From 0f5b0ff8c33b1d4e43bc30d1d88568423d2d72fe Mon Sep 17 00:00:00 2001 From: toddouska Date: Thu, 26 Apr 2012 14:58:29 -0700 Subject: [PATCH 1/2] sha384 plus merge changes --- configure.ac | 2 +- ctaocrypt/src/aes.c | 18 +- ctaocrypt/src/sha512.c | 142 ++++++++++- cyassl/ctaocrypt/aes.h | 2 + cyassl/ctaocrypt/sha512.h | 27 ++ cyassl/openssl/ripemd.h | 37 +++ src/ssl.c | 524 +++++++++++++++++++++++++++++++++++++- 7 files changed, 737 insertions(+), 15 deletions(-) create mode 100644 cyassl/openssl/ripemd.h diff --git a/configure.ac b/configure.ac index 202b3e6e5..037fbf5ba 100644 --- a/configure.ac +++ b/configure.ac @@ -6,7 +6,7 @@ # # -AC_INIT([cyassl],[2.0.9],[http://www.yassl.com]) +AC_INIT([cyassl],[2.1.0],[http://www.yassl.com]) AC_CONFIG_AUX_DIR(config) diff --git a/ctaocrypt/src/aes.c b/ctaocrypt/src/aes.c index 48879a6e1..e58f6c0ca 100644 --- a/ctaocrypt/src/aes.c +++ b/ctaocrypt/src/aes.c @@ -832,8 +832,20 @@ int AES_set_decrypt_key (const unsigned char* userKey, const int bits, #endif /* CYASSL_AESNI */ +int AesSetIV(Aes* aes, const byte* iv) +{ + if (aes == NULL) + return BAD_FUNC_ARG; + + if (iv) + XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE); + + return 0; +} + + int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv, - int dir) + int dir) { word32 temp, *rk = aes->key; unsigned int i = 0; @@ -976,10 +988,8 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv, Td[3][Te[4][GETBYTE(rk[3], 0)] & 0xff]; } } - if (iv) - XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE); - return 0; + return AesSetIV(aes, iv); } diff --git a/ctaocrypt/src/sha512.c b/ctaocrypt/src/sha512.c index 551927a0a..f14efecff 100644 --- a/ctaocrypt/src/sha512.c +++ b/ctaocrypt/src/sha512.c @@ -128,6 +128,11 @@ static const word64 K512[80] = { #define R(i) h(i)+=S1(e(i))+Ch(e(i),f(i),g(i))+K[i+j]+(j?blk2(i):blk0(i));\ d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i)) +#define blk384(i) (W[i] = sha384->buffer[i]) + +#define R2(i) h(i)+=S1(e(i))+Ch(e(i),f(i),g(i))+K[i+j]+(j?blk2(i):blk384(i));\ + d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i)) + static void Transform(Sha512* sha512) { @@ -209,7 +214,7 @@ void Sha512Final(Sha512* sha512, byte* hash) /* pad with zeros */ if (sha512->buffLen > SHA512_PAD_SIZE) { - XMEMSET(&local[sha512->buffLen], 0, SHA512_BLOCK_SIZE - sha512->buffLen); + XMEMSET(&local[sha512->buffLen], 0, SHA512_BLOCK_SIZE -sha512->buffLen); sha512->buffLen += SHA512_BLOCK_SIZE - sha512->buffLen; #ifdef LITTLE_ENDIAN_ORDER @@ -243,4 +248,139 @@ void Sha512Final(Sha512* sha512, byte* hash) } + +#ifdef CYASSL_SHA384 + +void InitSha384(Sha384* sha384) +{ + sha384->digest[0] = W64LIT(0xcbbb9d5dc1059ed8); + sha384->digest[1] = W64LIT(0x629a292a367cd507); + sha384->digest[2] = W64LIT(0x9159015a3070dd17); + sha384->digest[3] = W64LIT(0x152fecd8f70e5939); + sha384->digest[4] = W64LIT(0x67332667ffc00b31); + sha384->digest[5] = W64LIT(0x8eb44a8768581511); + sha384->digest[6] = W64LIT(0xdb0c2e0d64f98fa7); + sha384->digest[7] = W64LIT(0x47b5481dbefa4fa4); + + sha384->buffLen = 0; + sha384->loLen = 0; + sha384->hiLen = 0; +} + + +static void Transform384(Sha384* sha384) +{ + const word64* K = K512; + + word32 j; + word64 W[16]; + word64 T[8]; + + /* Copy digest to working vars */ + XMEMCPY(T, sha384->digest, sizeof(T)); + + /* 64 operations, partially loop unrolled */ + for (j = 0; j < 80; j += 16) { + R2( 0); R2( 1); R2( 2); R2( 3); + R2( 4); R2( 5); R2( 6); R2( 7); + R2( 8); R2( 9); R2(10); R2(11); + R2(12); R2(13); R2(14); R2(15); + } + + /* Add the working vars back into digest */ + + sha384->digest[0] += a(0); + sha384->digest[1] += b(0); + sha384->digest[2] += c(0); + sha384->digest[3] += d(0); + sha384->digest[4] += e(0); + sha384->digest[5] += f(0); + sha384->digest[6] += g(0); + sha384->digest[7] += h(0); + + /* Wipe variables */ + XMEMSET(W, 0, sizeof(W)); + XMEMSET(T, 0, sizeof(T)); +} + + +static INLINE void AddLength384(Sha384* sha384, word32 len) +{ + word32 tmp = sha384->loLen; + if ( (sha384->loLen += len) < tmp) + sha384->hiLen++; /* carry low to high */ +} + + +void Sha384Update(Sha384* sha384, const byte* data, word32 len) +{ + /* do block size increments */ + byte* local = (byte*)sha384->buffer; + + while (len) { + word32 add = min(len, SHA384_BLOCK_SIZE - sha384->buffLen); + XMEMCPY(&local[sha384->buffLen], data, add); + + sha384->buffLen += add; + data += add; + len -= add; + + if (sha384->buffLen == SHA384_BLOCK_SIZE) { + #ifdef LITTLE_ENDIAN_ORDER + ByteReverseWords64(sha384->buffer, sha384->buffer, + SHA384_BLOCK_SIZE); + #endif + Transform384(sha384); + AddLength384(sha384, SHA384_BLOCK_SIZE); + sha384->buffLen = 0; + } + } +} + + +void Sha384Final(Sha384* sha384, byte* hash) +{ + byte* local = (byte*)sha384->buffer; + + AddLength384(sha384, sha384->buffLen); /* before adding pads */ + + local[sha384->buffLen++] = 0x80; /* add 1 */ + + /* pad with zeros */ + if (sha384->buffLen > SHA384_PAD_SIZE) { + XMEMSET(&local[sha384->buffLen], 0, SHA384_BLOCK_SIZE -sha384->buffLen); + sha384->buffLen += SHA384_BLOCK_SIZE - sha384->buffLen; + + #ifdef LITTLE_ENDIAN_ORDER + ByteReverseWords64(sha384->buffer,sha384->buffer,SHA384_BLOCK_SIZE); + #endif + Transform384(sha384); + sha384->buffLen = 0; + } + XMEMSET(&local[sha384->buffLen], 0, SHA384_PAD_SIZE - sha384->buffLen); + + /* put lengths in bits */ + sha384->hiLen = (sha384->loLen >> (8*sizeof(sha384->loLen) - 3)) + + (sha384->hiLen << 3); + sha384->loLen = sha384->loLen << 3; + + /* store lengths */ + #ifdef LITTLE_ENDIAN_ORDER + ByteReverseWords64(sha384->buffer, sha384->buffer, SHA384_PAD_SIZE); + #endif + /* ! length ordering dependent on digest endian type ! */ + sha384->buffer[SHA384_BLOCK_SIZE / sizeof(word64) - 2] = sha384->hiLen; + sha384->buffer[SHA384_BLOCK_SIZE / sizeof(word64) - 1] = sha384->loLen; + + Transform384(sha384); + #ifdef LITTLE_ENDIAN_ORDER + ByteReverseWords64(sha384->digest, sha384->digest, SHA384_DIGEST_SIZE); + #endif + XMEMCPY(hash, sha384->digest, SHA384_DIGEST_SIZE); + + InitSha384(sha384); /* reset state */ +} + +#endif /* CYASSL_SHA384 */ + #endif /* CYASSL_SHA512 */ diff --git a/cyassl/ctaocrypt/aes.h b/cyassl/ctaocrypt/aes.h index 61022a03b..c3356de4a 100644 --- a/cyassl/ctaocrypt/aes.h +++ b/cyassl/ctaocrypt/aes.h @@ -54,6 +54,7 @@ enum { + AES_ENC_TYPE = 1, /* cipher unique type */ AES_ENCRYPTION = 0, AES_DECRYPTION = 1, AES_BLOCK_SIZE = 16 @@ -72,6 +73,7 @@ typedef struct Aes { CYASSL_API int AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv, int dir); +CYASSL_API int AesSetIV(Aes* aes, const byte* iv); CYASSL_API void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz); CYASSL_API void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz); CYASSL_API void AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz); diff --git a/cyassl/ctaocrypt/sha512.h b/cyassl/ctaocrypt/sha512.h index e5a42ac3d..79861afee 100644 --- a/cyassl/ctaocrypt/sha512.h +++ b/cyassl/ctaocrypt/sha512.h @@ -56,6 +56,33 @@ CYASSL_API void Sha512Update(Sha512*, const byte*, word32); CYASSL_API void Sha512Final(Sha512*, byte*); +#ifdef CYASSL_SHA384 + +/* in bytes */ +enum { + SHA384 = 5, /* hash type unique */ + SHA384_BLOCK_SIZE = 128, + SHA384_DIGEST_SIZE = 48, + SHA384_PAD_SIZE = 112 +}; + + +/* Sha384 digest */ +typedef struct Sha384 { + word32 buffLen; /* in bytes */ + word32 loLen; /* length in bytes */ + word32 hiLen; /* length in bytes */ + word64 digest[SHA512_DIGEST_SIZE / sizeof(word64)]; /* for transform 512 */ + word64 buffer[SHA384_BLOCK_SIZE / sizeof(word64)]; +} Sha384; + + +CYASSL_API void InitSha384(Sha384*); +CYASSL_API void Sha384Update(Sha384*, const byte*, word32); +CYASSL_API void Sha384Final(Sha384*, byte*); + +#endif /* CYASSL_SHA384 */ + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/cyassl/openssl/ripemd.h b/cyassl/openssl/ripemd.h new file mode 100644 index 000000000..2d4d01466 --- /dev/null +++ b/cyassl/openssl/ripemd.h @@ -0,0 +1,37 @@ +/* ripemd.h for openssl */ + + +#ifndef CYASSL_RIPEMD_H_ +#define CYASSL_RIPEMD_H_ + +#include + +#ifdef __cplusplus + extern "C" { +#endif + + +typedef struct CYASSL_RIPEMD_CTX { + int holder[32]; /* big enough to hold ctaocrypt, but check on init */ +} CYASSL_RIPEMD_CTX; + +CYASSL_API void CyaSSL_RIPEMD_Init(CYASSL_RIPEMD_CTX*); +CYASSL_API void CyaSSL_RIPEMD_Update(CYASSL_RIPEMD_CTX*, const void*, + unsigned long); +CYASSL_API void CyaSSL_RIPEMD_Final(unsigned char*, CYASSL_RIPEMD_CTX*); + + +typedef CYASSL_RIPEMD_CTX RIPEMD_CTX; + +#define RIPEMD_Init CyaSSL_RIPEMD_Init +#define RIPEMD_Update CyaSSL_RIPEMD_Update +#define RIPEMD_Final CyaSSL_RIPEMD_Final + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* CYASSL_MD5_H_ */ + diff --git a/src/ssl.c b/src/ssl.c index d91e924f0..8d82a62bd 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -44,12 +44,17 @@ #include #include #include + #include /* openssl headers end, cyassl internal headers next */ #include #include #include #include #include + #include + #ifdef CYASSL_SHA512 + #include + #endif #endif #ifndef NO_FILESYSTEM @@ -3087,18 +3092,54 @@ int CyaSSL_set_compression(CYASSL* ssl) DYNAMIC_TYPE_OPENSSL); CYASSL_ENTER("BIO_new"); if (bio) { - bio->type = method->type; - bio->close = 0; - bio->eof = 0; - bio->ssl = 0; - bio->fd = 0; - bio->prev = 0; - bio->next = 0; + bio->type = method->type; + bio->close = 0; + bio->eof = 0; + bio->ssl = NULL; + bio->mem = NULL; + bio->memLen = 0; + bio->fd = 0; + bio->prev = NULL; + bio->next = NULL; } return bio; } + int CyaSSL_BIO_get_mem_data(CYASSL_BIO* bio, const byte** p) + { + if (bio == NULL || p == NULL) + return -1; + + *p = bio->mem; + + return bio->memLen; + } + + + CYASSL_BIO* CyaSSL_BIO_new_mem_buf(void* buf, int len) + { + CYASSL_BIO* bio = NULL; + if (buf == NULL) + return bio; + + bio = CyaSSL_BIO_new(CyaSSL_BIO_s_mem()); + if (bio == NULL) + return bio; + + bio->memLen = len; + bio->mem = (byte*)XMALLOC(len, 0, DYNAMIC_TYPE_OPENSSL); + if (bio->mem == NULL) { + XFREE(bio, 0, DYNAMIC_TYPE_OPENSSL); + return NULL; + } + + XMEMCPY(bio->mem, buf, len); + + return bio; + } + + #ifdef USE_WINDOWS_API #define CloseSocket(s) closesocket(s) #else @@ -3116,6 +3157,8 @@ int CyaSSL_set_compression(CYASSL* ssl) if (bio->fd) CloseSocket(bio->fd); } + if (bio->mem) + XFREE(bio->mem, 0, DYNAMIC_TYPE_OPENSSL); XFREE(bio, 0, DYNAMIC_TYPE_OPENSSL); } return 0; @@ -3428,6 +3471,89 @@ int CyaSSL_set_compression(CYASSL* ssl) } + void CyaSSL_SHA256_Init(CYASSL_SHA256_CTX* sha256) + { + typedef char sha_test[sizeof(SHA256_CTX) >= sizeof(Sha256) ? 1 : -1]; + (void)sizeof(sha_test); + + CYASSL_ENTER("SHA256_Init"); + InitSha256((Sha256*)sha256); + } + + + void CyaSSL_SHA256_Update(CYASSL_SHA256_CTX* sha, const void* input, + unsigned long sz) + { + CYASSL_ENTER("SHA256_Update"); + Sha256Update((Sha256*)sha, (const byte*)input, sz); + } + + + void CyaSSL_SHA256_Final(byte* input, CYASSL_SHA256_CTX* sha) + { + CYASSL_ENTER("SHA256_Final"); + Sha256Final((Sha256*)sha, input); + } + + + #ifdef CYASSL_SHA384 + + void CyaSSL_SHA384_Init(CYASSL_SHA384_CTX* sha) + { + typedef char sha_test[sizeof(SHA384_CTX) >= sizeof(Sha384) ? 1 : -1]; + (void)sizeof(sha_test); + + CYASSL_ENTER("SHA384_Init"); + InitSha384((Sha384*)sha); + } + + + void CyaSSL_SHA384_Update(CYASSL_SHA384_CTX* sha, const void* input, + unsigned long sz) + { + CYASSL_ENTER("SHA384_Update"); + Sha384Update((Sha384*)sha, (const byte*)input, sz); + } + + + void CyaSSL_SHA384_Final(byte* input, CYASSL_SHA384_CTX* sha) + { + CYASSL_ENTER("SHA384_Final"); + Sha384Final((Sha384*)sha, input); + } + + #endif /* CYASSL_SHA384 */ + + + #ifdef CYASSL_SHA512 + + void CyaSSL_SHA512_Init(CYASSL_SHA512_CTX* sha) + { + typedef char sha_test[sizeof(SHA512_CTX) >= sizeof(Sha512) ? 1 : -1]; + (void)sizeof(sha_test); + + CYASSL_ENTER("SHA512_Init"); + InitSha512((Sha512*)sha); + } + + + void CyaSSL_SHA512_Update(CYASSL_SHA512_CTX* sha, const void* input, + unsigned long sz) + { + CYASSL_ENTER("SHA512_Update"); + Sha512Update((Sha512*)sha, (const byte*)input, sz); + } + + + void CyaSSL_SHA512_Final(byte* input, CYASSL_SHA512_CTX* sha) + { + CYASSL_ENTER("SHA512_Final"); + Sha512Final((Sha512*)sha, input); + } + + #endif /* CYASSL_SHA512 */ + + const CYASSL_EVP_MD* CyaSSL_EVP_md5(void) { static const char* type = "MD5"; @@ -3444,20 +3570,338 @@ int CyaSSL_set_compression(CYASSL* ssl) } + const CYASSL_EVP_MD* CyaSSL_EVP_sha256(void) + { + static const char* type = "SHA256"; + CYASSL_ENTER("EVP_sha256"); + return type; + } + + #ifdef CYASSL_SHA384 + + const CYASSL_EVP_MD* CyaSSL_EVP_sha384(void) + { + static const char* type = "SHA384"; + CYASSL_ENTER("EVP_sha384"); + return type; + } + + #endif /* CYASSL_SHA384 */ + + #ifdef CYASSL_SHA512 + + const CYASSL_EVP_MD* CyaSSL_EVP_sha512(void) + { + static const char* type = "SHA512"; + CYASSL_ENTER("EVP_sha512"); + return type; + } + + #endif /* CYASSL_SHA512 */ + + void CyaSSL_EVP_MD_CTX_init(CYASSL_EVP_MD_CTX* ctx) { + CYASSL_ENTER("EVP_CIPHER_MD_CTX_init"); (void)ctx; /* do nothing */ } + const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_128_cbc(void) + { + static const char* type = "AES128-CBC"; + CYASSL_ENTER("CyaSSL_EVP_aes_128_cbc"); + return type; + } + + + const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_192_cbc(void) + { + static const char* type = "AES192-CBC"; + CYASSL_ENTER("CyaSSL_EVP_aes_192_cbc"); + return type; + } + + + const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_256_cbc(void) + { + static const char* type = "AES256-CBC"; + CYASSL_ENTER("CyaSSL_EVP_aes_256_cbc"); + return type; + } + + + const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_128_ctr(void) + { + static const char* type = "AES128-CTR"; + CYASSL_ENTER("CyaSSL_EVP_aes_128_ctr"); + return type; + } + + + const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_192_ctr(void) + { + static const char* type = "AES192-CTR"; + CYASSL_ENTER("CyaSSL_EVP_aes_192_ctr"); + return type; + } + + + const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_256_ctr(void) + { + static const char* type = "AES256-CTR"; + CYASSL_ENTER("CyaSSL_EVP_aes_256_ctr"); + return type; + } + + + const CYASSL_EVP_CIPHER* CyaSSL_EVP_des_cbc(void) + { + static const char* type = "DES-CBC"; + CYASSL_ENTER("CyaSSL_EVP_des_cbc"); + return type; + } + + + const CYASSL_EVP_CIPHER* CyaSSL_EVP_des_ede3_cbc(void) + { + static const char* type = "DES-EDE3-CBC"; + CYASSL_ENTER("CyaSSL_EVP_des_ede3_cbc"); + return type; + } + + + const CYASSL_EVP_CIPHER* CyaSSL_EVP_rc4(void) + { + static const char* type = "ARC4"; + CYASSL_ENTER("CyaSSL_EVP_rc4"); + return type; + } + + int CyaSSL_EVP_MD_CTX_cleanup(CYASSL_EVP_MD_CTX* ctx) { CYASSL_ENTER("EVP_MD_CTX_cleanup"); (void)ctx; return 0; + } + + + + void CyaSSL_EVP_CIPHER_CTX_init(CYASSL_EVP_CIPHER_CTX* ctx) + { + CYASSL_ENTER("EVP_CIPHER_CTX_init"); + if (ctx) { + ctx->cipherType = 0xff; /* no init */ + ctx->keyLen = 0; + ctx->enc = 1; /* start in encrypt mode */ + } + } + + + int CyaSSL_EVP_CIPHER_CTX_cleanup(CYASSL_EVP_CIPHER_CTX* ctx) + { + CYASSL_ENTER("EVP_CIPHER_CTX_cleanup"); + if (ctx) { + ctx->cipherType = 0xff; /* no more init */ + ctx->keyLen = 0; + } + + return 1; /* success */ } + int CyaSSL_EVP_CipherInit(CYASSL_EVP_CIPHER_CTX* ctx, + const CYASSL_EVP_CIPHER* type, byte* key, + byte* iv, int enc) + { + CYASSL_ENTER("CyaSSL_EVP_CipherInit"); + if (ctx == NULL) + return 0; /* failure */ + + if (type == NULL && ctx->cipherType == 0xff) + return 0; /* failure */ + + if (ctx->cipherType == AES_128_CBC_TYPE || (type && + XSTRNCMP(type, "AES128-CBC", 10) == 0)) { + ctx->cipherType = AES_128_CBC_TYPE; + ctx->keyLen = 16; + if (enc == 0 || enc == 1) + ctx->enc = enc ? 1 : 0; + if (key) + AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, + enc ? AES_ENCRYPTION : AES_DECRYPTION); + if (iv && key == NULL) + AesSetIV(&ctx->cipher.aes, iv); + } + else if (ctx->cipherType == AES_192_CBC_TYPE || (type && + XSTRNCMP(type, "AES192-CBC", 10) == 0)) { + ctx->cipherType = AES_192_CBC_TYPE; + ctx->keyLen = 24; + if (enc == 0 || enc == 1) + ctx->enc = enc ? 1 : 0; + if (key) + AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, + enc ? AES_ENCRYPTION : AES_DECRYPTION); + if (iv && key == NULL) + AesSetIV(&ctx->cipher.aes, iv); + } + else if (ctx->cipherType == AES_256_CBC_TYPE || (type && + XSTRNCMP(type, "AES256-CBC", 10) == 0)) { + ctx->cipherType = AES_256_CBC_TYPE; + ctx->keyLen = 32; + if (enc == 0 || enc == 1) + ctx->enc = enc ? 1 : 0; + if (key) + AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, + enc ? AES_ENCRYPTION : AES_DECRYPTION); + if (iv && key == NULL) + AesSetIV(&ctx->cipher.aes, iv); + } + else if (ctx->cipherType == AES_128_CTR_TYPE || (type && + XSTRNCMP(type, "AES128-CTR", 10) == 0)) { + ctx->cipherType = AES_128_CTR_TYPE; + ctx->keyLen = 16; + if (enc == 0 || enc == 1) + ctx->enc = enc ? 1 : 0; + if (key) + AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, + enc ? AES_ENCRYPTION : AES_DECRYPTION); + if (iv && key == NULL) + AesSetIV(&ctx->cipher.aes, iv); + } + else if (ctx->cipherType == AES_192_CTR_TYPE || (type && + XSTRNCMP(type, "AES192-CTR", 10) == 0)) { + ctx->cipherType = AES_192_CTR_TYPE; + ctx->keyLen = 24; + if (enc == 0 || enc == 1) + ctx->enc = enc ? 1 : 0; + if (key) + AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, + enc ? AES_ENCRYPTION : AES_DECRYPTION); + if (iv && key == NULL) + AesSetIV(&ctx->cipher.aes, iv); + } + else if (ctx->cipherType == AES_256_CTR_TYPE || (type && + XSTRNCMP(type, "AES256-CTR", 10) == 0)) { + ctx->cipherType = AES_256_CTR_TYPE; + ctx->keyLen = 32; + if (enc == 0 || enc == 1) + ctx->enc = enc ? 1 : 0; + if (key) + AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, + enc ? AES_ENCRYPTION : AES_DECRYPTION); + if (iv && key == NULL) + AesSetIV(&ctx->cipher.aes, iv); + } + else if (ctx->cipherType == DES_CBC_TYPE || (type && + XSTRNCMP(type, "DES-CBC", 7) == 0)) { + ctx->cipherType = DES_CBC_TYPE; + ctx->keyLen = 8; + if (enc == 0 || enc == 1) + ctx->enc = enc ? 1 : 0; + if (key) + Des_SetKey(&ctx->cipher.des, key, iv, + enc ? DES_ENCRYPTION : DES_DECRYPTION); + if (iv && key == NULL) + Des_SetIV(&ctx->cipher.des, iv); + } + else if (ctx->cipherType == DES_EDE3_CBC_TYPE || (type && + XSTRNCMP(type, "DES-EDE3-CBC", 11) == 0)) { + ctx->cipherType = DES_EDE3_CBC_TYPE; + ctx->keyLen = 24; + if (enc == 0 || enc == 1) + ctx->enc = enc ? 1 : 0; + if (key) + Des3_SetKey(&ctx->cipher.des3, key, iv, + enc ? DES_ENCRYPTION : DES_DECRYPTION); + if (iv && key == NULL) + Des3_SetIV(&ctx->cipher.des3, iv); + } + else if (ctx->cipherType == ARC4_TYPE || (type && + XSTRNCMP(type, "ARC4", 4) == 0)) { + ctx->cipherType = ARC4_TYPE; + if (ctx->keyLen == 0) /* user may have already set */ + ctx->keyLen = 16; /* default to 128 */ + if (key) + Arc4SetKey(&ctx->cipher.arc4, key, ctx->keyLen); + } + else + return 0; /* failure */ + + + return 1; /* success */ + } + + + int CyaSSL_EVP_CIPHER_CTX_key_length(CYASSL_EVP_CIPHER_CTX* ctx) + { + if (ctx) + return ctx->keyLen; + + return 0; /* failure */ + } + + + int CyaSSL_EVP_CIPHER_CTX_set_key_length(CYASSL_EVP_CIPHER_CTX* ctx, + int keylen) + { + if (ctx) + ctx->keyLen = keylen; + else + return 0; /* failure */ + + return 1; /* success */ + } + + + int CyaSSL_EVP_Cipher(CYASSL_EVP_CIPHER_CTX* ctx, byte* dst, byte* src, + word32 len) + { + if (ctx == NULL || dst == NULL || src == NULL) + return 0; /* failure */ + + if (ctx->cipherType == 0xff) + return 0; /* failure */ + + + switch (ctx->cipherType) { + + case AES_128_CBC_TYPE : + case AES_192_CBC_TYPE : + case AES_256_CBC_TYPE : + if (ctx->enc) + AesCbcEncrypt(&ctx->cipher.aes, dst, src, len); + else + AesCbcDecrypt(&ctx->cipher.aes, dst, src, len); + break; + + case DES_CBC_TYPE : + if (ctx->enc) + Des_CbcEncrypt(&ctx->cipher.des, dst, src, len); + else + Des_CbcDecrypt(&ctx->cipher.des, dst, src, len); + break; + + case DES_EDE3_CBC_TYPE : + if (ctx->enc) + Des3_CbcEncrypt(&ctx->cipher.des3, dst, src, len); + else + Des3_CbcDecrypt(&ctx->cipher.des3, dst, src, len); + break; + + case ARC4_TYPE : + Arc4Process(&ctx->cipher.arc4, dst, src, len); + break; + + default: + return 0; /* failure */ + } + + + return 1; /* success */ + } + int CyaSSL_EVP_DigestInit(CYASSL_EVP_MD_CTX* ctx, const CYASSL_EVP_MD* type) { @@ -3466,10 +3910,27 @@ int CyaSSL_set_compression(CYASSL* ssl) ctx->macType = MD5; CyaSSL_MD5_Init((MD5_CTX*)&ctx->hash); } + else if (XSTRNCMP(type, "SHA256", 6) == 0) { + ctx->macType = SHA256; + CyaSSL_SHA256_Init((SHA256_CTX*)&ctx->hash); + } + #ifdef CYASSL_SHA384 + else if (XSTRNCMP(type, "SHA384", 6) == 0) { + ctx->macType = SHA384; + CyaSSL_SHA384_Init((SHA384_CTX*)&ctx->hash); + } + #endif + #ifdef CYASSL_SHA512 + else if (XSTRNCMP(type, "SHA512", 6) == 0) { + ctx->macType = SHA512; + CyaSSL_SHA512_Init((SHA512_CTX*)&ctx->hash); + } + #endif + /* has to be last since would pick or 256, 384, or 512 too */ else if (XSTRNCMP(type, "SHA", 3) == 0) { ctx->macType = SHA; CyaSSL_SHA_Init((SHA_CTX*)&ctx->hash); - } + } else return BAD_FUNC_ARG; @@ -3485,6 +3946,19 @@ int CyaSSL_set_compression(CYASSL* ssl) CyaSSL_MD5_Update((MD5_CTX*)&ctx->hash, data, (unsigned long)sz); else if (ctx->macType == SHA) CyaSSL_SHA_Update((SHA_CTX*)&ctx->hash, data, (unsigned long)sz); + else if (ctx->macType == SHA256) + CyaSSL_SHA256_Update((SHA256_CTX*)&ctx->hash, data, + (unsigned long)sz); + #ifdef CYASSL_SHA384 + else if (ctx->macType == SHA384) + CyaSSL_SHA384_Update((SHA384_CTX*)&ctx->hash, data, + (unsigned long)sz); + #endif + #ifdef CYASSL_SHA512 + else if (ctx->macType == SHA512) + CyaSSL_SHA512_Update((SHA512_CTX*)&ctx->hash, data, + (unsigned long)sz); + #endif else return BAD_FUNC_ARG; @@ -3504,6 +3978,22 @@ int CyaSSL_set_compression(CYASSL* ssl) CyaSSL_SHA_Final(md, (SHA_CTX*)&ctx->hash); if (s) *s = SHA_DIGEST_SIZE; } + else if (ctx->macType == SHA256) { + CyaSSL_SHA256_Final(md, (SHA256_CTX*)&ctx->hash); + if (s) *s = SHA_DIGEST_SIZE; + } + #ifdef CYASSL_SHA384 + else if (ctx->macType == SHA384) { + CyaSSL_SHA384_Final(md, (SHA384_CTX*)&ctx->hash); + if (s) *s = SHA_DIGEST_SIZE; + } + #endif + #ifdef CYASSL_SHA512 + else if (ctx->macType == SHA512) { + CyaSSL_SHA512_Final(md, (SHA512_CTX*)&ctx->hash); + if (s) *s = SHA_DIGEST_SIZE; + } + #endif else return BAD_FUNC_ARG; @@ -3571,6 +4061,17 @@ int CyaSSL_set_compression(CYASSL* ssl) } + void CyaSSL_RAND_add(const void* add, int len, double entropy) + { + (void)add; + (void)len; + (void)entropy; + + /* CyaSSL seeds/adds internally, use explicit RNG if you want + to take control */ + } + + int CyaSSL_DES_key_sched(CYASSL_const_DES_cblock* key, CYASSL_DES_key_schedule* schedule) { @@ -4020,7 +4521,12 @@ int CyaSSL_set_compression(CYASSL* ssl) CYASSL_BIO_METHOD* CyaSSL_BIO_s_mem(void) { - return 0; + static CYASSL_BIO_METHOD meth; + + CYASSL_ENTER("BIO_s_mem"); + meth.type = BIO_MEMORY; + + return &meth; } From 81be167ee2d39480727da2e62376a501ce87cd83 Mon Sep 17 00:00:00 2001 From: toddouska Date: Thu, 26 Apr 2012 16:27:27 -0700 Subject: [PATCH 2/2] init ssh changes --- .gitignore | 2 + ctaocrypt/src/des3.c | 21 ++++- ctaocrypt/test/test.c | 166 +++++++++++++++++++++++++++++++++++++- cyassl/ctaocrypt/arc4.h | 1 + cyassl/ctaocrypt/des3.h | 4 + cyassl/ctaocrypt/hc128.h | 4 + cyassl/ctaocrypt/rabbit.h | 5 ++ cyassl/internal.h | 5 +- cyassl/openssl/bio.h | 21 +++++ cyassl/openssl/bn.h | 87 ++++++++++++++++++++ cyassl/openssl/dh.h | 32 +++++++- cyassl/openssl/dsa.h | 34 +++++++- cyassl/openssl/evp.h | 153 ++++++++++++++++++++++++++++++++--- cyassl/openssl/hmac.h | 22 +++++ cyassl/openssl/include.am | 1 + cyassl/openssl/md5.h | 6 +- cyassl/openssl/pem.h | 39 +++++++++ cyassl/openssl/rsa.h | 40 ++++++++- cyassl/openssl/sha.h | 72 +++++++++++++++++ cyassl/openssl/ssl.h | 14 +++- cyassl/ssl.h | 24 ++++-- 21 files changed, 718 insertions(+), 35 deletions(-) diff --git a/.gitignore b/.gitignore index 51031be9f..782ea9c41 100644 --- a/.gitignore +++ b/.gitignore @@ -22,6 +22,8 @@ depcomp missing libtool tags +.tags* +cyassl.sublime* ctaocrypt/benchmark/benchmark ctaocrypt/test/testctaocrypt examples/client/client diff --git a/ctaocrypt/src/des3.c b/ctaocrypt/src/des3.c index dda848404..77a20b022 100644 --- a/ctaocrypt/src/des3.c +++ b/ctaocrypt/src/des3.c @@ -327,12 +327,25 @@ static INLINE int Reverse(int dir) } +void Des_SetIV(Des* des, const byte* iv) +{ + if (des && iv) + XMEMCPY(des->reg, iv, DES_BLOCK_SIZE); +} + + +void Des3_SetIV(Des3* des, const byte* iv) +{ + if (des && iv) + XMEMCPY(des->reg, iv, DES_BLOCK_SIZE); +} + + void Des_SetKey(Des* des, const byte* key, const byte* iv, int dir) { DesSetKey(key, dir, des->key); - if (iv) /* added ecb support so may not have iv */ - XMEMCPY(des->reg, iv, DES_BLOCK_SIZE); + Des_SetIV(des, iv); } @@ -341,8 +354,8 @@ void Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir) DesSetKey(key + (dir == DES_ENCRYPTION ? 0 : 16), dir, des->key[0]); DesSetKey(key + 8, Reverse(dir), des->key[1]); DesSetKey(key + (dir == DES_DECRYPTION ? 0 : 16), dir, des->key[2]); - - XMEMCPY(des->reg, iv, DES_BLOCK_SIZE); + + Des3_SetIV(des, iv); } diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index d17213906..bed8088ff 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -91,6 +91,7 @@ int md4_test(); int sha_test(); int sha256_test(); int sha512_test(); +int sha384_test(); int hmac_test(); int arc4_test(); int hc128_test(); @@ -166,6 +167,13 @@ void ctaocrypt_test(void* args) printf( "SHA-256 test passed!\n"); #endif +#ifdef CYASSL_SHA384 + if ( (ret = sha384_test()) ) + err_sys("SHA-384 test failed!\n", ret); + else + printf( "SHA-384 test passed!\n"); +#endif + #ifdef CYASSL_SHA512 if ( (ret = sha512_test()) ) err_sys("SHA-512 test failed!\n", ret); @@ -632,6 +640,51 @@ int sha512_test() #endif +#ifdef CYASSL_SHA384 +int sha384_test() +{ + Sha384 sha; + byte hash[SHA384_DIGEST_SIZE]; + + testVector a, b; + testVector test_sha[2]; + int times = sizeof(test_sha) / sizeof(struct testVector), i; + + a.input = "abc"; + a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50" + "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff" + "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34" + "\xc8\x25\xa7"; + a.inLen = strlen(a.input); + a.outLen = strlen(a.output); + + b.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" + "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + b.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b" + "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0" + "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91" + "\x74\x60\x39"; + b.inLen = strlen(b.input); + b.outLen = strlen(b.output); + + test_sha[0] = a; + test_sha[1] = b; + + InitSha384(&sha); + + for (i = 0; i < times; ++i) { + Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); + Sha384Final(&sha, hash); + + if (memcmp(hash, test_sha[i].output, SHA384_DIGEST_SIZE) != 0) + return -10 - i; + } + + return 0; +} +#endif /* CYASSL_SHA384 */ + + #ifndef NO_HMAC int hmac_test() { @@ -1629,8 +1682,8 @@ int dsa_test() int openssl_test() { EVP_MD_CTX md_ctx; - testVector a, b, c; - byte hash[SHA_DIGEST_SIZE]; + testVector a, b, c, d, e, f; + byte hash[SHA_DIGEST_SIZE*4]; /* max size */ a.input = "1234567890123456789012345678901234567890123456789012345678" "9012345678901234567890"; @@ -1665,6 +1718,70 @@ int openssl_test() if (memcmp(hash, b.output, SHA_DIGEST_SIZE) != 0) return -72; + + d.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; + d.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60" + "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB" + "\x06\xC1"; + d.inLen = strlen(d.input); + d.outLen = strlen(d.output); + + EVP_MD_CTX_init(&md_ctx); + EVP_DigestInit(&md_ctx, EVP_sha256()); + + EVP_DigestUpdate(&md_ctx, d.input, d.inLen); + EVP_DigestFinal(&md_ctx, hash, 0); + + if (memcmp(hash, d.output, SHA256_DIGEST_SIZE) != 0) + return -78; + +#ifdef CYASSL_SHA384 + + e.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" + "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + e.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b" + "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0" + "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91" + "\x74\x60\x39"; + e.inLen = strlen(e.input); + e.outLen = strlen(e.output); + + EVP_MD_CTX_init(&md_ctx); + EVP_DigestInit(&md_ctx, EVP_sha384()); + + EVP_DigestUpdate(&md_ctx, e.input, e.inLen); + EVP_DigestFinal(&md_ctx, hash, 0); + + if (memcmp(hash, e.output, SHA384_DIGEST_SIZE) != 0) + return -79; + +#endif /* CYASSL_SHA384 */ + + +#ifdef CYASSL_SHA384 + + f.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" + "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + f.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14" + "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88" + "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4" + "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b" + "\x87\x4b\xe9\x09"; + f.inLen = strlen(f.input); + f.outLen = strlen(f.output); + + EVP_MD_CTX_init(&md_ctx); + EVP_DigestInit(&md_ctx, EVP_sha512()); + + EVP_DigestUpdate(&md_ctx, f.input, f.inLen); + EVP_DigestFinal(&md_ctx, hash, 0); + + if (memcmp(hash, f.output, SHA512_DIGEST_SIZE) != 0) + return -80; + +#endif /* CYASSL_SHA384 */ + + if (RAND_bytes(hash, sizeof(hash)) != 1) return -73; @@ -1728,6 +1845,51 @@ int openssl_test() } /* end des test */ + { /* evp_cipher test */ + EVP_CIPHER_CTX ctx; + + + const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */ + 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, + 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, + 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 + }; + + const byte verify[] = + { + 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, + 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb + }; + + byte key[] = "0123456789abcdef "; /* align */ + byte iv[] = "1234567890abcdef "; /* align */ + + byte cipher[AES_BLOCK_SIZE * 4]; + byte plain [AES_BLOCK_SIZE * 4]; + + EVP_CIPHER_CTX_init(&ctx); + if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 1) == 0) + return -81; + + if (EVP_Cipher(&ctx, cipher, (byte*)msg, 16) == 0) + return -82; + + if (memcmp(cipher, verify, AES_BLOCK_SIZE)) + return -83; + + EVP_CIPHER_CTX_init(&ctx); + if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 0) == 0) + return -84; + + if (EVP_Cipher(&ctx, plain, cipher, 16) == 0) + return -85; + + if (memcmp(plain, msg, AES_BLOCK_SIZE)) + return -86; + + + } /* end evp_cipher test */ + return 0; } diff --git a/cyassl/ctaocrypt/arc4.h b/cyassl/ctaocrypt/arc4.h index 5771a0bd5..b49146675 100644 --- a/cyassl/ctaocrypt/arc4.h +++ b/cyassl/ctaocrypt/arc4.h @@ -33,6 +33,7 @@ enum { + ARC4_ENC_TYPE = 4, /* cipher unique type */ ARC4_STATE_SIZE = 256 }; diff --git a/cyassl/ctaocrypt/des3.h b/cyassl/ctaocrypt/des3.h index 6496bc3fa..adae9a955 100644 --- a/cyassl/ctaocrypt/des3.h +++ b/cyassl/ctaocrypt/des3.h @@ -34,6 +34,8 @@ #endif enum { + DES_ENC_TYPE = 2, /* cipher unique type */ + DES3_ENC_TYPE = 3, /* cipher unique type */ DES_BLOCK_SIZE = 8, DES_KS_SIZE = 32, @@ -59,11 +61,13 @@ typedef struct Des3 { CYASSL_API void Des_SetKey(Des* des, const byte* key, const byte* iv, int dir); +CYASSL_API void Des_SetIV(Des* des, const byte* iv); CYASSL_API void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz); CYASSL_API void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz); CYASSL_API void Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz); CYASSL_API void Des3_SetKey(Des3* des, const byte* key, const byte* iv,int dir); +CYASSL_API void Des3_SetIV(Des3* des, const byte* iv); CYASSL_API void Des3_CbcEncrypt(Des3* des, byte* out, const byte* in,word32 sz); CYASSL_API void Des3_CbcDecrypt(Des3* des, byte* out, const byte* in,word32 sz); diff --git a/cyassl/ctaocrypt/hc128.h b/cyassl/ctaocrypt/hc128.h index 9c7ed5cd6..d3e5f21e8 100644 --- a/cyassl/ctaocrypt/hc128.h +++ b/cyassl/ctaocrypt/hc128.h @@ -32,6 +32,10 @@ #endif +enum { + HC128_ENC_TYPE = 6 /* cipher unique type */ +}; + /* HC-128 stream cipher */ typedef struct HC128 { word32 T[1024]; /* P[i] = T[i]; Q[i] = T[1024 + i ]; */ diff --git a/cyassl/ctaocrypt/rabbit.h b/cyassl/ctaocrypt/rabbit.h index 57aba0ecf..ea1ea9f16 100644 --- a/cyassl/ctaocrypt/rabbit.h +++ b/cyassl/ctaocrypt/rabbit.h @@ -32,6 +32,11 @@ #endif +enum { + RABBIT_ENC_TYPE = 5 /* cipher unique type */ +}; + + /* Rabbit Context */ typedef struct RabbitCtx { word32 x[8]; diff --git a/cyassl/internal.h b/cyassl/internal.h index b13f299bb..d72fee138 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -421,7 +421,8 @@ CYASSL_LOCAL ProtocolVersion MakeTLSv1_2(void); enum BIO_TYPE { BIO_BUFFER = 1, BIO_SOCKET = 2, - BIO_SSL = 3 + BIO_SSL = 3, + BIO_MEMORY = 4 }; @@ -437,6 +438,8 @@ struct CYASSL_BIO { byte close; /* close flag */ byte eof; /* eof flag */ CYASSL* ssl; /* possible associated ssl */ + byte* mem; /* memory buffer */ + int memLen; /* memory buffer length */ int fd; /* possible file descriptor */ CYASSL_BIO* prev; /* previous in chain */ CYASSL_BIO* next; /* next in chain */ diff --git a/cyassl/openssl/bio.h b/cyassl/openssl/bio.h index bbdcc0f2b..aba1935f1 100644 --- a/cyassl/openssl/bio.h +++ b/cyassl/openssl/bio.h @@ -1,2 +1,23 @@ /* bio.h for openssl */ + +#ifndef CYASSL_BIO_H_ +#define CYASSL_BIO_H_ + +#include + + +#ifdef __cplusplus + extern "C" { +#endif + + + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* CYASSL_BIO_H_ */ + diff --git a/cyassl/openssl/bn.h b/cyassl/openssl/bn.h index 39770e990..a5b86643a 100644 --- a/cyassl/openssl/bn.h +++ b/cyassl/openssl/bn.h @@ -1,2 +1,89 @@ /* bn.h for openssl */ + +#ifndef CYASSL_BN_H_ +#define CYASSL_BN_H_ + +#include + +#ifdef __cplusplus + extern "C" { +#endif + +typedef struct CYASSL_BIGNUM { + int neg; /* openssh deference */ +} CYASSL_BIGNUM; + + +typedef struct CYASSL_BN_CTX CYASSL_BN_CTX; + + +CYASSL_API CYASSL_BN_CTX* CyaSSL_BN_CTX_new(void); +CYASSL_API void CyaSSL_BN_CTX_init(CYASSL_BN_CTX*); +CYASSL_API void CyaSSL_BN_CTX_free(CYASSL_BN_CTX*); + +CYASSL_API CYASSL_BIGNUM* CyaSSL_BN_new(void); +CYASSL_API void CyaSSL_BN_free(CYASSL_BIGNUM*); +CYASSL_API void CyaSSL_BN_clear_free(CYASSL_BIGNUM*); + + +CYASSL_API int CyaSSL_BN_sub(CYASSL_BIGNUM*, const CYASSL_BIGNUM*, + const CYASSL_BIGNUM*); +CYASSL_API int CyaSSL_BN_mod(CYASSL_BIGNUM*, const CYASSL_BIGNUM*, + const CYASSL_BIGNUM*, const CYASSL_BN_CTX*); + +CYASSL_API const CYASSL_BIGNUM* CyaSSL_BN_value_one(void); + + +CYASSL_API int CyaSSL_BN_num_bytes(const CYASSL_BIGNUM*); +CYASSL_API int CyaSSL_BN_num_bits(const CYASSL_BIGNUM*); + +CYASSL_API int CyaSSL_BN_is_zero(const CYASSL_BIGNUM*); +CYASSL_API int CyaSSL_BN_is_one(const CYASSL_BIGNUM*); +CYASSL_API int CyaSSL_BN_is_odd(const CYASSL_BIGNUM*); + +CYASSL_API int CyaSSL_BN_cmp(const CYASSL_BIGNUM*, const CYASSL_BIGNUM*); + +CYASSL_API int CyaSSL_BN_bn2bin(const CYASSL_BIGNUM*, unsigned char*); +CYASSL_API CYASSL_BIGNUM* CyaSSL_BN_bin2bn(const unsigned char*, int len, + CYASSL_BIGNUM* ret); + +CYASSL_API int CyaSSL_mask_bits(CYASSL_BIGNUM*, int n); + + +typedef CYASSL_BIGNUM BIGNUM; +typedef CYASSL_BN_CTX BN_CTX; + +#define BN_CTX_new CyaSSL_BN_CTX_new +#define BN_CTX_init CyaSSL_BN_CTX_init +#define BN_CTX_free CyaSSL_BN_CTX_free + +#define BN_new CyaSSL_BN_new +#define BN_free CyaSSL_BN_free +#define BN_clear_free CyaSSL_BN_clear_free + +#define BN_num_bytes CyaSSL_BN_num_bytes +#define BN_num_bits CyaSSL_BN_num_bits + +#define BN_is_zero CyaSSL_BN_is_zero +#define BN_is_one CyaSSL_BN_is_one +#define BN_is_odd CyaSSL_BN_is_odd + +#define BN_cmp CyaSSL_BN_cmp + +#define BN_bn2bin CyaSSL_BN_bn2bin +#define BN_bin2bn CyaSSL_BN_bin2bn + +#define BN_mod CyaSSL_BN_mod +#define BN_sub CyaSSL_BN_sub +#define BN_value_one CyaSSL_BN_value_one + +#define BN_mask_bits CyaSSL_mask_bits + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* CYASSL__H_ */ + diff --git a/cyassl/openssl/dh.h b/cyassl/openssl/dh.h index f3a6a7fcd..5730ef8a0 100644 --- a/cyassl/openssl/dh.h +++ b/cyassl/openssl/dh.h @@ -1,2 +1,32 @@ -/* dh.h for openssl */ +/* dh.h for openSSL */ + +#ifndef CYASSL_DH_H_ +#define CYASSL_DH_H_ + + +#include +#include + + +#ifdef __cplusplus + extern "C" { +#endif + + + + +typedef struct CYASSL_DH { + BIGNUM* p; + BIGNUM* g; +} CYASSL_DH; + + +typedef CYASSL_DH DH; + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* header */ diff --git a/cyassl/openssl/dsa.h b/cyassl/openssl/dsa.h index 756f8ea2c..aa32b9cd9 100644 --- a/cyassl/openssl/dsa.h +++ b/cyassl/openssl/dsa.h @@ -1,2 +1,34 @@ -/* dsa.h for openssl */ +/* dsa.h for openSSL */ + +#ifndef CYASSL_DSA_H_ +#define CYASSL_DSA_H_ + + +#include +#include + + +#ifdef __cplusplus + extern "C" { +#endif + + + +struct CYASSL_DSA { + BIGNUM* p; + BIGNUM* q; + BIGNUM* g; + BIGNUM* pub_key; + BIGNUM* priv_key; +}; + + + + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* header */ diff --git a/cyassl/openssl/evp.h b/cyassl/openssl/evp.h index 29a2d12a9..a7c98a7a8 100644 --- a/cyassl/openssl/evp.h +++ b/cyassl/openssl/evp.h @@ -36,6 +36,13 @@ #include #include +#include +#include +#include + +#include +#include +#include #ifdef __cplusplus @@ -47,20 +54,79 @@ typedef char CYASSL_EVP_CIPHER; CYASSL_API const CYASSL_EVP_MD* CyaSSL_EVP_md5(void); CYASSL_API const CYASSL_EVP_MD* CyaSSL_EVP_sha1(void); +CYASSL_API const CYASSL_EVP_MD* CyaSSL_EVP_sha256(void); +CYASSL_API const CYASSL_EVP_MD* CyaSSL_EVP_sha384(void); +CYASSL_API const CYASSL_EVP_MD* CyaSSL_EVP_sha512(void); +CYASSL_API const CYASSL_EVP_MD* CyaSSL_EVP_ripemd160(void); + +CYASSL_API const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_128_cbc(void); +CYASSL_API const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_192_cbc(void); +CYASSL_API const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_256_cbc(void); +CYASSL_API const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_128_ctr(void); +CYASSL_API const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_192_ctr(void); +CYASSL_API const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_256_ctr(void); +CYASSL_API const CYASSL_EVP_CIPHER* CyaSSL_EVP_des_cbc(void); +CYASSL_API const CYASSL_EVP_CIPHER* CyaSSL_EVP_des_ede3_cbc(void); +CYASSL_API const CYASSL_EVP_CIPHER* CyaSSL_EVP_rc4(void); typedef union { - CYASSL_MD5_CTX md5; - CYASSL_SHA_CTX sha; + CYASSL_MD5_CTX md5; + CYASSL_SHA_CTX sha; + CYASSL_SHA256_CTX sha256; + #ifdef CYASSL_SHA384 + CYASSL_SHA384_CTX sha384; + #endif + #ifdef CYASSL_SHA512 + CYASSL_SHA512_CTX sha512; + #endif + #ifdef CYASSL_RIPEMD + CYASSL_RIPEMD_CTX ripemd; + #endif } CYASSL_Hasher; typedef struct CYASSL_EVP_MD_CTX { - unsigned char macType; /* md5 or sha for now */ CYASSL_Hasher hash; + unsigned char macType; } CYASSL_EVP_MD_CTX; +typedef union { + Aes aes; + Des des; + Des3 des3; + Arc4 arc4; +} CYASSL_Cipher; + + +enum { + AES_128_CBC_TYPE = 1, + AES_192_CBC_TYPE = 2, + AES_256_CBC_TYPE = 3, + AES_128_CTR_TYPE = 4, + AES_192_CTR_TYPE = 5, + AES_256_CTR_TYPE = 6, + DES_CBC_TYPE = 7, + DES_EDE3_CBC_TYPE = 8, + ARC4_TYPE = 9, + EVP_PKEY_RSA = 10, + EVP_PKEY_DSA = 10, + NID_sha1 = 64, + NID_md5 = 4 +}; + + +typedef struct CYASSL_EVP_CIPHER_CTX { + CYASSL_Cipher cipher; + int keyLen; /* user may set for variable */ + unsigned char* iv; /* working iv pointer into cipher */ + unsigned char enc; /* if encrypt side, then true */ + unsigned char cipherType; +} CYASSL_EVP_CIPHER_CTX; + + +CYASSL_API int CyaSSL_EVP_MD_size(const CYASSL_EVP_MD* md); CYASSL_API void CyaSSL_EVP_MD_CTX_init(CYASSL_EVP_MD_CTX* ctx); CYASSL_API int CyaSSL_EVP_MD_CTX_cleanup(CYASSL_EVP_MD_CTX* ctx); @@ -77,21 +143,82 @@ CYASSL_API int CyaSSL_EVP_BytesToKey(const CYASSL_EVP_CIPHER*, const unsigned char*, int, int, unsigned char*, unsigned char*); -typedef CYASSL_EVP_MD EVP_MD; -typedef CYASSL_EVP_CIPHER EVP_CIPHER; -typedef CYASSL_EVP_MD_CTX EVP_MD_CTX; +CYASSL_API void CyaSSL_EVP_CIPHER_CTX_init(CYASSL_EVP_CIPHER_CTX* ctx); +CYASSL_API int CyaSSL_EVP_CIPHER_CTX_cleanup(CYASSL_EVP_CIPHER_CTX* ctx); -#define EVP_md5 CyaSSL_EVP_md5 -#define EVP_sha1 CyaSSL_EVP_sha1 +CYASSL_API int CyaSSL_EVP_CIPHER_CTX_iv_length(const CYASSL_EVP_CIPHER_CTX*); -#define EVP_MD_CTX_init CyaSSL_EVP_MD_CTX_init + +CYASSL_API int CyaSSL_EVP_CipherInit(CYASSL_EVP_CIPHER_CTX* ctx, + const CYASSL_EVP_CIPHER* type, + unsigned char* key, unsigned char* iv, + int enc); +CYASSL_API int CyaSSL_EVP_CIPHER_CTX_key_length(CYASSL_EVP_CIPHER_CTX* ctx); +CYASSL_API int CyaSSL_EVP_CIPHER_CTX_set_key_length(CYASSL_EVP_CIPHER_CTX* ctx, + int keylen); +CYASSL_API int CyaSSL_EVP_Cipher(CYASSL_EVP_CIPHER_CTX* ctx, + unsigned char* dst, unsigned char* src, + unsigned int len); + +CYASSL_API CYASSL_RSA* CyaSSL_EVP_PKEY_get1_RSA(CYASSL_EVP_PKEY*); +CYASSL_API CYASSL_DSA* CyaSSL_EVP_PKEY_get1_DSA(CYASSL_EVP_PKEY*); + +/* these next ones don't need real OpenSSL type, for OpenSSH compat only */ +CYASSL_API void* CyaSSL_EVP_X_STATE(const CYASSL_EVP_CIPHER_CTX* ctx); +CYASSL_API int CyaSSL_EVP_X_STATE_LEN(const CYASSL_EVP_CIPHER_CTX* ctx); + +CYASSL_API int CyaSSL_3des_iv(CYASSL_EVP_CIPHER_CTX* ctx, int doset, + unsigned char* iv, int len); +CYASSL_API int CyaSSL_aes_ctr_iv(CYASSL_EVP_CIPHER_CTX* ctx, int doset, + unsigned char* iv, int len); + +/* end OpenSSH compat */ + +typedef CYASSL_EVP_MD EVP_MD; +typedef CYASSL_EVP_CIPHER EVP_CIPHER; +typedef CYASSL_EVP_MD_CTX EVP_MD_CTX; +typedef CYASSL_EVP_CIPHER_CTX EVP_CIPHER_CTX; + +#define EVP_md5 CyaSSL_EVP_md5 +#define EVP_sha1 CyaSSL_EVP_sha1 +#define EVP_sha256 CyaSSL_EVP_sha256 +#define EVP_sha384 CyaSSL_EVP_sha384 +#define EVP_sha512 CyaSSL_EVP_sha512 +#define EVP_ripemd160 CyaSSL_EVP_ripemd160 + +#define EVP_aes_128_cbc CyaSSL_EVP_aes_128_cbc +#define EVP_aes_192_cbc CyaSSL_EVP_aes_192_cbc +#define EVP_aes_256_cbc CyaSSL_EVP_aes_256_cbc +#define EVP_aes_128_ctr CyaSSL_EVP_aes_128_ctr +#define EVP_aes_192_ctr CyaSSL_EVP_aes_192_ctr +#define EVP_aes_256_ctr CyaSSL_EVP_aes_256_ctr +#define EVP_des_cbc CyaSSL_EVP_des_cbc +#define EVP_des_ede3_cbc CyaSSL_EVP_des_ede3_cbc +#define EVP_rc4 CyaSSL_EVP_rc4 + +#define EVP_MD_size CyaSSL_EVP_MD_size +#define EVP_MD_CTX_init CyaSSL_EVP_MD_CTX_init #define EVP_MD_CTX_cleanup CyaSSL_EVP_MD_CTX_cleanup -#define EVP_DigestInit CyaSSL_EVP_DigestInit -#define EVP_DigestUpdate CyaSSL_EVP_DigestUpdate -#define EVP_DigestFinal CyaSSL_EVP_DigestFinal +#define EVP_DigestInit CyaSSL_EVP_DigestInit +#define EVP_DigestUpdate CyaSSL_EVP_DigestUpdate +#define EVP_DigestFinal CyaSSL_EVP_DigestFinal #define EVP_DigestFinal_ex CyaSSL_EVP_DigestFinal_ex -#define EVP_BytesToKey CyaSSL_EVP_BytesToKey +#define EVP_BytesToKey CyaSSL_EVP_BytesToKey +#define EVP_CIPHER_CTX_init CyaSSL_EVP_CIPHER_CTX_init +#define EVP_CIPHER_CTX_cleanup CyaSSL_EVP_CIPHER_CTX_cleanup +#define EVP_CIPHER_CTX_iv_length CyaSSL_EVP_CIPHER_CTX_iv_length +#define EVP_CIPHER_CTX_key_length CyaSSL_EVP_CIPHER_CTX_key_length +#define EVP_CIPHER_CTX_set_key_length CyaSSL_EVP_CIPHER_CTX_set_key_length +#define EVP_CipherInit CyaSSL_EVP_CipherInit +#define EVP_Cipher CyaSSL_EVP_Cipher + +#define EVP_PKEY_get1_RSA CyaSSL_EVP_PKEY_get1_RSA +#define EVP_PKEY_get1_DSA CyaSSL_EVP_PKEY_get1_DSA + +#ifndef EVP_MAX_MD_SIZE + #define EVP_MAX_MD_SIZE 64 /* sha512 */ +#endif #ifdef __cplusplus } /* extern "C" */ diff --git a/cyassl/openssl/hmac.h b/cyassl/openssl/hmac.h index c582349e3..37cd06ab5 100644 --- a/cyassl/openssl/hmac.h +++ b/cyassl/openssl/hmac.h @@ -47,8 +47,30 @@ CYASSL_API unsigned char* CyaSSL_HMAC(const CYASSL_EVP_MD* evp_md, unsigned int* md_len); +typedef struct CYASSL_HMAC_CTX { + int stuff; +} CYASSL_HMAC_CTX; + + +void CyaSSL_HMAC_Init(CYASSL_HMAC_CTX* ctx, const void* key, int keylen, + const EVP_MD* type); +void CyaSSL_HMAC_Update(CYASSL_HMAC_CTX* ctx, const unsigned char* data, + int len); +void CyaSSL_HMAC_Final(CYASSL_HMAC_CTX* ctx, unsigned char* hash, + unsigned int* len); +void CyaSSL_HMAC_cleanup(CYASSL_HMAC_CTX* ctx); + + +typedef struct CYASSL_HMAC_CTX HMAC_CTX; + #define HMAC(a,b,c,d,e,f,g) CyaSSL_HMAC((a),(b),(c),(d),(e),(f),(g)) +#define HMAC_Init CyaSSL_HMAC_Init +#define HMAC_Update CyaSSL_HMAC_Update +#define HMAC_Final CyaSSL_HMAC_Final +#define HMAC_cleanup CyaSSL_HMAC_cleanup + + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/cyassl/openssl/include.am b/cyassl/openssl/include.am index c2c3a6ee4..e531f767a 100644 --- a/cyassl/openssl/include.am +++ b/cyassl/openssl/include.am @@ -19,6 +19,7 @@ nobase_include_HEADERS+= \ cyassl/openssl/lhash.h \ cyassl/openssl/md4.h \ cyassl/openssl/md5.h \ + cyassl/openssl/ripemd.h \ cyassl/openssl/ocsp.h \ cyassl/openssl/opensslconf.h \ cyassl/openssl/opensslv.h \ diff --git a/cyassl/openssl/md5.h b/cyassl/openssl/md5.h index bc9219c1e..0fddb517e 100644 --- a/cyassl/openssl/md5.h +++ b/cyassl/openssl/md5.h @@ -26,9 +26,9 @@ CYASSL_API void CyaSSL_MD5_Final(unsigned char*, CYASSL_MD5_CTX*); typedef CYASSL_MD5_CTX MD5_CTX; -#define MD5_Init MD5_Init -#define MD5_Update MD5_Update -#define MD5_Final MD5_Final +#define MD5_Init CyaSSL_MD5_Init +#define MD5_Update CyaSSL_MD5_Update +#define MD5_Final CyaSSL_MD5_Final #ifdef __cplusplus } /* extern "C" */ diff --git a/cyassl/openssl/pem.h b/cyassl/openssl/pem.h index fe7cab885..4f02947c3 100644 --- a/cyassl/openssl/pem.h +++ b/cyassl/openssl/pem.h @@ -1,2 +1,41 @@ /* pem.h for openssl */ + +#ifndef CYASSL_PEM_H_ +#define CYASSL_PEM_H_ + +#include +#include +#include +#include + +#ifdef __cplusplus + extern "C" { +#endif + + +int CyaSSL_PEM_write_bio_RSAPrivateKey(CYASSL_BIO* bio, RSA* rsa, + const EVP_CIPHER* cipher, + unsigned char* passwd, int len, + pem_password_cb cb, void* arg); + +int CyaSSL_PEM_write_bio_DSAPrivateKey(CYASSL_BIO* bio, DSA* rsa, + const EVP_CIPHER* cipher, + unsigned char* passwd, int len, + pem_password_cb cb, void* arg); + +CYASSL_EVP_PKEY* CyaSSL_PEM_read_bio_PrivateKey(CYASSL_BIO* bio, + CYASSL_EVP_PKEY**, pem_password_cb cb, void* arg); + +#define PEM_write_bio_RSAPrivateKey CyaSSL_PEM_write_bio_RSAPrivateKey +#define PEM_write_bio_DSAPrivateKey CyaSSL_PEM_write_bio_DSAPrivateKey +#define PEM_read_bio_PrivateKey CyaSSL_PEM_read_bio_PrivateKey + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* CYASSL_PEM_H_ */ + diff --git a/cyassl/openssl/rsa.h b/cyassl/openssl/rsa.h index 55038c13d..94b0d5209 100644 --- a/cyassl/openssl/rsa.h +++ b/cyassl/openssl/rsa.h @@ -4,7 +4,45 @@ #ifndef CYASSL_RSA_H_ #define CYASSL_RSA_H_ -enum { RSA_F4 = 1 }; +#include +#include +#ifdef __cplusplus + extern "C" { +#endif + + +enum { + RSA_PKCS1_PADDING = 1 + }; + +struct CYASSL_RSA { + BIGNUM* n; + BIGNUM* e; + BIGNUM* d; + BIGNUM* p; + BIGNUM* q; + BIGNUM* dmp1; + BIGNUM* dmq1; + BIGNUM* iqmp; +}; + + +CYASSL_API int CyaSSL_RSA_blinding_on(CYASSL_RSA*, CYASSL_BN_CTX*); +CYASSL_API int CyaSSL_RSA_public_encrypt(int len, unsigned char* fr, + unsigned char* to, CYASSL_RSA*, int padding); +CYASSL_API int CyaSSL_RSA_private_decrypt(int len, unsigned char* fr, + unsigned char* to, CYASSL_RSA*, int padding); + + +#define RSA_blinding_on CyaSSL_RSA_blinding_on +#define RSA_public_encrypt CyaSSL_RSA_public_encrypt +#define RSA_private_decrypt CyaSSL_RSA_private_decrypt + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + #endif /* header */ diff --git a/cyassl/openssl/sha.h b/cyassl/openssl/sha.h index 4cf2112b8..0b37a9bbf 100644 --- a/cyassl/openssl/sha.h +++ b/cyassl/openssl/sha.h @@ -44,6 +44,78 @@ typedef CYASSL_SHA_CTX SHA_CTX; #define SHA1_Final CyaSSL_SHA1_Final +typedef struct CYASSL_SHA256_CTX { + int holder[28]; /* big enough to hold ctaocrypt sha, but check on init */ +} CYASSL_SHA256_CTX; + +CYASSL_API void CyaSSL_SHA256_Init(CYASSL_SHA256_CTX*); +CYASSL_API void CyaSSL_SHA256_Update(CYASSL_SHA256_CTX*, const void*, + unsigned long); +CYASSL_API void CyaSSL_SHA256_Final(unsigned char*, CYASSL_SHA256_CTX*); + +enum { + SHA256_DIGEST_LENGTH = 20 +}; + + +typedef CYASSL_SHA256_CTX SHA256_CTX; + +#define SHA256_Init CyaSSL_SHA256_Init +#define SHA256_Update CyaSSL_SHA256_Update +#define SHA256_Final CyaSSL_SHA256_Final + + +#ifdef CYASSL_SHA384 + +typedef struct CYASSL_SHA384_CTX { + long long holder[32]; /* big enough, but check on init */ +} CYASSL_SHA384_CTX; + +CYASSL_API void CyaSSL_SHA384_Init(CYASSL_SHA384_CTX*); +CYASSL_API void CyaSSL_SHA384_Update(CYASSL_SHA384_CTX*, const void*, + unsigned long); +CYASSL_API void CyaSSL_SHA384_Final(unsigned char*, CYASSL_SHA384_CTX*); + +enum { + SHA384_DIGEST_LENGTH = 48 +}; + + +typedef CYASSL_SHA384_CTX SHA384_CTX; + +#define SHA384_Init CyaSSL_SHA384_Init +#define SHA384_Update CyaSSL_SHA384_Update +#define SHA384_Final CyaSSL_SHA384_Final + +#endif /* CYASSL_SHA384 */ + +#ifdef CYASSL_SHA512 + +typedef struct CYASSL_SHA512_CTX { + long long holder[36]; /* big enough, but check on init */ +} CYASSL_SHA512_CTX; + +CYASSL_API void CyaSSL_SHA512_Init(CYASSL_SHA512_CTX*); +CYASSL_API void CyaSSL_SHA512_Update(CYASSL_SHA512_CTX*, const void*, + unsigned long); +CYASSL_API void CyaSSL_SHA512_Final(unsigned char*, CYASSL_SHA512_CTX*); + +enum { + SHA512_DIGEST_LENGTH = 64 +}; + + +typedef CYASSL_SHA512_CTX SHA512_CTX; + +#define SHA512_Init CyaSSL_SHA512_Init +#define SHA512_Update CyaSSL_SHA512_Update +#define SHA512_Final CyaSSL_SHA512_Final + +#endif /* CYASSL_SHA512 */ + + + + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/cyassl/openssl/ssl.h b/cyassl/openssl/ssl.h index 0556310aa..22dac6700 100644 --- a/cyassl/openssl/ssl.h +++ b/cyassl/openssl/ssl.h @@ -51,6 +51,7 @@ typedef CYASSL_X509_CHAIN X509_CHAIN; typedef CYASSL_EVP_PKEY EVP_PKEY; typedef CYASSL_RSA RSA; +typedef CYASSL_DSA DSA; typedef CYASSL_BIO BIO; typedef CYASSL_BIO_METHOD BIO_METHOD; typedef CYASSL_CIPHER SSL_CIPHER; @@ -178,6 +179,9 @@ typedef CYASSL_X509_STORE_CTX X509_STORE_CTX; #define BIO_flush CyaSSL_BIO_flush #define BIO_pending CyaSSL_BIO_pending +#define BIO_get_mem_data CyaSSL_BIO_get_mem_data +#define BIO_new_mem_buf CyaSSL_BIO_new_mem_buf + #define BIO_f_buffer CyaSSL_BIO_f_buffer #define BIO_set_write_buffer_size CyaSSL_BIO_set_write_buffer_size #define BIO_f_ssl CyaSSL_BIO_f_ssl @@ -199,6 +203,8 @@ typedef CYASSL_X509_STORE_CTX X509_STORE_CTX; #define RAND_write_file CyaSSL_RAND_write_file #define RAND_load_file CyaSSL_RAND_load_file #define RAND_egd CyaSSL_RAND_egd +#define RAND_seed CyaSSL_RAND_seed +#define RAND_add CyaSSL_RAND_add #define COMP_zlib CyaSSL_COMP_zlib #define COMP_rle CyaSSL_COMP_rle @@ -238,10 +244,10 @@ typedef CYASSL_X509_STORE_CTX X509_STORE_CTX; #define X509_get_pubkey CyaSSL_X509_get_pubkey #define X509_CRL_verify CyaSSL_X509_CRL_verify -#define X509_STORE_CTX_set_error CyaSSL_X509_OBJECT_free_contents -#define X509_OBJECT_free_contents CyaSSL_EVP_PKEY_free -#define EVP_PKEY_free CyaSSL_X509_cmp_current_time -#define X509_cmp_current_time CyaSSL_sk_X509_REVOKED_num +#define X509_STORE_CTX_set_error CyaSSL_X509_STORE_CTX_set_error +#define X509_OBJECT_free_contents CyaSSL_X509_OBJECT_free_contents +#define EVP_PKEY_free CyaSSL_EVP_PKEY_free +#define X509_cmp_current_time CyaSSL_X509_cmp_current_time #define sk_X509_REVOKED_num CyaSSL_sk_X509_REVOKED_num #define X509_CRL_get_REVOKED CyaSSL_X509_CRL_get_REVOKED #define sk_X509_REVOKED_value CyaSSL_sk_X509_REVOKED_value diff --git a/cyassl/ssl.h b/cyassl/ssl.h index ca6d1051a..85af1ac1a 100644 --- a/cyassl/ssl.h +++ b/cyassl/ssl.h @@ -30,6 +30,7 @@ #include #include + #ifndef NO_FILESYSTEM #include /* ERR_printf */ #endif @@ -69,14 +70,14 @@ typedef struct CYASSL_X509_CHAIN CYASSL_X509_CHAIN; #define CYASSL_TYPES_DEFINED -typedef struct CYASSL_EVP_PKEY CYASSL_EVP_PKEY; typedef struct CYASSL_RSA CYASSL_RSA; -typedef struct CYASSL_BIO CYASSL_BIO; -typedef struct CYASSL_BIO_METHOD CYASSL_BIO_METHOD; +typedef struct CYASSL_DSA CYASSL_DSA; typedef struct CYASSL_CIPHER CYASSL_CIPHER; typedef struct CYASSL_X509_LOOKUP CYASSL_X509_LOOKUP; typedef struct CYASSL_X509_LOOKUP_METHOD CYASSL_X509_LOOKUP_METHOD; typedef struct CYASSL_X509_CRL CYASSL_X509_CRL; +typedef struct CYASSL_BIO CYASSL_BIO; +typedef struct CYASSL_BIO_METHOD CYASSL_BIO_METHOD; typedef struct CYASSL_X509_EXTENSION CYASSL_X509_EXTENSION; typedef struct CYASSL_ASN1_TIME CYASSL_ASN1_TIME; typedef struct CYASSL_ASN1_INTEGER CYASSL_ASN1_INTEGER; @@ -86,6 +87,11 @@ typedef struct CYASSL_dynlock_value CYASSL_dynlock_value; #define CYASSL_ASN1_UTCTIME CYASSL_ASN1_TIME +typedef struct CYASSL_EVP_PKEY { + int type; /* openssh dereference */ + int save_type; /* openssh dereference */ +} CYASSL_EVP_PKEY; + typedef struct CYASSL_MD4_CTX { int buffer[32]; /* big enough to hold, check size in Init */ } CYASSL_MD4_CTX; @@ -252,6 +258,7 @@ CYASSL_API void CyaSSL_MD4_Init(CYASSL_MD4_CTX*); CYASSL_API void CyaSSL_MD4_Update(CYASSL_MD4_CTX*, const void*, unsigned long); CYASSL_API void CyaSSL_MD4_Final(unsigned char*, CYASSL_MD4_CTX*); + CYASSL_API CYASSL_BIO* CyaSSL_BIO_new(CYASSL_BIO_METHOD*); CYASSL_API int CyaSSL_BIO_free(CYASSL_BIO*); CYASSL_API int CyaSSL_BIO_free_all(CYASSL_BIO*); @@ -266,14 +273,19 @@ CYASSL_API CYASSL_BIO_METHOD* CyaSSL_BIO_f_buffer(void); CYASSL_API long CyaSSL_BIO_set_write_buffer_size(CYASSL_BIO*, long size); CYASSL_API CYASSL_BIO_METHOD* CyaSSL_BIO_f_ssl(void); CYASSL_API CYASSL_BIO* CyaSSL_BIO_new_socket(int sfd, int flag); -CYASSL_API void CyaSSL_set_bio(CYASSL*, CYASSL_BIO* rd, CYASSL_BIO* wr); CYASSL_API int CyaSSL_BIO_eof(CYASSL_BIO*); -CYASSL_API long CyaSSL_BIO_set_ssl(CYASSL_BIO*, CYASSL*, int flag); CYASSL_API CYASSL_BIO_METHOD* CyaSSL_BIO_s_mem(void); CYASSL_API CYASSL_BIO_METHOD* CyaSSL_BIO_f_base64(void); CYASSL_API void CyaSSL_BIO_set_flags(CYASSL_BIO*, int); +CYASSL_API int CyaSSL_BIO_get_mem_data(CYASSL_BIO* bio,const unsigned char** p); +CYASSL_API CYASSL_BIO* CyaSSL_BIO_new_mem_buf(void* buf, int len); + + +CYASSL_API long CyaSSL_BIO_set_ssl(CYASSL_BIO*, CYASSL*, int flag); +CYASSL_API void CyaSSL_set_bio(CYASSL*, CYASSL_BIO* rd, CYASSL_BIO* wr); + CYASSL_API int CyaSSL_add_all_algorithms(void); CYASSL_API void CyaSSL_RAND_screen(void); @@ -281,6 +293,8 @@ CYASSL_API const char* CyaSSL_RAND_file_name(char*, unsigned long); CYASSL_API int CyaSSL_RAND_write_file(const char*); CYASSL_API int CyaSSL_RAND_load_file(const char*, long); CYASSL_API int CyaSSL_RAND_egd(const char*); +CYASSL_API int CyaSSL_RAND_seed(const void*, int); +CYASSL_API void CyaSSL_RAND_add(const void*, int, double); CYASSL_API CYASSL_COMP_METHOD* CyaSSL_COMP_zlib(void); CYASSL_API CYASSL_COMP_METHOD* CyaSSL_COMP_rle(void);