...@@ -536,7 +536,7 @@ struct RandomPool::RandomImpl { ...@@ -536,7 +536,7 @@ struct RandomPool::RandomImpl {
TaoCrypt::RandomNumberGenerator RNG_; TaoCrypt::RandomNumberGenerator RNG_;
}; };
RandomPool::RandomPool() : pimpl_(new (ys) RandomImpl) {} RandomPool::RandomPool() : pimpl_(NEW_YS RandomImpl) {}
RandomPool::~RandomPool() { ysDelete(pimpl_); } RandomPool::~RandomPool() { ysDelete(pimpl_); }
...@@ -580,7 +580,7 @@ void DSS::DSSImpl::SetPrivate(const byte* key, unsigned int sz) ...@@ -580,7 +580,7 @@ void DSS::DSSImpl::SetPrivate(const byte* key, unsigned int sz)
// Set public or private key // Set public or private key
DSS::DSS(const byte* key, unsigned int sz, bool publicKey) DSS::DSS(const byte* key, unsigned int sz, bool publicKey)
: pimpl_(new (ys) DSSImpl) : pimpl_(NEW_YS DSSImpl)
{ {
if (publicKey) if (publicKey)
pimpl_->SetPublic(key, sz); pimpl_->SetPublic(key, sz);
...@@ -651,7 +651,7 @@ void RSA::RSAImpl::SetPrivate(const byte* key, unsigned int sz) ...@@ -651,7 +651,7 @@ void RSA::RSAImpl::SetPrivate(const byte* key, unsigned int sz)
// Set public or private key // Set public or private key
RSA::RSA(const byte* key, unsigned int sz, bool publicKey) RSA::RSA(const byte* key, unsigned int sz, bool publicKey)
: pimpl_(new (ys) RSAImpl) : pimpl_(NEW_YS RSAImpl)
{ {
if (publicKey) if (publicKey)
pimpl_->SetPublic(key, sz); pimpl_->SetPublic(key, sz);
...@@ -723,13 +723,13 @@ struct Integer::IntegerImpl { ...@@ -723,13 +723,13 @@ struct Integer::IntegerImpl {
explicit IntegerImpl(const TaoCrypt::Integer& i) : int_(i) {} explicit IntegerImpl(const TaoCrypt::Integer& i) : int_(i) {}
}; };
Integer::Integer() : pimpl_(new (ys) IntegerImpl) {} Integer::Integer() : pimpl_(NEW_YS IntegerImpl) {}
Integer::~Integer() { ysDelete(pimpl_); } Integer::~Integer() { ysDelete(pimpl_); }
Integer::Integer(const Integer& other) : pimpl_(new (ys) Integer::Integer(const Integer& other) : pimpl_(NEW_YS
IntegerImpl(other.pimpl_->int_)) IntegerImpl(other.pimpl_->int_))
{} {}
...@@ -773,9 +773,9 @@ struct DiffieHellman::DHImpl { ...@@ -773,9 +773,9 @@ struct DiffieHellman::DHImpl {
void AllocKeys(unsigned int pubSz, unsigned int privSz, unsigned int agrSz) void AllocKeys(unsigned int pubSz, unsigned int privSz, unsigned int agrSz)
{ {
publicKey_ = new (ys) byte[pubSz]; publicKey_ = NEW_YS byte[pubSz];
privateKey_ = new (ys) byte[privSz]; privateKey_ = NEW_YS byte[privSz];
agreedKey_ = new (ys) byte[agrSz]; agreedKey_ = NEW_YS byte[agrSz];
} }
}; };
...@@ -784,7 +784,7 @@ struct DiffieHellman::DHImpl { ...@@ -784,7 +784,7 @@ struct DiffieHellman::DHImpl {
/* /*
// server Side DH, server's view // server Side DH, server's view
DiffieHellman::DiffieHellman(const char* file, const RandomPool& random) DiffieHellman::DiffieHellman(const char* file, const RandomPool& random)
: pimpl_(new (ys) DHImpl(random.pimpl_->RNG_)) : pimpl_(NEW_YS DHImpl(random.pimpl_->RNG_))
{ {
using namespace TaoCrypt; using namespace TaoCrypt;
Source source; Source source;
...@@ -808,12 +808,12 @@ DiffieHellman::DiffieHellman(const char* file, const RandomPool& random) ...@@ -808,12 +808,12 @@ DiffieHellman::DiffieHellman(const char* file, const RandomPool& random)
DiffieHellman::DiffieHellman(const byte* p, unsigned int pSz, const byte* g, DiffieHellman::DiffieHellman(const byte* p, unsigned int pSz, const byte* g,
unsigned int gSz, const byte* pub, unsigned int gSz, const byte* pub,
unsigned int pubSz, const RandomPool& random) unsigned int pubSz, const RandomPool& random)
: pimpl_(new (ys) DHImpl(random.pimpl_->RNG_)) : pimpl_(NEW_YS DHImpl(random.pimpl_->RNG_))
{ {
using TaoCrypt::Integer; using TaoCrypt::Integer;
pimpl_->dh_.Initialize(Integer(p, pSz).Ref(), Integer(g, gSz).Ref()); pimpl_->dh_.Initialize(Integer(p, pSz).Ref(), Integer(g, gSz).Ref());
pimpl_->publicKey_ = new (ys) opaque[pubSz]; pimpl_->publicKey_ = NEW_YS opaque[pubSz];
memcpy(pimpl_->publicKey_, pub, pubSz); memcpy(pimpl_->publicKey_, pub, pubSz);
} }
...@@ -821,7 +821,7 @@ DiffieHellman::DiffieHellman(const byte* p, unsigned int pSz, const byte* g, ...@@ -821,7 +821,7 @@ DiffieHellman::DiffieHellman(const byte* p, unsigned int pSz, const byte* g,
// Server Side DH, server's view // Server Side DH, server's view
DiffieHellman::DiffieHellman(const Integer& p, const Integer& g, DiffieHellman::DiffieHellman(const Integer& p, const Integer& g,
const RandomPool& random) const RandomPool& random)
: pimpl_(new (ys) DHImpl(random.pimpl_->RNG_)) : pimpl_(NEW_YS DHImpl(random.pimpl_->RNG_))
{ {
using TaoCrypt::Integer; using TaoCrypt::Integer;
...@@ -839,7 +839,7 @@ DiffieHellman::~DiffieHellman() { ysDelete(pimpl_); } ...@@ -839,7 +839,7 @@ DiffieHellman::~DiffieHellman() { ysDelete(pimpl_); }
// Client side and view, use server that for p and g // Client side and view, use server that for p and g
DiffieHellman::DiffieHellman(const DiffieHellman& that) DiffieHellman::DiffieHellman(const DiffieHellman& that)
: pimpl_(new (ys) DHImpl(*that.pimpl_)) : pimpl_(NEW_YS DHImpl(*that.pimpl_))
{ {
pimpl_->dh_.GenerateKeyPair(pimpl_->ranPool_, pimpl_->privateKey_, pimpl_->dh_.GenerateKeyPair(pimpl_->ranPool_, pimpl_->privateKey_,
pimpl_->publicKey_); pimpl_->publicKey_);
...@@ -855,9 +855,9 @@ DiffieHellman& DiffieHellman::operator=(const DiffieHellman& that) ...@@ -855,9 +855,9 @@ DiffieHellman& DiffieHellman::operator=(const DiffieHellman& that)
} }
void DiffieHellman::makeAgreement(const byte* other) void DiffieHellman::makeAgreement(const byte* other, unsigned int otherSz)
{ {
pimpl_->dh_.Agree(pimpl_->agreedKey_, pimpl_->privateKey_, other); pimpl_->dh_.Agree(pimpl_->agreedKey_, pimpl_->privateKey_, other, otherSz);
} }
...@@ -960,7 +960,7 @@ x509* PemToDer(const char* fname, CertType type) ...@@ -960,7 +960,7 @@ x509* PemToDer(const char* fname, CertType type)
Base64Decoder b64Dec(der); Base64Decoder b64Dec(der);
uint sz = der.size(); uint sz = der.size();
mySTL::auto_ptr<x509> x(new (ys) x509(sz), ysDelete); mySTL::auto_ptr<x509> x(NEW_YS x509(sz), ysDelete);
memcpy(x->use_buffer(), der.get_buffer(), sz); memcpy(x->use_buffer(), der.get_buffer(), sz);
fclose(file); fclose(file);
......
...@@ -24,6 +24,8 @@ ...@@ -24,6 +24,8 @@
* the various handshake messages. * the various handshake messages.
*/ */
#include "runtime.hpp" #include "runtime.hpp"
#include "handshake.hpp" #include "handshake.hpp"
#include "yassl_int.hpp" #include "yassl_int.hpp"
...@@ -362,9 +364,9 @@ void p_hash(output_buffer& result, const output_buffer& secret, ...@@ -362,9 +364,9 @@ void p_hash(output_buffer& result, const output_buffer& secret,
if (lastLen) times += 1; if (lastLen) times += 1;
if (hash == md5) if (hash == md5)
hmac.reset(new (ys) HMAC_MD5(secret.get_buffer(), secret.get_size())); hmac.reset(NEW_YS HMAC_MD5(secret.get_buffer(), secret.get_size()));
else else
hmac.reset(new (ys) HMAC_SHA(secret.get_buffer(), secret.get_size())); hmac.reset(NEW_YS HMAC_SHA(secret.get_buffer(), secret.get_size()));
// A0 = seed // A0 = seed
hmac->get_digest(previous, seed.get_buffer(), seed.get_size());// A1 hmac->get_digest(previous, seed.get_buffer(), seed.get_size());// A1
uint lastTime = times - 1; uint lastTime = times - 1;
...@@ -582,11 +584,11 @@ void TLS_hmac(SSL& ssl, byte* digest, const byte* buffer, uint sz, ...@@ -582,11 +584,11 @@ void TLS_hmac(SSL& ssl, byte* digest, const byte* buffer, uint sz,
MACAlgorithm algo = ssl.getSecurity().get_parms().mac_algorithm_; MACAlgorithm algo = ssl.getSecurity().get_parms().mac_algorithm_;
if (algo == sha) if (algo == sha)
hmac.reset(new (ys) HMAC_SHA(ssl.get_macSecret(verify), SHA_LEN)); hmac.reset(NEW_YS HMAC_SHA(ssl.get_macSecret(verify), SHA_LEN));
else if (algo == rmd) else if (algo == rmd)
hmac.reset(new (ys) HMAC_RMD(ssl.get_macSecret(verify), RMD_LEN)); hmac.reset(NEW_YS HMAC_RMD(ssl.get_macSecret(verify), RMD_LEN));
else else
hmac.reset(new (ys) HMAC_MD5(ssl.get_macSecret(verify), MD5_LEN)); hmac.reset(NEW_YS HMAC_MD5(ssl.get_macSecret(verify), MD5_LEN));
hmac->update(seq, SEQ_SZ); // seq_num hmac->update(seq, SEQ_SZ); // seq_num
inner[0] = content; // type inner[0] = content; // type
...@@ -603,7 +605,7 @@ void TLS_hmac(SSL& ssl, byte* digest, const byte* buffer, uint sz, ...@@ -603,7 +605,7 @@ void TLS_hmac(SSL& ssl, byte* digest, const byte* buffer, uint sz,
void PRF(byte* digest, uint digLen, const byte* secret, uint secLen, void PRF(byte* digest, uint digLen, const byte* secret, uint secLen,
const byte* label, uint labLen, const byte* seed, uint seedLen) const byte* label, uint labLen, const byte* seed, uint seedLen)
{ {
uint half = secLen / 2 + secLen % 2; uint half = (secLen + 1) / 2;
output_buffer md5_half(half); output_buffer md5_half(half);
output_buffer sha_half(half); output_buffer sha_half(half);
...@@ -654,13 +656,13 @@ mySTL::auto_ptr<input_buffer> null_buffer(ysDelete); ...@@ -654,13 +656,13 @@ mySTL::auto_ptr<input_buffer> null_buffer(ysDelete);
mySTL::auto_ptr<input_buffer> mySTL::auto_ptr<input_buffer>
DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered) DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered)
{ {
ssl.getSocket().wait(); // wait for input if blocking // wait for input if blocking
uint ready = ssl.getSocket().get_ready(); if (!ssl.getSocket().wait()) {
if (!ready) {
// Nothing to receive after blocking wait => error
ssl.SetError(receive_error); ssl.SetError(receive_error);
return buffered= null_buffer; return buffered = null_buffer;
} }
uint ready = ssl.getSocket().get_ready();
if (!ready) return buffered;
// add buffered data if its there // add buffered data if its there
uint buffSz = buffered.get() ? buffered.get()->get_size() : 0; uint buffSz = buffered.get() ? buffered.get()->get_size() : 0;
...@@ -670,7 +672,7 @@ DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered) ...@@ -670,7 +672,7 @@ DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered)
buffered = null_buffer; buffered = null_buffer;
} }
// add new (ys) data // add NEW_YS data
uint read = ssl.getSocket().receive(buffer.get_buffer() + buffSz, ready); uint read = ssl.getSocket().receive(buffer.get_buffer() + buffSz, ready);
buffer.add_size(read); buffer.add_size(read);
uint offset = 0; uint offset = 0;
...@@ -691,7 +693,7 @@ DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered) ...@@ -691,7 +693,7 @@ DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered)
// make sure we have enough input in buffer to process this record // make sure we have enough input in buffer to process this record
if (hdr.length_ > buffer.get_remaining()) { if (hdr.length_ > buffer.get_remaining()) {
uint sz = buffer.get_remaining() + RECORD_HEADER; uint sz = buffer.get_remaining() + RECORD_HEADER;
buffered.reset(new (ys) input_buffer(sz, buffer.get_buffer() + buffered.reset(NEW_YS input_buffer(sz, buffer.get_buffer() +
buffer.get_current() - RECORD_HEADER, sz)); buffer.get_current() - RECORD_HEADER, sz));
break; break;
} }
...@@ -727,6 +729,7 @@ void processReply(SSL& ssl) ...@@ -727,6 +729,7 @@ void processReply(SSL& ssl)
buffered = tmp; buffered = tmp;
else else
break; break;
if (ssl.GetError()) return;
} }
} }
...@@ -764,7 +767,7 @@ void sendClientKeyExchange(SSL& ssl, BufferOutput buffer) ...@@ -764,7 +767,7 @@ void sendClientKeyExchange(SSL& ssl, BufferOutput buffer)
RecordLayerHeader rlHeader; RecordLayerHeader rlHeader;
HandShakeHeader hsHeader; HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer, ysDelete); mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildHeaders(ssl, hsHeader, rlHeader, ck); buildHeaders(ssl, hsHeader, rlHeader, ck);
buildOutput(*out.get(), rlHeader, hsHeader, ck); buildOutput(*out.get(), rlHeader, hsHeader, ck);
hashHandShake(ssl, *out.get()); hashHandShake(ssl, *out.get());
...@@ -785,7 +788,7 @@ void sendServerKeyExchange(SSL& ssl, BufferOutput buffer) ...@@ -785,7 +788,7 @@ void sendServerKeyExchange(SSL& ssl, BufferOutput buffer)
RecordLayerHeader rlHeader; RecordLayerHeader rlHeader;
HandShakeHeader hsHeader; HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer, ysDelete); mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildHeaders(ssl, hsHeader, rlHeader, sk); buildHeaders(ssl, hsHeader, rlHeader, sk);
buildOutput(*out.get(), rlHeader, hsHeader, sk); buildOutput(*out.get(), rlHeader, hsHeader, sk);
hashHandShake(ssl, *out.get()); hashHandShake(ssl, *out.get());
...@@ -810,7 +813,7 @@ void sendChangeCipher(SSL& ssl, BufferOutput buffer) ...@@ -810,7 +813,7 @@ void sendChangeCipher(SSL& ssl, BufferOutput buffer)
ChangeCipherSpec ccs; ChangeCipherSpec ccs;
RecordLayerHeader rlHeader; RecordLayerHeader rlHeader;
buildHeader(ssl, rlHeader, ccs); buildHeader(ssl, rlHeader, ccs);
mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer, ysDelete); mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildOutput(*out.get(), rlHeader, ccs); buildOutput(*out.get(), rlHeader, ccs);
if (buffer == buffered) if (buffer == buffered)
...@@ -827,7 +830,7 @@ void sendFinished(SSL& ssl, ConnectionEnd side, BufferOutput buffer) ...@@ -827,7 +830,7 @@ void sendFinished(SSL& ssl, ConnectionEnd side, BufferOutput buffer)
Finished fin; Finished fin;
buildFinished(ssl, fin, side == client_end ? client : server); buildFinished(ssl, fin, side == client_end ? client : server);
mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer, ysDelete); mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
cipherFinished(ssl, fin, *out.get()); // hashes handshake cipherFinished(ssl, fin, *out.get()); // hashes handshake
if (ssl.getSecurity().get_resuming()) { if (ssl.getSecurity().get_resuming()) {
...@@ -911,7 +914,7 @@ void sendServerHello(SSL& ssl, BufferOutput buffer) ...@@ -911,7 +914,7 @@ void sendServerHello(SSL& ssl, BufferOutput buffer)
ServerHello sh(ssl.getSecurity().get_connection().version_); ServerHello sh(ssl.getSecurity().get_connection().version_);
RecordLayerHeader rlHeader; RecordLayerHeader rlHeader;
HandShakeHeader hsHeader; HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer, ysDelete); mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildServerHello(ssl, sh); buildServerHello(ssl, sh);
ssl.set_random(sh.get_random(), server_end); ssl.set_random(sh.get_random(), server_end);
...@@ -934,7 +937,7 @@ void sendServerHelloDone(SSL& ssl, BufferOutput buffer) ...@@ -934,7 +937,7 @@ void sendServerHelloDone(SSL& ssl, BufferOutput buffer)
ServerHelloDone shd; ServerHelloDone shd;
RecordLayerHeader rlHeader; RecordLayerHeader rlHeader;
HandShakeHeader hsHeader; HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer, ysDelete); mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildHeaders(ssl, hsHeader, rlHeader, shd); buildHeaders(ssl, hsHeader, rlHeader, shd);
buildOutput(*out.get(), rlHeader, hsHeader, shd); buildOutput(*out.get(), rlHeader, hsHeader, shd);
...@@ -955,7 +958,7 @@ void sendCertificate(SSL& ssl, BufferOutput buffer) ...@@ -955,7 +958,7 @@ void sendCertificate(SSL& ssl, BufferOutput buffer)
Certificate cert(ssl.getCrypto().get_certManager().get_cert()); Certificate cert(ssl.getCrypto().get_certManager().get_cert());
RecordLayerHeader rlHeader; RecordLayerHeader rlHeader;
HandShakeHeader hsHeader; HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer, ysDelete); mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildHeaders(ssl, hsHeader, rlHeader, cert); buildHeaders(ssl, hsHeader, rlHeader, cert);
buildOutput(*out.get(), rlHeader, hsHeader, cert); buildOutput(*out.get(), rlHeader, hsHeader, cert);
...@@ -977,7 +980,7 @@ void sendCertificateRequest(SSL& ssl, BufferOutput buffer) ...@@ -977,7 +980,7 @@ void sendCertificateRequest(SSL& ssl, BufferOutput buffer)
request.Build(); request.Build();
RecordLayerHeader rlHeader; RecordLayerHeader rlHeader;
HandShakeHeader hsHeader; HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer, ysDelete); mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildHeaders(ssl, hsHeader, rlHeader, request); buildHeaders(ssl, hsHeader, rlHeader, request);
buildOutput(*out.get(), rlHeader, hsHeader, request); buildOutput(*out.get(), rlHeader, hsHeader, request);
...@@ -999,7 +1002,7 @@ void sendCertificateVerify(SSL& ssl, BufferOutput buffer) ...@@ -999,7 +1002,7 @@ void sendCertificateVerify(SSL& ssl, BufferOutput buffer)
verify.Build(ssl); verify.Build(ssl);
RecordLayerHeader rlHeader; RecordLayerHeader rlHeader;
HandShakeHeader hsHeader; HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(new (ys) output_buffer, ysDelete); mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildHeaders(ssl, hsHeader, rlHeader, verify); buildHeaders(ssl, hsHeader, rlHeader, verify);
buildOutput(*out.get(), rlHeader, hsHeader, verify); buildOutput(*out.get(), rlHeader, hsHeader, verify);
......
# quick and dirty build file for testing different MSDEVs
setlocal
set myFLAGS= /I../include /I../mySTL /I../taocrypt/include /W3 /c /ZI
cl %myFLAGS% buffer.cpp
cl %myFLAGS% cert_wrapper.cpp
cl %myFLAGS% crypto_wrapper.cpp
cl %myFLAGS% handshake.cpp
cl %myFLAGS% lock.cpp
cl %myFLAGS% log.cpp
cl %myFLAGS% socket_wrapper.cpp
cl %myFLAGS% ssl.cpp
cl %myFLAGS% template_instnt.cpp
cl %myFLAGS% timer.cpp
cl %myFLAGS% yassl.cpp
cl %myFLAGS% yassl_error.cpp
cl %myFLAGS% yassl_imp.cpp
cl %myFLAGS% yassl_int.cpp
link.exe -lib /out:yassl.lib buffer.obj cert_wrapper.obj crypto_wrapper.obj handshake.obj lock.obj log.obj socket_wrapper.obj ssl.obj template_instnt.obj timer.obj yassl.obj yassl_error.obj yassl_imp.obj yassl_int.obj
...@@ -39,16 +39,18 @@ ...@@ -39,16 +39,18 @@
#include <string.h> #include <string.h>
#endif // _WIN32 #endif // _WIN32
#if defined(__sun) || defined(__SCO_VERSION__) #ifdef __sun
#include <sys/filio.h> #include <sys/filio.h>
#endif #endif
#ifdef _WIN32 #ifdef _WIN32
const int SOCKET_EINVAL = WSAEINVAL; const int SOCKET_EINVAL = WSAEINVAL;
const int SOCKET_EWOULDBLOCK = WSAEWOULDBLOCK; const int SOCKET_EWOULDBLOCK = WSAEWOULDBLOCK;
const int SOCKET_EAGAIN = WSAEWOULDBLOCK;
#else #else
const int SOCKET_EINVAL = EINVAL; const int SOCKET_EINVAL = EINVAL;
const int SOCKET_EWOULDBLOCK = EWOULDBLOCK; const int SOCKET_EWOULDBLOCK = EWOULDBLOCK;
const int SOCKET_EAGAIN = EAGAIN;
#endif // _WIN32 #endif // _WIN32
...@@ -93,15 +95,11 @@ void Socket::closeSocket() ...@@ -93,15 +95,11 @@ void Socket::closeSocket()
uint Socket::get_ready() const uint Socket::get_ready() const
{ {
#ifdef _WIN32
unsigned long ready = 0; unsigned long ready = 0;
#ifdef _WIN32
ioctlsocket(socket_, FIONREAD, &ready); ioctlsocket(socket_, FIONREAD, &ready);
#else #else
/*
64-bit Solaris requires the variable passed to
FIONREAD be a 32-bit value.
*/
int ready = 0;
ioctl(socket_, FIONREAD, &ready); ioctl(socket_, FIONREAD, &ready);
#endif #endif
...@@ -126,18 +124,24 @@ uint Socket::receive(byte* buf, unsigned int sz, int flags) const ...@@ -126,18 +124,24 @@ uint Socket::receive(byte* buf, unsigned int sz, int flags) const
assert(socket_ != INVALID_SOCKET); assert(socket_ != INVALID_SOCKET);
int recvd = ::recv(socket_, reinterpret_cast<char *>(buf), sz, flags); int recvd = ::recv(socket_, reinterpret_cast<char *>(buf), sz, flags);
if (recvd == -1) // idea to seperate error from would block by arnetheduck@gmail.com
if (recvd == -1) {
if (get_lastError() == SOCKET_EWOULDBLOCK ||
get_lastError() == SOCKET_EAGAIN)
return 0; return 0;
}
else if (recvd == 0)
return static_cast<uint>(-1);
return recvd; return recvd;
} }
// wait if blocking for input, or error // wait if blocking for input, return false for error
void Socket::wait() const bool Socket::wait() const
{ {
byte b; byte b;
receive(&b, 1, MSG_PEEK); return receive(&b, 1, MSG_PEEK) != static_cast<uint>(-1);
} }
......
...@@ -38,6 +38,14 @@ ...@@ -38,6 +38,14 @@
#include "yassl_int.hpp" #include "yassl_int.hpp"
#include <stdio.h> #include <stdio.h>
#ifdef _WIN32
#include <windows.h> // FindFirstFile etc..
#else
#include <sys/types.h> // file helper
#include <sys/stat.h> // stat
#include <dirent.h> // opendir
#endif
namespace yaSSL { namespace yaSSL {
...@@ -52,25 +60,25 @@ SSL_METHOD* SSLv3_method() ...@@ -52,25 +60,25 @@ SSL_METHOD* SSLv3_method()
SSL_METHOD* SSLv3_server_method() SSL_METHOD* SSLv3_server_method()
{ {
return new (ys) SSL_METHOD(server_end, ProtocolVersion(3,0)); return NEW_YS SSL_METHOD(server_end, ProtocolVersion(3,0));
} }
SSL_METHOD* SSLv3_client_method() SSL_METHOD* SSLv3_client_method()
{ {
return new (ys) SSL_METHOD(client_end, ProtocolVersion(3,0)); return NEW_YS SSL_METHOD(client_end, ProtocolVersion(3,0));
} }
SSL_METHOD* TLSv1_server_method() SSL_METHOD* TLSv1_server_method()
{ {
return new (ys) SSL_METHOD(server_end, ProtocolVersion(3,1)); return NEW_YS SSL_METHOD(server_end, ProtocolVersion(3,1));
} }
SSL_METHOD* TLSv1_client_method() SSL_METHOD* TLSv1_client_method()
{ {
return new (ys) SSL_METHOD(client_end, ProtocolVersion(3,1)); return NEW_YS SSL_METHOD(client_end, ProtocolVersion(3,1));
} }
...@@ -83,7 +91,7 @@ SSL_METHOD* SSLv23_server_method() ...@@ -83,7 +91,7 @@ SSL_METHOD* SSLv23_server_method()
SSL_CTX* SSL_CTX_new(SSL_METHOD* method) SSL_CTX* SSL_CTX_new(SSL_METHOD* method)
{ {
return new (ys) SSL_CTX(method); return NEW_YS SSL_CTX(method);
} }
...@@ -95,7 +103,7 @@ void SSL_CTX_free(SSL_CTX* ctx) ...@@ -95,7 +103,7 @@ void SSL_CTX_free(SSL_CTX* ctx)
SSL* SSL_new(SSL_CTX* ctx) SSL* SSL_new(SSL_CTX* ctx)
{ {
return new (ys) SSL(ctx); return NEW_YS SSL(ctx);
} }
...@@ -115,7 +123,12 @@ int SSL_set_fd(SSL* ssl, int fd) ...@@ -115,7 +123,12 @@ int SSL_set_fd(SSL* ssl, int fd)
int SSL_connect(SSL* ssl) int SSL_connect(SSL* ssl)
{ {
sendClientHello(*ssl); sendClientHello(*ssl);
ClientState neededState = ssl->getSecurity().get_resuming() ?
serverFinishedComplete : serverHelloDoneComplete;
while (ssl->getStates().getClient() < neededState) {
if (ssl->GetError()) break;
processReply(*ssl); processReply(*ssl);
}
if(ssl->getCrypto().get_certManager().sendVerify()) if(ssl->getCrypto().get_certManager().sendVerify())
sendCertificate(*ssl); sendCertificate(*ssl);
...@@ -130,7 +143,10 @@ int SSL_connect(SSL* ssl) ...@@ -130,7 +143,10 @@ int SSL_connect(SSL* ssl)
sendFinished(*ssl, client_end); sendFinished(*ssl, client_end);
ssl->flushBuffer(); ssl->flushBuffer();
if (!ssl->getSecurity().get_resuming()) if (!ssl->getSecurity().get_resuming())
while (ssl->getStates().getClient() < serverFinishedComplete) {
if (ssl->GetError()) break;
processReply(*ssl); processReply(*ssl);
}
ssl->verifyState(serverFinishedComplete); ssl->verifyState(serverFinishedComplete);
ssl->useLog().ShowTCP(ssl->getSocket().get_fd()); ssl->useLog().ShowTCP(ssl->getSocket().get_fd());
...@@ -171,9 +187,7 @@ int SSL_accept(SSL* ssl) ...@@ -171,9 +187,7 @@ int SSL_accept(SSL* ssl)
sendServerHelloDone(*ssl); sendServerHelloDone(*ssl);
ssl->flushBuffer(); ssl->flushBuffer();
// Java Client sends fragmented response while (ssl->getStates().getServer() < clientFinishedComplete) {
while (ssl->getStates().getServer() <
clientFinishedComplete) {
if (ssl->GetError()) break; if (ssl->GetError()) break;
processReply(*ssl); processReply(*ssl);
} }
...@@ -182,10 +196,7 @@ int SSL_accept(SSL* ssl) ...@@ -182,10 +196,7 @@ int SSL_accept(SSL* ssl)
sendFinished(*ssl, server_end); sendFinished(*ssl, server_end);
ssl->flushBuffer(); ssl->flushBuffer();
if (ssl->getSecurity().get_resuming()) { if (ssl->getSecurity().get_resuming()) {
while (ssl->getStates().getServer() < clientFinishedComplete) {
// Java Client sends fragmented response
while (ssl->getStates().getServer() <
clientFinishedComplete) {
if (ssl->GetError()) break; if (ssl->GetError()) break;
processReply(*ssl); processReply(*ssl);
} }
...@@ -281,9 +292,15 @@ char* SSL_get_shared_ciphers(SSL* /*ssl*/, char* buf, int len) ...@@ -281,9 +292,15 @@ char* SSL_get_shared_ciphers(SSL* /*ssl*/, char* buf, int len)
} }
const char* SSL_get_cipher_list(SSL* ssl, int /*priority */) const char* SSL_get_cipher_list(SSL* ssl, int priority)
{ {
return ssl->getSecurity().get_parms().cipher_list_; if (priority < 0 || priority >= MAX_CIPHERS)
return 0;
if (ssl->getSecurity().get_parms().cipher_list_[priority][0])
return ssl->getSecurity().get_parms().cipher_list_[priority];
return 0;
} }
...@@ -455,7 +472,7 @@ int read_file(SSL_CTX* ctx, const char* file, int format, CertType type) ...@@ -455,7 +472,7 @@ int read_file(SSL_CTX* ctx, const char* file, int format, CertType type)
fseek(input, 0, SEEK_END); fseek(input, 0, SEEK_END);
long sz = ftell(input); long sz = ftell(input);
rewind(input); rewind(input);
x = new (ys) x509(sz); // takes ownership x = NEW_YS x509(sz); // takes ownership
size_t bytes = fread(x->use_buffer(), sz, 1, input); size_t bytes = fread(x->use_buffer(), sz, 1, input);
if (bytes != 1) { if (bytes != 1) {
fclose(input); fclose(input);
...@@ -492,16 +509,74 @@ void SSL_CTX_set_verify(SSL_CTX* ctx, int mode, VerifyCallback /*vc*/) ...@@ -492,16 +509,74 @@ void SSL_CTX_set_verify(SSL_CTX* ctx, int mode, VerifyCallback /*vc*/)
if (mode & SSL_VERIFY_PEER) if (mode & SSL_VERIFY_PEER)
ctx->setVerifyPeer(); ctx->setVerifyPeer();
if (mode == SSL_VERIFY_NONE)
ctx->setVerifyNone();
if (mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) if (mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
ctx->setFailNoCert(); ctx->setFailNoCert();
} }
int SSL_CTX_load_verify_locations(SSL_CTX* ctx, const char* file, int SSL_CTX_load_verify_locations(SSL_CTX* ctx, const char* file,
const char* /*path*/) const char* path)
{ {
// just files for now int ret = SSL_SUCCESS;
return read_file(ctx, file, SSL_FILETYPE_PEM, CA); const int HALF_PATH = 128;
if (file) ret = read_file(ctx, file, SSL_FILETYPE_PEM, CA);
if (ret == SSL_SUCCESS && path) {
// call read_file for each reqular file in path
#ifdef _WIN32
WIN32_FIND_DATA FindFileData;
HANDLE hFind;
char name[MAX_PATH + 1]; // directory specification
strncpy(name, path, MAX_PATH - 3);
strncat(name, "\\*", 3);
hFind = FindFirstFile(name, &FindFileData);
if (hFind == INVALID_HANDLE_VALUE) return SSL_BAD_PATH;
do {
if (FindFileData.dwFileAttributes != FILE_ATTRIBUTE_DIRECTORY) {
strncpy(name, path, MAX_PATH - 2 - HALF_PATH);
strncat(name, "\\", 2);
strncat(name, FindFileData.cFileName, HALF_PATH);
ret = read_file(ctx, name, SSL_FILETYPE_PEM, CA);
}
} while (ret == SSL_SUCCESS && FindNextFile(hFind, &FindFileData));
FindClose(hFind);
#else // _WIN32
const int MAX_PATH = 260;
DIR* dir = opendir(path);
if (!dir) return SSL_BAD_PATH;
struct dirent* entry;
struct stat buf;
char name[MAX_PATH + 1];
while (ret == SSL_SUCCESS && (entry = readdir(dir))) {
strncpy(name, path, MAX_PATH - 1 - HALF_PATH);
strncat(name, "/", 1);
strncat(name, entry->d_name, HALF_PATH);
if (stat(name, &buf) < 0) return SSL_BAD_STAT;
if (S_ISREG(buf.st_mode))
ret = read_file(ctx, name, SSL_FILETYPE_PEM, CA);
}
closedir(dir);
#endif
}
return ret;
} }
...@@ -648,13 +723,9 @@ void OpenSSL_add_all_algorithms() // compatibility only ...@@ -648,13 +723,9 @@ void OpenSSL_add_all_algorithms() // compatibility only
{} {}
void SSL_library_init() // compatibility only
{}
DH* DH_new(void) DH* DH_new(void)
{ {
DH* dh = new (ys) DH; DH* dh = NEW_YS DH;
if (dh) if (dh)
dh->p = dh->g = 0; dh->p = dh->g = 0;
return dh; return dh;
...@@ -679,7 +750,7 @@ BIGNUM* BN_bin2bn(const unsigned char* num, int sz, BIGNUM* retVal) ...@@ -679,7 +750,7 @@ BIGNUM* BN_bin2bn(const unsigned char* num, int sz, BIGNUM* retVal)
if (!retVal) { if (!retVal) {
created = true; created = true;
bn.reset(new (ys) BIGNUM); bn.reset(NEW_YS BIGNUM);
retVal = bn.get(); retVal = bn.get();
} }
...@@ -706,12 +777,14 @@ void ERR_print_errors_fp(FILE* /*fp*/) ...@@ -706,12 +777,14 @@ void ERR_print_errors_fp(FILE* /*fp*/)
} }
char* ERR_error_string(unsigned long /*err*/, char* buffer) char* ERR_error_string(unsigned long errNumber, char* buffer)
{ {
// TODO: static char* msg = "Please supply a buffer for error string";
static char* msg = "Not Implemented";
if (buffer) if (buffer) {
return strncpy(buffer, msg, strlen(msg)); SetErrorString(YasslError(errNumber), buffer);
return buffer;
}
return msg; return msg;
} }
...@@ -728,14 +801,14 @@ const char* X509_verify_cert_error_string(long /* error */) ...@@ -728,14 +801,14 @@ const char* X509_verify_cert_error_string(long /* error */)
const EVP_MD* EVP_md5(void) const EVP_MD* EVP_md5(void)
{ {
// TODO: FIX add to some list for destruction // TODO: FIX add to some list for destruction
return new (ys) MD5; return NEW_YS MD5;
} }
const EVP_CIPHER* EVP_des_ede3_cbc(void) const EVP_CIPHER* EVP_des_ede3_cbc(void)
{ {
// TODO: FIX add to some list for destruction // TODO: FIX add to some list for destruction
return new (ys) DES_EDE; return NEW_YS DES_EDE;
} }
......
...@@ -26,17 +26,13 @@ ...@@ -26,17 +26,13 @@
#include "runtime.hpp" #include "runtime.hpp"
#include "timer.hpp" #include "timer.hpp"
#ifdef _WIN32
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#else
#include <sys/time.h>
#endif
namespace yaSSL { namespace yaSSL {
#ifdef _WIN32 #ifdef _WIN32
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
timer_d timer() timer_d timer()
{ {
static bool init(false); static bool init(false);
...@@ -61,6 +57,8 @@ namespace yaSSL { ...@@ -61,6 +57,8 @@ namespace yaSSL {
#else // _WIN32 #else // _WIN32
#include <sys/time.h>
timer_d timer() timer_d timer()
{ {
struct timeval tv; struct timeval tv;
......
/* yassl.cpp
*
* Copyright (C) 2003 Sawtooth Consulting Ltd.
*
* This file is part of yaSSL.
*
* yaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* yaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* yaSSL implements external API
*/
#include "runtime.hpp"
#include "yassl.hpp"
#include "yassl_int.hpp"
#include "handshake.hpp"
#include <stdio.h>
#include "openssl/ssl.h" // get rid of this
// yaSSL overloads hide these
void* operator new[](size_t sz)
{
return ::operator new(sz);
}
void operator delete[](void* ptr)
{
::operator delete(ptr);
}
namespace yaSSL {
using mySTL::min;
struct Base {
SSL_METHOD* method_;
SSL_CTX* ctx_;
SSL* ssl_;
char* ca_;
char* cert_;
char* key_;
DH* dh_;
Base() : method_(0), ctx_(0), ssl_(0), ca_(0), cert_(0), key_(0), dh_(0)
{}
~Base()
{
if (dh_) DH_free(dh_);
delete[] key_;
delete[] cert_;
delete[] ca_;
SSL_CTX_free(ctx_); // frees method_ too
SSL_free(ssl_);
}
};
void SetDH(Base&);
void SetUpBase(Base& base, ConnectionEnd end, SOCKET_T s)
{
base.method_ = new SSL_METHOD(end, ProtocolVersion(3,1));
base.ctx_ = new SSL_CTX(base.method_);
if (base.ca_)
if (SSL_CTX_load_verify_locations(base.ctx_,
base.ca_, 0) != SSL_SUCCESS) assert(0);
if (base.cert_)
if (SSL_CTX_use_certificate_file(base.ctx_,
base.cert_, SSL_FILETYPE_PEM) != SSL_SUCCESS) assert(0);
if (base.key_)
if (SSL_CTX_use_PrivateKey_file(base.ctx_, base.key_,
SSL_FILETYPE_PEM) != SSL_SUCCESS) assert(0);
if (end == server_end) SetDH(base);
base.ssl_ = new SSL(base.ctx_);
base.ssl_->useSocket().set_fd(s);
}
void SetDH(Base& base)
{
static unsigned char dh512_p[] =
{
0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3,
0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C,
0x47,0x74,0xE8,0x33,
};
static unsigned char dh512_g[] =
{
0x02,
};
if ( (base.dh_ = DH_new()) ) {
base.dh_->p = BN_bin2bn(dh512_p, sizeof(dh512_p), 0);
base.dh_->g = BN_bin2bn(dh512_g, sizeof(dh512_g), 0);
}
if (!base.dh_->p || !base.dh_->g) {
DH_free(base.dh_);
base.dh_ = 0;
}
SSL_CTX_set_tmp_dh(base.ctx_, base.dh_);
}
void NewCopy(char*& dst, const char* src)
{
size_t len = strlen(src) + 1;
dst = new char[len];
strncpy(dst, src, len);
}
// Client Implementation
struct Client::ClientImpl {
Base base_;
};
Client::Client() : pimpl_(new ClientImpl)
{}
Client::~Client() { delete pimpl_; }
int Client::Connect(SOCKET_T s)
{
SetUpBase(pimpl_->base_, client_end, s);
return SSL_connect(pimpl_->base_.ssl_);
}
int Client::Write(const void* buffer, int sz)
{
return sendData(*pimpl_->base_.ssl_, buffer, sz);
}
int Client::Read(void* buffer, int sz)
{
Data data(min(sz, MAX_RECORD_SIZE), static_cast<opaque*>(buffer));
return receiveData(*pimpl_->base_.ssl_, data);
}
void Client::SetCA(const char* name)
{
NewCopy(pimpl_->base_.ca_, name);
}
void Client::SetCert(const char* name)
{
NewCopy(pimpl_->base_.cert_, name);
}
void Client::SetKey(const char* name)
{
NewCopy(pimpl_->base_.key_, name);
}
// Server Implementation
struct Server::ServerImpl {
Base base_;
};
Server::Server() : pimpl_(new ServerImpl)
{}
Server::~Server() { delete pimpl_; }
int Server::Accept(SOCKET_T s)
{
SetUpBase(pimpl_->base_, server_end, s);
return SSL_accept(pimpl_->base_.ssl_);
}
int Server::Write(const void* buffer, int sz)
{
return sendData(*pimpl_->base_.ssl_, buffer, sz);
}
int Server::Read(void* buffer, int sz)
{
Data data(min(sz, MAX_RECORD_SIZE), static_cast<opaque*>(buffer));
return receiveData(*pimpl_->base_.ssl_, data);
}
void Server::SetCA(const char* name)
{
NewCopy(pimpl_->base_.ca_, name);
}
void Server::SetCert(const char* name)
{
NewCopy(pimpl_->base_.cert_, name);
}
void Server::SetKey(const char* name)
{
NewCopy(pimpl_->base_.key_, name);
}
} // namespace yaSSL
...@@ -25,6 +25,7 @@ ...@@ -25,6 +25,7 @@
#include "runtime.hpp" #include "runtime.hpp"
#include "yassl_error.hpp" #include "yassl_error.hpp"
#include "error.hpp" // TaoCrypt error numbers
namespace yaSSL { namespace yaSSL {
...@@ -48,6 +49,184 @@ Library Error::get_lib() const ...@@ -48,6 +49,184 @@ Library Error::get_lib() const
} }
void SetErrorString(YasslError error, char* buffer)
{
using namespace TaoCrypt;
const int max = MAX_ERROR_SZ; // shorthand
switch (error) {
// yaSSL proper errors
case range_error :
strncpy(buffer, "buffer index error, out of range", max);
break;
case realloc_error :
strncpy(buffer, "trying to realloc a fixed buffer", max);
break;
case factory_error :
strncpy(buffer, "unknown factory create request", max);
break;
case unknown_cipher :
strncpy(buffer, "trying to use an unknown cipher", max);
break;
case prefix_error :
strncpy(buffer, "bad master secret derivation, prefix too big", max);
break;
case record_layer :
strncpy(buffer, "record layer not ready yet", max);
break;
case handshake_layer :
strncpy(buffer, "handshake layer not ready yet", max);
break;
case out_of_order :
strncpy(buffer, "handshake message received in wrong order", max);
break;
case bad_input :
strncpy(buffer, "bad cipher suite input", max);
break;
case match_error :
strncpy(buffer, "unable to match a supported cipher suite", max);
break;
case no_key_file :
strncpy(buffer, "the server needs a private key file", max);
break;
case verify_error :
strncpy(buffer, "unable to verify peer checksum", max);
break;
case send_error :
strncpy(buffer, "socket layer send error", max);
break;
case receive_error :
strncpy(buffer, "socket layer receive error", max);
break;
case certificate_error :
strncpy(buffer, "unable to proccess cerificate", max);
break;
// TaoCrypt errors
case NO_ERROR :
strncpy(buffer, "not in error state", max);
break;
case WINCRYPT_E :
strncpy(buffer, "bad wincrypt acquire", max);
break;
case CRYPTGEN_E :
strncpy(buffer, "CryptGenRandom error", max);
break;
case OPEN_RAN_E :
strncpy(buffer, "unable to use random device", max);
break;
case READ_RAN_E :
strncpy(buffer, "unable to use random device", max);
break;
case INTEGER_E :
strncpy(buffer, "ASN: bad DER Integer Header", max);
break;
case SEQUENCE_E :
strncpy(buffer, "ASN: bad Sequence Header", max);
break;
case SET_E :
strncpy(buffer, "ASN: bad Set Header", max);
break;
case VERSION_E :
strncpy(buffer, "ASN: version length not 1", max);
break;
case SIG_OID_E :
strncpy(buffer, "ASN: signature OID mismatch", max);
break;
case BIT_STR_E :
strncpy(buffer, "ASN: bad BitString Header", max);
break;
case UNKNOWN_OID_E :
strncpy(buffer, "ASN: unknown key OID type", max);
break;
case OBJECT_ID_E :
strncpy(buffer, "ASN: bad Ojbect ID Header", max);
break;
case TAG_NULL_E :
strncpy(buffer, "ASN: expected TAG NULL", max);
break;
case EXPECT_0_E :
strncpy(buffer, "ASN: expected 0", max);
break;
case OCTET_STR_E :
strncpy(buffer, "ASN: bad Octet String Header", max);
break;
case TIME_E :
strncpy(buffer, "ASN: bad TIME", max);
break;
case DATE_SZ_E :
strncpy(buffer, "ASN: bad Date Size", max);
break;
case SIG_LEN_E :
strncpy(buffer, "ASN: bad Signature Length", max);
break;
case UNKOWN_SIG_E :
strncpy(buffer, "ASN: unknown signature OID", max);
break;
case UNKOWN_HASH_E :
strncpy(buffer, "ASN: unknown hash OID", max);
break;
case DSA_SZ_E :
strncpy(buffer, "ASN: bad DSA r or s size", max);
break;
case BEFORE_DATE_E :
strncpy(buffer, "ASN: before date in the future", max);
break;
case AFTER_DATE_E :
strncpy(buffer, "ASN: after date in the past", max);
break;
case SIG_CONFIRM_E :
strncpy(buffer, "ASN: bad self signature confirmation", max);
break;
case SIG_OTHER_E :
strncpy(buffer, "ASN: bad other signature confirmation", max);
break;
default :
strncpy(buffer, "unknown error number", max);
}
}
} // namespace yaSSL } // namespace yaSSL
This diff is collapsed.
This diff is collapsed.
// benchmark.cpp
// TaoCrypt benchmark
#include <string.h>
#include <stdio.h>
#include "runtime.hpp"
#include "des.hpp"
#include "aes.hpp"
#include "twofish.hpp"
#include "blowfish.hpp"
#include "arc4.hpp"
#include "md5.hpp"
#include "sha.hpp"
#include "ripemd.hpp"
#include "rsa.hpp"
#include "dh.hpp"
#include "dsa.hpp"
using namespace TaoCrypt;
void bench_aes(bool show);
void bench_des();
void bench_blowfish();
void bench_twofish();
void bench_arc4();
void bench_md5();
void bench_sha();
void bench_ripemd();
void bench_rsa();
void bench_dh();
void bench_dsa();
double current_time();
int main(int argc, char** argv)
{
bench_aes(false);
bench_aes(true);
bench_blowfish();
bench_twofish();
bench_arc4();
bench_des();
printf("\n");
bench_md5();
bench_sha();
bench_ripemd();
printf("\n");
bench_rsa();
bench_dh();
bench_dsa();
return 0;
}
const int megs = 5; // how much to test
const byte key[] =
{
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
};
const byte iv[] =
{
0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
};
byte plain [1024*1024];
byte cipher[1024*1024];
void bench_des()
{
DES_EDE3_CBC_Encryption enc;
enc.SetKey(key, 16, iv);
double start = current_time();
for(int i = 0; i < megs; i++)
enc.Process(plain, cipher, sizeof(plain));
double total = current_time() - start;
double persec = 1 / total * megs;
printf("3DES %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total,
persec);
}
void bench_aes(bool show)
{
AES_CBC_Encryption enc;
enc.SetKey(key, 16, iv);
double start = current_time();
for(int i = 0; i < megs; i++)
enc.Process(plain, cipher, sizeof(plain));
double total = current_time() - start;
double persec = 1 / total * megs;
if (show)
printf("AES %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total,
persec);
}
void bench_twofish()
{
Twofish_CBC_Encryption enc;
enc.SetKey(key, 16, iv);
double start = current_time();
for(int i = 0; i < megs; i++)
enc.Process(plain, cipher, sizeof(plain));
double total = current_time() - start;
double persec = 1 / total * megs;
printf("Twofish %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total,
persec);
}
void bench_blowfish()
{
Blowfish_CBC_Encryption enc;
enc.SetKey(key, 16, iv);
double start = current_time();
for(int i = 0; i < megs; i++)
enc.Process(plain, cipher, sizeof(plain));
double total = current_time() - start;
double persec = 1 / total * megs;
printf("Blowfish %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total,
persec);
}
void bench_arc4()
{
ARC4 enc;
enc.SetKey(key, 16);
double start = current_time();
for(int i = 0; i < megs; i++)
enc.Process(cipher, plain, sizeof(plain));
double total = current_time() - start;
double persec = 1 / total * megs;
printf("ARC4 %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total,
persec);
}
void bench_md5()
{
MD5 hash;
byte digest[MD5::DIGEST_SIZE];
double start = current_time();
for(int i = 0; i < megs; i++)
hash.Update(plain, sizeof(plain));
hash.Final(digest);
double total = current_time() - start;
double persec = 1 / total * megs;
printf("MD5 %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total,
persec);
}
void bench_sha()
{
SHA hash;
byte digest[SHA::DIGEST_SIZE];
double start = current_time();
for(int i = 0; i < megs; i++)
hash.Update(plain, sizeof(plain));
hash.Final(digest);
/*
for(int i = 0; i < megs; i++)
hash.AsmTransform(plain, 16384);
*/
double total = current_time() - start;
double persec = 1 / total * megs;
printf("SHA %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total,
persec);
}
void bench_ripemd()
{
RIPEMD160 hash;
byte digest[RIPEMD160::DIGEST_SIZE];
double start = current_time();
for(int i = 0; i < megs; i++)
hash.Update(plain, sizeof(plain));
hash.Final(digest);
double total = current_time() - start;
double persec = 1 / total * megs;
printf("RIPEMD %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total,
persec);
}
RandomNumberGenerator rng;
void bench_rsa()
{
const int times = 100;
Source source;
FileSource("./rsa1024.der", source);
if (source.size() == 0) {
printf("can't find ./rsa1024.der\n");
return;
}
RSA_PrivateKey priv(source);
RSAES_Encryptor enc(priv);
byte message[] = "Everyone gets Friday off.";
byte cipher[128]; // for 1024 bit
byte plain[128]; // for 1024 bit
const int len = strlen((char*)message);
int i;
double start = current_time();
for (i = 0; i < times; i++)
enc.Encrypt(message, len, cipher, rng);
double total = current_time() - start;
double each = total / times; // per second
double milliEach = each * 1000; // milliseconds
printf("RSA 1024 encryption took %3.2f milliseconds, avg over %d"
" iterations\n", milliEach, times);
RSAES_Decryptor dec(priv);
start = current_time();
for (i = 0; i < times; i++)
dec.Decrypt(cipher, 128, plain, rng);
total = current_time() - start;
each = total / times; // per second
milliEach = each * 1000; // milliseconds
printf("RSA 1024 decryption took %3.2f milliseconds, avg over %d"
" iterations\n", milliEach, times);
}
void bench_dh()
{
const int times = 100;
Source source;
FileSource("./dh1024.der", source);
if (source.size() == 0) {
printf("can't find ./dh1024.der\n");
return;
}
DH dh(source);
byte pub[128]; // for 1024 bit
byte priv[128]; // for 1024 bit
int i;
double start = current_time();
for (i = 0; i < times; i++)
dh.GenerateKeyPair(rng, priv, pub);
double total = current_time() - start;
double each = total / times; // per second
double milliEach = each * 1000; // milliseconds
printf("DH 1024 key generation %3.2f milliseconds, avg over %d"
" iterations\n", milliEach, times);
DH dh2(dh);
byte pub2[128]; // for 1024 bit
byte priv2[128]; // for 1024 bit
dh2.GenerateKeyPair(rng, priv2, pub2);
unsigned char key[256];
start = current_time();
for (i = 0; i < times; i++)
dh.Agree(key, priv, pub2);
total = current_time() - start;
each = total / times; // per second
milliEach = each * 1000; // in milliseconds
printf("DH 1024 key agreement %3.2f milliseconds, avg over %d"
" iterations\n", milliEach, times);
}
void bench_dsa()
{
const int times = 100;
Source source;
FileSource("./dsa1024.der", source);
if (source.size() == 0) {
printf("can't find ./dsa1024.der\n");
return;
}
DSA_PrivateKey key(source);
DSA_Signer signer(key);
SHA sha;
byte digest[SHA::DIGEST_SIZE];
byte signature[40];
const char msg[] = "this is the message";
sha.Update((byte*)msg, sizeof(msg));
sha.Final(digest);
int i;
double start = current_time();
for (i = 0; i < times; i++)
signer.Sign(digest, signature, rng);
double total = current_time() - start;
double each = total / times; // per second
double milliEach = each * 1000; // milliseconds
printf("DSA 1024 sign took %3.2f milliseconds, avg over %d"
" iterations\n", milliEach, times);
DSA_Verifier verifier(key);
start = current_time();
for (i = 0; i < times; i++)
verifier.Verify(digest, signature);
total = current_time() - start;
each = total / times; // per second
milliEach = each * 1000; // in milliseconds
printf("DSA 1024 verify took %3.2f milliseconds, avg over %d"
" iterations\n", milliEach, times);
}
#ifdef _WIN32
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
double current_time()
{
static bool init(false);
static LARGE_INTEGER freq;
if (!init) {
QueryPerformanceFrequency(&freq);
init = true;
}
LARGE_INTEGER count;
QueryPerformanceCounter(&count);
return static_cast<double>(count.QuadPart) / freq.QuadPart;
}
#else
#include <sys/time.h>
double current_time()
{
struct timeval tv;
gettimeofday(&tv, 0);
return static_cast<double>(tv.tv_sec)
+ static_cast<double>(tv.tv_usec) / 1000000;
}
#endif // _WIN32
# Microsoft Developer Studio Project File - Name="benchmark" - Package Owner=<4>
# Microsoft Developer Studio Generated Build File, Format Version 6.00
# ** DO NOT EDIT **
# TARGTYPE "Win32 (x86) Console Application" 0x0103
CFG=benchmark - Win32 Debug
!MESSAGE This is not a valid makefile. To build this project using NMAKE,
!MESSAGE use the Export Makefile command and run
!MESSAGE
!MESSAGE NMAKE /f "benchmark.mak".
!MESSAGE
!MESSAGE You can specify a configuration when running NMAKE
!MESSAGE by defining the macro CFG on the command line. For example:
!MESSAGE
!MESSAGE NMAKE /f "benchmark.mak" CFG="benchmark - Win32 Debug"
!MESSAGE
!MESSAGE Possible choices for configuration are:
!MESSAGE
!MESSAGE "benchmark - Win32 Release" (based on "Win32 (x86) Console Application")
!MESSAGE "benchmark - Win32 Debug" (based on "Win32 (x86) Console Application")
!MESSAGE
# Begin Project
# PROP AllowPerConfigDependencies 0
# PROP Scc_ProjName ""
# PROP Scc_LocalPath ""
CPP=cl.exe
RSC=rc.exe
!IF "$(CFG)" == "benchmark - Win32 Release"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 0
# PROP BASE Output_Dir "benchmark___Win32_Release"
# PROP BASE Intermediate_Dir "benchmark___Win32_Release"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 0
# PROP Output_Dir "Release"
# PROP Intermediate_Dir "Release"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
# ADD CPP /nologo /MT /W3 /GX /O2 /I "..\include" /I "..\..\mySTL" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
# ADD BASE RSC /l 0x409 /d "NDEBUG"
# ADD RSC /l 0x409 /d "NDEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
!ELSEIF "$(CFG)" == "benchmark - Win32 Debug"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 1
# PROP BASE Output_Dir "benchmark___Win32_Debug"
# PROP BASE Intermediate_Dir "benchmark___Win32_Debug"
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 1
# PROP Output_Dir "Debug"
# PROP Intermediate_Dir "Debug"
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
# ADD CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /I "..\include" /I "..\..\mySTL" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
# ADD BASE RSC /l 0x409 /d "_DEBUG"
# ADD RSC /l 0x409 /d "_DEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
!ENDIF
# Begin Target
# Name "benchmark - Win32 Release"
# Name "benchmark - Win32 Debug"
# Begin Group "Source Files"
# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
# Begin Source File
SOURCE=.\benchmark.cpp
# End Source File
# End Group
# Begin Group "Header Files"
# PROP Default_Filter "h;hpp;hxx;hm;inl"
# End Group
# Begin Group "Resource Files"
# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
# End Group
# End Target
# End Project
# quick and dirty build file for testing different MSDEVs
setlocal
set myFLAGS= /I../include /I../../mySTL /c /W3 /G6 /O2
#set myFLAGS= /I../include /I../../mySTL /c /W3
cl %myFLAGS% benchmark.cpp
link.exe /out:benchmark.exe ../src/taocrypt.lib benchmark.obj
...@@ -26,13 +26,13 @@ ...@@ -26,13 +26,13 @@
#ifndef TAO_CRYPT_AES_HPP #ifndef TAO_CRYPT_AES_HPP
#define TAO_CRYPT_AES_HPP #define TAO_CRYPT_AES_HPP
#include <string.h>
#include "misc.hpp" #include "misc.hpp"
#include "modes.hpp" #include "modes.hpp"
#include "block.hpp"
namespace TaoCrypt { namespace TaoCrypt {
enum { AES_BLOCK_SIZE = 16 }; enum { AES_BLOCK_SIZE = 16 };
...@@ -45,32 +45,38 @@ public: ...@@ -45,32 +45,38 @@ public:
: Mode_BASE(BLOCK_SIZE), dir_(DIR), mode_(MODE) {} : Mode_BASE(BLOCK_SIZE), dir_(DIR), mode_(MODE) {}
void Process(byte*, const byte*, word32); void Process(byte*, const byte*, word32);
void SetKey(const byte* iv, word32 sz, CipherDir fake = ENCRYPTION); void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION);
void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); }
void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
private: private:
CipherDir dir_; CipherDir dir_;
Mode mode_; Mode mode_;
static const word32 Te0[256];
static const word32 Te1[256];
static const word32 Te2[256];
static const word32 Te3[256];
static const word32 Te4[256];
static const word32 Td0[256];
static const word32 Td1[256];
static const word32 Td2[256];
static const word32 Td3[256];
static const word32 Td4[256];
static const word32 rcon_[]; static const word32 rcon_[];
word32 rounds_; word32 rounds_;
Word32Block key_; word32 key_[60]; // max size
static const word32 Te[5][256];
static const word32 Td[5][256];
static const word32* Te0;
static const word32* Te1;
static const word32* Te2;
static const word32* Te3;
static const word32* Te4;
static const word32* Td0;
static const word32* Td1;
static const word32* Td2;
static const word32* Td3;
static const word32* Td4;
void encrypt(const byte*, const byte*, byte*) const; void encrypt(const byte*, const byte*, byte*) const;
void AsmEncrypt(const byte*, byte*, void*) const;
void decrypt(const byte*, const byte*, byte*) const; void decrypt(const byte*, const byte*, byte*) const;
void AsmDecrypt(const byte*, byte*, void*) const;
void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
AES(const AES&); // hide copy AES(const AES&); // hide copy
AES& operator=(const AES&); // and assign AES& operator=(const AES&); // and assign
......
...@@ -42,6 +42,7 @@ public: ...@@ -42,6 +42,7 @@ public:
ARC4() {} ARC4() {}
void Process(byte*, const byte*, word32); void Process(byte*, const byte*, word32);
void AsmProcess(byte*, const byte*, word32);
void SetKey(const byte*, word32); void SetKey(const byte*, word32);
private: private:
byte x_; byte x_;
......
...@@ -232,7 +232,12 @@ enum KeyType { DSAk = 515, RSAk = 645 }; // sums of algo OID ...@@ -232,7 +232,12 @@ enum KeyType { DSAk = 515, RSAk = 645 }; // sums of algo OID
// an x509v Certificate BER Decoder // an x509v Certificate BER Decoder
class CertDecoder : public BER_Decoder { class CertDecoder : public BER_Decoder {
public: public:
explicit CertDecoder(Source&, bool decode = true, SignerList* = 0); enum DateType { BEFORE, AFTER };
enum NameType { ISSUER, SUBJECT };
enum CertType { CA, USER };
explicit CertDecoder(Source&, bool decode = true, SignerList* sl = 0,
bool noVerify = false, CertType ct = USER);
~CertDecoder(); ~CertDecoder();
const PublicKey& GetPublicKey() const { return key_; } const PublicKey& GetPublicKey() const { return key_; }
...@@ -242,9 +247,6 @@ public: ...@@ -242,9 +247,6 @@ public:
const byte* GetHash() const { return subjectHash_; } const byte* GetHash() const { return subjectHash_; }
void DecodeToKey(); void DecodeToKey();
enum DateType { BEFORE, AFTER };
enum NameType { ISSUER, SUBJECT };
private: private:
PublicKey key_; PublicKey key_;
word32 certBegin_; // offset to start of cert word32 certBegin_; // offset to start of cert
...@@ -257,9 +259,10 @@ private: ...@@ -257,9 +259,10 @@ private:
byte* signature_; byte* signature_;
char* issuer_; // CommonName char* issuer_; // CommonName
char* subject_; // CommonName char* subject_; // CommonName
bool verify_; // Default to yes, but could be off
void ReadHeader(); void ReadHeader();
void Decode(SignerList*); void Decode(SignerList*, CertType);
void StoreKey(); void StoreKey();
void AddDSA(); void AddDSA();
bool ValidateSelfSignature(); bool ValidateSelfSignature();
......
...@@ -99,7 +99,7 @@ public: ...@@ -99,7 +99,7 @@ public:
CheckSize(n); CheckSize(n);
if (n == 0) if (n == 0)
return 0; return 0;
return new (tc) T[n]; return NEW_TC T[n];
} }
void deallocate(void* p, size_type n) void deallocate(void* p, size_type n)
......
/* blowfish.hpp
*
* Copyright (C) 2003 Sawtooth Consulting Ltd.
*
* This file is part of yaSSL.
*
* yaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* yaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* blowfish.hpp defines Blowfish
*/
#ifndef TAO_CRYPT_BLOWFISH_HPP
#define TAO_CRYPT_BLOWFISH_HPP
#include "misc.hpp"
#include "modes.hpp"
#include "algorithm.hpp"
namespace TaoCrypt {
enum { BLOWFISH_BLOCK_SIZE = 8 };
// Blowfish encryption and decryption, see
class Blowfish : public Mode_BASE {
public:
enum { BLOCK_SIZE = BLOWFISH_BLOCK_SIZE, ROUNDS = 16 };
Blowfish(CipherDir DIR, Mode MODE)
: Mode_BASE(BLOCK_SIZE), dir_(DIR), mode_(MODE) {}
void Process(byte*, const byte*, word32);
void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION);
void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); }
private:
CipherDir dir_;
Mode mode_;
static const word32 p_init_[ROUNDS + 2];
static const word32 s_init_[4 * 256];
word32 pbox_[ROUNDS + 2];
word32 sbox_[4 * 256];
void crypt_block(const word32 in[2], word32 out[2]) const;
void AsmProcess(const byte* in, byte* out) const;
void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
Blowfish(const Blowfish&); // hide copy
Blowfish& operator=(const Blowfish&); // and assign
};
typedef BlockCipher<ENCRYPTION, Blowfish, ECB> Blowfish_ECB_Encryption;
typedef BlockCipher<DECRYPTION, Blowfish, ECB> Blowfish_ECB_Decryption;
typedef BlockCipher<ENCRYPTION, Blowfish, CBC> Blowfish_CBC_Encryption;
typedef BlockCipher<DECRYPTION, Blowfish, CBC> Blowfish_CBC_Decryption;
} // naemspace
#endif // TAO_CRYPT_BLOWFISH_HPP
...@@ -27,73 +27,87 @@ ...@@ -27,73 +27,87 @@
#ifndef TAO_CRYPT_DES_HPP #ifndef TAO_CRYPT_DES_HPP
#define TAO_CRYPT_DES_HPP #define TAO_CRYPT_DES_HPP
#include <string.h>
#include "misc.hpp" #include "misc.hpp"
#include "modes.hpp" #include "modes.hpp"
namespace TaoCrypt { namespace TaoCrypt {
enum { DES_BLOCK_SIZE = 8 };
// Base for all DES types enum { DES_BLOCK_SIZE = 8, DES_KEY_SIZE = 32 };
class DES_BASE : public Mode_BASE {
public:
enum { BLOCK_SIZE = DES_BLOCK_SIZE, KEY_SIZE = 32, BOXES = 8,
BOX_SIZE = 64 };
DES_BASE(CipherDir DIR, Mode MODE)
: Mode_BASE(BLOCK_SIZE), dir_(DIR), mode_(MODE) {}
void Process(byte*, const byte*, word32); class BasicDES {
public:
void SetKey(const byte*, word32, CipherDir dir);
void RawProcessBlock(word32&, word32&) const;
protected: protected:
CipherDir dir_; word32 k_[DES_KEY_SIZE];
Mode mode_;
private:
DES_BASE(const DES_BASE&); // hide copy
DES_BASE& operator=(const DES_BASE&); // and assign
}; };
// DES // DES
class DES : public DES_BASE { class DES : public Mode_BASE, public BasicDES {
public: public:
DES(CipherDir DIR, Mode MODE) : DES_BASE(DIR, MODE) {} DES(CipherDir DIR, Mode MODE)
: Mode_BASE(DES_BLOCK_SIZE), dir_(DIR), mode_(MODE) {}
void SetKey(const byte*, word32, CipherDir dir); void Process(byte*, const byte*, word32);
void RawProcessBlock(word32&, word32&) const;
void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
private: private:
word32 k_[KEY_SIZE]; CipherDir dir_;
Mode mode_;
void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
DES(const DES&); // hide copy
DES& operator=(const DES&); // and assign
}; };
// DES_EDE2 // DES_EDE2
class DES_EDE2 : public DES_BASE { class DES_EDE2 : public Mode_BASE {
public: public:
DES_EDE2(CipherDir DIR, Mode MODE) DES_EDE2(CipherDir DIR, Mode MODE)
: DES_BASE(DIR, MODE), des1_(DIR, MODE), des2_(DIR, MODE) {} : Mode_BASE(DES_BLOCK_SIZE), dir_(DIR), mode_(MODE) {}
void SetKey(const byte*, word32, CipherDir dir); void SetKey(const byte*, word32, CipherDir dir);
void ProcessAndXorBlock(const byte*, const byte*, byte*) const; void Process(byte*, const byte*, word32);
private: private:
DES des1_; CipherDir dir_;
DES des2_; Mode mode_;
BasicDES des1_;
BasicDES des2_;
void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
DES_EDE2(const DES_EDE2&); // hide copy
DES_EDE2& operator=(const DES_EDE2&); // and assign
}; };
// DES_EDE3 // DES_EDE3
class DES_EDE3 : public DES_BASE { class DES_EDE3 : public Mode_BASE {
public: public:
DES_EDE3(CipherDir DIR, Mode MODE) DES_EDE3(CipherDir DIR, Mode MODE)
: DES_BASE(DIR, MODE), des1_(DIR, MODE), des2_(DIR, MODE), : Mode_BASE(DES_BLOCK_SIZE), dir_(DIR), mode_(MODE) {}
des3_(DIR, MODE) {}
void SetKey(const byte*, word32, CipherDir dir); void SetKey(const byte*, word32, CipherDir dir);
void ProcessAndXorBlock(const byte*, const byte*, byte*) const; void SetIV(const byte* iv) { memcpy(r_, iv, DES_BLOCK_SIZE); }
void Process(byte*, const byte*, word32);
private: private:
DES des1_; CipherDir dir_;
DES des2_; Mode mode_;
DES des3_;
BasicDES des1_;
BasicDES des2_;
BasicDES des3_;
void AsmProcess(const byte* in, byte* out, void* box) const;
void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
DES_EDE3(const DES_EDE3&); // hide copy
DES_EDE3& operator=(const DES_EDE3&); // and assign
}; };
......
...@@ -64,7 +64,7 @@ public: ...@@ -64,7 +64,7 @@ public:
} }
void GenerateKeyPair(RandomNumberGenerator&, byte*, byte*); void GenerateKeyPair(RandomNumberGenerator&, byte*, byte*);
void Agree(byte*, const byte*, const byte*); void Agree(byte*, const byte*, const byte*, word32 otherSz = 0);
void SetP(const Integer& p) { p_ = p; } void SetP(const Integer& p) { p_ = p; }
void SetG(const Integer& g) { g_ = g; } void SetG(const Integer& g) { g_ = g; }
......
...@@ -57,17 +57,26 @@ public: ...@@ -57,17 +57,26 @@ public:
virtual void Update(const byte*, word32); virtual void Update(const byte*, word32);
virtual void Final(byte*); virtual void Final(byte*);
word32 GetBitCountLo() const { return loLen_ << 3; }
word32 GetBitCountHi() const { return (loLen_ >> (8*sizeof(loLen_) - 3)) +
(hiLen_ << 3); }
enum { MaxDigestSz = 5, MaxBufferSz = 64 }; enum { MaxDigestSz = 5, MaxBufferSz = 64 };
protected: protected:
word32 buffLen_; typedef word32 HashLengthType;
word32 length_; // in Bits word32 buffLen_; // in bytes
HashLengthType loLen_; // length in bytes
HashLengthType hiLen_; // length in bytes
word32 digest_[MaxDigestSz]; word32 digest_[MaxDigestSz];
word32 buffer_[MaxBufferSz / sizeof(word32)]; word32 buffer_[MaxBufferSz / sizeof(word32)];
virtual void Transform() = 0; virtual void Transform() = 0;
void AddLength(word32);
}; };
} // namespace } // namespace
#endif // TAO_CRYPT_HASH_HPP #endif // TAO_CRYPT_HASH_HPP
...@@ -56,12 +56,12 @@ private: ...@@ -56,12 +56,12 @@ private:
T mac_; T mac_;
// MSVC 6 HACK, gives compiler error if calculated in array // MSVC 6 HACK, gives compiler error if calculated in array
enum { HMAC_BSIZE = T::BLOCK_SIZE / sizeof(word32), enum { BSIZE = T::BLOCK_SIZE / sizeof(word32),
HMAC_DSIZE = T::DIGEST_SIZE / sizeof(word32) }; DSIZE = T::DIGEST_SIZE / sizeof(word32) };
word32 ip_[HMAC_BSIZE]; // align ipad_ on word32 word32 ip_[BSIZE]; // align ipad_ on word32
word32 op_[HMAC_BSIZE]; // align opad_ on word32 word32 op_[BSIZE]; // align opad_ on word32
word32 innerH_[HMAC_DSIZE]; // align innerHash_ on word32 word32 innerH_[DSIZE]; // align innerHash_ on word32
void KeyInnerHash(); void KeyInnerHash();
......
/* kernelc.hpp
*
* Copyright (C) 2003 Sawtooth Consulting Ltd.
*
* This file is part of yaSSL.
*
* yaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* yaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* kernelc.hpp provides support for C std lib when compiled in kernel mode
*/
#ifndef TAOCRYPT_KERNELC_HPP
#define TAOCRYPT_KERNELC_HPP
#include <linux/types.h> // get right size_t
// system functions that c++ doesn't like headers for
extern "C" void* memcpy(void*, const void*, size_t);
extern "C" void* memset(void*, int, size_t);
extern "C" void printk(char *fmt, ...);
#define KERN_ERR "<3>" /* error conditions */
#if defined(NDEBUG)
#define assert(p) ((void)0)
#else
#define assert(expr) \
if (!(expr)) { \
printk(KERN_ERR "Assertion failed! %s,%s,%s,line=%d\n", \
#expr,__FILE__,__FUNCTION__,__LINE__); }
#endif
#endif // TAOCRYPT_KERNELC_HPP
...@@ -45,10 +45,13 @@ public: ...@@ -45,10 +45,13 @@ public:
MD5(const MD5&); MD5(const MD5&);
MD5& operator= (const MD5&); MD5& operator= (const MD5&);
void Update(const byte*, word32);
void Init(); void Init();
void Swap(MD5&); void Swap(MD5&);
private: private:
void Transform(); void Transform();
void AsmTransform(const byte* data, word32 times);
}; };
inline void swap(MD5& a, MD5& b) inline void swap(MD5& a, MD5& b)
......
...@@ -24,9 +24,15 @@ ...@@ -24,9 +24,15 @@
#ifndef TAO_CRYPT_MISC_HPP #ifndef TAO_CRYPT_MISC_HPP
#define TAO_CRYPT_MISC_HPP #define TAO_CRYPT_MISC_HPP
#include <stdlib.h>
#include <assert.h> #if !defined(DO_TAOCRYPT_KERNEL_MODE)
#include <string.h> #include <stdlib.h>
#include <assert.h>
#include <string.h>
#else
#include "kernelc.hpp"
#endif
#include "types.hpp" #include "types.hpp"
#include "type_traits.hpp" #include "type_traits.hpp"
...@@ -34,31 +40,33 @@ ...@@ -34,31 +40,33 @@
namespace TaoCrypt { namespace TaoCrypt {
// library allocation #ifdef YASSL_PURE_C
struct new_t {}; // TaoCrypt New type
extern new_t tc; // pass in parameter
} // namespace TaoCrypt // library allocation
struct new_t {}; // TaoCrypt New type
extern new_t tc; // pass in parameter
void* operator new (size_t, TaoCrypt::new_t); } // namespace TaoCrypt
void* operator new[](size_t, TaoCrypt::new_t);
void operator delete (void*, TaoCrypt::new_t); void* operator new (size_t, TaoCrypt::new_t);
void operator delete[](void*, TaoCrypt::new_t); void* operator new[](size_t, TaoCrypt::new_t);
void operator delete (void*, TaoCrypt::new_t);
void operator delete[](void*, TaoCrypt::new_t);
namespace TaoCrypt {
template<typename T> namespace TaoCrypt {
void tcDelete(T* ptr)
{ template<typename T>
void tcDelete(T* ptr)
{
if (ptr) ptr->~T(); if (ptr) ptr->~T();
::operator delete(ptr, TaoCrypt::tc); ::operator delete(ptr, TaoCrypt::tc);
} }
template<typename T> template<typename T>
void tcArrayDelete(T* ptr) void tcArrayDelete(T* ptr)
{ {
// can't do array placement destruction since not tracking size in // can't do array placement destruction since not tracking size in
// allocation, only allow builtins to use array placement since they // allocation, only allow builtins to use array placement since they
// don't need destructors called // don't need destructors called
...@@ -66,15 +74,39 @@ void tcArrayDelete(T* ptr) ...@@ -66,15 +74,39 @@ void tcArrayDelete(T* ptr)
(void)sizeof(builtin); (void)sizeof(builtin);
::operator delete[](ptr, TaoCrypt::tc); ::operator delete[](ptr, TaoCrypt::tc);
} }
#define NEW_TC new (tc)
// to resolve compiler generated operator delete on base classes with
// virtual destructors (when on stack), make sure doesn't get called // to resolve compiler generated operator delete on base classes with
class virtual_base { // virtual destructors (when on stack), make sure doesn't get called
public: class virtual_base {
public:
static void operator delete(void*) { assert(0); } static void operator delete(void*) { assert(0); }
}; };
#else // YASSL_PURE_C
template<typename T>
void tcDelete(T* ptr)
{
delete ptr;
}
template<typename T>
void tcArrayDelete(T* ptr)
{
delete[] ptr;
}
#define NEW_TC new
class virtual_base {};
#endif // YASSL_PURE_C
#if defined(_MSC_VER) || defined(__BCPLUSPLUS__) #if defined(_MSC_VER) || defined(__BCPLUSPLUS__)
...@@ -91,19 +123,12 @@ public: ...@@ -91,19 +123,12 @@ public:
// no gas on these systems ?, disable for now // no gas on these systems ?, disable for now
#if defined(__sun__) || defined (__QNX__) || defined (__APPLE__) #if defined(__sun__) || defined (__QNX__)
#define TAOCRYPT_DISABLE_X86ASM #define TAOCRYPT_DISABLE_X86ASM
#endif #endif
// Disable assmebler when compiling with icc // Turn on ia32 ASM for Big Integer
// Temporary workaround for bug12717
#if defined(__INTEL_COMPILER)
#define TAOCRYPT_DISABLE_X86ASM
#endif
// CodeWarrior defines _MSC_VER // CodeWarrior defines _MSC_VER
#if !defined(TAOCRYPT_DISABLE_X86ASM) && ((defined(_MSC_VER) && \ #if !defined(TAOCRYPT_DISABLE_X86ASM) && ((defined(_MSC_VER) && \
!defined(__MWERKS__) && defined(_M_IX86)) || \ !defined(__MWERKS__) && defined(_M_IX86)) || \
...@@ -112,6 +137,20 @@ public: ...@@ -112,6 +137,20 @@ public:
#endif #endif
// Turn on ia32 ASM for Ciphers and Message Digests
// Seperate define since these are more complex, use member offsets
// and user may want to turn off while leaving Big Integer optos on
#if defined(TAOCRYPT_X86ASM_AVAILABLE) && !defined(DISABLE_TAO_ASM)
#define TAO_ASM
#endif
// Extra word in older vtable implementations, for ASM member offset
#if defined(__GNUC__) && __GNUC__ < 3
#define OLD_GCC_OFFSET
#endif
#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) #if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__)
# define TAOCRYPT_MALLOC_ALIGNMENT_IS_16 # define TAOCRYPT_MALLOC_ALIGNMENT_IS_16
#endif #endif
...@@ -432,6 +471,58 @@ inline void ByteReverseIf(T* out, const T* in, word32 bc, ByteOrder order) ...@@ -432,6 +471,58 @@ inline void ByteReverseIf(T* out, const T* in, word32 bc, ByteOrder order)
} }
// do Asm Reverse is host is Little and x86asm
#ifdef LITTLE_ENDIAN_ORDER
#ifdef TAOCRYPT_X86ASM_AVAILABLE
#define LittleReverse AsmReverse
#else
#define LittleReverse ByteReverse
#endif
#else
#define LittleReverse
#endif
// do Asm Reverse is host is Big and x86asm
#ifdef BIG_ENDIAN_ORDER
#ifdef TAOCRYPT_X86ASM_AVAILABLE
#define BigReverse AsmReverse
#else
#define BigReverse ByteReverse
#endif
#else
#define BigReverse
#endif
#ifdef TAOCRYPT_X86ASM_AVAILABLE
// faster than rotate, use bswap
inline word32 AsmReverse(word32 wd)
{
#ifdef __GNUC__
__asm__
(
"bswap %1"
: "=r"(wd)
: "0"(wd)
);
#else
__asm
{
mov eax, wd
bswap eax
mov wd, eax
}
#endif
return wd;
}
#endif
template <class T> template <class T>
inline void GetUserKey(ByteOrder order, T* out, word32 outlen, const byte* in, inline void GetUserKey(ByteOrder order, T* out, word32 outlen, const byte* in,
word32 inlen) word32 inlen)
......
...@@ -26,7 +26,6 @@ ...@@ -26,7 +26,6 @@
#ifndef TAO_CRYPT_MODES_HPP #ifndef TAO_CRYPT_MODES_HPP
#define TAO_CRYPT_MODES_HPP #define TAO_CRYPT_MODES_HPP
#include <string.h>
#include "misc.hpp" #include "misc.hpp"
namespace TaoCrypt { namespace TaoCrypt {
...@@ -68,14 +67,8 @@ public: ...@@ -68,14 +67,8 @@ public:
} }
virtual ~Mode_BASE() {} virtual ~Mode_BASE() {}
virtual void ProcessAndXorBlock(const byte*, const byte*, byte*) const = 0;
void ECB_Process(byte*, const byte*, word32);
void CBC_Encrypt(byte*, const byte*, word32);
void CBC_Decrypt(byte*, const byte*, word32);
void SetIV(const byte* iv) { memcpy(reg_, iv, blockSz_); } void SetIV(const byte* iv) { memcpy(reg_, iv, blockSz_); }
private: protected:
int blockSz_; int blockSz_;
byte* reg_; byte* reg_;
byte* tmp_; byte* tmp_;
...@@ -83,9 +76,15 @@ private: ...@@ -83,9 +76,15 @@ private:
word32 r_[MaxBlockSz / sizeof(word32)]; // align reg_ on word32 word32 r_[MaxBlockSz / sizeof(word32)]; // align reg_ on word32
word32 t_[MaxBlockSz / sizeof(word32)]; // align tmp_ on word32 word32 t_[MaxBlockSz / sizeof(word32)]; // align tmp_ on word32
void ECB_Process(byte*, const byte*, word32);
void CBC_Encrypt(byte*, const byte*, word32);
void CBC_Decrypt(byte*, const byte*, word32);
Mode_BASE(const Mode_BASE&); // hide copy Mode_BASE(const Mode_BASE&); // hide copy
Mode_BASE& operator=(const Mode_BASE&); // and assign Mode_BASE& operator=(const Mode_BASE&); // and assign
private:
virtual void ProcessAndXorBlock(const byte*, const byte*, byte*) const = 0;
}; };
......
/* pwdbased.hpp
*
* Copyright (C) 2003 Sawtooth Consulting Ltd.
*
* This file is part of yaSSL.
*
* yaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* yaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* pwdbased.hpp defines PBKDF2 from PKCS #5
*/
#ifndef TAO_CRYPT_PWDBASED_HPP
#define TAO_CRYPT_PWDBASED_HPP
#include <string.h>
#include "misc.hpp"
#include "block.hpp"
#include "hmac.hpp"
namespace TaoCrypt {
// From PKCS #5, T must be type suitable for HMAC<T>
template <class T>
class PBKDF2_HMAC {
public:
word32 MaxDerivedKeyLength() const { return 0xFFFFFFFFU;} // avoid overflow
word32 DeriveKey(byte* derived, word32 dLen, const byte* pwd, word32 pLen,
const byte* salt, word32 sLen, word32 iterations) const;
};
template <class T>
word32 PBKDF2_HMAC<T>::DeriveKey(byte* derived, word32 dLen, const byte* pwd,
word32 pLen, const byte* salt, word32 sLen,
word32 iterations) const
{
assert(dLen <= MaxDerivedKeyLength());
assert(iterations > 0);
ByteBlock buffer(T::DIGEST_SIZE);
HMAC<T> hmac;
hmac.SetKey(pwd, pLen);
word32 i = 1;
while (dLen > 0) {
hmac.Update(salt, sLen);
word32 j;
for (j = 0; j < 4; j++) {
byte b = i >> ((3-j)*8);
hmac.Update(&b, 1);
}
hmac.Final(buffer.get_buffer());
word32 segmentLen = mySTL::min(dLen, buffer.size());
memcpy(derived, buffer.get_buffer(), segmentLen);
for (j = 1; j < iterations; j++) {
hmac.Update(buffer.get_buffer(), buffer.size());
hmac.Final(buffer.get_buffer());
xorbuf(derived, buffer.get_buffer(), segmentLen);
}
derived += segmentLen;
dLen -= segmentLen;
i++;
}
return iterations;
}
} // naemspace
#endif // TAO_CRYPT_PWDBASED_HPP
...@@ -45,10 +45,12 @@ public: ...@@ -45,10 +45,12 @@ public:
RIPEMD160(const RIPEMD160&); RIPEMD160(const RIPEMD160&);
RIPEMD160& operator= (const RIPEMD160&); RIPEMD160& operator= (const RIPEMD160&);
void Update(const byte*, word32);
void Init(); void Init();
void Swap(RIPEMD160&); void Swap(RIPEMD160&);
private: private:
void Transform(); void Transform();
void AsmTransform(const byte* data, word32 times);
}; };
inline void swap(RIPEMD160& a, RIPEMD160& b) inline void swap(RIPEMD160& a, RIPEMD160& b)
......
...@@ -25,15 +25,18 @@ ...@@ -25,15 +25,18 @@
#if !defined(yaSSL_NEW_HPP) && defined(__GNUC__) #if !defined(yaSSL_NEW_HPP) && defined(__GNUC__) && !defined(__ICC)
#if !(defined(__ICC) || defined(__INTEL_COMPILER))
#define yaSSL_NEW_HPP #define yaSSL_NEW_HPP
#if __GNUC__ > 2 #if __GNUC__ > 2
extern "C" { extern "C" {
#include <assert.h> #if !defined(DO_TAOCRYPT_KERNEL_MODE)
#include <assert.h>
#else
#include "kernelc.hpp"
#endif
/* Disallow inline __cxa_pure_virtual() */ /* Disallow inline __cxa_pure_virtual() */
static int __cxa_pure_virtual() __attribute__((noinline, used)); static int __cxa_pure_virtual() __attribute__((noinline, used));
...@@ -47,6 +50,5 @@ static int __cxa_pure_virtual() ...@@ -47,6 +50,5 @@ static int __cxa_pure_virtual()
} // extern "C" } // extern "C"
#endif // __GNUC__ > 2 #endif // __GNUC__ > 2
#endif // ! _ICC
#endif // yaSSL_NEW_HPP && __GNUC__ #endif // yaSSL_NEW_HPP && __GNUC__
...@@ -42,6 +42,7 @@ public: ...@@ -42,6 +42,7 @@ public:
word32 getDigestSize() const { return DIGEST_SIZE; } word32 getDigestSize() const { return DIGEST_SIZE; }
word32 getPadSize() const { return PAD_SIZE; } word32 getPadSize() const { return PAD_SIZE; }
void Update(const byte* data, word32 len);
void Init(); void Init();
SHA(const SHA&); SHA(const SHA&);
...@@ -50,6 +51,7 @@ public: ...@@ -50,6 +51,7 @@ public:
void Swap(SHA&); void Swap(SHA&);
private: private:
void Transform(); void Transform();
void AsmTransform(const byte* data, word32 times);
}; };
......
/* twofish.hpp
*
* Copyright (C) 2003 Sawtooth Consulting Ltd.
*
* This file is part of yaSSL.
*
* yaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* yaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* twofish.hpp defines Twofish
*/
#ifndef TAO_CRYPT_TWOFISH_HPP
#define TAO_CRYPT_TWOFISH_HPP
#include "misc.hpp"
#include "modes.hpp"
#include "algorithm.hpp"
namespace TaoCrypt {
enum { TWOFISH_BLOCK_SIZE = 16 };
// Twofish encryption and decryption, see
class Twofish : public Mode_BASE {
public:
enum { BLOCK_SIZE = TWOFISH_BLOCK_SIZE };
Twofish(CipherDir DIR, Mode MODE)
: Mode_BASE(BLOCK_SIZE), dir_(DIR), mode_(MODE) {}
void Process(byte*, const byte*, word32);
void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION);
void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); }
private:
CipherDir dir_;
Mode mode_;
static const byte q_[2][256];
static const word32 mds_[4][256];
word32 k_[40];
word32 s_[4][256];
static word32 h0(word32 x, const word32 *key, unsigned int kLen);
static word32 h(word32 x, const word32 *key, unsigned int kLen);
void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
void encrypt(const byte*, const byte*, byte*) const;
void decrypt(const byte*, const byte*, byte*) const;
void AsmEncrypt(const byte* inBlock, byte* outBlock) const;
void AsmDecrypt(const byte* inBlock, byte* outBlock) const;
Twofish(const Twofish&); // hide copy
Twofish& operator=(const Twofish&); // and assign
};
typedef BlockCipher<ENCRYPTION, Twofish, ECB> Twofish_ECB_Encryption;
typedef BlockCipher<DECRYPTION, Twofish, ECB> Twofish_ECB_Decryption;
typedef BlockCipher<ENCRYPTION, Twofish, CBC> Twofish_CBC_Encryption;
typedef BlockCipher<DECRYPTION, Twofish, CBC> Twofish_CBC_Decryption;
} // naemspace
#endif // TAO_CRYPT_TWOFISH_HPP
...@@ -61,10 +61,9 @@ typedef unsigned int word32; ...@@ -61,10 +61,9 @@ typedef unsigned int word32;
// compilers we've found 64-bit multiply insructions for // compilers we've found 64-bit multiply insructions for
#if defined(__GNUC__) || defined(_MSC_VER) || defined(__DECCXX) #if defined(__GNUC__) || defined(_MSC_VER) || defined(__DECCXX)
#if !(defined(__ICC) || defined(__INTEL_COMPILER))
#define HAVE_64_MULTIPLY #define HAVE_64_MULTIPLY
#endif #endif
#endif
#if defined(HAVE_64_MULTIPLY) && (defined(__alpha__) || defined(__ia64__) \ #if defined(HAVE_64_MULTIPLY) && (defined(__alpha__) || defined(__ia64__) \
|| defined(_ARCH_PPC64) || defined(__mips64) || defined(__x86_64__)) || defined(_ARCH_PPC64) || defined(__mips64) || defined(__x86_64__))
......
This diff is collapsed.
This diff is collapsed.
...@@ -20,6 +20,8 @@ ...@@ -20,6 +20,8 @@
*/ */
/* based on Wei Dai's algebra.cpp from CryptoPP */ /* based on Wei Dai's algebra.cpp from CryptoPP */
#undef NDEBUG
#define DEBUG // GCC 4.0 bug if NDEBUG and Optimize > 1
#include "runtime.hpp" #include "runtime.hpp"
#include "algebra.hpp" #include "algebra.hpp"
......
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
...@@ -130,7 +130,7 @@ void Base64Encoder::Encode() ...@@ -130,7 +130,7 @@ void Base64Encoder::Encode()
word32 outSz = bytes * 4 / 3; word32 outSz = bytes * 4 / 3;
outSz += (outSz % 4); // 4 byte integrals outSz += (outSz % 4); // 4 byte integrals
outSz += outSz / pemLineSz + ( (outSz % pemLineSz) ? 1 : 0); // new lines outSz += (outSz + pemLineSz - 1) / pemLineSz; // new lines
encoded_.New(outSz); encoded_.New(outSz);
word32 i = 0; word32 i = 0;
...@@ -187,9 +187,8 @@ void Base64Encoder::Encode() ...@@ -187,9 +187,8 @@ void Base64Encoder::Encode()
void Base64Decoder::Decode() void Base64Decoder::Decode()
{ {
word32 bytes = coded_.size(); word32 bytes = coded_.size();
word32 plainSz = bytes - (bytes / pemLineSz + ( (bytes % pemLineSz) ? word32 plainSz = bytes - ((bytes + (pemLineSz - 1)) / pemLineSz);
1 : 0)); plainSz = (plainSz * 3 + 3) / 4;
plainSz = plainSz * 3 / 4 + (( (plainSz * 3) % 4) ? 1 : 0);
decoded_.New(plainSz); decoded_.New(plainSz);
word32 i = 0; word32 i = 0;
......
This diff is collapsed.
...@@ -26,10 +26,26 @@ ...@@ -26,10 +26,26 @@
#include "runtime.hpp" #include "runtime.hpp"
#include "dh.hpp" #include "dh.hpp"
#include "asn.hpp" #include "asn.hpp"
#include <math.h>
namespace TaoCrypt { namespace TaoCrypt {
namespace { // locals
unsigned int DiscreteLogWorkFactor(unsigned int n)
{
// assuming discrete log takes about the same time as factoring
if (n<5)
return 0;
else
return (unsigned int)(2.4 * pow((double)n, 1.0/3.0) *
pow(log(double(n)), 2.0/3.0) - 5);
}
} // namespace locals
// Generate a DH Key Pair // Generate a DH Key Pair
void DH::GenerateKeyPair(RandomNumberGenerator& rng, byte* priv, byte* pub) void DH::GenerateKeyPair(RandomNumberGenerator& rng, byte* priv, byte* pub)
{ {
...@@ -41,7 +57,8 @@ void DH::GenerateKeyPair(RandomNumberGenerator& rng, byte* priv, byte* pub) ...@@ -41,7 +57,8 @@ void DH::GenerateKeyPair(RandomNumberGenerator& rng, byte* priv, byte* pub)
// Generate private value // Generate private value
void DH::GeneratePrivate(RandomNumberGenerator& rng, byte* priv) void DH::GeneratePrivate(RandomNumberGenerator& rng, byte* priv)
{ {
Integer x(rng, Integer::One(), p_ - 1); Integer x(rng, Integer::One(), mySTL::min(p_ - 1,
Integer::Power2(2*DiscreteLogWorkFactor(p_.BitCount())) ) );
x.Encode(priv, p_.ByteCount()); x.Encode(priv, p_.ByteCount());
} }
...@@ -57,11 +74,16 @@ void DH::GeneratePublic(const byte* priv, byte* pub) ...@@ -57,11 +74,16 @@ void DH::GeneratePublic(const byte* priv, byte* pub)
// Generate Agreement // Generate Agreement
void DH::Agree(byte* agree, const byte* priv, const byte* otherPub) void DH::Agree(byte* agree, const byte* priv, const byte* otherPub, word32
otherSz)
{ {
const word32 bc(p_.ByteCount()); const word32 bc(p_.ByteCount());
Integer x(priv, bc); Integer x(priv, bc);
Integer y(otherPub, bc); Integer y;
if (otherSz)
y.Decode(otherPub, otherSz);
else
y.Decode(otherPub, bc);
Integer z(a_exp_b_mod_c(y, x, p_)); Integer z(a_exp_b_mod_c(y, x, p_));
z.Encode(agree, bc); z.Encode(agree, bc);
......
This diff is collapsed.
This diff is collapsed.
# quick and dirty build file for testing different MSDEVs
setlocal
set myFLAGS= /I../include /I../../mySTL /c /W3 /G6 /O2
#set myFLAGS= /I../include /I../../mySTL /c /W3 /O1
cl %myFLAGS% aes.cpp
cl %myFLAGS% aestables.cpp
cl %myFLAGS% algebra.cpp
cl %myFLAGS% arc4.cpp
cl %myFLAGS% asn.cpp
cl %myFLAGS% bftables.cpp
cl %myFLAGS% blowfish.cpp
cl %myFLAGS% coding.cpp
cl %myFLAGS% des.cpp
cl %myFLAGS% dh.cpp
cl %myFLAGS% dsa.cpp
cl %myFLAGS% file.cpp
cl %myFLAGS% hash.cpp
cl %myFLAGS% integer.cpp
cl %myFLAGS% md2.cpp
cl %myFLAGS% md5.cpp
cl %myFLAGS% misc.cpp
cl %myFLAGS% random.cpp
cl %myFLAGS% ripemd.cpp
cl %myFLAGS% rsa.cpp
cl %myFLAGS% sha.cpp
cl %myFLAGS% template_instnt.cpp
cl %myFLAGS% tftables.cpp
cl %myFLAGS% twofish.cpp
link.exe -lib /out:taocrypt.lib aes.obj aestables.obj algebra.obj arc4.obj asn.obj bftables.obj blowfish.obj coding.obj des.obj dh.obj dsa.obj file.obj hash.obj integer.obj md2.obj md5.obj misc.obj random.obj ripemd.obj rsa.obj sha.obj template_instnt.obj tftables.obj twofish.obj
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment