1berry/MariaDB-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

merge

Browse Source
This commit is contained in:
Sergei Golubchik 2012-04-05 23:07:18 +02:00
commit a3073ecd96
269 changed files with 6901 additions and 5644 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

458
client/mysqldump.c
View File

@ -1,5 +1,5 @@
/* /*
Copyright (c) 2000, 2011, Oracle and/or its affiliates. Copyright (c) 2000, 2012, Oracle and/or its affiliates.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -74,6 +74,9 @@
/* Size of buffer for dump's select query */ /* Size of buffer for dump's select query */
#define QUERY_LENGTH 1536 #define QUERY_LENGTH 1536
/* Size of comment buffer. */
#define COMMENT_LENGTH 2048
/* ignore table flags */ /* ignore table flags */
#define IGNORE_NONE 0x00 /* no ignore */ #define IGNORE_NONE 0x00 /* no ignore */
#define IGNORE_DATA 0x01 /* don't dump data for this table */ #define IGNORE_DATA 0x01 /* don't dump data for this table */
@ -103,7 +106,7 @@ static my_bool verbose= 0, opt_no_create_info= 0, opt_no_data= 0,
opt_complete_insert= 0, opt_drop_database= 0, opt_complete_insert= 0, opt_drop_database= 0,
opt_replace_into= 0, opt_replace_into= 0,
opt_dump_triggers= 0, opt_routines=0, opt_tz_utc=1, opt_dump_triggers= 0, opt_routines=0, opt_tz_utc=1,
opt_events= 0, opt_events= 0, opt_comments_used= 0,
opt_alltspcs=0, opt_notspcs= 0; opt_alltspcs=0, opt_notspcs= 0;
static my_bool insert_pat_inited= 0, debug_info_flag= 0, debug_check_flag= 0; static my_bool insert_pat_inited= 0, debug_info_flag= 0, debug_check_flag= 0;
static ulong opt_max_allowed_packet, opt_net_buffer_length; static ulong opt_max_allowed_packet, opt_net_buffer_length;
@ -511,6 +514,8 @@ static int dump_all_tablespaces();
static int dump_tablespaces_for_tables(char *db, char **table_names, int tables); static int dump_tablespaces_for_tables(char *db, char **table_names, int tables);
static int dump_tablespaces_for_databases(char** databases); static int dump_tablespaces_for_databases(char** databases);
static int dump_tablespaces(char* ts_where); static int dump_tablespaces(char* ts_where);
static void print_comment(FILE *sql_file, my_bool is_error, const char *format,
...);
#include <help_start.h> #include <help_start.h>
@ -609,19 +614,19 @@ static void write_header(FILE *sql_file, char *db_name)
} }
else if (!opt_compact) else if (!opt_compact)
{ {
if (opt_comments) print_comment(sql_file, 0,
{ "-- MySQL dump %s Distrib %s, for %s (%s)\n--\n",
fprintf(sql_file, DUMP_VERSION, MYSQL_SERVER_VERSION, SYSTEM_TYPE,
"-- MySQL dump %s Distrib %s, for %s (%s)\n--\n", MACHINE_TYPE);
DUMP_VERSION, MYSQL_SERVER_VERSION, SYSTEM_TYPE, MACHINE_TYPE); print_comment(sql_file, 0, "-- Host: %s Database: %s\n",
fprintf(sql_file, "-- Host: %s Database: %s\n", current_host ? current_host : "localhost",
current_host ? current_host : "localhost", db_name ? db_name : db_name ? db_name : "");
""); print_comment(sql_file, 0,
fputs("-- ------------------------------------------------------\n", "-- ------------------------------------------------------\n"
sql_file); );
fprintf(sql_file, "-- Server version\t%s\n", print_comment(sql_file, 0, "-- Server version\t%s\n",
mysql_get_server_info(&mysql_connection)); mysql_get_server_info(&mysql_connection));
}
if (opt_set_charset) if (opt_set_charset)
fprintf(sql_file, fprintf(sql_file,
"\n/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;" "\n/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;"
@ -688,18 +693,16 @@ static void write_footer(FILE *sql_file)
fprintf(sql_file, fprintf(sql_file,
"/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;\n"); "/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;\n");
fputs("\n", sql_file); fputs("\n", sql_file);
if (opt_comments)
if (opt_dump_date)
{ {
if (opt_dump_date) char time_str[20];
{ get_date(time_str, GETDATE_DATE_TIME, 0);
char time_str[20]; print_comment(sql_file, 0, "-- Dump completed on %s\n", time_str);
get_date(time_str, GETDATE_DATE_TIME, 0);
fprintf(sql_file, "-- Dump completed on %s\n",
time_str);
}
else
fprintf(sql_file, "-- Dump completed\n");
} }
else
print_comment(sql_file, 0, "-- Dump completed\n");
check_io(sql_file); check_io(sql_file);
} }
} /* write_footer */ } /* write_footer */
@ -784,6 +787,9 @@ get_one_option(int optid, const struct my_option *opt __attribute__((unused)),
extended_insert= opt_drop= opt_lock= extended_insert= opt_drop= opt_lock=
opt_disable_keys= opt_autocommit= opt_create_db= 0; opt_disable_keys= opt_autocommit= opt_create_db= 0;
break; break;
case 'i':
opt_comments_used= 1;
break;
case 'I': case 'I':
case '?': case '?':
usage(); usage();
@ -810,11 +816,12 @@ get_one_option(int optid, const struct my_option *opt __attribute__((unused)),
opt_disable_keys= lock_tables= opt_set_charset= 0; opt_disable_keys= lock_tables= opt_set_charset= 0;
break; break;
case (int) OPT_COMPACT: case (int) OPT_COMPACT:
if (opt_compact) if (opt_compact)
{ {
opt_comments= opt_drop= opt_disable_keys= opt_lock= 0; opt_comments= opt_drop= opt_disable_keys= opt_lock= 0;
opt_set_charset= 0; opt_set_charset= 0;
} }
break;
case (int) OPT_TABLES: case (int) OPT_TABLES:
opt_databases=0; opt_databases=0;
break; break;
@ -1711,20 +1718,20 @@ static char *quote_for_like(const char *name, char *buff)
} }
/* /**
Quote and print a string. Quote and print a string.
SYNOPSIS @param xml_file - Output file.
print_quoted_xml() @param str - String to print.
xml_file - output file @param len - Its length.
str - string to print @param is_attribute_name - A check for attribute name or value.
len - its length
DESCRIPTION @description
Quote '<' '>' '&' '\"' chars and print a string to the xml_file. Quote '<' '>' '&' '\"' chars and print a string to the xml_file.
*/ */
static void print_quoted_xml(FILE *xml_file, const char *str, ulong len) static void print_quoted_xml(FILE *xml_file, const char *str, ulong len,
my_bool is_attribute_name)
{ {
const char *end; const char *end;
@ -1743,6 +1750,14 @@ static void print_quoted_xml(FILE *xml_file, const char *str, ulong len)
case '\"': case '\"':
fputs("&quot;", xml_file); fputs("&quot;", xml_file);
break; break;
case ' ':
/* Attribute names cannot contain spaces. */
if (is_attribute_name)
{
fputs("_", xml_file);
break;
}
/* fall through */
default: default:
fputc(*str, xml_file); fputc(*str, xml_file);
break; break;
@ -1803,7 +1818,7 @@ static void print_xml_tag(FILE * xml_file, const char* sbeg,
fputs(attribute_name, xml_file); fputs(attribute_name, xml_file);
fputc('\"', xml_file); fputc('\"', xml_file);
print_quoted_xml(xml_file, attribute_value, strlen(attribute_value)); print_quoted_xml(xml_file, attribute_value, strlen(attribute_value), 0);
fputc('\"', xml_file); fputc('\"', xml_file);
attribute_name= va_arg(arg_list, char *); attribute_name= va_arg(arg_list, char *);
@ -1843,13 +1858,52 @@ static void print_xml_null_tag(FILE * xml_file, const char* sbeg,
fputs("<", xml_file); fputs("<", xml_file);
fputs(stag_atr, xml_file); fputs(stag_atr, xml_file);
fputs("\"", xml_file); fputs("\"", xml_file);
print_quoted_xml(xml_file, sval, strlen(sval)); print_quoted_xml(xml_file, sval, strlen(sval), 0);
fputs("\" xsi:nil=\"true\" />", xml_file); fputs("\" xsi:nil=\"true\" />", xml_file);
fputs(line_end, xml_file); fputs(line_end, xml_file);
check_io(xml_file); check_io(xml_file);
} }
/**
Print xml CDATA section.
@param xml_file - output file
@param str - string to print
@param len - length of the string
@note
This function also takes care of the presence of '[[>'
string in the str. If found, the CDATA section is broken
into two CDATA sections, <![CDATA[]]]]> and <![CDATA[>]].
*/
static void print_xml_cdata(FILE *xml_file, const char *str, ulong len)
{
const char *end;
fputs("<![CDATA[\n", xml_file);
for (end= str + len; str != end; str++)
{
switch(*str) {
case ']':
if ((*(str + 1) == ']') && (*(str + 2) =='>'))
{
fputs("]]]]><![CDATA[>", xml_file);
str += 2;
continue;
}
/* fall through */
default:
fputc(*str, xml_file);
break;
}
}
fputs("\n]]>\n", xml_file);
check_io(xml_file);
}
/* /*
Print xml tag with many attributes. Print xml tag with many attributes.
@ -1859,6 +1913,7 @@ static void print_xml_null_tag(FILE * xml_file, const char* sbeg,
row_name - xml tag name row_name - xml tag name
tableRes - query result tableRes - query result
row - result row row - result row
str_create - create statement header string
DESCRIPTION DESCRIPTION
Print tag with many attribute to the xml_file. Format is: Print tag with many attribute to the xml_file. Format is:
@ -1868,9 +1923,13 @@ static void print_xml_null_tag(FILE * xml_file, const char* sbeg,
*/ */
static void print_xml_row(FILE *xml_file, const char *row_name, static void print_xml_row(FILE *xml_file, const char *row_name,
MYSQL_RES *tableRes, MYSQL_ROW *row) MYSQL_RES *tableRes, MYSQL_ROW *row,
const char *str_create)
{ {
uint i; uint i;
my_bool body_found= 0;
char *create_stmt_ptr= NULL;
ulong create_stmt_len= 0;
MYSQL_FIELD *field; MYSQL_FIELD *field;
ulong *lengths= mysql_fetch_lengths(tableRes); ulong *lengths= mysql_fetch_lengths(tableRes);
@ -1881,19 +1940,109 @@ static void print_xml_row(FILE *xml_file, const char *row_name,
{ {
if ((*row)[i]) if ((*row)[i])
{ {
fputc(' ', xml_file); /* For 'create' statements, dump using CDATA. */
print_quoted_xml(xml_file, field->name, field->name_length); if ((str_create) && (strcmp(str_create, field->name) == 0))
fputs("=\"", xml_file); {
print_quoted_xml(xml_file, (*row)[i], lengths[i]); create_stmt_ptr= (*row)[i];
fputc('"', xml_file); create_stmt_len= lengths[i];
check_io(xml_file); body_found= 1;
}
else
{
fputc(' ', xml_file);
print_quoted_xml(xml_file, field->name, field->name_length, 1);
fputs("=\"", xml_file);
print_quoted_xml(xml_file, (*row)[i], lengths[i], 0);
fputc('"', xml_file);
check_io(xml_file);
}
} }
} }
fputs(" />\n", xml_file);
if (create_stmt_len)
{
DBUG_ASSERT(body_found);
fputs(">\n", xml_file);
print_xml_cdata(xml_file, create_stmt_ptr, create_stmt_len);
fprintf(xml_file, "\t\t</%s>\n", row_name);
}
else
fputs(" />\n", xml_file);
check_io(xml_file); check_io(xml_file);
} }
/**
Print xml comments.
@param xml_file - output file
@param len - length of comment message
@param comment_string - comment message
@description
Print the comment message in the format:
"<!-- \n comment string \n -->\n"
@note
Any occurrence of continuous hyphens will be
squeezed to a single hyphen.
*/
static void print_xml_comment(FILE *xml_file, ulong len,
const char *comment_string)
{
const char* end;
fputs("<!-- ", xml_file);
for (end= comment_string + len; comment_string != end; comment_string++)
{
/*
The string "--" (double-hyphen) MUST NOT occur within xml comments.
*/
switch (*comment_string) {
case '-':
if (*(comment_string + 1) == '-') /* Only one hyphen allowed. */
break;
default:
fputc(*comment_string, xml_file);
break;
}
}
fputs(" -->\n", xml_file);
check_io(xml_file);
}
/* A common printing function for xml and non-xml modes. */
static void print_comment(FILE *sql_file, my_bool is_error, const char *format,
...)
{
static char comment_buff[COMMENT_LENGTH];
va_list args;
/* If its an error message, print it ignoring opt_comments. */
if (!is_error && !opt_comments)
return;
va_start(args, format);
my_vsnprintf(comment_buff, COMMENT_LENGTH, format, args);
va_end(args);
if (!opt_xml)
{
fputs(comment_buff, sql_file);
check_io(sql_file);
return;
}
print_xml_comment(sql_file, strlen(comment_buff), comment_buff);
}
/* /*
create_delimiter create_delimiter
Generate a new (null-terminated) string that does not exist in query Generate a new (null-terminated) string that does not exist in query
@ -1960,8 +2109,8 @@ static uint dump_events_for_db(char *db)
mysql_real_escape_string(mysql, db_name_buff, db, strlen(db)); mysql_real_escape_string(mysql, db_name_buff, db, strlen(db));
/* nice comments */ /* nice comments */
if (opt_comments) print_comment(sql_file, 0,
fprintf(sql_file, "\n--\n-- Dumping events for database '%s'\n--\n", db); "\n--\n-- Dumping events for database '%s'\n--\n", db);
/* /*
not using "mysql_query_with_error_report" because we may have not not using "mysql_query_with_error_report" because we may have not
@ -1976,12 +2125,17 @@ static uint dump_events_for_db(char *db)
strcpy(delimiter, ";"); strcpy(delimiter, ";");
if (mysql_num_rows(event_list_res) > 0) if (mysql_num_rows(event_list_res) > 0)
{ {
fprintf(sql_file, "/*!50106 SET @save_time_zone= @@TIME_ZONE */ ;\n"); if (opt_xml)
fputs("\t<events>\n", sql_file);
else
{
fprintf(sql_file, "/*!50106 SET @save_time_zone= @@TIME_ZONE */ ;\n");
/* Get database collation. */ /* Get database collation. */
if (fetch_db_collation(db_name_buff, db_cl_name, sizeof (db_cl_name))) if (fetch_db_collation(db_name_buff, db_cl_name, sizeof (db_cl_name)))
DBUG_RETURN(1); DBUG_RETURN(1);
}
if (switch_character_set_results(mysql, "binary")) if (switch_character_set_results(mysql, "binary"))
DBUG_RETURN(1); DBUG_RETURN(1);
@ -1998,6 +2152,13 @@ static uint dump_events_for_db(char *db)
while ((row= mysql_fetch_row(event_res)) != NULL) while ((row= mysql_fetch_row(event_res)) != NULL)
{ {
if (opt_xml)
{
print_xml_row(sql_file, "event", event_res, &row,
"Create Event");
continue;
}
/* /*
if the user has EXECUTE privilege he can see event names, but not the if the user has EXECUTE privilege he can see event names, but not the
event body! event body!
@ -2076,8 +2237,16 @@ static uint dump_events_for_db(char *db)
mysql_free_result(event_res); mysql_free_result(event_res);
} /* end of list of events */ } /* end of list of events */
fprintf(sql_file, "DELIMITER ;\n"); if (opt_xml)
fprintf(sql_file, "/*!50106 SET TIME_ZONE= @save_time_zone */ ;\n"); {
fputs("\t</events>\n", sql_file);
check_io(sql_file);
}
else
{
fprintf(sql_file, "DELIMITER ;\n");
fprintf(sql_file, "/*!50106 SET TIME_ZONE= @save_time_zone */ ;\n");
}
if (switch_character_set_results(mysql, default_charset)) if (switch_character_set_results(mysql, default_charset))
DBUG_RETURN(1); DBUG_RETURN(1);
@ -2131,6 +2300,7 @@ static uint dump_routines_for_db(char *db)
const char *routine_type[]= {"FUNCTION", "PROCEDURE"}; const char *routine_type[]= {"FUNCTION", "PROCEDURE"};
char db_name_buff[NAME_LEN*2+3], name_buff[NAME_LEN*2+3]; char db_name_buff[NAME_LEN*2+3], name_buff[NAME_LEN*2+3];
char *routine_name; char *routine_name;
char *query_str;
int i; int i;
FILE *sql_file= md_result_file; FILE *sql_file= md_result_file;
MYSQL_RES *routine_res, *routine_list_res; MYSQL_RES *routine_res, *routine_list_res;
@ -2145,8 +2315,8 @@ static uint dump_routines_for_db(char *db)
mysql_real_escape_string(mysql, db_name_buff, db, strlen(db)); mysql_real_escape_string(mysql, db_name_buff, db, strlen(db));
/* nice comments */ /* nice comments */
if (opt_comments) print_comment(sql_file, 0,
fprintf(sql_file, "\n--\n-- Dumping routines for database '%s'\n--\n", db); "\n--\n-- Dumping routines for database '%s'\n--\n", db);
/* /*
not using "mysql_query_with_error_report" because we may have not not using "mysql_query_with_error_report" because we may have not
@ -2163,6 +2333,9 @@ static uint dump_routines_for_db(char *db)
if (switch_character_set_results(mysql, "binary")) if (switch_character_set_results(mysql, "binary"))
DBUG_RETURN(1); DBUG_RETURN(1);
if (opt_xml)
fputs("\t<routines>\n", sql_file);
/* 0, retrieve and dump functions, 1, procedures */ /* 0, retrieve and dump functions, 1, procedures */
for (i= 0; i <= 1; i++) for (i= 0; i <= 1; i++)
{ {
@ -2198,13 +2371,25 @@ static uint dump_routines_for_db(char *db)
row[2] ? (int) strlen(row[2]) : 0)); row[2] ? (int) strlen(row[2]) : 0));
if (row[2] == NULL) if (row[2] == NULL)
{ {
fprintf(sql_file, "\n-- insufficient privileges to %s\n", query_buff); print_comment(sql_file, 1, "\n-- insufficient privileges to %s\n",
fprintf(sql_file, "-- does %s have permissions on mysql.proc?\n\n", current_user); query_buff);
print_comment(sql_file, 1,
"-- does %s have permissions on mysql.proc?\n\n",
current_user);
maybe_die(EX_MYSQLERR,"%s has insufficent privileges to %s!", current_user, query_buff); maybe_die(EX_MYSQLERR,"%s has insufficent privileges to %s!", current_user, query_buff);
} }
else if (strlen(row[2])) else if (strlen(row[2]))
{ {
char *query_str; if (opt_xml)
{
if (i) /* Procedures. */
print_xml_row(sql_file, "routine", routine_res, &row,
"Create Procedure");
else /* Functions. */
print_xml_row(sql_file, "routine", routine_res, &row,
"Create Function");
continue;
}
if (opt_drop) if (opt_drop)
fprintf(sql_file, "/*!50003 DROP %s IF EXISTS %s */;\n", fprintf(sql_file, "/*!50003 DROP %s IF EXISTS %s */;\n",
routine_type[i], routine_name); routine_type[i], routine_name);
@ -2275,6 +2460,12 @@ static uint dump_routines_for_db(char *db)
mysql_free_result(routine_list_res); mysql_free_result(routine_list_res);
} /* end of for i (0 .. 1) */ } /* end of for i (0 .. 1) */
if (opt_xml)
{
fputs("\t</routines>\n", sql_file);
check_io(sql_file);
}
if (switch_character_set_results(mysql, default_charset)) if (switch_character_set_results(mysql, default_charset))
DBUG_RETURN(1); DBUG_RETURN(1);
@ -2387,16 +2578,16 @@ static uint get_table_structure(char *table, char *db, char *table_type,
write_header(sql_file, db); write_header(sql_file, db);
} }
if (!opt_xml && opt_comments)
{
if (strcmp (table_type, "VIEW") == 0) /* view */ if (strcmp (table_type, "VIEW") == 0) /* view */
fprintf(sql_file, "\n--\n-- Temporary table structure for view %s\n--\n\n", print_comment(sql_file, 0,
result_table); "\n--\n-- Temporary table structure for view %s\n--\n\n",
result_table);
else else
fprintf(sql_file, "\n--\n-- Table structure for table %s\n--\n\n", print_comment(sql_file, 0,
result_table); "\n--\n-- Table structure for table %s\n--\n\n",
check_io(sql_file); result_table);
}
if (opt_drop) if (opt_drop)
{ {
/* /*
@ -2597,9 +2788,10 @@ static uint get_table_structure(char *table, char *db, char *table_type,
DBUG_RETURN(0); DBUG_RETURN(0);
write_header(sql_file, db); write_header(sql_file, db);
} }
if (!opt_xml && opt_comments)
fprintf(sql_file, "\n--\n-- Table structure for table %s\n--\n\n", print_comment(sql_file, 0,
result_table); "\n--\n-- Table structure for table %s\n--\n\n",
result_table);
if (opt_drop) if (opt_drop)
fprintf(sql_file, "DROP TABLE IF EXISTS %s;\n", result_table); fprintf(sql_file, "DROP TABLE IF EXISTS %s;\n", result_table);
if (!opt_xml) if (!opt_xml)
@ -2650,7 +2842,7 @@ static uint get_table_structure(char *table, char *db, char *table_type,
{ {
if (opt_xml) if (opt_xml)
{ {
print_xml_row(sql_file, "field", result, &row); print_xml_row(sql_file, "field", result, &row, NullS);
continue; continue;
} }
@ -2722,7 +2914,7 @@ static uint get_table_structure(char *table, char *db, char *table_type,
{ {
if (opt_xml) if (opt_xml)
{ {
print_xml_row(sql_file, "key", result, &row); print_xml_row(sql_file, "key", result, &row, NullS);
continue; continue;
} }
@ -2781,7 +2973,7 @@ static uint get_table_structure(char *table, char *db, char *table_type,
else else
{ {
if (opt_xml) if (opt_xml)
print_xml_row(sql_file, "options", result, &row); print_xml_row(sql_file, "options", result, &row, NullS);
else else
{ {
fputs("/*!",sql_file); fputs("/*!",sql_file);
@ -2825,9 +3017,19 @@ static void dump_trigger_old(FILE *sql_file, MYSQL_RES *show_triggers_rs,
char *quoted_table_name= quote_name(table_name, quoted_table_name_buf, 1); char *quoted_table_name= quote_name(table_name, quoted_table_name_buf, 1);
char name_buff[NAME_LEN * 4 + 3]; char name_buff[NAME_LEN * 4 + 3];
const char *xml_msg= "\nWarning! mysqldump being run against old server "
"that does not\nsupport 'SHOW CREATE TRIGGERS' "
"statement. Skipping..\n";
DBUG_ENTER("dump_trigger_old"); DBUG_ENTER("dump_trigger_old");
if (opt_xml)
{
print_xml_comment(sql_file, strlen(xml_msg), xml_msg);
check_io(sql_file);
DBUG_VOID_RETURN;
}
fprintf(sql_file, fprintf(sql_file,
"--\n" "--\n"
"-- WARNING: old server version. " "-- WARNING: old server version. "
@ -2891,13 +3093,22 @@ static int dump_trigger(FILE *sql_file, MYSQL_RES *show_create_trigger_rs,
const char *db_cl_name) const char *db_cl_name)
{ {
MYSQL_ROW row; MYSQL_ROW row;
char *query_str;
int db_cl_altered= FALSE; int db_cl_altered= FALSE;
DBUG_ENTER("dump_trigger"); DBUG_ENTER("dump_trigger");
while ((row= mysql_fetch_row(show_create_trigger_rs))) while ((row= mysql_fetch_row(show_create_trigger_rs)))
{ {
char *query_str= cover_definer_clause_in_trigger(row[2], strlen(row[2])); if (opt_xml)
{
print_xml_row(sql_file, "trigger", show_create_trigger_rs, &row,
"SQL Original Statement");
check_io(sql_file);
continue;
}
query_str= cover_definer_clause_in_trigger(row[2], strlen(row[2]));
if (switch_db_collation(sql_file, db_name, ";", if (switch_db_collation(sql_file, db_name, ";",
@ -2987,6 +3198,13 @@ static int dump_triggers_for_table(char *table_name, char *db_name)
/* Dump triggers. */ /* Dump triggers. */
if (! mysql_num_rows(show_triggers_rs))
goto skip;
if (opt_xml)
print_xml_tag(sql_file, "\t", "\n", "triggers", "name=",
table_name, NullS);
while ((row= mysql_fetch_row(show_triggers_rs))) while ((row= mysql_fetch_row(show_triggers_rs)))
{ {
@ -3019,6 +3237,13 @@ static int dump_triggers_for_table(char *table_name, char *db_name)
} }
if (opt_xml)
{
fputs("\t</triggers>\n", sql_file);
check_io(sql_file);
}
skip:
mysql_free_result(show_triggers_rs); mysql_free_result(show_triggers_rs);
if (switch_character_set_results(mysql, default_charset)) if (switch_character_set_results(mysql, default_charset))
@ -3267,34 +3492,24 @@ static void dump_table(char *table, char *db)
} }
else else
{ {
if (!opt_xml && opt_comments) print_comment(md_result_file, 0,
{ "\n--\n-- Dumping data for table %s\n--\n",
fprintf(md_result_file,"\n--\n-- Dumping data for table %s\n--\n", result_table);
result_table);
check_io(md_result_file);
}
dynstr_append_checked(&query_string, "SELECT /*!40001 SQL_NO_CACHE */ * FROM "); dynstr_append_checked(&query_string, "SELECT /*!40001 SQL_NO_CACHE */ * FROM ");
dynstr_append_checked(&query_string, result_table); dynstr_append_checked(&query_string, result_table);
if (where) if (where)
{ {
if (!opt_xml && opt_comments) print_comment(md_result_file, 0, "-- WHERE: %s\n", where);
{
fprintf(md_result_file, "-- WHERE: %s\n", where);
check_io(md_result_file);
}
dynstr_append_checked(&query_string, " WHERE "); dynstr_append_checked(&query_string, " WHERE ");
dynstr_append_checked(&query_string, where); dynstr_append_checked(&query_string, where);
} }
if (order_by) if (order_by)
{ {
if (!opt_xml && opt_comments) print_comment(md_result_file, 0, "-- ORDER BY: %s\n", order_by);
{
fprintf(md_result_file, "-- ORDER BY: %s\n", order_by);
check_io(md_result_file);
}
dynstr_append_checked(&query_string, " ORDER BY "); dynstr_append_checked(&query_string, " ORDER BY ");
dynstr_append_checked(&query_string, order_by); dynstr_append_checked(&query_string, order_by);
} }
@ -3490,7 +3705,7 @@ static void dump_table(char *table, char *db)
{ {
print_xml_tag(md_result_file, "\t\t", "", "field", "name=", print_xml_tag(md_result_file, "\t\t", "", "field", "name=",
field->name, NullS); field->name, NullS);
print_quoted_xml(md_result_file, row[i], length); print_quoted_xml(md_result_file, row[i], length, 0);
} }
fputs("</field>\n", md_result_file); fputs("</field>\n", md_result_file);
} }
@ -3794,11 +4009,9 @@ static int dump_tablespaces(char* ts_where)
first= 1; first= 1;
if (first) if (first)
{ {
if (!opt_xml && opt_comments) print_comment(md_result_file, 0, "\n--\n-- Logfile group: %s\n--\n",
{ row[0]);
fprintf(md_result_file,"\n--\n-- Logfile group: %s\n--\n", row[0]);
check_io(md_result_file);
}
fprintf(md_result_file, "\nCREATE"); fprintf(md_result_file, "\nCREATE");
} }
else else
@ -3866,11 +4079,7 @@ static int dump_tablespaces(char* ts_where)
first= 1; first= 1;
if (first) if (first)
{ {
if (!opt_xml && opt_comments) print_comment(md_result_file, 0, "\n--\n-- Tablespace: %s\n--\n", row[0]);
{
fprintf(md_result_file,"\n--\n-- Tablespace: %s\n--\n", row[0]);
check_io(md_result_file);
}
fprintf(md_result_file, "\nCREATE"); fprintf(md_result_file, "\nCREATE");
} }
else else
@ -4060,11 +4269,9 @@ static int init_dumping(char *database, int init_func(char*))
*/ */
char quoted_database_buf[NAME_LEN*2+3]; char quoted_database_buf[NAME_LEN*2+3];
char *qdatabase= quote_name(database,quoted_database_buf,opt_quoted); char *qdatabase= quote_name(database,quoted_database_buf,opt_quoted);
if (opt_comments)
{ print_comment(md_result_file, 0,
fprintf(md_result_file,"\n--\n-- Current Database: %s\n--\n", qdatabase); "\n--\n-- Current Database: %s\n--\n", qdatabase);
check_io(md_result_file);
}
/* Call the view or table specific function */ /* Call the view or table specific function */
init_func(qdatabase); init_func(qdatabase);
@ -4138,8 +4345,7 @@ static int dump_all_tables_in_db(char *database)
dump_table(table,database); dump_table(table,database);
my_free(order_by, MYF(MY_ALLOW_ZERO_PTR)); my_free(order_by, MYF(MY_ALLOW_ZERO_PTR));
order_by= 0; order_by= 0;
if (opt_dump_triggers && ! opt_xml && if (opt_dump_triggers && mysql_get_server_version(mysql) >= 50009)
mysql_get_server_version(mysql) >= 50009)
{ {
if (dump_triggers_for_table(table, database)) if (dump_triggers_for_table(table, database))
{ {
@ -4150,14 +4356,12 @@ static int dump_all_tables_in_db(char *database)
} }
} }
} }
if (opt_events && !opt_xml && if (opt_events && mysql_get_server_version(mysql) >= 50106)
mysql_get_server_version(mysql) >= 50106)
{ {
DBUG_PRINT("info", ("Dumping events for database %s", database)); DBUG_PRINT("info", ("Dumping events for database %s", database));
dump_events_for_db(database); dump_events_for_db(database);
} }
if (opt_routines && !opt_xml && if (opt_routines && mysql_get_server_version(mysql) >= 50009)
mysql_get_server_version(mysql) >= 50009)
{ {
DBUG_PRINT("info", ("Dumping routines for database %s", database)); DBUG_PRINT("info", ("Dumping routines for database %s", database));
dump_routines_for_db(database); dump_routines_for_db(database);
@ -4392,15 +4596,13 @@ static int dump_selected_tables(char *db, char **table_names, int tables)
for (pos= dump_tables; pos < end; pos++) for (pos= dump_tables; pos < end; pos++)
get_view_structure(*pos, db); get_view_structure(*pos, db);
} }
if (opt_events && !opt_xml && if (opt_events && mysql_get_server_version(mysql) >= 50106)
mysql_get_server_version(mysql) >= 50106)
{ {
DBUG_PRINT("info", ("Dumping events for database %s", db)); DBUG_PRINT("info", ("Dumping events for database %s", db));
dump_events_for_db(db); dump_events_for_db(db);
} }
/* obtain dump of routines (procs/functions) */ /* obtain dump of routines (procs/functions) */
if (opt_routines && !opt_xml && if (opt_routines && mysql_get_server_version(mysql) >= 50009)
mysql_get_server_version(mysql) >= 50009)
{ {
DBUG_PRINT("info", ("Dumping routines for database %s", db)); DBUG_PRINT("info", ("Dumping routines for database %s", db));
dump_routines_for_db(db); dump_routines_for_db(db);
@ -4467,7 +4669,7 @@ static int do_show_master_status(MYSQL *mysql_con, int consistent_binlog_pos)
/* SHOW MASTER STATUS reports file and position */ /* SHOW MASTER STATUS reports file and position */
if (opt_comments) if (opt_comments)
fprintf(md_result_file, print_comment(md_result_file, 0,
"\n--\n-- Position to start replication or point-in-time " "\n--\n-- Position to start replication or point-in-time "
"recovery from\n--\n\n"); "recovery from\n--\n\n");
fprintf(md_result_file, fprintf(md_result_file,
@ -4927,12 +5129,10 @@ static my_bool get_view_structure(char *table, char* db)
write_header(sql_file, db); write_header(sql_file, db);
} }
if (!opt_xml && opt_comments) print_comment(sql_file, 0,
{ "\n--\n-- Final view structure for view %s\n--\n\n",
fprintf(sql_file, "\n--\n-- Final view structure for view %s\n--\n\n", result_table);
result_table);
check_io(sql_file);
}
/* Table might not exist if this view was dumped with --tab. */ /* Table might not exist if this view was dumped with --tab. */
fprintf(sql_file, "/*!50001 DROP TABLE IF EXISTS %s*/;\n", opt_quoted_table); fprintf(sql_file, "/*!50001 DROP TABLE IF EXISTS %s*/;\n", opt_quoted_table);
if (opt_drop) if (opt_drop)
@ -5130,6 +5330,12 @@ int main(int argc, char **argv)
exit(exit_code); exit(exit_code);
} }
/*
Disable comments in xml mode if 'comments' option is not explicitly used.
*/
if (opt_xml && !opt_comments_used)
opt_comments= 0;
if (log_error_file) if (log_error_file)
{ {
if(!(stderror_file= freopen(log_error_file, "a+", stderr))) if(!(stderror_file= freopen(log_error_file, "a+", stderr)))

2
client/sql_string.cc
View File

@ -1,5 +1,5 @@
/* /*
Copyright (c) 2000, 2010, Oracle and/or its affiliates. Copyright (c) 2000, 2011, Oracle and/or its affiliates.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by

0
extra/yassl/CMakeLists.txt Executable file → Normal file
View File

103
extra/yassl/INSTALL
View File

@ -1,13 +1,19 @@
Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002 Free Software Installation Instructions
Foundation, Inc. *************************
This file is free documentation; the Free Software Foundation gives Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005,
2006 Free Software Foundation, Inc.
This file is free documentation; the Free Software Foundation gives
unlimited permission to copy, distribute and modify it. unlimited permission to copy, distribute and modify it.
Basic Installation Basic Installation
================== ==================
These are generic installation instructions. Briefly, the shell commands `./configure; make; make install' should
configure, build, and install this package. The following
more-detailed instructions are generic; see the `README' file for
instructions specific to this package.
The `configure' shell script attempts to guess correct values for The `configure' shell script attempts to guess correct values for
various system-dependent variables used during compilation. It uses various system-dependent variables used during compilation. It uses
@ -20,9 +26,9 @@ debugging `configure').
It can also use an optional file (typically called `config.cache' It can also use an optional file (typically called `config.cache'
and enabled with `--cache-file=config.cache' or simply `-C') that saves and enabled with `--cache-file=config.cache' or simply `-C') that saves
the results of its tests to speed up reconfiguring. (Caching is the results of its tests to speed up reconfiguring. Caching is
disabled by default to prevent problems with accidental use of stale disabled by default to prevent problems with accidental use of stale
cache files.) cache files.
If you need to do unusual things to compile the package, please try If you need to do unusual things to compile the package, please try
to figure out how `configure' could check whether to do them, and mail to figure out how `configure' could check whether to do them, and mail
@ -32,20 +38,17 @@ some point `config.cache' contains results you don't want to keep, you
may remove or edit it. may remove or edit it.
The file `configure.ac' (or `configure.in') is used to create The file `configure.ac' (or `configure.in') is used to create
`configure' by a program called `autoconf'. You only need `configure' by a program called `autoconf'. You need `configure.ac' if
`configure.ac' if you want to change it or regenerate `configure' using you want to change it or regenerate `configure' using a newer version
a newer version of `autoconf'. of `autoconf'.
The simplest way to compile this package is: The simplest way to compile this package is:
1. `cd' to the directory containing the package's source code and type 1. `cd' to the directory containing the package's source code and type
`./configure' to configure the package for your system. If you're `./configure' to configure the package for your system.
using `csh' on an old version of System V, you might need to type
`sh ./configure' instead to prevent `csh' from trying to execute
`configure' itself.
Running `configure' takes awhile. While running, it prints some Running `configure' might take a while. While running, it prints
messages telling which features it is checking for. some messages telling which features it is checking for.
2. Type `make' to compile the package. 2. Type `make' to compile the package.
@ -67,51 +70,49 @@ The simplest way to compile this package is:
Compilers and Options Compilers and Options
===================== =====================
Some systems require unusual options for compilation or linking that Some systems require unusual options for compilation or linking that the
the `configure' script does not know about. Run `./configure --help' `configure' script does not know about. Run `./configure --help' for
for details on some of the pertinent environment variables. details on some of the pertinent environment variables.
You can give `configure' initial values for configuration parameters You can give `configure' initial values for configuration parameters
by setting variables in the command line or in the environment. Here by setting variables in the command line or in the environment. Here
is an example: is an example:
./configure CC=c89 CFLAGS=-O2 LIBS=-lposix ./configure CC=c99 CFLAGS=-g LIBS=-lposix
*Note Defining Variables::, for more details. *Note Defining Variables::, for more details.
Compiling For Multiple Architectures Compiling For Multiple Architectures
==================================== ====================================
You can compile the package for more than one kind of computer at the You can compile the package for more than one kind of computer at the
same time, by placing the object files for each architecture in their same time, by placing the object files for each architecture in their
own directory. To do this, you must use a version of `make' that own directory. To do this, you can use GNU `make'. `cd' to the
supports the `VPATH' variable, such as GNU `make'. `cd' to the
directory where you want the object files and executables to go and run directory where you want the object files and executables to go and run
the `configure' script. `configure' automatically checks for the the `configure' script. `configure' automatically checks for the
source code in the directory that `configure' is in and in `..'. source code in the directory that `configure' is in and in `..'.
If you have to use a `make' that does not support the `VPATH' With a non-GNU `make', it is safer to compile the package for one
variable, you have to compile the package for one architecture at a architecture at a time in the source code directory. After you have
time in the source code directory. After you have installed the installed the package for one architecture, use `make distclean' before
package for one architecture, use `make distclean' before reconfiguring reconfiguring for another architecture.
for another architecture.
Installation Names Installation Names
================== ==================
By default, `make install' will install the package's files in By default, `make install' installs the package's commands under
`/usr/local/bin', `/usr/local/man', etc. You can specify an `/usr/local/bin', include files under `/usr/local/include', etc. You
installation prefix other than `/usr/local' by giving `configure' the can specify an installation prefix other than `/usr/local' by giving
option `--prefix=PATH'. `configure' the option `--prefix=PREFIX'.
You can specify separate installation prefixes for You can specify separate installation prefixes for
architecture-specific files and architecture-independent files. If you architecture-specific files and architecture-independent files. If you
give `configure' the option `--exec-prefix=PATH', the package will use pass the option `--exec-prefix=PREFIX' to `configure', the package uses
PATH as the prefix for installing programs and libraries. PREFIX as the prefix for installing programs and libraries.
Documentation and other data files will still use the regular prefix. Documentation and other data files still use the regular prefix.
In addition, if you use an unusual directory layout you can give In addition, if you use an unusual directory layout you can give
options like `--bindir=PATH' to specify different values for particular options like `--bindir=DIR' to specify different values for particular
kinds of files. Run `configure --help' for a list of the directories kinds of files. Run `configure --help' for a list of the directories
you can set and what kinds of files go in them. you can set and what kinds of files go in them.
@ -122,7 +123,7 @@ option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
Optional Features Optional Features
================= =================
Some packages pay attention to `--enable-FEATURE' options to Some packages pay attention to `--enable-FEATURE' options to
`configure', where FEATURE indicates an optional part of the package. `configure', where FEATURE indicates an optional part of the package.
They may also pay attention to `--with-PACKAGE' options, where PACKAGE They may also pay attention to `--with-PACKAGE' options, where PACKAGE
is something like `gnu-as' or `x' (for the X Window System). The is something like `gnu-as' or `x' (for the X Window System). The
@ -137,11 +138,11 @@ you can use the `configure' options `--x-includes=DIR' and
Specifying the System Type Specifying the System Type
========================== ==========================
There may be some features `configure' cannot figure out There may be some features `configure' cannot figure out automatically,
automatically, but needs to determine by the type of machine the package but needs to determine by the type of machine the package will run on.
will run on. Usually, assuming the package is built to be run on the Usually, assuming the package is built to be run on the _same_
_same_ architectures, `configure' can figure that out, but if it prints architectures, `configure' can figure that out, but if it prints a
a message saying it cannot guess the machine type, give it the message saying it cannot guess the machine type, give it the
`--build=TYPE' option. TYPE can either be a short name for the system `--build=TYPE' option. TYPE can either be a short name for the system
type, such as `sun4', or a canonical name which has the form: type, such as `sun4', or a canonical name which has the form:
@ -156,7 +157,7 @@ where SYSTEM can have one of these forms:
need to know the machine type. need to know the machine type.
If you are _building_ compiler tools for cross-compiling, you should If you are _building_ compiler tools for cross-compiling, you should
use the `--target=TYPE' option to select the type of system they will use the option `--target=TYPE' to select the type of system they will
produce code for. produce code for.
If you want to _use_ a cross compiler, that generates code for a If you want to _use_ a cross compiler, that generates code for a
@ -167,9 +168,9 @@ eventually be run) with `--host=TYPE'.
Sharing Defaults Sharing Defaults
================ ================
If you want to set default values for `configure' scripts to share, If you want to set default values for `configure' scripts to share, you
you can create a site shell script called `config.site' that gives can create a site shell script called `config.site' that gives default
default values for variables like `CC', `cache_file', and `prefix'. values for variables like `CC', `cache_file', and `prefix'.
`configure' looks for `PREFIX/share/config.site' if it exists, then `configure' looks for `PREFIX/share/config.site' if it exists, then
`PREFIX/etc/config.site' if it exists. Or, you can set the `PREFIX/etc/config.site' if it exists. Or, you can set the
`CONFIG_SITE' environment variable to the location of the site script. `CONFIG_SITE' environment variable to the location of the site script.
@ -178,7 +179,7 @@ A warning: not all `configure' scripts look for a site script.
Defining Variables Defining Variables
================== ==================
Variables not defined in a site shell script can be set in the Variables not defined in a site shell script can be set in the
environment passed to `configure'. However, some packages may run environment passed to `configure'. However, some packages may run
configure again during the build, and the customized values of these configure again during the build, and the customized values of these
variables may be lost. In order to avoid this problem, you should set variables may be lost. In order to avoid this problem, you should set
@ -186,14 +187,18 @@ them in the `configure' command line, using `VAR=value'. For example:
./configure CC=/usr/local2/bin/gcc ./configure CC=/usr/local2/bin/gcc
will cause the specified gcc to be used as the C compiler (unless it is causes the specified `gcc' to be used as the C compiler (unless it is
overridden in the site shell script). overridden in the site shell script).
Unfortunately, this technique does not work for `CONFIG_SHELL' due to
an Autoconf bug. Until the bug is fixed you can use this workaround:
CONFIG_SHELL=/bin/bash /bin/bash ./configure CONFIG_SHELL=/bin/bash
`configure' Invocation `configure' Invocation
====================== ======================
`configure' recognizes the following options to control how it `configure' recognizes the following options to control how it operates.
operates.
`--help' `--help'
`-h' `-h'

121
extra/yassl/README
View File

@ -1,3 +1,120 @@
*** Note, Please read ***
yaSSL takes a different approach to certificate verification than OpenSSL does.
The default policy for the client is to verify the server, this means that if
you don't load CAs to verify the server you'll get a connect error, unable to
verify. It you want to mimic OpenSSL behavior of not verifying the server and
reducing security you can do this by calling:
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
before calling SSL_new();
*** end Note ***
yaSSL Release notes, version 2.1.2 (9/2/2011)
This release of yaSSL contains bug fixes, better non-blocking support with
SSL_write, and OpenSSL RSA public key format support.
See normal build instructions below under 1.0.6.
See libcurl build instructions below under 1.3.0 and note in 1.5.8.
*****************yaSSL Release notes, version 2.0.0 (7/6/2010)
This release of yaSSL contains bug fixes, new testing certs,
and a security patch for a potential heap overflow on forged application
data processing. Vulnerability discovered by Matthieu Bonetti from VUPEN
Security http://www.vupen.com.
See normal build instructions below under 1.0.6.
See libcurl build instructions below under 1.3.0 and note in 1.5.8.
*****************yaSSL Release notes, version 1.9.9 (1/26/2010)
This release of yaSSL contains bug fixes, the removal of assert() s and
a security patch for a buffer overflow possibility in certificate name
processing.
See normal build instructions below under 1.0.6.
See libcurl build instructions below under 1.3.0 and note in 1.5.8.
*****************yaSSL Release notes, version 1.9.8 (10/14/09)
This release of yaSSL contains bug fixes and adds new stream ciphers
Rabbit and HC-128
See normal build instructions below under 1.0.6.
See libcurl build instructions below under 1.3.0 and note in 1.5.8.
*****************yaSSL Release notes, version 1.9.6 (11/13/08)
This release of yaSSL contains bug fixes, adds autconf shared library
support and has better server suite detection based on certficate and
private key.
See normal build instructions below under 1.0.6.
See libcurl build instructions below under 1.3.0 and note in 1.5.8.
*****************yaSSL Release notes, version 1.9.2 (9/24/08)
This release of yaSSL contains bug fixes and improved certificate verify
callback support.
See normal build instructions below under 1.0.6.
See libcurl build instructions below under 1.3.0 and note in 1.5.8.
*****************yaSSL Release notes, version 1.8.8 (5/7/08)
This release of yaSSL contains bug fixes, and better socket handling.
See normal build instructions below under 1.0.6.
See libcurl build instructions below under 1.3.0 and note in 1.5.8.
*****************yaSSL Release notes, version 1.8.6 (1/31/08)
This release of yaSSL contains bug fixes, and fixes security problems
associated with using SSL 2.0 client hellos and improper input handling.
Please upgrade to this version if you are using a previous one.
See normal build instructions below under 1.0.6.
See libcurl build instructions below under 1.3.0 and note in 1.5.8.
*****************yaSSL Release notes, version 1.7.5 (10/15/07)
This release of yaSSL contains bug fixes, adds MSVC 2005 project support,
GCC 4.2 support, IPV6 support and test, and new test certificates.
See normal build instructions below under 1.0.6.
See libcurl build instructions below under 1.3.0 and note in 1.5.8.
*****************yaSSL Release notes, version 1.7.2 (8/20/07)
This release of yaSSL contains bug fixes and adds initial OpenVPN support.
Just configure at this point and beginning of build.
See normal build instructions below under 1.0.6.
See libcurl build instructions below under 1.3.0 and note in 1.5.8.
*****************yaSSL Release notes, version 1.6.8 (4/16/07)
This release of yaSSL contains bug fixes and adds SHA-256, SHA-512, SHA-224,
and SHA-384.
See normal build instructions below under 1.0.6.
See libcurl build instructions below under 1.3.0 and note in 1.5.8.
*****************yaSSL Release notes, version 1.6.0 (2/22/07) *****************yaSSL Release notes, version 1.6.0 (2/22/07)
This release of yaSSL contains bug fixes, portability enhancements, and This release of yaSSL contains bug fixes, portability enhancements, and
@ -13,7 +130,7 @@ See libcurl build instructions below under 1.3.0 and note in 1.5.8.
Since yaSSL now supports zlib, as does libcur, the libcurl build test can Since yaSSL now supports zlib, as does libcurl, the libcurl build test can
fail if yaSSL is built with zlib support since the zlib library isn't fail if yaSSL is built with zlib support since the zlib library isn't
passed. You can do two things to fix this: passed. You can do two things to fix this:
@ -518,7 +635,7 @@ in the source and include files.
********************* *********************
Contact: please send comments or questions to Todd A Ouska at todd@yassl.com Contact: please send comments or questions to Todd A Ouska at todd@yassl.com
and/or Larry Stefonic at larry@yassl.com or 425-741-6858. and/or Larry Stefonic at larry@yassl.com.

71
extra/yassl/certs/ca-cert.pem
View File

@ -1,53 +1,56 @@
Certificate: Certificate:
Data: Data:
Version: 3 (0x2) Version: 3 (0x2)
Serial Number: 0 (0x0) Serial Number:
8a:37:22:65:73:f5:aa:e8
Signature Algorithm: md5WithRSAEncryption Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, ST=Oregon, L=Portland, O=sawtooth, CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com Issuer: C=US, ST=Montana, L=Bozeman, O=sawtooth, OU=consulting, CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
Validity Validity
Not Before: Mar 7 03:10:11 2005 GMT Not Before: Jun 30 18:47:10 2010 GMT
Not After : Apr 1 03:10:11 2046 GMT Not After : Mar 26 18:47:10 2013 GMT
Subject: C=US, ST=Oregon, L=Portland, O=sawtooth, CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com Subject: C=US, ST=Montana, L=Bozeman, O=sawtooth, OU=consulting, CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
Subject Public Key Info: Subject Public Key Info:
Public Key Algorithm: rsaEncryption Public Key Algorithm: rsaEncryption
RSA Public Key: (512 bit) RSA Public Key: (512 bit)
Modulus (512 bit): Modulus (512 bit):
00:ef:c1:e3:9a:3c:6e:6e:cb:26:6f:05:be:e0:cb: 00:97:30:b9:1a:92:ef:25:4f:ca:4c:11:31:95:1a:
57:a0:4b:68:e6:1b:f9:95:db:01:92:aa:6e:a6:b5: e1:c0:10:19:0a:20:b9:37:80:1a:57:38:02:4e:1b:
2d:b1:2b:50:fd:db:13:f2:c5:d8:b8:4f:75:28:53: c5:0f:28:4f:da:e3:c9:16:aa:50:bd:4a:fb:b7:71:
72:e8:e5:11:9d:bb:c3:4f:4f:09:fd:4c:e7:46:d5: c7:35:cc:63:81:c1:dd:9d:33:f9:38:16:88:32:a0:
1d:bb:35:02:af aa:56:23:03:a3
Exponent: 65537 (0x10001) Exponent: 65537 (0x10001)
X509v3 extensions: X509v3 extensions:
X509v3 Subject Key Identifier: X509v3 Subject Key Identifier:
1D:EF:A1:B8:81:78:12:47:E8:57:06:08:74:18:F7:D3:AA:D8:F7:BD 3B:66:FD:A0:40:C6:F4:E2:70:CF:21:1A:0C:4F:67:FE:B7:4B:42:09
X509v3 Authority Key Identifier: X509v3 Authority Key Identifier:
keyid:1D:EF:A1:B8:81:78:12:47:E8:57:06:08:74:18:F7:D3:AA:D8:F7:BD keyid:3B:66:FD:A0:40:C6:F4:E2:70:CF:21:1A:0C:4F:67:FE:B7:4B:42:09
DirName:/C=US/ST=Oregon/L=Portland/O=sawtooth/CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com DirName:/C=US/ST=Montana/L=Bozeman/O=sawtooth/OU=consulting/CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
serial:00 serial:8A:37:22:65:73:F5:AA:E8
X509v3 Basic Constraints: X509v3 Basic Constraints:
CA:TRUE CA:TRUE
Signature Algorithm: md5WithRSAEncryption Signature Algorithm: md5WithRSAEncryption
d9:77:e3:07:d9:2e:ec:2f:9b:8e:9e:ca:b4:00:0b:ef:c7:74: 32:65:a2:b1:dc:6d:e0:8d:8b:c8:58:29:8e:b8:18:4b:62:88:
cb:f4:f6:44:2f:02:75:17:a5:74:3e:26:b2:26:fd:1f:ab:3a: 13:67:f8:6c:75:46:75:8f:8a:19:a6:a3:d5:3c:fc:57:4e:7a:
df:d5:e3:05:14:08:d0:8c:1d:c9:3e:e1:59:6f:b3:38:5d:af: 68:a9:fc:93:dc:ae:29:7d:bb:4e:ec:ea:55:fa:a4:e3:00:61:
78:60:e3:c5:6a:69:96:80:7d:00 f4:b0:34:6d:d1:d5:a4:64:24:f8
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIC7zCCApmgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBiTELMAkGA1UEBhMCVVMx MIIDQDCCAuqgAwIBAgIJAIo3ImVz9aroMA0GCSqGSIb3DQEBBAUAMIGeMQswCQYD
DzANBgNVBAgTBk9yZWdvbjERMA8GA1UEBxMIUG9ydGxhbmQxETAPBgNVBAoTCHNh VQQGEwJVUzEQMA4GA1UECBMHTW9udGFuYTEQMA4GA1UEBxMHQm96ZW1hbjERMA8G
d3Rvb3RoMSQwIgYDVQQDExt3d3cuc2F3dG9vdGgtY29uc3VsdGluZy5jb20xHTAb A1UEChMIc2F3dG9vdGgxEzARBgNVBAsTCmNvbnN1bHRpbmcxJDAiBgNVBAMTG3d3
BgkqhkiG9w0BCQEWDmluZm9AeWFzc2wuY29tMB4XDTA1MDMwNzAzMTAxMVoXDTQ2 dy5zYXd0b290aC1jb25zdWx0aW5nLmNvbTEdMBsGCSqGSIb3DQEJARYOaW5mb0B5
MDQwMTAzMTAxMVowgYkxCzAJBgNVBAYTAlVTMQ8wDQYDVQQIEwZPcmVnb24xETAP YXNzbC5jb20wHhcNMTAwNjMwMTg0NzEwWhcNMTMwMzI2MTg0NzEwWjCBnjELMAkG
BgNVBAcTCFBvcnRsYW5kMREwDwYDVQQKEwhzYXd0b290aDEkMCIGA1UEAxMbd3d3 A1UEBhMCVVMxEDAOBgNVBAgTB01vbnRhbmExEDAOBgNVBAcTB0JvemVtYW4xETAP
LnNhd3Rvb3RoLWNvbnN1bHRpbmcuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZvQHlh BgNVBAoTCHNhd3Rvb3RoMRMwEQYDVQQLEwpjb25zdWx0aW5nMSQwIgYDVQQDExt3
c3NsLmNvbTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDvweOaPG5uyyZvBb7gy1eg d3cuc2F3dG9vdGgtY29uc3VsdGluZy5jb20xHTAbBgkqhkiG9w0BCQEWDmluZm9A
S2jmG/mV2wGSqm6mtS2xK1D92xPyxdi4T3UoU3Lo5RGdu8NPTwn9TOdG1R27NQKv eWFzc2wuY29tMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJcwuRqS7yVPykwRMZUa
AgMBAAGjgekwgeYwHQYDVR0OBBYEFB3vobiBeBJH6FcGCHQY99Oq2Pe9MIG2BgNV 4cAQGQoguTeAGlc4Ak4bxQ8oT9rjyRaqUL1K+7dxxzXMY4HB3Z0z+TgWiDKgqlYj
HSMEga4wgauAFB3vobiBeBJH6FcGCHQY99Oq2Pe9oYGPpIGMMIGJMQswCQYDVQQG A6MCAwEAAaOCAQcwggEDMB0GA1UdDgQWBBQ7Zv2gQMb04nDPIRoMT2f+t0tCCTCB
EwJVUzEPMA0GA1UECBMGT3JlZ29uMREwDwYDVQQHEwhQb3J0bGFuZDERMA8GA1UE 0wYDVR0jBIHLMIHIgBQ7Zv2gQMb04nDPIRoMT2f+t0tCCaGBpKSBoTCBnjELMAkG
ChMIc2F3dG9vdGgxJDAiBgNVBAMTG3d3dy5zYXd0b290aC1jb25zdWx0aW5nLmNv A1UEBhMCVVMxEDAOBgNVBAgTB01vbnRhbmExEDAOBgNVBAcTB0JvemVtYW4xETAP
bTEdMBsGCSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb22CAQAwDAYDVR0TBAUwAwEB BgNVBAoTCHNhd3Rvb3RoMRMwEQYDVQQLEwpjb25zdWx0aW5nMSQwIgYDVQQDExt3
/zANBgkqhkiG9w0BAQQFAANBANl34wfZLuwvm46eyrQAC+/HdMv09kQvAnUXpXQ+ d3cuc2F3dG9vdGgtY29uc3VsdGluZy5jb20xHTAbBgkqhkiG9w0BCQEWDmluZm9A
JrIm/R+rOt/V4wUUCNCMHck+4Vlvszhdr3hg48VqaZaAfQA= eWFzc2wuY29tggkAijciZXP1qugwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQF
AANBADJlorHcbeCNi8hYKY64GEtiiBNn+Gx1RnWPihmmo9U8/FdOemip/JPcril9
u07s6lX6pOMAYfSwNG3R1aRkJPg=
-----END CERTIFICATE----- -----END CERTIFICATE-----

9
extra/yassl/certs/ca-key.pem Normal file
View File

@ -0,0 +1,9 @@
-----BEGIN RSA PRIVATE KEY-----
MIIBOQIBAAJBAJcwuRqS7yVPykwRMZUa4cAQGQoguTeAGlc4Ak4bxQ8oT9rjyRaq
UL1K+7dxxzXMY4HB3Z0z+TgWiDKgqlYjA6MCAwEAAQJAEQ9TY7c+uuQU/J5YDO4a
mRR37tegbq3Kyxqrz+p8QuhqLDtVh13GaF7rVU70vyNHm+cgihUyzho/PViAkPBo
qQIhAMU8/RDhDLgL5BxID4sxKIVBtg+imFSbyKVyg7oQLUcXAiEAxDu94O45Cf4a
np9R0thumY/QqWpCkycWAB7fFEuaf1UCIEH+bg4/vqm2ENUFp23DPPOZUPlaRe3J
UhFJh5mx3/RxAiBq++8vfHFYg1Lb/BxOCXVy/zdRxf753ytdcXdJx1Y56QIgVgpN
FNfYJofQfWaP96sjlc0usrT28uceHx0QmHqolVc=
-----END RSA PRIVATE KEY-----

BIN
extra/yassl/certs/client-cert.der
View File

Binary file not shown.

69
extra/yassl/certs/client-cert.pem
View File

@ -1,52 +1,55 @@
Certificate: Certificate:
Data: Data:
Version: 3 (0x2) Version: 3 (0x2)
Serial Number: 0 (0x0) Serial Number:
c5:d7:6c:11:36:f0:35:e1
Signature Algorithm: md5WithRSAEncryption Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, ST=Oregon, L=Portland, O=yaSSL, CN=www.yassl.com/emailAddress=info@yassl.com Issuer: C=US, ST=Oregon, L=Portland, O=yaSSL, OU=programming, CN=www.yassl.com/emailAddress=info@yassl.com
Validity Validity
Not Before: Mar 7 03:00:31 2005 GMT Not Before: Jun 30 18:39:39 2010 GMT
Not After : Apr 1 03:00:31 2046 GMT Not After : Mar 26 18:39:40 2013 GMT
Subject: C=US, ST=Oregon, L=Portland, O=yaSSL, CN=www.yassl.com/emailAddress=info@yassl.com Subject: C=US, ST=Oregon, L=Portland, O=yaSSL, OU=programming, CN=www.yassl.com/emailAddress=info@yassl.com
Subject Public Key Info: Subject Public Key Info:
Public Key Algorithm: rsaEncryption Public Key Algorithm: rsaEncryption
RSA Public Key: (512 bit) RSA Public Key: (512 bit)
Modulus (512 bit): Modulus (512 bit):
00:cd:1f:78:47:f8:b8:d6:08:bf:bd:7c:23:61:86: 00:bd:51:4a:14:fd:6a:19:84:0c:33:38:fc:27:32:
36:28:ac:ee:3c:a8:9a:94:e6:d5:26:e8:71:50:b2: 9c:97:0b:fc:a4:18:60:69:4e:d9:d8:78:50:0b:e9:
26:8b:1c:1e:3f:75:b2:d3:b3:67:95:0c:fd:76:28: 20:5d:d6:1d:70:1c:0c:24:9f:23:82:cc:3a:01:d5:
65:d5:ce:12:82:9e:06:00:a2:09:dd:ce:3a:26:dd: 97:17:b2:73:6c:86:cf:b5:f1:e5:ce:68:0c:d9:a2:
46:2a:a0:45:71 12:39:7c:f2:53
Exponent: 65537 (0x10001) Exponent: 65537 (0x10001)
X509v3 extensions: X509v3 extensions:
X509v3 Subject Key Identifier: X509v3 Subject Key Identifier:
AE:25:5E:FA:4D:A3:5B:2B:87:DE:F1:2A:F5:42:C0:FF:CE:B5:B4:AD 5C:F7:29:21:69:7A:09:78:9E:7B:CD:53:42:02:EC:CE:29:0D:11:DF
X509v3 Authority Key Identifier: X509v3 Authority Key Identifier:
keyid:AE:25:5E:FA:4D:A3:5B:2B:87:DE:F1:2A:F5:42:C0:FF:CE:B5:B4:AD keyid:5C:F7:29:21:69:7A:09:78:9E:7B:CD:53:42:02:EC:CE:29:0D:11:DF
DirName:/C=US/ST=Oregon/L=Portland/O=yaSSL/CN=www.yassl.com/emailAddress=info@yassl.com DirName:/C=US/ST=Oregon/L=Portland/O=yaSSL/OU=programming/CN=www.yassl.com/emailAddress=info@yassl.com
serial:00 serial:C5:D7:6C:11:36:F0:35:E1
X509v3 Basic Constraints: X509v3 Basic Constraints:
CA:TRUE CA:TRUE
Signature Algorithm: md5WithRSAEncryption Signature Algorithm: md5WithRSAEncryption
59:19:ae:1b:4e:65:9e:ca:f1:b8:3d:ff:c7:5e:15:86:10:97: b4:a5:f1:71:26:4d:b9:ff:54:f3:09:1f:ac:e1:19:59:e5:ec:
8c:3e:22:32:ab:4e:75:a7:70:83:f2:fb:2f:af:fe:26:28:e9: 57:e3:f1:0b:b2:8f:f3:29:eb:6b:c6:fa:27:33:3e:91:d0:77:
4f:d4:c9:49:7c:6f:51:7e:2a:ff:a0:5b:25:45:2e:66:d9:0d: 43:c9:ce:1e:0f:71:07:a9:f7:26:e0:7e:ff:30:7d:52:0a:e1:
92:94:e5:b8:60:c6:67:1a:f3:03 80:48:46:bb:99:e9:d9:77:ce:75
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIICtzCCAmGgAwIBAgIBADANBgkqhkiG9w0BAQQFADB4MQswCQYDVQQGEwJVUzEP MIIDDjCCArigAwIBAgIJAMXXbBE28DXhMA0GCSqGSIb3DQEBBAUAMIGOMQswCQYD
MA0GA1UECBMGT3JlZ29uMREwDwYDVQQHEwhQb3J0bGFuZDEOMAwGA1UEChMFeWFT VQQGEwJVUzEPMA0GA1UECBMGT3JlZ29uMREwDwYDVQQHEwhQb3J0bGFuZDEOMAwG
U0wxFjAUBgNVBAMTDXd3dy55YXNzbC5jb20xHTAbBgkqhkiG9w0BCQEWDmluZm9A A1UEChMFeWFTU0wxFDASBgNVBAsTC3Byb2dyYW1taW5nMRYwFAYDVQQDEw13d3cu
eWFzc2wuY29tMB4XDTA1MDMwNzAzMDAzMVoXDTQ2MDQwMTAzMDAzMVoweDELMAkG eWFzc2wuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbTAeFw0xMDA2
A1UEBhMCVVMxDzANBgNVBAgTBk9yZWdvbjERMA8GA1UEBxMIUG9ydGxhbmQxDjAM MzAxODM5MzlaFw0xMzAzMjYxODM5NDBaMIGOMQswCQYDVQQGEwJVUzEPMA0GA1UE
BgNVBAoTBXlhU1NMMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0wGwYJKoZIhvcN CBMGT3JlZ29uMREwDwYDVQQHEwhQb3J0bGFuZDEOMAwGA1UEChMFeWFTU0wxFDAS
AQkBFg5pbmZvQHlhc3NsLmNvbTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDNH3hH BgNVBAsTC3Byb2dyYW1taW5nMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0wGwYJ
+LjWCL+9fCNhhjYorO48qJqU5tUm6HFQsiaLHB4/dbLTs2eVDP12KGXVzhKCngYA KoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
ogndzjom3UYqoEVxAgMBAAGjgdUwgdIwHQYDVR0OBBYEFK4lXvpNo1srh97xKvVC QQC9UUoU/WoZhAwzOPwnMpyXC/ykGGBpTtnYeFAL6SBd1h1wHAwknyOCzDoB1ZcX
wP/OtbStMIGiBgNVHSMEgZowgZeAFK4lXvpNo1srh97xKvVCwP/OtbStoXykejB4 snNshs+18eXOaAzZohI5fPJTAgMBAAGjgfYwgfMwHQYDVR0OBBYEFFz3KSFpegl4
MQswCQYDVQQGEwJVUzEPMA0GA1UECBMGT3JlZ29uMREwDwYDVQQHEwhQb3J0bGFu nnvNU0IC7M4pDRHfMIHDBgNVHSMEgbswgbiAFFz3KSFpegl4nnvNU0IC7M4pDRHf
ZDEOMAwGA1UEChMFeWFTU0wxFjAUBgNVBAMTDXd3dy55YXNzbC5jb20xHTAbBgkq oYGUpIGRMIGOMQswCQYDVQQGEwJVUzEPMA0GA1UECBMGT3JlZ29uMREwDwYDVQQH
hkiG9w0BCQEWDmluZm9AeWFzc2wuY29tggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI EwhQb3J0bGFuZDEOMAwGA1UEChMFeWFTU0wxFDASBgNVBAsTC3Byb2dyYW1taW5n
hvcNAQEEBQADQQBZGa4bTmWeyvG4Pf/HXhWGEJeMPiIyq051p3CD8vsvr/4mKOlP MRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZvQHlh
1MlJfG9Rfir/oFslRS5m2Q2SlOW4YMZnGvMD c3NsLmNvbYIJAMXXbBE28DXhMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQAD
QQC0pfFxJk25/1TzCR+s4RlZ5exX4/ELso/zKetrxvonMz6R0HdDyc4eD3EHqfcm
4H7/MH1SCuGASEa7menZd851
-----END CERTIFICATE----- -----END CERTIFICATE-----

BIN
extra/yassl/certs/client-key.der
View File

Binary file not shown.

14
extra/yassl/certs/client-key.pem
View File

@ -1,9 +1,9 @@
-----BEGIN RSA PRIVATE KEY----- -----BEGIN RSA PRIVATE KEY-----
MIIBOgIBAAJBAM0feEf4uNYIv718I2GGNiis7jyompTm1SbocVCyJoscHj91stOz MIIBPAIBAAJBAL1RShT9ahmEDDM4/CcynJcL/KQYYGlO2dh4UAvpIF3WHXAcDCSf
Z5UM/XYoZdXOEoKeBgCiCd3OOibdRiqgRXECAwEAAQJAXwa6OVVvg7Bv63+MAI0l I4LMOgHVlxeyc2yGz7Xx5c5oDNmiEjl88lMCAwEAAQJAVGHWLlLhpqvXsEEXCvWh
n/hlMfLGEj9R9gFvJXwywPSEQhijOZmedpHALufFPNHtwba9dmbqMkBAw9JDaAgg HCYono+K8YVGzhiaPSTU212fCoQryIxsXQKGBjhFdZm96DZWp+Vd/t/u+B4ZeaqY
QQIhAO+mBaSmoG5AYVKYQZiASe/2wMZjaQSN+zFLyF97OX8ZAiEA2x5iRmXUkbOT +QIhAOBEfbFtdZqk5OmbbRsRVPI7+YYmubgY1TVIPqmxHQ4NAiEA2BrTQkjOb3ul
8Td/vx8R9mq9W5CJu+cN+SWGwTYhPBkCIGZFM6NQeKaUUvQshdHO7b66Twpa4jZP A/SZO04fJUZsm7Ng92FWHDJsRancSd8CIQCmGbQqZBK1TamJZ6dAY+7RViAx/p6Q
YSNoc9pLe/4BAiB+jIvBkKo2A/rbg2waG32qTXdTXKTPiuA9Fnk/OV30cQIhANuA vjuzMeXPUrFdRQIhAMkfBhg9bCqjFyt8PBPOm/vz8+ZgZlE0/JAXeV7IPCVfAiEA
uMdo+T+rYcNGJ1hCYKDe9JWBpNfSQ+H/A7sWuW8L gZwCFm1ghGxmaoB424YC4DHeDeN/g9xwJHT7EuM9Mvc=
-----END RSA PRIVATE KEY----- -----END RSA PRIVATE KEY-----

12
extra/yassl/certs/client-keyEnc.pem Normal file
View File

@ -0,0 +1,12 @@
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-CBC,B9D8FB94E38635AB
e7bVyzL1RF6p7hl8GDaOrRTcgB4ip+pWWUcnNf6y2tsuAQx/c/Bd5c9ZDc3L5AXC
oOAzWYB+ay1vWkmAQB4ivFS5QzGDf8870d4FbOejwmgPhiHdZNw5xNwscAN6ps0v
dFaUrR9nzWmbycsQCjXZGIZtGFCtXkA8Gdl5OMO4o+rzM0muNPS5fb++x7oNl1YG
gjReu2sQ85dPfMlnoHhr8Pz9LBcxVyOmcqtmT0SOSuPcoj6aDtcZ+EY9MQf6SR9E
ysmrJKMtp+ABgXglAj5hbT0dMpoJ2KpJYk62JAh/A6DDyv5YYUI0W57xY5+QzaV+
YXnIvqwLjJ3cXEV4YH7ozLHAESgnAAUoQsin42rrRKt7GxjSdBoFhWjH69V2nl65
LYRNjE1O5BBEX+rz0S+fe2ZZgT17kUr7eLZCq15J+L5xWQ7R4ERc0w==
-----END RSA PRIVATE KEY-----

12
extra/yassl/certs/client-keyEnc3.pem Normal file
View File

@ -0,0 +1,12 @@
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,BDE979D13CCC0ABD
N7yz2JV13EmQ7MZPL5wamid5+G1V1gp8FKqMemAC5JDxonS/W9oViMLUcxbfPTDx
FznKdYSVTIQ7vv3ofmDG4MEyV/2C568N2kdtAw+jTfrZFN+IU9CI+W+In/nacirF
02sAcvDMofustnooKNOO7/iyb5+3vRvEt5vSSRQn5WuSQ9sUKjuzoLs/lbf7fyAt
4NeqfI3rYBZXxiUOLITOGXzGNRuFoY+o2uDCfelLAJ8uhiVG6ME3LeJEo1dT5lZ8
CSJOLPasKg0iG4V7olM4j9FvAfZr48RRsSfUen756Jo2HpI4bad8LKhFYIdNs2Au
WwKLmjpo6QB9hBmRshR04rEXPdrgTqLBExCE08PyaGYnWU8ggWritCeBzDQFj/n4
sI+NO0Mymuvg98e5RpO52lg3Xnqv9RIK3guLFOmI6aEHC0PS4WwOEQ==
-----END RSA PRIVATE KEY-----

58
extra/yassl/certs/dsa-cert.pem
View File

@ -1,13 +1,14 @@
Certificate: Certificate:
Data: Data:
Version: 3 (0x2) Version: 3 (0x2)
Serial Number: 0 (0x0) Serial Number:
ce:df:23:31:64:b4:13:da
Signature Algorithm: dsaWithSHA1 Signature Algorithm: dsaWithSHA1
Issuer: C=US, ST=Oregon, L=Portland, O=yaSSL DSA, CN=yaSSL DSA/emailAddress=info@yassl.com Issuer: C=US, ST=Oregon, L=Portland, O=yaSSL, OU=testing, CN=www.yassl.com/emailAddress=info@yassl.com
Validity Validity
Not Before: Mar 7 03:22:00 2005 GMT Not Before: Jun 30 18:56:38 2010 GMT
Not After : Apr 1 03:22:00 2046 GMT Not After : Mar 26 18:56:39 2013 GMT
Subject: C=US, ST=Oregon, L=Portland, O=yaSSL DSA, CN=yaSSL DSA/emailAddress=info@yassl.com Subject: C=US, ST=Oregon, L=Portland, O=yaSSL, OU=testing, CN=www.yassl.com/emailAddress=info@yassl.com
Subject Public Key Info: Subject Public Key Info:
Public Key Algorithm: dsaEncryption Public Key Algorithm: dsaEncryption
DSA Public Key: DSA Public Key:
@ -37,32 +38,33 @@ Certificate:
BE:F9:8C:5D:D6:1C:B4:EE:81:DD:36:56:0A:21:E4:61:44:73:E9:E2 BE:F9:8C:5D:D6:1C:B4:EE:81:DD:36:56:0A:21:E4:61:44:73:E9:E2
X509v3 Authority Key Identifier: X509v3 Authority Key Identifier:
keyid:BE:F9:8C:5D:D6:1C:B4:EE:81:DD:36:56:0A:21:E4:61:44:73:E9:E2 keyid:BE:F9:8C:5D:D6:1C:B4:EE:81:DD:36:56:0A:21:E4:61:44:73:E9:E2
DirName:/C=US/ST=Oregon/L=Portland/O=yaSSL DSA/CN=yaSSL DSA/emailAddress=info@yassl.com DirName:/C=US/ST=Oregon/L=Portland/O=yaSSL/OU=testing/CN=www.yassl.com/emailAddress=info@yassl.com
serial:00 serial:CE:DF:23:31:64:B4:13:DA
X509v3 Basic Constraints: X509v3 Basic Constraints:
CA:TRUE CA:TRUE
Signature Algorithm: dsaWithSHA1 Signature Algorithm: dsaWithSHA1
30:2c:02:14:7e:5e:94:fc:7f:ca:81:ab:b3:32:f7:21:83:48: 30:2d:02:14:00:a3:21:20:34:6a:2c:f9:fb:76:d7:20:c9:c0:
48:5f:0a:f1:13:ca:02:14:73:54:32:14:51:22:bf:0b:ec:d7: 35:1b:64:9a:c2:83:02:15:00:a4:59:ac:6d:da:85:48:ff:f5:
6a:6a:fa:a7:1d:46:b4:c2:a3:b5 0d:49:72:c8:cd:91:fc:ec:2f:5c:63
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIDMjCCAvKgAwIBAgIBADAJBgcqhkjOOAQDMHgxCzAJBgNVBAYTAlVTMQ8wDQYD MIIDfjCCAz2gAwIBAgIJAM7fIzFktBPaMAkGByqGSM44BAMwgYoxCzAJBgNVBAYT
VQQIEwZPcmVnb24xETAPBgNVBAcTCFBvcnRsYW5kMRIwEAYDVQQKEwl5YVNTTCBE AlVTMQ8wDQYDVQQIEwZPcmVnb24xETAPBgNVBAcTCFBvcnRsYW5kMQ4wDAYDVQQK
U0ExEjAQBgNVBAMTCXlhU1NMIERTQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B5YXNz EwV5YVNTTDEQMA4GA1UECxMHdGVzdGluZzEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNv
bC5jb20wHhcNMDUwMzA3MDMyMjAwWhcNNDYwNDAxMDMyMjAwWjB4MQswCQYDVQQG bTEdMBsGCSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20wHhcNMTAwNjMwMTg1NjM4
EwJVUzEPMA0GA1UECBMGT3JlZ29uMREwDwYDVQQHEwhQb3J0bGFuZDESMBAGA1UE WhcNMTMwMzI2MTg1NjM5WjCBijELMAkGA1UEBhMCVVMxDzANBgNVBAgTBk9yZWdv
ChMJeWFTU0wgRFNBMRIwEAYDVQQDEwl5YVNTTCBEU0ExHTAbBgkqhkiG9w0BCQEW bjERMA8GA1UEBxMIUG9ydGxhbmQxDjAMBgNVBAoTBXlhU1NMMRAwDgYDVQQLEwd0
DmluZm9AeWFzc2wuY29tMIHwMIGoBgcqhkjOOAQBMIGcAkEAmSlpgMk8mGhFqYL+ ZXN0aW5nMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0wGwYJKoZIhvcNAQkBFg5p
Z+uViMW0DNYmRZUZLKAgW37faencww/zYQolm/IhAWrNqow358pm21b0D3160Ri5 bmZvQHlhc3NsLmNvbTCB8DCBqAYHKoZIzjgEATCBnAJBAJkpaYDJPJhoRamC/mfr
Qv0bEQIVAK0lKasKnwkcwa0DIHZ/prfdTQMJAkASiJna59ALk5vm7jwhf5yztI2l lYjFtAzWJkWVGSygIFt+32np3MMP82EKJZvyIQFqzaqMN+fKZttW9A99etEYuUL9
jOI3gD8X0YFPvfBxtjIIVN2/AeKzdwZkdYoE1nk5sQIDA8YGdOWQBQoQRhkxA0MA GxECFQCtJSmrCp8JHMGtAyB2f6a33U0DCQJAEoiZ2ufQC5Ob5u48IX+cs7SNpYzi
AkAEhKAmMXIM6E9dUxdisYDKwBZfwx7qxdmYOPm+VlNHaM4IIlccuw13kc9bNu3z N4A/F9GBT73wcbYyCFTdvwHis3cGZHWKBNZ5ObECAwPGBnTlkAUKEEYZMQNDAAJA
JIKQis2QfNt3+Rctc3Pvu7mCo4HVMIHSMB0GA1UdDgQWBBS++Yxd1hy07oHdNlYK BISgJjFyDOhPXVMXYrGAysAWX8Me6sXZmDj5vlZTR2jOCCJXHLsNd5HPWzbt8ySC
IeRhRHPp4jCBogYDVR0jBIGaMIGXgBS++Yxd1hy07oHdNlYKIeRhRHPp4qF8pHow kIrNkHzbd/kXLXNz77u5gqOB8jCB7zAdBgNVHQ4EFgQUvvmMXdYctO6B3TZWCiHk
eDELMAkGA1UEBhMCVVMxDzANBgNVBAgTBk9yZWdvbjERMA8GA1UEBxMIUG9ydGxh YURz6eIwgb8GA1UdIwSBtzCBtIAUvvmMXdYctO6B3TZWCiHkYURz6eKhgZCkgY0w
bmQxEjAQBgNVBAoTCXlhU1NMIERTQTESMBAGA1UEAxMJeWFTU0wgRFNBMR0wGwYJ gYoxCzAJBgNVBAYTAlVTMQ8wDQYDVQQIEwZPcmVnb24xETAPBgNVBAcTCFBvcnRs
KoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbYIBADAMBgNVHRMEBTADAQH/MAkGByqG YW5kMQ4wDAYDVQQKEwV5YVNTTDEQMA4GA1UECxMHdGVzdGluZzEWMBQGA1UEAxMN
SM44BAMDLwAwLAIUfl6U/H/KgauzMvchg0hIXwrxE8oCFHNUMhRRIr8L7Ndqavqn d3d3Lnlhc3NsLmNvbTEdMBsGCSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb22CCQDO
HUa0wqO1 3yMxZLQT2jAMBgNVHRMEBTADAQH/MAkGByqGSM44BAMDMAAwLQIUAKMhIDRqLPn7
dtcgycA1G2SawoMCFQCkWaxt2oVI//UNSXLIzZH87C9cYw==
-----END CERTIFICATE----- -----END CERTIFICATE-----

BIN
extra/yassl/certs/dsa512.der
View File

Binary file not shown.

49
extra/yassl/certs/server-cert.pem
View File

@ -3,36 +3,37 @@ Certificate:
Version: 1 (0x0) Version: 1 (0x0)
Serial Number: 1 (0x1) Serial Number: 1 (0x1)
Signature Algorithm: md5WithRSAEncryption Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, ST=Oregon, L=Portland, O=sawtooth, CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com Issuer: C=US, ST=Montana, L=Bozeman, O=sawtooth, OU=consulting, CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
Validity Validity
Not Before: Mar 8 03:00:47 2005 GMT Not Before: Jun 30 18:52:17 2010 GMT
Not After : Apr 2 03:00:47 2046 GMT Not After : Mar 26 18:52:17 2013 GMT
Subject: C=US, ST=Oregon, L=Portland, O=taoSoftDev, CN=www.taosoftdev.com/emailAddress=info@yassl.com Subject: C=US, ST=Montana, L=Bozeman, O=yaSSL, OU=support, CN=www.yassl.com/emailAddress=info@yassl.com
Subject Public Key Info: Subject Public Key Info:
Public Key Algorithm: rsaEncryption Public Key Algorithm: rsaEncryption
RSA Public Key: (512 bit) RSA Public Key: (512 bit)
Modulus (512 bit): Modulus (512 bit):
00:a4:68:bb:bc:b7:27:5f:3c:f5:78:c6:1a:af:b9: 00:c6:7b:c0:68:81:2f:de:82:3f:f9:ac:c3:86:4a:
95:fc:7e:61:1f:a8:81:0a:ca:43:88:9a:03:e0:d0: 66:b7:ec:d4:f1:f6:64:21:ff:f5:a2:34:42:d0:38:
a6:79:70:16:34:b9:7c:75:54:ca:70:19:66:38:be: 9f:c6:dd:3b:6e:26:65:6a:54:96:dd:d2:7b:eb:36:
6e:28:7e:a5:ff:6b:3c:83:2f:39:42:c3:15:f3:bd: a2:ae:7e:2a:9e:7e:56:a5:b6:87:9f:15:c7:18:66:
f2:25:93:22:e7 7e:16:77:e2:a7
Exponent: 65537 (0x10001) Exponent: 65537 (0x10001)
Signature Algorithm: md5WithRSAEncryption Signature Algorithm: md5WithRSAEncryption
36:72:12:3b:ac:e4:58:83:09:86:4f:71:2a:3a:0d:8a:05:27: 58:a9:98:e7:16:52:4c:40:e7:e1:47:92:19:1b:3a:8f:97:6c:
75:f3:3e:62:4f:ab:b8:70:20:cd:ad:70:ab:91:11:68:f8:82: 7b:b7:b0:cb:20:6d:ad:b5:d3:47:58:d8:e4:f2:3e:32:e9:ef:
33:e2:78:85:a8:16:f5:66:bd:68:2c:5a:26:15:12:1e:6e:83: 87:77:e5:54:36:f4:8d:50:8d:07:b4:77:45:ea:9d:a4:33:36:
c7:6d:62:b9:c3:ff:e1:86:e4:e6 9b:0b:e0:74:58:11:c5:01:7b:4d
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIB9zCCAaECAQEwDQYJKoZIhvcNAQEEBQAwgYkxCzAJBgNVBAYTAlVTMQ8wDQYD MIICFDCCAb4CAQEwDQYJKoZIhvcNAQEEBQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYD
VQQIEwZPcmVnb24xETAPBgNVBAcTCFBvcnRsYW5kMREwDwYDVQQKEwhzYXd0b290 VQQIEwdNb250YW5hMRAwDgYDVQQHEwdCb3plbWFuMREwDwYDVQQKEwhzYXd0b290
aDEkMCIGA1UEAxMbd3d3LnNhd3Rvb3RoLWNvbnN1bHRpbmcuY29tMR0wGwYJKoZI aDETMBEGA1UECxMKY29uc3VsdGluZzEkMCIGA1UEAxMbd3d3LnNhd3Rvb3RoLWNv
hvcNAQkBFg5pbmZvQHlhc3NsLmNvbTAeFw0wNTAzMDgwMzAwNDdaFw00NjA0MDIw bnN1bHRpbmcuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbTAeFw0x
MzAwNDdaMIGCMQswCQYDVQQGEwJVUzEPMA0GA1UECBMGT3JlZ29uMREwDwYDVQQH MDA2MzAxODUyMTdaFw0xMzAzMjYxODUyMTdaMIGKMQswCQYDVQQGEwJVUzEQMA4G
EwhQb3J0bGFuZDETMBEGA1UEChMKdGFvU29mdERldjEbMBkGA1UEAxMSd3d3LnRh A1UECBMHTW9udGFuYTEQMA4GA1UEBxMHQm96ZW1hbjEOMAwGA1UEChMFeWFTU0wx
b3NvZnRkZXYuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbTBcMA0G EDAOBgNVBAsTB3N1cHBvcnQxFjAUBgNVBAMTDXd3dy55YXNzbC5jb20xHTAbBgkq
CSqGSIb3DQEBAQUAA0sAMEgCQQCkaLu8tydfPPV4xhqvuZX8fmEfqIEKykOImgPg hkiG9w0BCQEWDmluZm9AeWFzc2wuY29tMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJB
0KZ5cBY0uXx1VMpwGWY4vm4ofqX/azyDLzlCwxXzvfIlkyLnAgMBAAEwDQYJKoZI AMZ7wGiBL96CP/msw4ZKZrfs1PH2ZCH/9aI0QtA4n8bdO24mZWpUlt3Se+s2oq5+
hvcNAQEEBQADQQA2chI7rORYgwmGT3EqOg2KBSd18z5iT6u4cCDNrXCrkRFo+IIz Kp5+VqW2h58VxxhmfhZ34qcCAwEAATANBgkqhkiG9w0BAQQFAANBAFipmOcWUkxA
4niFqBb1Zr1oLFomFRIeboPHbWK5w//hhuTm 5+FHkhkbOo+XbHu3sMsgba2100dY2OTyPjLp74d35VQ29I1QjQe0d0XqnaQzNpsL
4HRYEcUBe00=
-----END CERTIFICATE----- -----END CERTIFICATE-----

14
extra/yassl/certs/server-key.pem
View File

@ -1,9 +1,9 @@
-----BEGIN RSA PRIVATE KEY----- -----BEGIN RSA PRIVATE KEY-----
MIIBOQIBAAJBAKRou7y3J1889XjGGq+5lfx+YR+ogQrKQ4iaA+DQpnlwFjS5fHVU MIIBOwIBAAJBAMZ7wGiBL96CP/msw4ZKZrfs1PH2ZCH/9aI0QtA4n8bdO24mZWpU
ynAZZji+bih+pf9rPIMvOULDFfO98iWTIucCAwEAAQJABLVvMw931DV1vljGKORC lt3Se+s2oq5+Kp5+VqW2h58VxxhmfhZ34qcCAwEAAQJBAJSbGxgjgV+rTZL2Ev58
1HF2LKbx0zJJzt7CX6z6J54vcE79K3NYXdU6o7/j1WTtfD47tFG+4ljGvSYPmrCI viN/IoB25cm/Bn4Heu7DNn2A2kpdGX2cCaf7rEQoIKCiHxvopvxOcd/7nLS/gNli
2QIhANfiY6is6JUJGGgeMxyWeQRPXfaE9Yrk6OhxHhpYf5CTAiEAwvWraeLPy/NE dCECIQD/cX/9fvB1Uajw0fmvwNON9+3P9uJSqpig90zL32pwjQIhAMbqee9TBMN4
B+0w80mh8tCv2tpuKaYMOG53XpYX3N0CIDy/Bj3rUZLGOWjqvoUXzjupPY5lgVYw TxXbgWqA92PrCXe8WDZ3PwoJqdR6MRUDAiEAny+TDF1z6hiWiGTCDgXDkKBlwgjf
7Vyin87YAiUjAiAgM8X5em5KSMc+6+2+8bWfTtsNMjEqDfRMyepLpE0SvQIgTSYL p5aKgR077XzwLu0CICVpWEGg1ZaF/CnaPP7w/pZ2UDOK4vRrfRnAM4bY7H5NAiBS
WWfcZoRUPDM9GEuQ40nifVNjobzvjTW4aYyHCEI= 1eXJ/MCZ2uPfpl7XK2BU9P69KdKUk5WHxdRchVvcDg==
-----END RSA PRIVATE KEY----- -----END RSA PRIVATE KEY-----

12
extra/yassl/certs/server-keyEnc.pem Normal file
View File

@ -0,0 +1,12 @@
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-CBC,08132C1FFF5BC8CC
gsvuAsGmB8AkR23M25w4E6wuywfBey1Jqh3g71gJcnsUYwynex9dvfAU0lTowOXh
sb7ld1KNjEMzrht9AC1IC0iE1rLqvRQZOdJ7h3n7aHZQ4a/HjcwAhqJq0ZW45m6Q
mpoO5fRISjx2VbKFRUz6Xj2x0/do3IjQhpuUDVrTFFe1sEySM6APZ6CVpcnTOyPR
ADyLDKzOi2E+sj1UXs58pct56FaqTIZPUEflICU3k6q9FPU6gsYANRLfzegclkv4
JAx6mKVSJuYnjCCppx8WBwGJa1J1GcYRJ3qFfdbUzL4bcXTvoFkJEnDkHsXgDUS6
xmT0XGT3IMaW8cwQ8KD8m5YYI/L26Mas/w3eA2ekyMR8pYICjXp/YZtcKxxkQSVE
Uv/+D+20KbNAHIW5Mrxf61cX/CggGEbVP8ZhDY1flh8=
-----END RSA PRIVATE KEY-----

12
extra/yassl/certs/taoCert.txt
View File

@ -47,4 +47,16 @@ to convert rsa private PEM to DER :
b) openssl rsa -in key.pem -outform DER -out key.der b) openssl rsa -in key.pem -outform DER -out key.der
**** To encrypt rsa key already in pem **********
a) openssl rsa <server-key.pem.bak -des >server-keyEnc.pem
note location of des, pass = yassl123
*** To make a public key from a private key ******
openssl rsa -in 1024rsa.priv -pubout -out 1024rsa.pub

22
extra/yassl/examples/client/client.cpp
View File

@ -18,15 +18,20 @@ void ClientError(SSL_CTX* ctx, SSL* ssl, SOCKET_T& sockfd, const char* msg)
void NonBlockingSSL_Connect(SSL* ssl, SSL_CTX* ctx, SOCKET_T& sockfd) void NonBlockingSSL_Connect(SSL* ssl, SSL_CTX* ctx, SOCKET_T& sockfd)
{ {
int ret = SSL_connect(ssl); int ret = SSL_connect(ssl);
while (ret =! SSL_SUCCESS && SSL_get_error(ssl, 0) == int err = SSL_get_error(ssl, 0);
SSL_ERROR_WANT_READ) { while (ret != SSL_SUCCESS && (err == SSL_ERROR_WANT_READ ||
printf("... client would block\n"); err == SSL_ERROR_WANT_WRITE)) {
if (err == SSL_ERROR_WANT_READ)
printf("... client would read block\n");
else
printf("... client would write block\n");
#ifdef _WIN32 #ifdef _WIN32
Sleep(1000); Sleep(1000);
#else #else
sleep(1); sleep(1);
#endif #endif
ret = SSL_connect(ssl); ret = SSL_connect(ssl);
err = SSL_get_error(ssl, 0);
} }
if (ret != SSL_SUCCESS) if (ret != SSL_SUCCESS)
ClientError(ctx, ssl, sockfd, "SSL_connect failed"); ClientError(ctx, ssl, sockfd, "SSL_connect failed");
@ -63,7 +68,8 @@ void client_test(void* args)
#ifdef NON_BLOCKING #ifdef NON_BLOCKING
NonBlockingSSL_Connect(ssl, ctx, sockfd); NonBlockingSSL_Connect(ssl, ctx, sockfd);
#else #else
if (SSL_connect(ssl) != SSL_SUCCESS) // if you get an error here see note at top of README
if (SSL_connect(ssl) != SSL_SUCCESS)
ClientError(ctx, ssl, sockfd, "SSL_connect failed"); ClientError(ctx, ssl, sockfd, "SSL_connect failed");
#endif #endif
showPeer(ssl); showPeer(ssl);
@ -87,7 +93,7 @@ void client_test(void* args)
int input = SSL_read(ssl, reply, sizeof(reply)); int input = SSL_read(ssl, reply, sizeof(reply));
if (input > 0) { if (input > 0) {
reply[input] = 0; reply[input] = 0;
printf("Server response: %s\n", reply); printf("Server response: %s\n", reply);
} }
#ifdef TEST_RESUME #ifdef TEST_RESUME
@ -103,18 +109,18 @@ void client_test(void* args)
tcp_connect(sockfd); tcp_connect(sockfd);
SSL_set_fd(sslResume, sockfd); SSL_set_fd(sslResume, sockfd);
SSL_set_session(sslResume, session); SSL_set_session(sslResume, session);
if (SSL_connect(sslResume) != SSL_SUCCESS) if (SSL_connect(sslResume) != SSL_SUCCESS)
ClientError(ctx, sslResume, sockfd, "SSL_resume failed"); ClientError(ctx, sslResume, sockfd, "SSL_resume failed");
showPeer(sslResume); showPeer(sslResume);
if (SSL_write(sslResume, msg, sizeof(msg)) != sizeof(msg)) if (SSL_write(sslResume, msg, sizeof(msg)) != sizeof(msg))
ClientError(ctx, sslResume, sockfd, "SSL_write failed"); ClientError(ctx, sslResume, sockfd, "SSL_write failed");
input = SSL_read(sslResume, reply, sizeof(reply)); input = SSL_read(sslResume, reply, sizeof(reply));
if (input > 0) { if (input > 0) {
reply[input] = 0; reply[input] = 0;
printf("Server response: %s\n", reply); printf("Server response: %s\n", reply);
} }
SSL_shutdown(sslResume); SSL_shutdown(sslResume);

6
extra/yassl/examples/echoclient/echoclient.cpp
View File

@ -56,10 +56,10 @@ void echoclient_test(void* args)
char send[1024]; char send[1024];
char reply[1024]; char reply[1024];
while (fgets(send, sizeof(send), fin)) { while (fgets(send, sizeof(send), fin)) {
int sendSz = strlen(send) + 1; int sendSz = (int)strlen(send) + 1;
if (SSL_write(ssl, send, sendSz) != sendSz) if (SSL_write(ssl, send, sendSz) != sendSz)
EchoClientError(ctx, ssl, sockfd, "SSL_write failed"); EchoClientError(ctx, ssl, sockfd, "SSL_write failed");
@ -68,7 +68,7 @@ void echoclient_test(void* args)
break; break;
} }
if (SSL_read(ssl, reply, sizeof(reply)) > 0) if (SSL_read(ssl, reply, sizeof(reply)) > 0)
fputs(reply, fout); fputs(reply, fout);
} }

12
extra/yassl/examples/echoserver/echoserver.cpp
View File

@ -75,11 +75,11 @@ THREAD_RETURN YASSL_API echoserver_test(void* args)
#endif #endif
while (!shutdown) { while (!shutdown) {
sockaddr_in client; SOCKADDR_IN_T client;
socklen_t client_len = sizeof(client); socklen_t client_len = sizeof(client);
SOCKET_T clientfd = accept(sockfd, (sockaddr*)&client, SOCKET_T clientfd = accept(sockfd, (sockaddr*)&client,
(ACCEPT_THIRD_T)&client_len); (ACCEPT_THIRD_T)&client_len);
if (clientfd == -1) { if (clientfd == (SOCKET_T) -1) {
SSL_CTX_free(ctx); SSL_CTX_free(ctx);
tcp_close(sockfd); tcp_close(sockfd);
err_sys("tcp accept failed"); err_sys("tcp accept failed");
@ -93,11 +93,11 @@ THREAD_RETURN YASSL_API echoserver_test(void* args)
tcp_close(clientfd); tcp_close(clientfd);
continue; continue;
} }
char command[1024]; char command[1024];
int echoSz(0); int echoSz(0);
while ( (echoSz = SSL_read(ssl, command, sizeof(command))) > 0) { while ( (echoSz = SSL_read(ssl, command, sizeof(command))) > 0) {
if ( strncmp(command, "quit", 4) == 0) { if ( strncmp(command, "quit", 4) == 0) {
printf("client sent quit command: shutting down!\n"); printf("client sent quit command: shutting down!\n");
shutdown = true; shutdown = true;
@ -109,7 +109,7 @@ THREAD_RETURN YASSL_API echoserver_test(void* args)
char header[] = "<html><body BGCOLOR=\"#ffffff\">\n<pre>\n"; char header[] = "<html><body BGCOLOR=\"#ffffff\">\n<pre>\n";
char body[] = "greetings from yaSSL\n"; char body[] = "greetings from yaSSL\n";
char footer[] = "</body></html>\r\n\r\n"; char footer[] = "</body></html>\r\n\r\n";
strncpy(command, type, sizeof(type)); strncpy(command, type, sizeof(type));
echoSz = sizeof(type) - 1; echoSz = sizeof(type) - 1;
@ -122,7 +122,7 @@ THREAD_RETURN YASSL_API echoserver_test(void* args)
if (SSL_write(ssl, command, echoSz) != echoSz) if (SSL_write(ssl, command, echoSz) != echoSz)
EchoError(ctx, ssl, sockfd, clientfd, "SSL_write failed"); EchoError(ctx, ssl, sockfd, clientfd, "SSL_write failed");
break; break;
} }
command[echoSz] = 0; command[echoSz] = 0;

17
extra/yassl/examples/server/server.cpp
View File

@ -17,15 +17,20 @@ void ServerError(SSL_CTX* ctx, SSL* ssl, SOCKET_T& sockfd, const char* msg)
void NonBlockingSSL_Accept(SSL* ssl, SSL_CTX* ctx, SOCKET_T& clientfd) void NonBlockingSSL_Accept(SSL* ssl, SSL_CTX* ctx, SOCKET_T& clientfd)
{ {
int ret = SSL_accept(ssl); int ret = SSL_accept(ssl);
while (ret != SSL_SUCCESS && SSL_get_error(ssl, 0) == int err = SSL_get_error(ssl, 0);
SSL_ERROR_WANT_READ) { while (ret != SSL_SUCCESS && (err == SSL_ERROR_WANT_READ ||
printf("... server would block\n"); err == SSL_ERROR_WANT_WRITE)) {
if (err == SSL_ERROR_WANT_READ)
printf("... server would read block\n");
else
printf("... server would write block\n");
#ifdef _WIN32 #ifdef _WIN32
Sleep(1000); Sleep(1000);
#else #else
sleep(1); sleep(1);
#endif #endif
ret = SSL_accept(ssl); ret = SSL_accept(ssl);
err = SSL_get_error(ssl, 0);
} }
if (ret != SSL_SUCCESS) if (ret != SSL_SUCCESS)
ServerError(ctx, ssl, clientfd, "SSL_accept failed"); ServerError(ctx, ssl, clientfd, "SSL_accept failed");
@ -60,14 +65,14 @@ THREAD_RETURN YASSL_API server_test(void* args)
SSL* ssl = SSL_new(ctx); SSL* ssl = SSL_new(ctx);
SSL_set_fd(ssl, clientfd); SSL_set_fd(ssl, clientfd);
#ifdef NON_BLOCKING #ifdef NON_BLOCKING
NonBlockingSSL_Accept(ssl, ctx, clientfd); NonBlockingSSL_Accept(ssl, ctx, clientfd);
#else #else
if (SSL_accept(ssl) != SSL_SUCCESS) if (SSL_accept(ssl) != SSL_SUCCESS)
ServerError(ctx, ssl, clientfd, "SSL_accept failed"); ServerError(ctx, ssl, clientfd, "SSL_accept failed");
#endif #endif
showPeer(ssl); showPeer(ssl);
printf("Using Cipher Suite: %s\n", SSL_get_cipher(ssl)); printf("Using Cipher Suite: %s\n", SSL_get_cipher(ssl));
@ -75,7 +80,7 @@ THREAD_RETURN YASSL_API server_test(void* args)
int input = SSL_read(ssl, command, sizeof(command)); int input = SSL_read(ssl, command, sizeof(command));
if (input > 0) { if (input > 0) {
command[input] = 0; command[input] = 0;
printf("First client command: %s\n", command); printf("First client command: %s\n", command);
} }
char msg[] = "I hear you, fa shizzle!"; char msg[] = "I hear you, fa shizzle!";

10
extra/yassl/include/buffer.hpp
View File

@ -46,12 +46,6 @@ typedef unsigned int uint;
const uint AUTO = 0xFEEDBEEF; const uint AUTO = 0xFEEDBEEF;
// Checking Policy should implement a check function that tests whether the
// index is within the size limit of the array
struct Check {
void check(uint i, uint limit);
};
struct NoCheck { struct NoCheck {
void check(uint, uint); void check(uint, uint);
@ -66,7 +60,7 @@ struct NoCheck {
* write to the buffer bulk wise and have the correct size * write to the buffer bulk wise and have the correct size
*/ */
class input_buffer : public Check { class input_buffer : public NoCheck {
uint size_; // number of elements in buffer uint size_; // number of elements in buffer
uint current_; // current offset position in buffer uint current_; // current offset position in buffer
byte* buffer_; // storage for buffer byte* buffer_; // storage for buffer
@ -132,7 +126,7 @@ private:
* Not using vector because need checked []access and the ability to * Not using vector because need checked []access and the ability to
* write to the buffer bulk wise and retain correct size * write to the buffer bulk wise and retain correct size
*/ */
class output_buffer : public Check { class output_buffer : public NoCheck {
uint current_; // current offset and elements in buffer uint current_; // current offset and elements in buffer
byte* buffer_; // storage for buffer byte* buffer_; // storage for buffer
byte* end_; // end of storage marker byte* end_; // end of storage marker

5
extra/yassl/include/cert_wrapper.hpp
View File

@ -12,8 +12,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */

56
extra/yassl/include/openssl/ssl.h
View File

@ -1,5 +1,5 @@
/* /*
Copyright (c) 2005-2007 MySQL AB, 2008 Sun Microsystems, Inc. Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
Use is subject to license terms. Use is subject to license terms.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
@ -12,8 +12,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
/* ssl.h defines openssl compatibility layer /* ssl.h defines openssl compatibility layer
@ -29,12 +30,12 @@
#include "prefix_ssl.h" #include "prefix_ssl.h"
#endif #endif
#include <stdio.h> /* ERR_print fp */ #include <stdio.h> /* ERR_print fp */
#include "opensslv.h" /* for version number */ #include "opensslv.h" /* for version number */
#include "rsa.h" #include "rsa.h"
#define YASSL_VERSION "1.7.2" #define YASSL_VERSION "2.2.0"
#if defined(__cplusplus) #if defined(__cplusplus)
@ -42,9 +43,9 @@ extern "C" {
#endif #endif
void yaSSL_CleanUp(); /* call once at end of application use to void yaSSL_CleanUp(); /* call once at end of application use to
free static singleton memory holders, free static singleton memory holders,
not a leak per se, but helpful when not a leak per se, but helpful when
looking for them */ looking for them */
#if defined(__cplusplus) #if defined(__cplusplus)
} // extern } // extern
@ -69,11 +70,11 @@ extern "C" {
class X509; class X509;
class X509_NAME; class X509_NAME;
#else #else
typedef struct SSL SSL; typedef struct SSL SSL;
typedef struct SSL_SESSION SSL_SESSION; typedef struct SSL_SESSION SSL_SESSION;
typedef struct SSL_METHOD SSL_METHOD; typedef struct SSL_METHOD SSL_METHOD;
typedef struct SSL_CTX SSL_CTX; typedef struct SSL_CTX SSL_CTX;
typedef struct SSL_CIPHER SSL_CIPHER; typedef struct SSL_CIPHER SSL_CIPHER;
typedef struct RSA RSA; typedef struct RSA RSA;
@ -106,6 +107,15 @@ RSA* RSA_generate_key(int, unsigned long, void(*)(int, int, void*), void*);
/* X509 stuff, different file? */ /* X509 stuff, different file? */
/* because mySQL dereferences to use error and current_cert, even after calling
* get functions for local references */
typedef struct X509_STORE_CTX {
int error;
int error_depth;
X509* current_cert;
} X509_STORE_CTX;
typedef struct X509_STORE X509_STORE; typedef struct X509_STORE X509_STORE;
typedef struct X509_LOOKUP X509_LOOKUP; typedef struct X509_LOOKUP X509_LOOKUP;
typedef struct X509_OBJECT { char c; } X509_OBJECT; typedef struct X509_OBJECT { char c; } X509_OBJECT;
@ -124,16 +134,6 @@ typedef struct BIO BIO;
/* because mySQL dereferences to use error and current_cert, even after calling
* get functions for local references */
typedef struct X509_STORE_CTX {
int error;
int error_depth;
X509* current_cert;
} X509_STORE_CTX;
X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX*); X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX*);
int X509_STORE_CTX_get_error(X509_STORE_CTX*); int X509_STORE_CTX_get_error(X509_STORE_CTX*);
int X509_STORE_CTX_get_error_depth(X509_STORE_CTX*); int X509_STORE_CTX_get_error_depth(X509_STORE_CTX*);
@ -204,7 +204,7 @@ SSL* SSL_new(SSL_CTX*);
int SSL_set_fd (SSL*, YASSL_SOCKET_T); int SSL_set_fd (SSL*, YASSL_SOCKET_T);
YASSL_SOCKET_T SSL_get_fd(const SSL*); YASSL_SOCKET_T SSL_get_fd(const SSL*);
int SSL_connect(SSL*); /* if you get an error from connect int SSL_connect(SSL*); /* if you get an error from connect
see note at top of REAMDE */ see note at top of README */
int SSL_write(SSL*, const void*, int); int SSL_write(SSL*, const void*, int);
int SSL_read(SSL*, void*, int); int SSL_read(SSL*, void*, int);
int SSL_accept(SSL*); int SSL_accept(SSL*);
@ -350,11 +350,11 @@ enum { /* ssl Constants */
SSL_ERROR_ZERO_RETURN = 84, SSL_ERROR_ZERO_RETURN = 84,
SSL_ERROR_SSL = 85, SSL_ERROR_SSL = 85,
SSL_SENT_SHUTDOWN = 90, SSL_ST_CONNECT = 90,
SSL_RECEIVED_SHUTDOWN = 91, SSL_ST_ACCEPT = 91,
SSL_CB_LOOP = 92, SSL_CB_LOOP = 92,
SSL_ST_CONNECT = 93, SSL_SENT_SHUTDOWN = 93,
SSL_ST_ACCEPT = 94, SSL_RECEIVED_SHUTDOWN = 94,
SSL_CB_ALERT = 95, SSL_CB_ALERT = 95,
SSL_CB_READ = 96, SSL_CB_READ = 96,
SSL_CB_HANDSHAKE_DONE = 97 SSL_CB_HANDSHAKE_DONE = 97
@ -365,7 +365,7 @@ enum { /* ssl Constants */
SSL_METHOD *SSLv3_method(void); SSL_METHOD *SSLv3_method(void);
SSL_METHOD *SSLv3_server_method(void); SSL_METHOD *SSLv3_server_method(void);
SSL_METHOD *SSLv3_client_method(void); SSL_METHOD *SSLv3_client_method(void);
SSL_METHOD *TLSv1_server_method(void); SSL_METHOD *TLSv1_server_method(void);
SSL_METHOD *TLSv1_client_method(void); SSL_METHOD *TLSv1_client_method(void);
SSL_METHOD *TLSv1_1_server_method(void); SSL_METHOD *TLSv1_1_server_method(void);
SSL_METHOD *TLSv1_1_client_method(void); SSL_METHOD *TLSv1_1_client_method(void);

4
extra/yassl/include/socket_wrapper.hpp
View File

@ -26,7 +26,6 @@
#ifndef yaSSL_SOCKET_WRAPPER_HPP #ifndef yaSSL_SOCKET_WRAPPER_HPP
#define yaSSL_SOCKET_WRAPPER_HPP #define yaSSL_SOCKET_WRAPPER_HPP
#include <assert.h>
#ifdef _WIN32 #ifdef _WIN32
#include <winsock2.h> #include <winsock2.h>
@ -73,7 +72,8 @@ public:
uint get_ready() const; uint get_ready() const;
socket_t get_fd() const; socket_t get_fd() const;
uint send(const byte* buf, unsigned int len, int flags = 0) const; uint send(const byte* buf, unsigned int len, unsigned int& sent,
int flags = 0);
uint receive(byte* buf, unsigned int len, int flags = 0); uint receive(byte* buf, unsigned int len, int flags = 0);
bool wait(); bool wait();

5
extra/yassl/include/yassl_error.hpp
View File

@ -12,8 +12,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */

5
extra/yassl/include/yassl_imp.hpp
View File

@ -12,8 +12,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
/* yaSSL implementation header defines all strucutres from the SSL.v3 /* yaSSL implementation header defines all strucutres from the SSL.v3

73
extra/yassl/include/yassl_int.hpp
View File

@ -1,6 +1,5 @@
/* /*
Copyright (c) 2005-2007 MySQL AB, 2008, 2009 Sun Microsystems, Inc. Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
Use is subject to license terms.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -12,8 +11,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
@ -34,9 +34,8 @@
#include "openssl/ssl.h" // ASN1_STRING and DH #include "openssl/ssl.h" // ASN1_STRING and DH
// Check if _POSIX_THREADS should be forced // Check if _POSIX_THREADS should be forced
#if !defined(_POSIX_THREADS) && (defined(__NETWARE__) || defined(__hpux)) #if !defined(_POSIX_THREADS) && defined(__hpux)
// HPUX does not define _POSIX_THREADS as it's not _fully_ implemented // HPUX does not define _POSIX_THREADS as it's not _fully_ implemented
// Netware supports pthreads but does not announce it
#define _POSIX_THREADS #define _POSIX_THREADS
#endif #endif
@ -169,7 +168,7 @@ private:
// openSSL X509 names // openSSL X509 names
class X509_NAME { class X509_NAME {
char* name_; char* name_;
size_t sz_; size_t sz_;
ASN1_STRING entry_; ASN1_STRING entry_;
public: public:
@ -247,11 +246,11 @@ public:
SSL_SESSION(const SSL&, RandomPool&); SSL_SESSION(const SSL&, RandomPool&);
~SSL_SESSION(); ~SSL_SESSION();
const opaque* GetID() const; const opaque* GetID() const;
const opaque* GetSecret() const; const opaque* GetSecret() const;
const Cipher* GetSuite() const; const Cipher* GetSuite() const;
uint GetBornOn() const; uint GetBornOn() const;
uint GetTimeOut() const; uint GetTimeOut() const;
X509* GetPeerX509() const; X509* GetPeerX509() const;
void SetTimeOut(uint); void SetTimeOut(uint);
@ -418,33 +417,33 @@ class SSL_CTX {
public: public:
typedef STL::list<x509*> CertList; typedef STL::list<x509*> CertList;
private: private:
SSL_METHOD* method_; SSL_METHOD* method_;
x509* certificate_; x509* certificate_;
x509* privateKey_; x509* privateKey_;
CertList caList_; CertList caList_;
Ciphers ciphers_; Ciphers ciphers_;
DH_Parms dhParms_; DH_Parms dhParms_;
pem_password_cb passwordCb_; pem_password_cb passwordCb_;
void* userData_; void* userData_;
bool sessionCacheOff_; bool sessionCacheOff_;
bool sessionCacheFlushOff_; bool sessionCacheFlushOff_;
Stats stats_; Stats stats_;
Mutex mutex_; // for Stats Mutex mutex_; // for Stats
VerifyCallback verifyCallback_; VerifyCallback verifyCallback_;
public: public:
explicit SSL_CTX(SSL_METHOD* meth); explicit SSL_CTX(SSL_METHOD* meth);
~SSL_CTX(); ~SSL_CTX();
const x509* getCert() const; const x509* getCert() const;
const x509* getKey() const; const x509* getKey() const;
const SSL_METHOD* getMethod() const; const SSL_METHOD* getMethod() const;
const Ciphers& GetCiphers() const; const Ciphers& GetCiphers() const;
const DH_Parms& GetDH_Parms() const; const DH_Parms& GetDH_Parms() const;
const Stats& GetStats() const; const Stats& GetStats() const;
VerifyCallback getVerifyCallback() const; const VerifyCallback getVerifyCallback() const;
pem_password_cb GetPasswordCb() const; pem_password_cb GetPasswordCb() const;
void* GetUserData() const; void* GetUserData() const;
bool GetSessionCacheOff() const; bool GetSessionCacheOff() const;
bool GetSessionCacheFlushOff() const; bool GetSessionCacheFlushOff() const;
void setVerifyPeer(); void setVerifyPeer();
@ -533,10 +532,13 @@ class Buffers {
public: public:
typedef STL::list<input_buffer*> inputList; typedef STL::list<input_buffer*> inputList;
typedef STL::list<output_buffer*> outputList; typedef STL::list<output_buffer*> outputList;
int prevSent; // previous plain text bytes sent when got WANT_WRITE
int plainSz; // plain text bytes in buffer to send when got WANT_WRITE
private: private:
inputList dataList_; // list of users app data / handshake inputList dataList_; // list of users app data / handshake
outputList handShakeList_; // buffered handshake msgs outputList handShakeList_; // buffered handshake msgs
input_buffer* rawInput_; // buffered raw input yet to process input_buffer* rawInput_; // buffered raw input yet to process
output_buffer* output_; // WANT_WRITE buffered output
public: public:
Buffers(); Buffers();
~Buffers(); ~Buffers();
@ -547,11 +549,13 @@ public:
inputList& useData(); inputList& useData();
outputList& useHandShake(); outputList& useHandShake();
void SetRawInput(input_buffer*); // takes ownership void SetRawInput(input_buffer*); // takes ownership
input_buffer* TakeRawInput(); // takes ownership input_buffer* TakeRawInput(); // takes ownership
void SetOutput(output_buffer*); // takes ownership
output_buffer* TakeOutput(); // takes ownership
private: private:
Buffers(const Buffers&); // hide copy Buffers(const Buffers&); // hide copy
Buffers& operator=(const Buffers&); // and assign Buffers& operator=(const Buffers&); // and assign
}; };
@ -653,6 +657,7 @@ public:
void deriveKeys(); void deriveKeys();
void deriveTLSKeys(); void deriveTLSKeys();
void Send(const byte*, uint); void Send(const byte*, uint);
void SendWriteBuffered();
uint bufferedData(); uint bufferedData();
uint get_SEQIncrement(bool); uint get_SEQIncrement(bool);

35
extra/yassl/include/yassl_types.hpp
View File

@ -12,8 +12,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
/* yaSSL types header defines all constants, enums, and typedefs /* yaSSL types header defines all constants, enums, and typedefs
@ -25,7 +26,6 @@
#define yaSSL_TYPES_HPP #define yaSSL_TYPES_HPP
#include <stddef.h> #include <stddef.h>
#include <assert.h>
#include "type_traits.hpp" #include "type_traits.hpp"
@ -36,6 +36,13 @@
#endif #endif
#ifdef _MSC_VER
// disable conversion warning
// 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy
#pragma warning(disable:4244 4996)
#endif
namespace yaSSL { namespace yaSSL {
#define YASSL_LIB #define YASSL_LIB
@ -62,29 +69,29 @@ namespace yaSSL {
template<typename T> template<typename T>
void ysDelete(T* ptr) void ysDelete(T* ptr)
{ {
if (ptr) ptr->~T(); if (ptr) ptr->~T();
::operator delete(ptr, yaSSL::ys); ::operator delete(ptr, yaSSL::ys);
} }
template<typename T> template<typename T>
void ysArrayDelete(T* ptr) void ysArrayDelete(T* ptr)
{ {
// can't do array placement destruction since not tracking size in // can't do array placement destruction since not tracking size in
// allocation, only allow builtins to use array placement since they // allocation, only allow builtins to use array placement since they
// don't need destructors called // don't need destructors called
typedef char builtin[TaoCrypt::IsFundamentalType<T>::Yes ? 1 : -1]; typedef char builtin[TaoCrypt::IsFundamentalType<T>::Yes ? 1 : -1];
(void)sizeof(builtin); (void)sizeof(builtin);
::operator delete[](ptr, yaSSL::ys); ::operator delete[](ptr, yaSSL::ys);
} }
#define NEW_YS new (yaSSL::ys) #define NEW_YS new (yaSSL::ys)
// to resolve compiler generated operator delete on base classes with // to resolve compiler generated operator delete on base classes with
// virtual destructors (when on stack), make sure doesn't get called // virtual destructors (when on stack)
class virtual_base { class virtual_base {
public: public:
static void operator delete(void*) { assert(0); } static void operator delete(void*) { }
}; };
@ -123,7 +130,7 @@ typedef opaque byte;
typedef unsigned int uint; typedef unsigned int uint;
#ifdef USE_SYS_STL #ifdef USE_SYS_STL
// use system STL // use system STL
#define STL_VECTOR_FILE <vector> #define STL_VECTOR_FILE <vector>

17
extra/yassl/src/buffer.cpp
View File

@ -12,8 +12,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
@ -34,14 +35,6 @@ namespace yaSSL {
// Checking Policy should implement a check function that tests whether the
// index is within the size limit of the array
void Check::check(uint i, uint limit)
{
assert(i < limit);
}
void NoCheck::check(uint, uint) void NoCheck::check(uint, uint)
{ {
@ -85,7 +78,6 @@ input_buffer::~input_buffer()
// users can pass defualt zero length buffer and then allocate // users can pass defualt zero length buffer and then allocate
void input_buffer::allocate(uint s) void input_buffer::allocate(uint s)
{ {
assert(!buffer_); // find realloc error
buffer_ = NEW_YS byte[s]; buffer_ = NEW_YS byte[s];
end_ = buffer_ + s; end_ = buffer_ + s;
} }
@ -143,7 +135,6 @@ void input_buffer::set_current(uint i)
// user passes in AUTO index for ease of use // user passes in AUTO index for ease of use
const byte& input_buffer::operator[](uint i) const byte& input_buffer::operator[](uint i)
{ {
assert (i == AUTO);
check(current_, size_); check(current_, size_);
return buffer_[current_++]; return buffer_[current_++];
} }
@ -240,7 +231,6 @@ void output_buffer::set_current(uint c)
// users can pass defualt zero length buffer and then allocate // users can pass defualt zero length buffer and then allocate
void output_buffer::allocate(uint s) void output_buffer::allocate(uint s)
{ {
assert(!buffer_); // find realloc error
buffer_ = NEW_YS byte[s]; end_ = buffer_ + s; buffer_ = NEW_YS byte[s]; end_ = buffer_ + s;
} }
@ -256,7 +246,6 @@ const byte* output_buffer::get_buffer() const
// user passes in AUTO as index for ease of use // user passes in AUTO as index for ease of use
byte& output_buffer::operator[](uint i) byte& output_buffer::operator[](uint i)
{ {
assert(i == AUTO);
check(current_, get_capacity()); check(current_, get_capacity());
return buffer_[current_++]; return buffer_[current_++];
} }

11
extra/yassl/src/cert_wrapper.cpp
View File

@ -12,8 +12,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
@ -249,7 +250,8 @@ int CertManager::Validate()
TaoCrypt::Source source((*last)->get_buffer(), (*last)->get_length()); TaoCrypt::Source source((*last)->get_buffer(), (*last)->get_length());
TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_); TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_);
if (int err = cert.GetError().What()) int err = cert.GetError().What();
if ( err )
return err; return err;
const TaoCrypt::PublicKey& key = cert.GetPublicKey(); const TaoCrypt::PublicKey& key = cert.GetPublicKey();
@ -265,7 +267,7 @@ int CertManager::Validate()
TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_); TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_);
int err = cert.GetError().What(); int err = cert.GetError().What();
if ( err ) if ( err && err != TaoCrypt::SIG_OTHER_E)
return err; return err;
uint sz = cert.GetPublicKey().size(); uint sz = cert.GetPublicKey().size();
@ -326,7 +328,6 @@ int CertManager::SetPrivateKey(const x509& key)
// Store OpenSSL type peer's cert // Store OpenSSL type peer's cert
void CertManager::setPeerX509(X509* x) void CertManager::setPeerX509(X509* x)
{ {
assert(peerX509_ == 0);
if (x == 0) return; if (x == 0) return;
X509_NAME* issuer = x->GetIssuer(); X509_NAME* issuer = x->GetIssuer();

5
extra/yassl/src/crypto_wrapper.cpp
View File

@ -11,8 +11,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
/* The crypto wrapper source implements the policies for the cipher /* The crypto wrapper source implements the policies for the cipher

52
extra/yassl/src/handshake.cpp
View File

@ -12,8 +12,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
@ -49,7 +50,7 @@ void buildClientHello(SSL& ssl, ClientHello& hello)
hello.suite_len_ = ssl.getSecurity().get_parms().suites_size_; hello.suite_len_ = ssl.getSecurity().get_parms().suites_size_;
memcpy(hello.cipher_suites_, ssl.getSecurity().get_parms().suites_, memcpy(hello.cipher_suites_, ssl.getSecurity().get_parms().suites_,
hello.suite_len_); hello.suite_len_);
hello.comp_len_ = 1; hello.comp_len_ = 1;
hello.set_length(sizeof(ProtocolVersion) + hello.set_length(sizeof(ProtocolVersion) +
RAN_LEN + RAN_LEN +
@ -527,8 +528,9 @@ void ProcessOldClientHello(input_buffer& input, SSL& ssl)
input.read(len, sizeof(len)); input.read(len, sizeof(len));
uint16 randomLen; uint16 randomLen;
ato16(len, randomLen); ato16(len, randomLen);
if (ch.suite_len_ > MAX_SUITE_SZ || sessionLen > ID_LEN || if (ch.suite_len_ > MAX_SUITE_SZ || sessionLen > ID_LEN ||
randomLen > RAN_LEN) { randomLen > RAN_LEN) {
ssl.SetError(bad_input); ssl.SetError(bad_input);
return; return;
} }
@ -706,7 +708,7 @@ int DoProcessReply(SSL& ssl)
{ {
// wait for input if blocking // wait for input if blocking
if (!ssl.useSocket().wait()) { if (!ssl.useSocket().wait()) {
ssl.SetError(receive_error); ssl.SetError(receive_error);
return 0; return 0;
} }
uint ready = ssl.getSocket().get_ready(); uint ready = ssl.getSocket().get_ready();
@ -749,8 +751,8 @@ int DoProcessReply(SSL& ssl)
if (static_cast<uint>(RECORD_HEADER) > buffer.get_remaining()) if (static_cast<uint>(RECORD_HEADER) > buffer.get_remaining())
needHdr = true; needHdr = true;
else { else {
buffer >> hdr; buffer >> hdr;
ssl.verifyState(hdr); ssl.verifyState(hdr);
} }
// make sure we have enough input in buffer to process this record // make sure we have enough input in buffer to process this record
@ -788,9 +790,8 @@ int DoProcessReply(SSL& ssl)
void processReply(SSL& ssl) void processReply(SSL& ssl)
{ {
if (ssl.GetError()) return; if (ssl.GetError()) return;
if (DoProcessReply(ssl)) if (DoProcessReply(ssl)) {
{
// didn't complete process // didn't complete process
if (!ssl.getSocket().IsNonBlocking()) { if (!ssl.getSocket().IsNonBlocking()) {
// keep trying now, blocking ok // keep trying now, blocking ok
@ -856,6 +857,7 @@ void sendServerKeyExchange(SSL& ssl, BufferOutput buffer)
if (ssl.GetError()) return; if (ssl.GetError()) return;
ServerKeyExchange sk(ssl); ServerKeyExchange sk(ssl);
sk.build(ssl); sk.build(ssl);
if (ssl.GetError()) return;
RecordLayerHeader rlHeader; RecordLayerHeader rlHeader;
HandShakeHeader hsHeader; HandShakeHeader hsHeader;
@ -874,8 +876,7 @@ void sendServerKeyExchange(SSL& ssl, BufferOutput buffer)
// send change cipher // send change cipher
void sendChangeCipher(SSL& ssl, BufferOutput buffer) void sendChangeCipher(SSL& ssl, BufferOutput buffer)
{ {
if (ssl.getSecurity().get_parms().entity_ == server_end) if (ssl.getSecurity().get_parms().entity_ == server_end) {
{
if (ssl.getSecurity().get_resuming()) if (ssl.getSecurity().get_resuming())
ssl.verifyState(clientKeyExchangeComplete); ssl.verifyState(clientKeyExchangeComplete);
else else
@ -912,7 +913,7 @@ void sendFinished(SSL& ssl, ConnectionEnd side, BufferOutput buffer)
} }
else { else {
if (!ssl.getSecurity().GetContext()->GetSessionCacheOff()) if (!ssl.getSecurity().GetContext()->GetSessionCacheOff())
GetSessions().add(ssl); // store session GetSessions().add(ssl); // store session
if (side == client_end) if (side == client_end)
buildFinished(ssl, ssl.useHashes().use_verify(), server); // server buildFinished(ssl, ssl.useHashes().use_verify(), server); // server
} }
@ -928,12 +929,22 @@ void sendFinished(SSL& ssl, ConnectionEnd side, BufferOutput buffer)
// send data // send data
int sendData(SSL& ssl, const void* buffer, int sz) int sendData(SSL& ssl, const void* buffer, int sz)
{ {
int sent = 0;
if (ssl.GetError() == YasslError(SSL_ERROR_WANT_READ)) if (ssl.GetError() == YasslError(SSL_ERROR_WANT_READ))
ssl.SetError(no_error); ssl.SetError(no_error);
if (ssl.GetError() == YasslError(SSL_ERROR_WANT_WRITE)) {
ssl.SetError(no_error);
ssl.SendWriteBuffered();
if (!ssl.GetError()) {
// advance sent to prvevious sent + plain size just sent
sent = ssl.useBuffers().prevSent + ssl.useBuffers().plainSz;
}
}
ssl.verfiyHandShakeComplete(); ssl.verfiyHandShakeComplete();
if (ssl.GetError()) return -1; if (ssl.GetError()) return -1;
int sent = 0;
for (;;) { for (;;) {
int len = min(sz - sent, MAX_RECORD_SIZE); int len = min(sz - sent, MAX_RECORD_SIZE);
@ -942,6 +953,8 @@ int sendData(SSL& ssl, const void* buffer, int sz)
Data data; Data data;
if (sent == sz) break;
if (ssl.CompressionOn()) { if (ssl.CompressionOn()) {
if (Compress(static_cast<const opaque*>(buffer) + sent, len, if (Compress(static_cast<const opaque*>(buffer) + sent, len,
tmp) == -1) { tmp) == -1) {
@ -956,9 +969,14 @@ int sendData(SSL& ssl, const void* buffer, int sz)
buildMessage(ssl, out, data); buildMessage(ssl, out, data);
ssl.Send(out.get_buffer(), out.get_size()); ssl.Send(out.get_buffer(), out.get_size());
if (ssl.GetError()) return -1; if (ssl.GetError()) {
if (ssl.GetError() == YasslError(SSL_ERROR_WANT_WRITE)) {
ssl.useBuffers().plainSz = len;
ssl.useBuffers().prevSent = sent;
}
return -1;
}
sent += len; sent += len;
if (sent == sz) break;
} }
ssl.useLog().ShowData(sent, true); ssl.useLog().ShowData(sent, true);
return sent; return sent;
@ -991,7 +1009,7 @@ int receiveData(SSL& ssl, Data& data, bool peek)
if (peek) if (peek)
ssl.PeekData(data); ssl.PeekData(data);
else else
ssl.fillData(data); ssl.fillData(data);
ssl.useLog().ShowData(data.get_length()); ssl.useLog().ShowData(data.get_length());
if (ssl.GetError()) return -1; if (ssl.GetError()) return -1;

0
extra/yassl/src/make.bat Normal file → Executable file
View File

27
extra/yassl/src/socket_wrapper.cpp
View File

@ -1,5 +1,5 @@
/* /*
Copyright (C) 2000-2007 MySQL AB Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -37,7 +37,7 @@
#include <fcntl.h> #include <fcntl.h>
#endif // _WIN32 #endif // _WIN32
#if defined(__sun) || defined(__SCO_VERSION__) || defined(__NETWARE__) #if defined(__sun) || defined(__SCO_VERSION__)
#include <sys/filio.h> #include <sys/filio.h>
#endif #endif
@ -109,19 +109,28 @@ uint Socket::get_ready() const
} }
uint Socket::send(const byte* buf, unsigned int sz, int flags) const uint Socket::send(const byte* buf, unsigned int sz, unsigned int& written,
int flags)
{ {
const byte* pos = buf; const byte* pos = buf;
const byte* end = pos + sz; const byte* end = pos + sz;
wouldBlock_ = false;
while (pos != end) { while (pos != end) {
int sent = ::send(socket_, reinterpret_cast<const char *>(pos), int sent = ::send(socket_, reinterpret_cast<const char *>(pos),
static_cast<int>(end - pos), flags); static_cast<int>(end - pos), flags);
if (sent == -1) {
if (sent == -1) if (get_lastError() == SOCKET_EWOULDBLOCK ||
return 0; get_lastError() == SOCKET_EAGAIN) {
wouldBlock_ = true; // would have blocked this time only
nonBlocking_ = true; // nonblocking, win32 only way to tell
return 0;
}
return static_cast<uint>(-1);
}
pos += sent; pos += sent;
written += sent;
} }
return sz; return sz;
@ -140,8 +149,8 @@ uint Socket::receive(byte* buf, unsigned int sz, int flags)
get_lastError() == SOCKET_EAGAIN) { get_lastError() == SOCKET_EAGAIN) {
wouldBlock_ = true; // would have blocked this time only wouldBlock_ = true; // would have blocked this time only
nonBlocking_ = true; // socket nonblocking, win32 only way to tell nonBlocking_ = true; // socket nonblocking, win32 only way to tell
return 0; return 0;
} }
} }
else if (recvd == 0) else if (recvd == 0)
return static_cast<uint>(-1); return static_cast<uint>(-1);

128
extra/yassl/src/ssl.cpp
View File

@ -12,8 +12,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
/* SSL source implements all openssl compatibility API functions /* SSL source implements all openssl compatibility API functions
@ -251,60 +252,73 @@ int SSL_connect(SSL* ssl)
if (ssl->GetError() == YasslError(SSL_ERROR_WANT_READ)) if (ssl->GetError() == YasslError(SSL_ERROR_WANT_READ))
ssl->SetError(no_error); ssl->SetError(no_error);
if (ssl->GetError() == YasslError(SSL_ERROR_WANT_WRITE)) {
ssl->SetError(no_error);
ssl->SendWriteBuffered();
if (!ssl->GetError())
ssl->useStates().UseConnect() =
ConnectState(ssl->getStates().GetConnect() + 1);
}
ClientState neededState; ClientState neededState;
switch (ssl->getStates().GetConnect()) { switch (ssl->getStates().GetConnect()) {
case CONNECT_BEGIN : case CONNECT_BEGIN :
sendClientHello(*ssl); sendClientHello(*ssl);
if (!ssl->GetError()) if (!ssl->GetError())
ssl->useStates().UseConnect() = CLIENT_HELLO_SENT; ssl->useStates().UseConnect() = CLIENT_HELLO_SENT;
case CLIENT_HELLO_SENT : case CLIENT_HELLO_SENT :
neededState = ssl->getSecurity().get_resuming() ? neededState = ssl->getSecurity().get_resuming() ?
serverFinishedComplete : serverHelloDoneComplete; serverFinishedComplete : serverHelloDoneComplete;
while (ssl->getStates().getClient() < neededState) { while (ssl->getStates().getClient() < neededState) {
if (ssl->GetError()) break; if (ssl->GetError()) break;
processReply(*ssl); processReply(*ssl);
} // if resumption failed, reset needed state
if (neededState == serverFinishedComplete)
if (!ssl->getSecurity().get_resuming())
neededState = serverHelloDoneComplete;
}
if (!ssl->GetError()) if (!ssl->GetError())
ssl->useStates().UseConnect() = FIRST_REPLY_DONE; ssl->useStates().UseConnect() = FIRST_REPLY_DONE;
case FIRST_REPLY_DONE : case FIRST_REPLY_DONE :
if(ssl->getCrypto().get_certManager().sendVerify()) if(ssl->getCrypto().get_certManager().sendVerify())
sendCertificate(*ssl); sendCertificate(*ssl);
if (!ssl->getSecurity().get_resuming()) if (!ssl->getSecurity().get_resuming())
sendClientKeyExchange(*ssl); sendClientKeyExchange(*ssl);
if(ssl->getCrypto().get_certManager().sendVerify()) if(ssl->getCrypto().get_certManager().sendVerify())
sendCertificateVerify(*ssl); sendCertificateVerify(*ssl);
sendChangeCipher(*ssl); sendChangeCipher(*ssl);
sendFinished(*ssl, client_end); sendFinished(*ssl, client_end);
ssl->flushBuffer(); ssl->flushBuffer();
if (!ssl->GetError()) if (!ssl->GetError())
ssl->useStates().UseConnect() = FINISHED_DONE; ssl->useStates().UseConnect() = FINISHED_DONE;
case FINISHED_DONE : case FINISHED_DONE :
if (!ssl->getSecurity().get_resuming()) if (!ssl->getSecurity().get_resuming())
while (ssl->getStates().getClient() < serverFinishedComplete) { while (ssl->getStates().getClient() < serverFinishedComplete) {
if (ssl->GetError()) break; if (ssl->GetError()) break;
processReply(*ssl); processReply(*ssl);
} }
if (!ssl->GetError()) if (!ssl->GetError())
ssl->useStates().UseConnect() = SECOND_REPLY_DONE; ssl->useStates().UseConnect() = SECOND_REPLY_DONE;
case SECOND_REPLY_DONE : case SECOND_REPLY_DONE :
ssl->verifyState(serverFinishedComplete); ssl->verifyState(serverFinishedComplete);
ssl->useLog().ShowTCP(ssl->getSocket().get_fd()); ssl->useLog().ShowTCP(ssl->getSocket().get_fd());
if (ssl->GetError()) { if (ssl->GetError()) {
GetErrors().Add(ssl->GetError()); GetErrors().Add(ssl->GetError());
return SSL_FATAL_ERROR; return SSL_FATAL_ERROR;
} }
return SSL_SUCCESS; return SSL_SUCCESS;
default : default :
return SSL_FATAL_ERROR; // unkown state return SSL_FATAL_ERROR; // unkown state
@ -330,27 +344,36 @@ int SSL_accept(SSL* ssl)
if (ssl->GetError() == YasslError(SSL_ERROR_WANT_READ)) if (ssl->GetError() == YasslError(SSL_ERROR_WANT_READ))
ssl->SetError(no_error); ssl->SetError(no_error);
if (ssl->GetError() == YasslError(SSL_ERROR_WANT_WRITE)) {
ssl->SetError(no_error);
ssl->SendWriteBuffered();
if (!ssl->GetError())
ssl->useStates().UseAccept() =
AcceptState(ssl->getStates().GetAccept() + 1);
}
switch (ssl->getStates().GetAccept()) { switch (ssl->getStates().GetAccept()) {
case ACCEPT_BEGIN : case ACCEPT_BEGIN :
processReply(*ssl); processReply(*ssl);
if (!ssl->GetError()) if (!ssl->GetError())
ssl->useStates().UseAccept() = ACCEPT_FIRST_REPLY_DONE; ssl->useStates().UseAccept() = ACCEPT_FIRST_REPLY_DONE;
case ACCEPT_FIRST_REPLY_DONE : case ACCEPT_FIRST_REPLY_DONE :
sendServerHello(*ssl); sendServerHello(*ssl);
if (!ssl->getSecurity().get_resuming()) { if (!ssl->getSecurity().get_resuming()) {
sendCertificate(*ssl); sendCertificate(*ssl);
if (ssl->getSecurity().get_connection().send_server_key_) if (ssl->getSecurity().get_connection().send_server_key_)
sendServerKeyExchange(*ssl); sendServerKeyExchange(*ssl);
if(ssl->getCrypto().get_certManager().verifyPeer()) if(ssl->getCrypto().get_certManager().verifyPeer())
sendCertificateRequest(*ssl); sendCertificateRequest(*ssl);
sendServerHelloDone(*ssl); sendServerHelloDone(*ssl);
ssl->flushBuffer(); ssl->flushBuffer();
} }
if (!ssl->GetError()) if (!ssl->GetError())
@ -358,40 +381,40 @@ int SSL_accept(SSL* ssl)
case SERVER_HELLO_DONE : case SERVER_HELLO_DONE :
if (!ssl->getSecurity().get_resuming()) { if (!ssl->getSecurity().get_resuming()) {
while (ssl->getStates().getServer() < clientFinishedComplete) { while (ssl->getStates().getServer() < clientFinishedComplete) {
if (ssl->GetError()) break; if (ssl->GetError()) break;
processReply(*ssl); processReply(*ssl);
}
} }
}
if (!ssl->GetError()) if (!ssl->GetError())
ssl->useStates().UseAccept() = ACCEPT_SECOND_REPLY_DONE; ssl->useStates().UseAccept() = ACCEPT_SECOND_REPLY_DONE;
case ACCEPT_SECOND_REPLY_DONE : case ACCEPT_SECOND_REPLY_DONE :
sendChangeCipher(*ssl); sendChangeCipher(*ssl);
sendFinished(*ssl, server_end); sendFinished(*ssl, server_end);
ssl->flushBuffer(); ssl->flushBuffer();
if (!ssl->GetError()) if (!ssl->GetError())
ssl->useStates().UseAccept() = ACCEPT_FINISHED_DONE; ssl->useStates().UseAccept() = ACCEPT_FINISHED_DONE;
case ACCEPT_FINISHED_DONE : case ACCEPT_FINISHED_DONE :
if (ssl->getSecurity().get_resuming()) { if (ssl->getSecurity().get_resuming()) {
while (ssl->getStates().getServer() < clientFinishedComplete) { while (ssl->getStates().getServer() < clientFinishedComplete) {
if (ssl->GetError()) break; if (ssl->GetError()) break;
processReply(*ssl); processReply(*ssl);
} }
} }
if (!ssl->GetError()) if (!ssl->GetError())
ssl->useStates().UseAccept() = ACCEPT_THIRD_REPLY_DONE; ssl->useStates().UseAccept() = ACCEPT_THIRD_REPLY_DONE;
case ACCEPT_THIRD_REPLY_DONE : case ACCEPT_THIRD_REPLY_DONE :
ssl->useLog().ShowTCP(ssl->getSocket().get_fd()); ssl->useLog().ShowTCP(ssl->getSocket().get_fd());
if (ssl->GetError()) { if (ssl->GetError()) {
GetErrors().Add(ssl->GetError()); GetErrors().Add(ssl->GetError());
return SSL_FATAL_ERROR; return SSL_FATAL_ERROR;
} }
return SSL_SUCCESS; return SSL_SUCCESS;
default: default:
return SSL_FATAL_ERROR; // unknown state return SSL_FATAL_ERROR; // unknown state
@ -1096,7 +1119,6 @@ int EVP_BytesToKey(const EVP_CIPHER* type, const EVP_MD* md, const byte* salt,
ivLeft -= store; ivLeft -= store;
} }
} }
assert(keyOutput == (keyLen + ivLen));
return keyOutput; return keyOutput;
} }

6
extra/yassl/src/yassl.cpp
View File

@ -69,13 +69,13 @@ void SetUpBase(Base& base, ConnectionEnd end, SOCKET_T s)
if (base.ca_) if (base.ca_)
if (SSL_CTX_load_verify_locations(base.ctx_, if (SSL_CTX_load_verify_locations(base.ctx_,
base.ca_, 0) != SSL_SUCCESS) assert(0); base.ca_, 0) != SSL_SUCCESS) throw(0);
if (base.cert_) if (base.cert_)
if (SSL_CTX_use_certificate_file(base.ctx_, if (SSL_CTX_use_certificate_file(base.ctx_,
base.cert_, SSL_FILETYPE_PEM) != SSL_SUCCESS) assert(0); base.cert_, SSL_FILETYPE_PEM) != SSL_SUCCESS) throw(0);
if (base.key_) if (base.key_)
if (SSL_CTX_use_PrivateKey_file(base.ctx_, base.key_, if (SSL_CTX_use_PrivateKey_file(base.ctx_, base.key_,
SSL_FILETYPE_PEM) != SSL_SUCCESS) assert(0); SSL_FILETYPE_PEM) != SSL_SUCCESS) throw(0);
if (end == server_end) SetDH(base); if (end == server_end) SetDH(base);

21
extra/yassl/src/yassl_error.cpp
View File

@ -11,8 +11,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
@ -30,6 +31,11 @@
#pragma warning(disable: 4996) #pragma warning(disable: 4996)
#endif #endif
#ifdef _MSC_VER
// 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy
#pragma warning(disable: 4996)
#endif
namespace yaSSL { namespace yaSSL {
@ -58,8 +64,9 @@ void SetErrorString(unsigned long error, char* buffer)
{ {
using namespace TaoCrypt; using namespace TaoCrypt;
const int max = MAX_ERROR_SZ; // shorthand const int max = MAX_ERROR_SZ; // shorthand
int localError = error; // errors from a few enums
switch ((int) error) { switch (localError) {
// yaSSL proper errors // yaSSL proper errors
case range_error : case range_error :
@ -120,7 +127,7 @@ void SetErrorString(unsigned long error, char* buffer)
case certificate_error : case certificate_error :
strncpy(buffer, "unable to proccess cerificate", max); strncpy(buffer, "unable to proccess cerificate", max);
break; break;
case privateKey_error : case privateKey_error :
strncpy(buffer, "unable to proccess private key, bad format", max); strncpy(buffer, "unable to proccess private key, bad format", max);
@ -129,7 +136,7 @@ void SetErrorString(unsigned long error, char* buffer)
case badVersion_error : case badVersion_error :
strncpy(buffer, "protocol version mismatch", max); strncpy(buffer, "protocol version mismatch", max);
break; break;
case compress_error : case compress_error :
strncpy(buffer, "compression error", max); strncpy(buffer, "compression error", max);
break; break;
@ -147,6 +154,10 @@ void SetErrorString(unsigned long error, char* buffer)
strncpy(buffer, "the read operation would block", max); strncpy(buffer, "the read operation would block", max);
break; break;
case SSL_ERROR_WANT_WRITE :
strncpy(buffer, "the write operation would block", max);
break;
case CERTFICATE_ERROR : case CERTFICATE_ERROR :
strncpy(buffer, "Unable to verify certificate", max); strncpy(buffer, "Unable to verify certificate", max);
break; break;

63
extra/yassl/src/yassl_imp.cpp
View File

@ -1,5 +1,5 @@
/* /*
Copyright (c) 2005, 2010, Oracle and/or its affiliates Copyright (c) 2005, 2012, Oracle and/or its affiliates
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -11,8 +11,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
/* yaSSL source implements all SSL.v3 secification structures. /* yaSSL source implements all SSL.v3 secification structures.
@ -116,7 +117,7 @@ void ClientDiffieHellmanPublic::build(SSL& ssl)
if (*dhClient.get_agreedKey() == 0) if (*dhClient.get_agreedKey() == 0)
ssl.set_preMaster(dhClient.get_agreedKey() + 1, keyLength - 1); ssl.set_preMaster(dhClient.get_agreedKey() + 1, keyLength - 1);
else else
ssl.set_preMaster(dhClient.get_agreedKey(), keyLength); ssl.set_preMaster(dhClient.get_agreedKey(), keyLength);
} }
@ -134,8 +135,7 @@ void DH_Server::build(SSL& ssl)
mySTL::auto_ptr<Auth> auth; mySTL::auto_ptr<Auth> auth;
const CertManager& cert = ssl.getCrypto().get_certManager(); const CertManager& cert = ssl.getCrypto().get_certManager();
if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo) if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo) {
{
if (cert.get_keyType() != rsa_sa_algo) { if (cert.get_keyType() != rsa_sa_algo) {
ssl.SetError(privateKey_error); ssl.SetError(privateKey_error);
return; return;
@ -924,8 +924,6 @@ Data::Data(uint16 len, opaque* b)
void Data::SetData(uint16 len, const opaque* buffer) void Data::SetData(uint16 len, const opaque* buffer)
{ {
assert(write_buffer_ == 0);
length_ = len; length_ = len;
write_buffer_ = buffer; write_buffer_ = buffer;
} }
@ -991,6 +989,11 @@ void Data::Process(input_buffer& input, SSL& ssl)
int dataSz = msgSz - ivExtra - digestSz - pad - padSz; int dataSz = msgSz - ivExtra - digestSz - pad - padSz;
opaque verify[SHA_LEN]; opaque verify[SHA_LEN];
if (dataSz < 0) {
ssl.SetError(bad_input);
return;
}
const byte* rawData = input.get_buffer() + input.get_current(); const byte* rawData = input.get_buffer() + input.get_current();
// read data // read data
@ -1005,10 +1008,10 @@ void Data::Process(input_buffer& input, SSL& ssl)
tmp.get_buffer(), tmp.get_size())); tmp.get_buffer(), tmp.get_size()));
} }
else { else {
input_buffer* data; input_buffer* data;
ssl.addData(data = NEW_YS input_buffer(dataSz)); ssl.addData(data = NEW_YS input_buffer(dataSz));
input.read(data->get_buffer(), dataSz); input.read(data->get_buffer(), dataSz);
data->add_size(dataSz); data->add_size(dataSz);
} }
if (ssl.isTLS()) if (ssl.isTLS())
@ -1084,19 +1087,37 @@ void Certificate::Process(input_buffer& input, SSL& ssl)
uint32 list_sz; uint32 list_sz;
byte tmp[3]; byte tmp[3];
if (input.get_remaining() < sizeof(tmp)) {
ssl.SetError(YasslError(bad_input));
return;
}
tmp[0] = input[AUTO]; tmp[0] = input[AUTO];
tmp[1] = input[AUTO]; tmp[1] = input[AUTO];
tmp[2] = input[AUTO]; tmp[2] = input[AUTO];
c24to32(tmp, list_sz); c24to32(tmp, list_sz);
if (list_sz > (uint)MAX_RECORD_SIZE) { // sanity check
ssl.SetError(YasslError(bad_input));
return;
}
while (list_sz) { while (list_sz) {
// cert size // cert size
uint32 cert_sz; uint32 cert_sz;
if (input.get_remaining() < sizeof(tmp)) {
ssl.SetError(YasslError(bad_input));
return;
}
tmp[0] = input[AUTO]; tmp[0] = input[AUTO];
tmp[1] = input[AUTO]; tmp[1] = input[AUTO];
tmp[2] = input[AUTO]; tmp[2] = input[AUTO];
c24to32(tmp, cert_sz); c24to32(tmp, cert_sz);
if (cert_sz > (uint)MAX_RECORD_SIZE || input.get_remaining() < cert_sz){
ssl.SetError(YasslError(bad_input));
return;
}
x509* myCert; x509* myCert;
cm.AddPeerCert(myCert = NEW_YS x509(cert_sz)); cm.AddPeerCert(myCert = NEW_YS x509(cert_sz));
input.read(myCert->use_buffer(), myCert->get_length()); input.read(myCert->use_buffer(), myCert->get_length());
@ -1293,7 +1314,7 @@ void ServerHello::Process(input_buffer&, SSL& ssl)
ssl.set_pending(cipher_suite_[1]); ssl.set_pending(cipher_suite_[1]);
ssl.set_random(random_, server_end); ssl.set_random(random_, server_end);
if (id_len_) if (id_len_)
ssl.set_sessionID(session_id_); ssl.set_sessionID(session_id_);
else else
ssl.useSecurity().use_connection().sessionID_Set_ = false; ssl.useSecurity().use_connection().sessionID_Set_ = false;
@ -1421,7 +1442,7 @@ input_buffer& operator>>(input_buffer& input, ClientHello& hello)
if (hello.id_len_) input.read(hello.session_id_, ID_LEN); if (hello.id_len_) input.read(hello.session_id_, ID_LEN);
// Suites // Suites
byte tmp[2]; byte tmp[2];
uint16 len; uint16 len;
tmp[0] = input[AUTO]; tmp[0] = input[AUTO];
tmp[1] = input[AUTO]; tmp[1] = input[AUTO];
@ -1429,8 +1450,8 @@ input_buffer& operator>>(input_buffer& input, ClientHello& hello)
hello.suite_len_ = min(len, static_cast<uint16>(MAX_SUITE_SZ)); hello.suite_len_ = min(len, static_cast<uint16>(MAX_SUITE_SZ));
input.read(hello.cipher_suites_, hello.suite_len_); input.read(hello.cipher_suites_, hello.suite_len_);
if (len > hello.suite_len_) // ignore extra suites if (len > hello.suite_len_) // ignore extra suites
input.set_current(input.get_current() + len - hello.suite_len_); input.set_current(input.get_current() + len - hello.suite_len_);
// Compression // Compression
hello.comp_len_ = input[AUTO]; hello.comp_len_ = input[AUTO];
@ -1494,8 +1515,9 @@ void ClientHello::Process(input_buffer&, SSL& ssl)
if (ssl.GetMultiProtocol()) { // SSLv23 support if (ssl.GetMultiProtocol()) { // SSLv23 support
if (ssl.isTLS() && client_version_.minor_ < 1) { if (ssl.isTLS() && client_version_.minor_ < 1) {
// downgrade to SSLv3 // downgrade to SSLv3
ssl.useSecurity().use_connection().TurnOffTLS(); ssl.useSecurity().use_connection().TurnOffTLS();
ProtocolVersion pv = ssl.getSecurity().get_connection().version_;
ProtocolVersion pv = ssl.getSecurity().get_connection().version_;
bool removeDH = ssl.getSecurity().get_parms().removeDH_; bool removeDH = ssl.getSecurity().get_parms().removeDH_;
bool removeRSA = false; bool removeRSA = false;
bool removeDSA = false; bool removeDSA = false;
@ -1509,7 +1531,7 @@ void ClientHello::Process(input_buffer&, SSL& ssl)
// reset w/ SSL suites // reset w/ SSL suites
ssl.useSecurity().use_parms().SetSuites(pv, removeDH, removeRSA, ssl.useSecurity().use_parms().SetSuites(pv, removeDH, removeRSA,
removeDSA); removeDSA);
} }
else if (ssl.isTLSv1_1() && client_version_.minor_ == 1) else if (ssl.isTLSv1_1() && client_version_.minor_ == 1)
// downgrade to TLSv1, but use same suites // downgrade to TLSv1, but use same suites
ssl.useSecurity().use_connection().TurnOffTLS1_1(); ssl.useSecurity().use_connection().TurnOffTLS1_1();
@ -1540,6 +1562,7 @@ void ClientHello::Process(input_buffer&, SSL& ssl)
ssl.set_session(session); ssl.set_session(session);
ssl.useSecurity().set_resuming(true); ssl.useSecurity().set_resuming(true);
ssl.matchSuite(session->GetSuite(), SUITE_LEN); ssl.matchSuite(session->GetSuite(), SUITE_LEN);
if (ssl.GetError()) return;
ssl.set_pending(ssl.getSecurity().get_parms().suite_[1]); ssl.set_pending(ssl.getSecurity().get_parms().suite_[1]);
ssl.set_masterSecret(session->GetSecret()); ssl.set_masterSecret(session->GetSecret());
@ -2036,7 +2059,7 @@ void Finished::Process(input_buffer& input, SSL& ssl)
// verify hashes // verify hashes
const Finished& verify = ssl.getHashes().get_verify(); const Finished& verify = ssl.getHashes().get_verify();
uint finishedSz = ssl.isTLS() ? TLS_FINISHED_SZ : FINISHED_SZ; uint finishedSz = ssl.isTLS() ? TLS_FINISHED_SZ : FINISHED_SZ;
input.read(hashes_.md5_, finishedSz); input.read(hashes_.md5_, finishedSz);
if (memcmp(&hashes_, &verify.hashes_, finishedSz)) { if (memcmp(&hashes_, &verify.hashes_, finishedSz)) {

59
extra/yassl/src/yassl_int.cpp
View File

@ -1,5 +1,5 @@
/* /*
Copyright (c) 2005, 2011, Oracle and/or its affiliates Copyright (c) 2005, 2012, Oracle and/or its affiliates
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -11,8 +11,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
@ -307,8 +308,9 @@ SSL::SSL(SSL_CTX* ctx)
SetError(YasslError(err)); SetError(YasslError(err));
return; return;
} }
else if (serverSide && !(ctx->GetCiphers().setSuites_)) { else if (serverSide && ctx->GetCiphers().setSuites_ == 0) {
// remove RSA or DSA suites depending on cert key type // remove RSA or DSA suites depending on cert key type
// but don't override user sets
ProtocolVersion pv = secure_.get_connection().version_; ProtocolVersion pv = secure_.get_connection().version_;
bool removeDH = secure_.use_parms().removeDH_; bool removeDH = secure_.use_parms().removeDH_;
@ -1127,8 +1129,28 @@ void SSL::flushBuffer()
void SSL::Send(const byte* buffer, uint sz) void SSL::Send(const byte* buffer, uint sz)
{ {
if (socket_.send(buffer, sz) != sz) unsigned int sent = 0;
SetError(send_error);
if (socket_.send(buffer, sz, sent) != sz) {
if (socket_.WouldBlock()) {
buffers_.SetOutput(NEW_YS output_buffer(sz - sent, buffer + sent,
sz - sent));
SetError(YasslError(SSL_ERROR_WANT_WRITE));
}
else
SetError(send_error);
}
}
void SSL::SendWriteBuffered()
{
output_buffer* out = buffers_.TakeOutput();
if (out) {
mySTL::auto_ptr<output_buffer> tmp(out);
Send(out->get_buffer(), out->get_size());
}
} }
@ -1290,7 +1312,6 @@ void SSL::matchSuite(const opaque* peer, uint length)
if (secure_.use_parms().suites_[i] == peer[j]) { if (secure_.use_parms().suites_[i] == peer[j]) {
secure_.use_parms().suite_[0] = 0x00; secure_.use_parms().suite_[0] = 0x00;
secure_.use_parms().suite_[1] = peer[j]; secure_.use_parms().suite_[1] = peer[j];
return; return;
} }
@ -1434,7 +1455,6 @@ void SSL::addBuffer(output_buffer* b)
void SSL_SESSION::CopyX509(X509* x) void SSL_SESSION::CopyX509(X509* x)
{ {
assert(peerX509_ == 0);
if (x == 0) return; if (x == 0) return;
X509_NAME* issuer = x->GetIssuer(); X509_NAME* issuer = x->GetIssuer();
@ -1832,7 +1852,7 @@ SSL_CTX::GetCA_List() const
} }
VerifyCallback SSL_CTX::getVerifyCallback() const const VerifyCallback SSL_CTX::getVerifyCallback() const
{ {
return verifyCallback_; return verifyCallback_;
} }
@ -2231,7 +2251,7 @@ Hashes& sslHashes::use_certVerify()
} }
Buffers::Buffers() : rawInput_(0) Buffers::Buffers() : prevSent(0), plainSz(0), rawInput_(0), output_(0)
{} {}
@ -2242,12 +2262,18 @@ Buffers::~Buffers()
STL::for_each(dataList_.begin(), dataList_.end(), STL::for_each(dataList_.begin(), dataList_.end(),
del_ptr_zero()) ; del_ptr_zero()) ;
ysDelete(rawInput_); ysDelete(rawInput_);
ysDelete(output_);
}
void Buffers::SetOutput(output_buffer* ob)
{
output_ = ob;
} }
void Buffers::SetRawInput(input_buffer* ib) void Buffers::SetRawInput(input_buffer* ib)
{ {
assert(rawInput_ == 0);
rawInput_ = ib; rawInput_ = ib;
} }
@ -2261,6 +2287,15 @@ input_buffer* Buffers::TakeRawInput()
} }
output_buffer* Buffers::TakeOutput()
{
output_buffer* ret = output_;
output_ = 0;
return ret;
}
const Buffers::inputList& Buffers::getData() const const Buffers::inputList& Buffers::getData() const
{ {
return dataList_; return dataList_;
@ -2535,14 +2570,12 @@ ASN1_STRING* StringHolder::GetString()
// these versions should never get called // these versions should never get called
int Compress(const byte* in, int sz, input_buffer& buffer) int Compress(const byte* in, int sz, input_buffer& buffer)
{ {
assert(0);
return -1; return -1;
} }
int DeCompress(input_buffer& in, int sz, input_buffer& out) int DeCompress(input_buffer& in, int sz, input_buffer& out)
{ {
assert(0);
return -1; return -1;
} }

2
extra/yassl/taocrypt/README
View File

@ -21,7 +21,7 @@ Stream Ciphers: ARC4
Public Key Crypto: RSA, DSA, Diffie-Hellman Public Key Crypto: RSA, DSA, Diffie-Hellman
Password based key derivation: PBKDF2 from PKCS #5 Password based key derivation: PBKDF2 from PKCS #5
Pseudo Random Number Generators Pseudo Random Number Generators
Lare Integer Support Large Integer Support
Base 16/64 encoding/decoding Base 16/64 encoding/decoding
DER encoding/decoding DER encoding/decoding
X.509 processing X.509 processing

18
extra/yassl/taocrypt/benchmark/benchmark.cpp
View File

@ -103,7 +103,7 @@ void bench_des()
double persec = 1 / total * megs; double persec = 1 / total * megs;
printf("3DES %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total, printf("3DES %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total,
persec); persec);
} }
@ -123,7 +123,7 @@ void bench_aes(bool show)
double persec = 1 / total * megs; double persec = 1 / total * megs;
if (show) if (show)
printf("AES %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total, printf("AES %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total,
persec); persec);
} }
@ -142,7 +142,7 @@ void bench_twofish()
double persec = 1 / total * megs; double persec = 1 / total * megs;
printf("Twofish %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total, printf("Twofish %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total,
persec); persec);
} }
@ -162,7 +162,7 @@ void bench_blowfish()
double persec = 1 / total * megs; double persec = 1 / total * megs;
printf("Blowfish %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total, printf("Blowfish %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total,
persec); persec);
} }
@ -181,7 +181,7 @@ void bench_arc4()
double persec = 1 / total * megs; double persec = 1 / total * megs;
printf("ARC4 %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total, printf("ARC4 %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total,
persec); persec);
} }
@ -203,7 +203,7 @@ void bench_md5()
double persec = 1 / total * megs; double persec = 1 / total * megs;
printf("MD5 %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total, printf("MD5 %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total,
persec); persec);
} }
@ -231,7 +231,7 @@ void bench_sha()
double persec = 1 / total * megs; double persec = 1 / total * megs;
printf("SHA %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total, printf("SHA %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total,
persec); persec);
} }
@ -253,7 +253,7 @@ void bench_ripemd()
double persec = 1 / total * megs; double persec = 1 / total * megs;
printf("RIPEMD %d megs took %5.3f seconds, %5.2f MB/s\n", megs, total, printf("RIPEMD %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total,
persec); persec);
} }
@ -276,7 +276,7 @@ void bench_rsa()
byte message[] = "Everyone gets Friday off."; byte message[] = "Everyone gets Friday off.";
byte cipher[128]; // for 1024 bit byte cipher[128]; // for 1024 bit
byte plain[128]; // for 1024 bit byte plain[128]; // for 1024 bit
const int len = strlen((char*)message); const int len = (word32)strlen((char*)message);
int i; int i;
double start = current_time(); double start = current_time();

10
extra/yassl/taocrypt/benchmark/benchmark.dsp
View File

@ -49,8 +49,8 @@ BSC32=bscmake.exe
# ADD BASE BSC32 /nologo # ADD BASE BSC32 /nologo
# ADD BSC32 /nologo # ADD BSC32 /nologo
LINK32=link.exe LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 # ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 # ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
!ELSEIF "$(CFG)" == "benchmark - Win32 Debug" !ELSEIF "$(CFG)" == "benchmark - Win32 Debug"
@ -64,7 +64,7 @@ LINK32=link.exe
# PROP Output_Dir "Debug" # PROP Output_Dir "Debug"
# PROP Intermediate_Dir "Debug" # PROP Intermediate_Dir "Debug"
# PROP Target_Dir "" # PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c # ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
# ADD CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /I "..\include" /I "..\mySTL" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c # ADD CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /I "..\include" /I "..\mySTL" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
# ADD BASE RSC /l 0x409 /d "_DEBUG" # ADD BASE RSC /l 0x409 /d "_DEBUG"
# ADD RSC /l 0x409 /d "_DEBUG" # ADD RSC /l 0x409 /d "_DEBUG"
@ -72,8 +72,8 @@ BSC32=bscmake.exe
# ADD BASE BSC32 /nologo # ADD BASE BSC32 /nologo
# ADD BSC32 /nologo # ADD BSC32 /nologo
LINK32=link.exe LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept # ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept # ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
!ENDIF !ENDIF

BIN
extra/yassl/taocrypt/benchmark/dh1024.der
View File

Binary file not shown.

BIN
extra/yassl/taocrypt/benchmark/dsa1024.der
View File

Binary file not shown.

0
extra/yassl/taocrypt/benchmark/make.bat Normal file → Executable file
View File

BIN
extra/yassl/taocrypt/benchmark/rsa1024.der
View File

Binary file not shown.

BIN
extra/yassl/taocrypt/certs/client-cert.der Normal file
View File

Binary file not shown.

BIN
extra/yassl/taocrypt/certs/client-key.der Normal file
View File

Binary file not shown.

1
extra/yassl/taocrypt/certs/dh1024.dat Normal file
View File

@ -0,0 +1 @@
30818702818100DA9A18547FF03B385CC16508C173A7EF4EB61CB40EF8FEF3B31F145051676166BCDC3FE6B799FC394D08C26385F9413F896E09117E46209D6923602683CEA100924A6EE695281775C619DAA94EA8CB3691B4275B0183F1D39639EBC92995FE645D6C1BC28D409E585549BBD2C5DCDD6C208B04EADD8B7A6D997F72CBAD88390F020102

BIN
extra/yassl/taocrypt/certs/dsa512.der Normal file
View File

Binary file not shown.

6
extra/yassl/taocrypt/include/asn.hpp
View File

@ -12,8 +12,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
/* asn.hpp provides ASN1 BER, PublicKey, and x509v3 decoding /* asn.hpp provides ASN1 BER, PublicKey, and x509v3 decoding
@ -166,6 +167,7 @@ public:
void Decode(RSA_PublicKey&); void Decode(RSA_PublicKey&);
private: private:
void ReadHeader(); void ReadHeader();
void ReadHeaderOpenSSL();
}; };

17
extra/yassl/taocrypt/include/block.hpp
View File

@ -12,8 +12,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
@ -60,10 +61,6 @@ public:
void destroy(pointer p) {p->~T();} void destroy(pointer p) {p->~T();}
size_type max_size() const {return ~size_type(0)/sizeof(T);} size_type max_size() const {return ~size_type(0)/sizeof(T);}
protected: protected:
static void CheckSize(size_t n)
{
assert(n <= ~size_t(0) / sizeof(T));
}
}; };
@ -100,7 +97,8 @@ public:
pointer allocate(size_type n, const void* = 0) pointer allocate(size_type n, const void* = 0)
{ {
this->CheckSize(n); if (n > this->max_size())
return 0;
if (n == 0) if (n == 0)
return 0; return 0;
return NEW_TC T[n]; return NEW_TC T[n];
@ -143,9 +141,8 @@ public:
return *this; return *this;
} }
T& operator[] (word32 i) { assert(i < sz_); return buffer_[i]; } T& operator[] (word32 i) { return buffer_[i]; }
const T& operator[] (word32 i) const const T& operator[] (word32 i) const { return buffer_[i]; }
{ assert(i < sz_); return buffer_[i]; }
T* operator+ (word32 i) { return buffer_ + i; } T* operator+ (word32 i) { return buffer_ + i; }
const T* operator+ (word32 i) const { return buffer_ + i; } const T* operator+ (word32 i) const { return buffer_ + i; }

13
extra/yassl/taocrypt/include/blowfish.hpp
View File

@ -11,8 +11,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
/* blowfish.hpp defines Blowfish /* blowfish.hpp defines Blowfish
@ -58,11 +59,11 @@ public:
void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION); void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION);
void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); } void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); }
private: private:
static const word32 p_init_[ROUNDS + 2]; static const word32 p_init_[ROUNDS + 2];
static const word32 s_init_[4 * 256]; static const word32 s_init_[4 * 256];
word32 pbox_[ROUNDS + 2 + 4 * 256]; word32 pbox_[ROUNDS + 2 + 4 * 256];
word32* sbox_; word32* sbox_;
void crypt_block(const word32 in[2], word32 out[2]) const; void crypt_block(const word32 in[2], word32 out[2]) const;
void AsmProcess(const byte* in, byte* out) const; void AsmProcess(const byte* in, byte* out) const;

2
extra/yassl/taocrypt/include/des.hpp
View File

@ -84,7 +84,7 @@ private:
// DES_EDE3 // DES_EDE3
class DES_EDE3 : public Mode_BASE { class DES_EDE3 : public Mode_BASE {
public: public:
DES_EDE3(CipherDir DIR, Mode MODE) DES_EDE3(CipherDir DIR, Mode MODE)
: Mode_BASE(DES_BLOCK_SIZE, DIR, MODE) {} : Mode_BASE(DES_BLOCK_SIZE, DIR, MODE) {}
void SetKey(const byte*, word32, CipherDir dir); void SetKey(const byte*, word32, CipherDir dir);

21
extra/yassl/taocrypt/include/file.hpp
View File

@ -1,5 +1,5 @@
/* /*
Copyright (C) 2000-2007 MySQL AB Copyright (C) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -39,25 +39,32 @@ public:
explicit Source(word32 sz = 0) : buffer_(sz), current_(0) {} explicit Source(word32 sz = 0) : buffer_(sz), current_(0) {}
Source(const byte* b, word32 sz) : buffer_(b, sz), current_(0) {} Source(const byte* b, word32 sz) : buffer_(b, sz), current_(0) {}
word32 remaining() { if (GetError().What()) return 0;
else return buffer_.size() - current_; }
word32 size() const { return buffer_.size(); } word32 size() const { return buffer_.size(); }
void grow(word32 sz) { buffer_.CleanGrow(sz); } void grow(word32 sz) { buffer_.CleanGrow(sz); }
bool IsLeft(word32 sz) { if (remaining() >= sz) return true;
else { SetError(CONTENT_E); return false; } }
const byte* get_buffer() const { return buffer_.get_buffer(); } const byte* get_buffer() const { return buffer_.get_buffer(); }
const byte* get_current() const { return &buffer_[current_]; } const byte* get_current() const { return &buffer_[current_]; }
word32 get_index() const { return current_; } word32 get_index() const { return current_; }
void set_index(word32 i) { current_ = i; } void set_index(word32 i) { if (i < size()) current_ = i; }
byte operator[] (word32 i) { current_ = i; return next(); } byte operator[] (word32 i) { current_ = i; return next(); }
byte next() { return buffer_[current_++]; } byte next() { if (IsLeft(1)) return buffer_[current_++]; else return 0; }
byte prev() { return buffer_[--current_]; } byte prev() { if (current_) return buffer_[--current_]; else return 0; }
void add(const byte* data, word32 len) void add(const byte* data, word32 len)
{ {
memcpy(buffer_.get_buffer() + current_, data, len); if (IsLeft(len)) {
current_ += len; memcpy(buffer_.get_buffer() + current_, data, len);
current_ += len;
}
} }
void advance(word32 i) { current_ += i; } void advance(word32 i) { if (IsLeft(i)) current_ += i; }
void reset(ByteBlock&); void reset(ByteBlock&);
Error GetError() { return error_; } Error GetError() { return error_; }

4
extra/yassl/taocrypt/include/hash.hpp
View File

@ -63,8 +63,8 @@ protected:
word32 buffLen_; // in bytes word32 buffLen_; // in bytes
HashLengthType loLen_; // length in bytes HashLengthType loLen_; // length in bytes
HashLengthType hiLen_; // length in bytes HashLengthType hiLen_; // length in bytes
word32 digest_[MaxDigestSz]; word32 digest_[MaxDigestSz];
word32 buffer_[MaxBufferSz / sizeof(word32)]; word32 buffer_[MaxBufferSz / sizeof(word32)];
virtual void Transform() = 0; virtual void Transform() = 0;

63
extra/yassl/taocrypt/include/hc128.hpp Normal file
View File

@ -0,0 +1,63 @@
/*
Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to the
Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/
/* hc128.hpp defines HC128
*/
#ifndef TAO_CRYPT_HC128_HPP
#define TAO_CRYPT_HC128_HPP
#include "misc.hpp"
namespace TaoCrypt {
// HC128 encryption and decryption
class HC128 {
public:
typedef HC128 Encryption;
typedef HC128 Decryption;
HC128() {}
void Process(byte*, const byte*, word32);
void SetKey(const byte*, const byte*);
private:
word32 T_[1024]; /* P[i] = T[i]; Q[i] = T[1024 + i ]; */
word32 X_[16];
word32 Y_[16];
word32 counter1024_; /* counter1024 = i mod 1024 at the ith step */
word32 key_[8];
word32 iv_[8];
void SetIV(const byte*);
void GenerateKeystream(word32*);
void SetupUpdate();
HC128(const HC128&); // hide copy
const HC128 operator=(const HC128&); // and assign
};
} // namespace
#endif // TAO_CRYPT_HC128_HPP

7
extra/yassl/taocrypt/include/integer.hpp
View File

@ -110,13 +110,6 @@ namespace TaoCrypt {
#endif #endif
// general MIN
template<typename T> inline
const T& min(const T& a, const T& b)
{
return a < b ? a : b;
}
// general MAX // general MAX
template<typename T> inline template<typename T> inline

12
extra/yassl/taocrypt/include/kernelc.hpp
View File

@ -30,17 +30,5 @@ extern "C" void* memcpy(void*, const void*, size_t);
extern "C" void* memset(void*, int, size_t); extern "C" void* memset(void*, int, size_t);
extern "C" void printk(char *fmt, ...); extern "C" void printk(char *fmt, ...);
#define KERN_ERR "<3>" /* error conditions */
#if defined(NDEBUG)
#define assert(p) ((void)0)
#else
#define assert(expr) \
if (!(expr)) { \
printk(KERN_ERR "Assertion failed! %s,%s,%s,line=%d\n", \
#expr,__FILE__,__FUNCTION__,__LINE__); }
#endif
#endif // TAOCRYPT_KERNELC_HPP #endif // TAOCRYPT_KERNELC_HPP

49
extra/yassl/taocrypt/include/misc.hpp
View File

@ -1,5 +1,5 @@
/* /*
Copyright (C) 2000-2007 MySQL AB Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -24,7 +24,6 @@
#if !defined(DO_TAOCRYPT_KERNEL_MODE) #if !defined(DO_TAOCRYPT_KERNEL_MODE)
#include <stdlib.h> #include <stdlib.h>
#include <assert.h>
#include <string.h> #include <string.h>
#else #else
#include "kernelc.hpp" #include "kernelc.hpp"
@ -62,30 +61,30 @@ void CleanUp();
template<typename T> template<typename T>
void tcDelete(T* ptr) void tcDelete(T* ptr)
{ {
if (ptr) ptr->~T(); if (ptr) ptr->~T();
::operator delete(ptr, TaoCrypt::tc); ::operator delete(ptr, TaoCrypt::tc);
} }
template<typename T> template<typename T>
void tcArrayDelete(T* ptr) void tcArrayDelete(T* ptr)
{ {
// can't do array placement destruction since not tracking size in // can't do array placement destruction since not tracking size in
// allocation, only allow builtins to use array placement since they // allocation, only allow builtins to use array placement since they
// don't need destructors called // don't need destructors called
typedef char builtin[IsFundamentalType<T>::Yes ? 1 : -1]; typedef char builtin[IsFundamentalType<T>::Yes ? 1 : -1];
(void)sizeof(builtin); (void)sizeof(builtin);
::operator delete[](ptr, TaoCrypt::tc); ::operator delete[](ptr, TaoCrypt::tc);
} }
#define NEW_TC new (TaoCrypt::tc) #define NEW_TC new (TaoCrypt::tc)
// to resolve compiler generated operator delete on base classes with // to resolve compiler generated operator delete on base classes with
// virtual destructors (when on stack), make sure doesn't get called // virtual destructors (when on stack)
class virtual_base { class virtual_base {
public: public:
static void operator delete(void*) { assert(0); } static void operator delete(void*) { }
}; };
#else // YASSL_PURE_C #else // YASSL_PURE_C
@ -125,7 +124,7 @@ void CleanUp();
// no gas on these systems ?, disable for now // no gas on these systems ?, disable for now
#if defined(__sun__) || defined (__QNX__) || defined (__APPLE__) #if defined(__sun__) || defined (__APPLE__)
#define TAOCRYPT_DISABLE_X86ASM #define TAOCRYPT_DISABLE_X86ASM
#endif #endif
@ -366,7 +365,6 @@ inline bool IsPowerOf2(T n)
template <class T1, class T2> template <class T1, class T2>
inline T2 ModPowerOf2(T1 a, T2 b) inline T2 ModPowerOf2(T1 a, T2 b)
{ {
assert(IsPowerOf2(b));
return T2(a) & (b-1); return T2(a) & (b-1);
} }
@ -409,14 +407,12 @@ inline bool IsAligned(const void* p, T* dummy = 0) // VC60 workaround
template <class T> inline T rotlFixed(T x, unsigned int y) template <class T> inline T rotlFixed(T x, unsigned int y)
{ {
assert(y < sizeof(T)*8); return (x<<y) | (x>>(sizeof(T)*8-y));
return (x<<y) | (x>>(sizeof(T)*8-y));
} }
template <class T> inline T rotrFixed(T x, unsigned int y) template <class T> inline T rotrFixed(T x, unsigned int y)
{ {
assert(y < sizeof(T)*8); return (x>>y) | (x<<(sizeof(T)*8-y));
return (x>>y) | (x<<(sizeof(T)*8-y));
} }
#ifdef INTEL_INTRINSICS #ifdef INTEL_INTRINSICS
@ -425,13 +421,11 @@ template <class T> inline T rotrFixed(T x, unsigned int y)
template<> inline word32 rotlFixed(word32 x, word32 y) template<> inline word32 rotlFixed(word32 x, word32 y)
{ {
assert(y < 32);
return y ? _lrotl(x, y) : x; return y ? _lrotl(x, y) : x;
} }
template<> inline word32 rotrFixed(word32 x, word32 y) template<> inline word32 rotrFixed(word32 x, word32 y)
{ {
assert(y < 32);
return y ? _lrotr(x, y) : x; return y ? _lrotr(x, y) : x;
} }
@ -441,7 +435,9 @@ template<> inline word32 rotrFixed(word32 x, word32 y)
#undef min #undef min
#endif #endif
inline word32 min(word32 a, word32 b)
template <class T>
inline const T& min(const T& a, const T& b)
{ {
return a < b ? a : b; return a < b ? a : b;
} }
@ -486,7 +482,6 @@ inline word64 ByteReverse(word64 value)
template <typename T> template <typename T>
inline void ByteReverse(T* out, const T* in, word32 byteCount) inline void ByteReverse(T* out, const T* in, word32 byteCount)
{ {
assert(byteCount % sizeof(T) == 0);
word32 count = byteCount/sizeof(T); word32 count = byteCount/sizeof(T);
for (word32 i=0; i<count; i++) for (word32 i=0; i<count; i++)
out[i] = ByteReverse(in[i]); out[i] = ByteReverse(in[i]);
@ -574,7 +569,6 @@ inline void GetUserKey(ByteOrder order, T* out, word32 outlen, const byte* in,
word32 inlen) word32 inlen)
{ {
const unsigned int U = sizeof(T); const unsigned int U = sizeof(T);
assert(inlen <= outlen*U);
memcpy(out, in, inlen); memcpy(out, in, inlen);
memset((byte *)out+inlen, 0, outlen*U-inlen); memset((byte *)out+inlen, 0, outlen*U-inlen);
ByteReverseIf(out, out, RoundUpToMultipleOf(inlen, U), order); ByteReverseIf(out, out, RoundUpToMultipleOf(inlen, U), order);
@ -583,7 +577,8 @@ inline void GetUserKey(ByteOrder order, T* out, word32 outlen, const byte* in,
#ifdef _MSC_VER #ifdef _MSC_VER
// disable conversion warning // disable conversion warning
#pragma warning(disable:4244) // 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy
#pragma warning(disable:4244 4996)
#endif #endif
@ -678,10 +673,7 @@ template <class T>
inline T GetWord(bool assumeAligned, ByteOrder order, const byte *block) inline T GetWord(bool assumeAligned, ByteOrder order, const byte *block)
{ {
if (assumeAligned) if (assumeAligned)
{
assert(IsAligned<T>(block));
return ByteReverseIf(*reinterpret_cast<const T *>(block), order); return ByteReverseIf(*reinterpret_cast<const T *>(block), order);
}
else else
return UnalignedGetWord<T>(order, block); return UnalignedGetWord<T>(order, block);
} }
@ -699,7 +691,6 @@ inline void PutWord(bool assumeAligned, ByteOrder order, byte* block, T value,
{ {
if (assumeAligned) if (assumeAligned)
{ {
assert(IsAligned<T>(block));
if (xorBlock) if (xorBlock)
*reinterpret_cast<T *>(block) = ByteReverseIf(value, order) *reinterpret_cast<T *>(block) = ByteReverseIf(value, order)
^ *reinterpret_cast<const T *>(xorBlock); ^ *reinterpret_cast<const T *>(xorBlock);
@ -812,7 +803,6 @@ inline T SafeLeftShift(T value)
inline inline
word ShiftWordsLeftByBits(word* r, unsigned int n, unsigned int shiftBits) word ShiftWordsLeftByBits(word* r, unsigned int n, unsigned int shiftBits)
{ {
assert (shiftBits<WORD_BITS);
word u, carry=0; word u, carry=0;
if (shiftBits) if (shiftBits)
for (unsigned int i=0; i<n; i++) for (unsigned int i=0; i<n; i++)
@ -828,7 +818,6 @@ word ShiftWordsLeftByBits(word* r, unsigned int n, unsigned int shiftBits)
inline inline
word ShiftWordsRightByBits(word* r, unsigned int n, unsigned int shiftBits) word ShiftWordsRightByBits(word* r, unsigned int n, unsigned int shiftBits)
{ {
assert (shiftBits<WORD_BITS);
word u, carry=0; word u, carry=0;
if (shiftBits) if (shiftBits)
for (int i=n-1; i>=0; i--) for (int i=n-1; i>=0; i--)

12
extra/yassl/taocrypt/include/modes.hpp
View File

@ -12,8 +12,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
/* modes.hpp provides ECB and CBC modes for block cipher encryption/decryption /* modes.hpp provides ECB and CBC modes for block cipher encryption/decryption
@ -60,9 +61,7 @@ public:
explicit Mode_BASE(int sz, CipherDir dir, Mode mode) explicit Mode_BASE(int sz, CipherDir dir, Mode mode)
: blockSz_(sz), reg_(reinterpret_cast<byte*>(r_)), : blockSz_(sz), reg_(reinterpret_cast<byte*>(r_)),
tmp_(reinterpret_cast<byte*>(t_)), dir_(dir), mode_(mode) tmp_(reinterpret_cast<byte*>(t_)), dir_(dir), mode_(mode)
{ {}
assert(sz <= MaxBlockSz);
}
virtual ~Mode_BASE() {} virtual ~Mode_BASE() {}
virtual void Process(byte*, const byte*, word32); virtual void Process(byte*, const byte*, word32);
@ -95,8 +94,7 @@ inline void Mode_BASE::Process(byte* out, const byte* in, word32 sz)
{ {
if (mode_ == ECB) if (mode_ == ECB)
ECB_Process(out, in, sz); ECB_Process(out, in, sz);
else if (mode_ == CBC) else if (mode_ == CBC) {
{
if (dir_ == ENCRYPTION) if (dir_ == ENCRYPTION)
CBC_Encrypt(out, in, sz); CBC_Encrypt(out, in, sz);
else else

5
extra/yassl/taocrypt/include/pwdbased.hpp
View File

@ -48,8 +48,9 @@ word32 PBKDF2_HMAC<T>::DeriveKey(byte* derived, word32 dLen, const byte* pwd,
word32 pLen, const byte* salt, word32 sLen, word32 pLen, const byte* salt, word32 sLen,
word32 iterations) const word32 iterations) const
{ {
assert(dLen <= MaxDerivedKeyLength()); if (dLen > MaxDerivedKeyLength())
assert(iterations > 0); return 0;
ByteBlock buffer(T::DIGEST_SIZE); ByteBlock buffer(T::DIGEST_SIZE);
HMAC<T> hmac; HMAC<T> hmac;

65
extra/yassl/taocrypt/include/rabbit.hpp Normal file
View File

@ -0,0 +1,65 @@
/*
Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to the
Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/
/* rabbit.hpp defines Rabbit
*/
#ifndef TAO_CRYPT_RABBIT_HPP
#define TAO_CRYPT_RABBIT_HPP
#include "misc.hpp"
namespace TaoCrypt {
// Rabbit encryption and decryption
class Rabbit {
public:
typedef Rabbit Encryption;
typedef Rabbit Decryption;
enum RabbitCtx { Master = 0, Work = 1 };
Rabbit() {}
void Process(byte*, const byte*, word32);
void SetKey(const byte*, const byte*);
private:
struct Ctx {
word32 x[8];
word32 c[8];
word32 carry;
};
Ctx masterCtx_;
Ctx workCtx_;
void NextState(RabbitCtx);
void SetIV(const byte*);
Rabbit(const Rabbit&); // hide copy
const Rabbit operator=(const Rabbit&); // and assign
};
} // namespace
#endif // TAO_CRYPT_RABBIT_HPP

4
extra/yassl/taocrypt/include/rsa.hpp
View File

@ -178,7 +178,8 @@ void RSA_Encryptor<Pad>::Encrypt(const byte* plain, word32 sz, byte* cipher,
RandomNumberGenerator& rng) RandomNumberGenerator& rng)
{ {
PK_Lengths lengths(key_.GetModulus()); PK_Lengths lengths(key_.GetModulus());
assert(sz <= lengths.FixedMaxPlaintextLength()); if (sz > lengths.FixedMaxPlaintextLength())
return;
ByteBlock paddedBlock(lengths.PaddedBlockByteLength()); ByteBlock paddedBlock(lengths.PaddedBlockByteLength());
padding_.Pad(plain, sz, paddedBlock.get_buffer(), padding_.Pad(plain, sz, paddedBlock.get_buffer(),
@ -195,7 +196,6 @@ word32 RSA_Decryptor<Pad>::Decrypt(const byte* cipher, word32 sz, byte* plain,
RandomNumberGenerator& rng) RandomNumberGenerator& rng)
{ {
PK_Lengths lengths(key_.GetModulus()); PK_Lengths lengths(key_.GetModulus());
assert(sz == lengths.FixedCiphertextLength());
if (sz != lengths.FixedCiphertextLength()) if (sz != lengths.FixedCiphertextLength())
return 0; return 0;

10
extra/yassl/taocrypt/include/runtime.hpp
View File

@ -11,8 +11,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
/* runtime.hpp provides C++ runtime support functions when building a pure C /* runtime.hpp provides C++ runtime support functions when building a pure C
@ -30,7 +31,6 @@
#ifdef __sun #ifdef __sun
#include <assert.h>
// Handler for pure virtual functions // Handler for pure virtual functions
namespace __Crun { namespace __Crun {
@ -45,9 +45,7 @@ namespace __Crun {
#if __GNUC__ > 2 #if __GNUC__ > 2
extern "C" { extern "C" {
#if !defined(DO_TAOCRYPT_KERNEL_MODE) #if defined(DO_TAOCRYPT_KERNEL_MODE)
#include <assert.h>
#else
#include "kernelc.hpp" #include "kernelc.hpp"
#endif #endif
int __cxa_pure_virtual () __attribute__ ((weak)); int __cxa_pure_virtual () __attribute__ ((weak));

2
extra/yassl/taocrypt/include/types.hpp
View File

@ -62,7 +62,7 @@ typedef unsigned int word32;
// compilers we've found 64-bit multiply insructions for // compilers we've found 64-bit multiply insructions for
#if defined(__GNUC__) || defined(_MSC_VER) || defined(__DECCXX) #if defined(__GNUC__) || defined(_MSC_VER) || defined(__DECCXX)
#if !(defined(__ICC) || defined(__INTEL_COMPILER)) #if !(defined(__ICC) || defined(__INTEL_COMPILER))
#define HAVE_64_MULTIPLY #define HAVE_64_MULTIPLY
#endif #endif
#endif #endif

3
extra/yassl/taocrypt/mySTL/stdexcept.hpp
View File

@ -26,7 +26,6 @@
#include <string.h> // strncpy #include <string.h> // strncpy
#include <assert.h> // assert
#include <stdlib.h> // size_t #include <stdlib.h> // size_t
@ -41,7 +40,7 @@ public:
virtual const char* what() const { return ""; } virtual const char* what() const { return ""; }
// for compiler generated call, never used // for compiler generated call, never used
static void operator delete(void*) { assert(0); } static void operator delete(void*) { }
private: private:
// don't allow dynamic creation of exceptions // don't allow dynamic creation of exceptions
static void* operator new(size_t); static void* operator new(size_t);

7
extra/yassl/taocrypt/mySTL/vector.hpp
View File

@ -26,7 +26,6 @@
#include "helpers.hpp" // construct, destory, fill, etc. #include "helpers.hpp" // construct, destory, fill, etc.
#include "algorithm.hpp" // swap #include "algorithm.hpp" // swap
#include <assert.h> // assert
namespace mySTL { namespace mySTL {
@ -141,9 +140,9 @@ private:
// for growing, n must be bigger than other size // for growing, n must be bigger than other size
vector(size_t n, const vector& other) : vec_(n) vector(size_t n, const vector& other) : vec_(n)
{ {
assert(n > other.size()); if (n > other.size())
vec_.finish_ = uninit_copy(other.vec_.start_, other.vec_.finish_, vec_.finish_ = uninit_copy(other.vec_.start_, other.vec_.finish_,
vec_.start_); vec_.start_);
} }
}; };

2
extra/yassl/taocrypt/src/Makefile.am
View File

@ -6,7 +6,7 @@ libtaocrypt_la_SOURCES = aes.cpp aestables.cpp algebra.cpp arc4.cpp \
asn.cpp bftables.cpp blowfish.cpp coding.cpp des.cpp dh.cpp \ asn.cpp bftables.cpp blowfish.cpp coding.cpp des.cpp dh.cpp \
dsa.cpp file.cpp hash.cpp integer.cpp md2.cpp md4.cpp md5.cpp misc.cpp \ dsa.cpp file.cpp hash.cpp integer.cpp md2.cpp md4.cpp md5.cpp misc.cpp \
random.cpp ripemd.cpp rsa.cpp sha.cpp template_instnt.cpp \ random.cpp ripemd.cpp rsa.cpp sha.cpp template_instnt.cpp \
tftables.cpp twofish.cpp tftables.cpp twofish.cpp crypto.cpp rabbit.cpp hc128.cpp
libtaocrypt_la_CXXFLAGS = @yassl_taocrypt_extra_cxxflags@ -DYASSL_PURE_C \ libtaocrypt_la_CXXFLAGS = @yassl_taocrypt_extra_cxxflags@ -DYASSL_PURE_C \
@yassl_thread_cxxflags@ @yassl_thread_cxxflags@

44
extra/yassl/taocrypt/src/aes.cpp
View File

@ -11,8 +11,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
/* C++ based on Wei Dai's aes.cpp from CryptoPP */ /* C++ based on Wei Dai's aes.cpp from CryptoPP */
@ -78,7 +79,7 @@ void AES::Process(byte* out, const byte* in, word32 sz)
out += BLOCK_SIZE; out += BLOCK_SIZE;
in += BLOCK_SIZE; in += BLOCK_SIZE;
} }
} }
} }
#endif // DO_AES_ASM #endif // DO_AES_ASM
@ -86,8 +87,13 @@ void AES::Process(byte* out, const byte* in, word32 sz)
void AES::SetKey(const byte* userKey, word32 keylen, CipherDir /*dummy*/) void AES::SetKey(const byte* userKey, word32 keylen, CipherDir /*dummy*/)
{ {
assert( (keylen == 16) || (keylen == 24) || (keylen == 32) ); if (keylen <= 16)
keylen = 16;
else if (keylen >= 32)
keylen = 32;
else if (keylen != 24)
keylen = 24;
rounds_ = keylen/4 + 6; rounds_ = keylen/4 + 6;
word32 temp, *rk = key_; word32 temp, *rk = key_;
@ -245,34 +251,34 @@ void AES::encrypt(const byte* inBlock, const byte* xorBlock,
for (;;) { for (;;) {
t0 = t0 =
Te0[GETBYTE(s0, 3)] ^ Te0[GETBYTE(s0, 3)] ^
Te1[GETBYTE(s1, 2)] ^ Te1[GETBYTE(s1, 2)] ^
Te2[GETBYTE(s2, 1)] ^ Te2[GETBYTE(s2, 1)] ^
Te3[GETBYTE(s3, 0)] ^ Te3[GETBYTE(s3, 0)] ^
rk[4]; rk[4];
t1 = t1 =
Te0[GETBYTE(s1, 3)] ^ Te0[GETBYTE(s1, 3)] ^
Te1[GETBYTE(s2, 2)] ^ Te1[GETBYTE(s2, 2)] ^
Te2[GETBYTE(s3, 1)] ^ Te2[GETBYTE(s3, 1)] ^
Te3[GETBYTE(s0, 0)] ^ Te3[GETBYTE(s0, 0)] ^
rk[5]; rk[5];
t2 = t2 =
Te0[GETBYTE(s2, 3)] ^ Te0[GETBYTE(s2, 3)] ^
Te1[GETBYTE(s3, 2)] ^ Te1[GETBYTE(s3, 2)] ^
Te2[GETBYTE(s0, 1)] ^ Te2[GETBYTE(s0, 1)] ^
Te3[GETBYTE(s1, 0)] ^ Te3[GETBYTE(s1, 0)] ^
rk[6]; rk[6];
t3 = t3 =
Te0[GETBYTE(s3, 3)] ^ Te0[GETBYTE(s3, 3)] ^
Te1[GETBYTE(s0, 2)] ^ Te1[GETBYTE(s0, 2)] ^
Te2[GETBYTE(s1, 1)] ^ Te2[GETBYTE(s1, 1)] ^
Te3[GETBYTE(s2, 0)] ^ Te3[GETBYTE(s2, 0)] ^
rk[7]; rk[7];
rk += 8; rk += 8;
if (--r == 0) { if (--r == 0) {
break; break;
} }
s0 = s0 =
Te0[GETBYTE(t0, 3)] ^ Te0[GETBYTE(t0, 3)] ^
Te1[GETBYTE(t1, 2)] ^ Te1[GETBYTE(t1, 2)] ^
@ -421,7 +427,7 @@ void AES::decrypt(const byte* inBlock, const byte* xorBlock,
(Td4[GETBYTE(t3, 2)] & 0x00ff0000) ^ (Td4[GETBYTE(t3, 2)] & 0x00ff0000) ^
(Td4[GETBYTE(t2, 1)] & 0x0000ff00) ^ (Td4[GETBYTE(t2, 1)] & 0x0000ff00) ^
(Td4[GETBYTE(t1, 0)] & 0x000000ff) ^ (Td4[GETBYTE(t1, 0)] & 0x000000ff) ^
rk[0]; rk[0];
s1 = s1 =
(Td4[GETBYTE(t1, 3)] & 0xff000000) ^ (Td4[GETBYTE(t1, 3)] & 0xff000000) ^
(Td4[GETBYTE(t0, 2)] & 0x00ff0000) ^ (Td4[GETBYTE(t0, 2)] & 0x00ff0000) ^

2
extra/yassl/taocrypt/src/aestables.cpp
View File

@ -33,6 +33,4 @@ const word32 AES::rcon_[] = {
}; };
} // namespace } // namespace

8
extra/yassl/taocrypt/src/algebra.cpp
View File

@ -11,8 +11,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
/* based on Wei Dai's algebra.cpp from CryptoPP */ /* based on Wei Dai's algebra.cpp from CryptoPP */
@ -245,7 +246,6 @@ void AbstractGroup::SimultaneousMultiply(Integer *results, const Integer &base,
for (i=0; i<expCount; i++) for (i=0; i<expCount; i++)
{ {
assert(expBegin->NotNegative());
exponents.push_back(WindowSlider(*expBegin++, InversionIsFast(), 0)); exponents.push_back(WindowSlider(*expBegin++, InversionIsFast(), 0));
exponents[i].FindNextWindow(); exponents[i].FindNextWindow();
buckets[i].resize(1<<(exponents[i].windowSize-1), Identity()); buckets[i].resize(1<<(exponents[i].windowSize-1), Identity());
@ -286,7 +286,7 @@ void AbstractGroup::SimultaneousMultiply(Integer *results, const Integer &base,
r = buckets[i][buckets[i].size()-1]; r = buckets[i][buckets[i].size()-1];
if (buckets[i].size() > 1) if (buckets[i].size() > 1)
{ {
for (int j= (unsigned int) (buckets[i].size()) - 2; j >= 1; j--) for (size_t j = buckets[i].size()-2; j >= 1; j--)
{ {
Accumulate(buckets[i][j], buckets[i][j+1]); Accumulate(buckets[i][j], buckets[i][j+1]);
Accumulate(r, buckets[i][j]); Accumulate(r, buckets[i][j]);

2
extra/yassl/taocrypt/src/arc4.cpp
View File

@ -104,7 +104,7 @@ void ARC4::Process(byte* out, const byte* in, word32 length)
#ifdef DO_ARC4_ASM #ifdef DO_ARC4_ASM
#ifdef _MSC_VER #ifdef _MSC_VER
__declspec(naked) __declspec(naked)
#else #else
__attribute__ ((noinline)) __attribute__ ((noinline))
#endif #endif

227
extra/yassl/taocrypt/src/asn.cpp
View File

@ -1,5 +1,5 @@
/* /*
Copyright (c) 2005-2007 MySQL AB, 2009, 2010 Sun Microsystems, Inc. Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
Use is subject to license terms. Use is subject to license terms.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
@ -12,8 +12,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
/* asn.cpp implements ASN1 BER, PublicKey, and x509v3 decoding /* asn.cpp implements ASN1 BER, PublicKey, and x509v3 decoding
@ -110,7 +111,8 @@ bool ValidateDate(const byte* date, byte format, CertDecoder::DateType dt)
GetTime(certTime.tm_min, date, i); GetTime(certTime.tm_min, date, i);
GetTime(certTime.tm_sec, date, i); GetTime(certTime.tm_sec, date, i);
assert(date[i] == 'Z'); // only Zulu supported for this profile if (date[i] != 'Z') // only Zulu supported for this profile
return false;
time_t ltime = time(0); time_t ltime = time(0);
tm* localTime = gmtime(&ltime); tm* localTime = gmtime(&ltime);
@ -142,6 +144,8 @@ word32 GetLength(Source& source)
if (b >= LONG_LENGTH) { if (b >= LONG_LENGTH) {
word32 bytes = b & 0x7F; word32 bytes = b & 0x7F;
if (source.IsLeft(bytes) == false) return 0;
while (bytes--) { while (bytes--) {
b = source.next(); b = source.next();
length = (length << 8) | b; length = (length << 8) | b;
@ -213,9 +217,9 @@ void PublicKey::AddToEnd(const byte* data, word32 len)
Signer::Signer(const byte* k, word32 kSz, const char* n, const byte* h) Signer::Signer(const byte* k, word32 kSz, const char* n, const byte* h)
: key_(k, kSz) : key_(k, kSz)
{ {
size_t sz = strlen(n); size_t sz = strlen(n);
memcpy(name_, n, sz); memcpy(name_, n, sz);
name_[sz] = 0; name_[sz] = 0;
memcpy(hash_, h, SHA::DIGEST_SIZE); memcpy(hash_, h, SHA::DIGEST_SIZE);
} }
@ -363,12 +367,59 @@ void RSA_Public_Decoder::Decode(RSA_PublicKey& key)
ReadHeader(); ReadHeader();
if (source_.GetError().What()) return; if (source_.GetError().What()) return;
ReadHeaderOpenSSL(); // may or may not be
if (source_.GetError().What()) return;
// public key // public key
key.SetModulus(GetInteger(Integer().Ref())); key.SetModulus(GetInteger(Integer().Ref()));
key.SetPublicExponent(GetInteger(Integer().Ref())); key.SetPublicExponent(GetInteger(Integer().Ref()));
} }
// Read OpenSSL format public header
void RSA_Public_Decoder::ReadHeaderOpenSSL()
{
byte b = source_.next(); // peek
source_.prev();
if (b != INTEGER) { // have OpenSSL public format
GetSequence();
b = source_.next();
if (b != OBJECT_IDENTIFIER) {
source_.SetError(OBJECT_ID_E);
return;
}
word32 len = GetLength(source_);
source_.advance(len);
b = source_.next();
if (b == TAG_NULL) { // could have NULL tag and 0 terminator, may not
b = source_.next();
if (b != 0) {
source_.SetError(EXPECT_0_E);
return;
}
}
else
source_.prev(); // put back
b = source_.next();
if (b != BIT_STRING) {
source_.SetError(BIT_STR_E);
return;
}
len = GetLength(source_);
b = source_.next();
if (b != 0) // could have 0
source_.prev(); // put back
GetSequence();
}
}
void RSA_Public_Decoder::ReadHeader() void RSA_Public_Decoder::ReadHeader()
{ {
GetSequence(); GetSequence();
@ -419,12 +470,12 @@ CertDecoder::CertDecoder(Source& s, bool decode, SignerList* signers,
bool noVerify, CertType ct) bool noVerify, CertType ct)
: BER_Decoder(s), certBegin_(0), sigIndex_(0), sigLength_(0), : BER_Decoder(s), certBegin_(0), sigIndex_(0), sigLength_(0),
signature_(0), verify_(!noVerify) signature_(0), verify_(!noVerify)
{ {
issuer_[0] = 0; issuer_[0] = 0;
subject_[0] = 0; subject_[0] = 0;
if (decode) if (decode)
Decode(signers, ct); Decode(signers, ct);
} }
@ -469,9 +520,9 @@ void CertDecoder::Decode(SignerList* signers, CertType ct)
source_.SetError(SIG_OID_E); source_.SetError(SIG_OID_E);
return; return;
} }
if (ct != CA && verify_ && !ValidateSignature(signers)) if (ct != CA && verify_ && !ValidateSignature(signers))
source_.SetError(SIG_OTHER_E); source_.SetError(SIG_OTHER_E);
} }
@ -529,8 +580,10 @@ void CertDecoder::StoreKey()
read = source_.get_index() - read; read = source_.get_index() - read;
length += read; length += read;
if (source_.GetError().What()) return;
while (read--) source_.prev(); while (read--) source_.prev();
if (source_.IsLeft(length) == false) return;
key_.SetSize(length); key_.SetSize(length);
key_.SetKey(source_.get_current()); key_.SetKey(source_.get_current());
source_.advance(length); source_.advance(length);
@ -562,6 +615,8 @@ void CertDecoder::AddDSA()
word32 length = GetLength(source_); word32 length = GetLength(source_);
length += source_.get_index() - idx; length += source_.get_index() - idx;
if (source_.IsLeft(length) == false) return;
key_.AddToEnd(source_.get_buffer() + idx, length); key_.AddToEnd(source_.get_buffer() + idx, length);
} }
@ -571,6 +626,8 @@ word32 CertDecoder::GetAlgoId()
{ {
if (source_.GetError().What()) return 0; if (source_.GetError().What()) return 0;
word32 length = GetSequence(); word32 length = GetSequence();
if (source_.GetError().What()) return 0;
byte b = source_.next(); byte b = source_.next();
if (b != OBJECT_IDENTIFIER) { if (b != OBJECT_IDENTIFIER) {
@ -579,26 +636,25 @@ word32 CertDecoder::GetAlgoId()
} }
length = GetLength(source_); length = GetLength(source_);
if (source_.IsLeft(length) == false) return 0;
word32 oid = 0; word32 oid = 0;
while(length--) while(length--)
oid += source_.next(); // just sum it up for now oid += source_.next(); // just sum it up for now
if (oid != SHAwDSA && oid != DSAk) { // could have NULL tag and 0 terminator, but may not
b = source_.next(); // should have NULL tag and 0 b = source_.next();
if (b == TAG_NULL) {
if (b != TAG_NULL) {
source_.SetError(TAG_NULL_E);
return 0;
}
b = source_.next(); b = source_.next();
if (b != 0) { if (b != 0) {
source_.SetError(EXPECT_0_E); source_.SetError(EXPECT_0_E);
return 0; return 0;
} }
} }
else
// go back, didn't have it
b = source_.prev();
return oid; return oid;
} }
@ -615,6 +671,10 @@ word32 CertDecoder::GetSignature()
} }
sigLength_ = GetLength(source_); sigLength_ = GetLength(source_);
if (sigLength_ == 0 || source_.IsLeft(sigLength_) == false) {
source_.SetError(CONTENT_E);
return 0;
}
b = source_.next(); b = source_.next();
if (b != 0) { if (b != 0) {
@ -652,20 +712,22 @@ word32 CertDecoder::GetDigest()
} }
char *CertDecoder::AddTag(char *ptr, const char *buf_end, // memory length checked add tag to buffer
const char *tag_name, word32 tag_name_length, char* CertDecoder::AddTag(char* ptr, const char* buf_end, const char* tag_name,
word32 tag_value_length) word32 tag_name_length, word32 tag_value_length)
{ {
if (ptr + tag_name_length + tag_value_length > buf_end) if (ptr + tag_name_length + tag_value_length > buf_end) {
return 0; source_.SetError(CONTENT_E);
return 0;
memcpy(ptr, tag_name, tag_name_length); }
ptr+= tag_name_length;
memcpy(ptr, tag_name, tag_name_length);
memcpy(ptr, source_.get_current(), tag_value_length); ptr += tag_name_length;
ptr+= tag_value_length;
memcpy(ptr, source_.get_current(), tag_value_length);
return ptr; ptr += tag_value_length;
return ptr;
} }
@ -678,18 +740,20 @@ void CertDecoder::GetName(NameType nt)
word32 length = GetSequence(); // length of all distinguished names word32 length = GetSequence(); // length of all distinguished names
if (length >= ASN_NAME_MAX) if (length >= ASN_NAME_MAX)
goto err; return;
if (source_.IsLeft(length) == false) return;
length += source_.get_index(); length += source_.get_index();
char *ptr, *buf_end; char* ptr;
char* buf_end;
if (nt == ISSUER) { if (nt == ISSUER) {
ptr= issuer_; ptr = issuer_;
buf_end= ptr + sizeof(issuer_) - 1; // 1 byte for trailing 0 buf_end = ptr + sizeof(issuer_) - 1; // 1 byte for trailing 0
} }
else { else {
ptr= subject_; ptr = subject_;
buf_end= ptr + sizeof(subject_) - 1; // 1 byte for trailing 0 buf_end = ptr + sizeof(subject_) - 1; // 1 byte for trailing 0
} }
while (source_.get_index() < length) { while (source_.get_index() < length) {
@ -703,7 +767,10 @@ void CertDecoder::GetName(NameType nt)
} }
word32 oidSz = GetLength(source_); word32 oidSz = GetLength(source_);
if (source_.IsLeft(oidSz) == false) return;
byte joint[2]; byte joint[2];
if (source_.IsLeft(sizeof(joint)) == false) return;
memcpy(joint, source_.get_current(), sizeof(joint)); memcpy(joint, source_.get_current(), sizeof(joint));
// v1 name types // v1 name types
@ -713,62 +780,68 @@ void CertDecoder::GetName(NameType nt)
b = source_.next(); // strType b = source_.next(); // strType
word32 strLen = GetLength(source_); word32 strLen = GetLength(source_);
if (source_.IsLeft(strLen) == false) return;
switch (id) { switch (id) {
case COMMON_NAME: case COMMON_NAME:
if (!(ptr= AddTag(ptr, buf_end, "/CN=", 4, strLen))) if (!(ptr = AddTag(ptr, buf_end, "/CN=", 4, strLen)))
goto err; return;
break; break;
case SUR_NAME: case SUR_NAME:
if (!(ptr= AddTag(ptr, buf_end, "/SN=", 4, strLen))) if (!(ptr = AddTag(ptr, buf_end, "/SN=", 4, strLen)))
goto err; return;
break; break;
case COUNTRY_NAME: case COUNTRY_NAME:
if (!(ptr= AddTag(ptr, buf_end, "/C=", 3, strLen))) if (!(ptr = AddTag(ptr, buf_end, "/C=", 3, strLen)))
goto err; return;
break; break;
case LOCALITY_NAME: case LOCALITY_NAME:
if (!(ptr= AddTag(ptr, buf_end, "/L=", 3, strLen))) if (!(ptr = AddTag(ptr, buf_end, "/L=", 3, strLen)))
goto err; return;
break; break;
case STATE_NAME: case STATE_NAME:
if (!(ptr= AddTag(ptr, buf_end, "/ST=", 4, strLen))) if (!(ptr = AddTag(ptr, buf_end, "/ST=", 4, strLen)))
goto err; return;
break; break;
case ORG_NAME: case ORG_NAME:
if (!(ptr= AddTag(ptr, buf_end, "/O=", 3, strLen))) if (!(ptr = AddTag(ptr, buf_end, "/O=", 3, strLen)))
goto err; return;
break; break;
case ORGUNIT_NAME: case ORGUNIT_NAME:
if (!(ptr= AddTag(ptr, buf_end, "/OU=", 4, strLen))) if (!(ptr = AddTag(ptr, buf_end, "/OU=", 4, strLen)))
goto err; return;
break; break;
} }
sha.Update(source_.get_current(), strLen); sha.Update(source_.get_current(), strLen);
source_.advance(strLen); source_.advance(strLen);
} }
else { else {
bool email = false; bool email = false;
if (joint[0] == 0x2a && joint[1] == 0x86) // email id hdr if (joint[0] == 0x2a && joint[1] == 0x86) // email id hdr
email = true; email = true;
source_.advance(oidSz + 1); source_.advance(oidSz + 1);
word32 length = GetLength(source_); word32 length = GetLength(source_);
if (source_.IsLeft(length) == false) return;
if (email && !(ptr= AddTag(ptr, buf_end, "/emailAddress=", 14, length))) if (email) {
goto err; if (!(ptr = AddTag(ptr, buf_end, "/emailAddress=", 14, length))) {
source_.SetError(CONTENT_E);
return;
}
}
source_.advance(length); source_.advance(length);
} }
} }
*ptr= 0;
sha.Final(nt == ISSUER ? issuerHash_ : subjectHash_); *ptr = 0;
return; if (nt == ISSUER)
sha.Final(issuerHash_);
err: else
source_.SetError(CONTENT_E); sha.Final(subjectHash_);
} }
@ -784,6 +857,8 @@ void CertDecoder::GetDate(DateType dt)
} }
word32 length = GetLength(source_); word32 length = GetLength(source_);
if (source_.IsLeft(length) == false) return;
byte date[MAX_DATE_SZ]; byte date[MAX_DATE_SZ];
if (length > MAX_DATE_SZ || length < MIN_DATE_SZ) { if (length > MAX_DATE_SZ || length < MIN_DATE_SZ) {
source_.SetError(DATE_SZ_E); source_.SetError(DATE_SZ_E);
@ -793,8 +868,7 @@ void CertDecoder::GetDate(DateType dt)
memcpy(date, source_.get_current(), length); memcpy(date, source_.get_current(), length);
source_.advance(length); source_.advance(length);
if (!ValidateDate(date, b, dt) && verify_) if (!ValidateDate(date, b, dt) && verify_) {
{
if (dt == BEFORE) if (dt == BEFORE)
source_.SetError(BEFORE_DATE_E); source_.SetError(BEFORE_DATE_E);
else else
@ -855,7 +929,8 @@ void CertDecoder::GetCompareHash(const byte* plain, word32 sz, byte* digest,
// validate signature signed by someone else // validate signature signed by someone else
bool CertDecoder::ValidateSignature(SignerList* signers) bool CertDecoder::ValidateSignature(SignerList* signers)
{ {
assert(signers); if (!signers)
return false;
SignerList::iterator first = signers->begin(); SignerList::iterator first = signers->begin();
SignerList::iterator last = signers->end(); SignerList::iterator last = signers->end();
@ -1076,8 +1151,7 @@ word32 DecodeDSA_Signature(byte* decoded, const byte* encoded, word32 sz)
return 0; return 0;
} }
word32 rLen = GetLength(source); word32 rLen = GetLength(source);
if (rLen != 20) if (rLen != 20) {
{
if (rLen == 21) { // zero at front, eat if (rLen == 21) { // zero at front, eat
source.next(); source.next();
--rLen; --rLen;
@ -1100,8 +1174,7 @@ word32 DecodeDSA_Signature(byte* decoded, const byte* encoded, word32 sz)
return 0; return 0;
} }
word32 sLen = GetLength(source); word32 sLen = GetLength(source);
if (sLen != 20) if (sLen != 20) {
{
if (sLen == 21) { if (sLen == 21) {
source.next(); // zero at front, eat source.next(); // zero at front, eat
--sLen; --sLen;
@ -1122,6 +1195,7 @@ word32 DecodeDSA_Signature(byte* decoded, const byte* encoded, word32 sz)
} }
/*
// Get Cert in PEM format from BEGIN to END // Get Cert in PEM format from BEGIN to END
int GetCert(Source& source) int GetCert(Source& source)
{ {
@ -1173,12 +1247,10 @@ void PKCS12_Decoder::Decode()
// Get MacData optional // Get MacData optional
/* // mac digestInfo like certdecoder::getdigest?
mac digestInfo like certdecoder::getdigest? // macsalt octet string
macsalt octet string // iter integer
iter integer
*/
} }
@ -1198,6 +1270,7 @@ int GetPKCS_Cert(const char* password, Source& source)
return 0; return 0;
} }
*/

41
extra/yassl/taocrypt/src/blowfish.cpp
View File

@ -11,8 +11,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
/* C++ code based on Wei Dai's blowfish.cpp from CryptoPP */ /* C++ code based on Wei Dai's blowfish.cpp from CryptoPP */
@ -86,7 +87,10 @@ void Blowfish::Process(byte* out, const byte* in, word32 sz)
void Blowfish::SetKey(const byte* key_string, word32 keylength, CipherDir dir) void Blowfish::SetKey(const byte* key_string, word32 keylength, CipherDir dir)
{ {
assert(keylength >= 4 && keylength <= 56); if (keylength < 4)
keylength = 4;
else if (keylength > 56)
keylength = 56;
unsigned i, j=0, k; unsigned i, j=0, k;
word32 data, dspace[2] = {0, 0}; word32 data, dspace[2] = {0, 0};
@ -165,16 +169,21 @@ void Blowfish::crypt_block(const word32 in[2], word32 out[2]) const
word32 left = in[0]; word32 left = in[0];
word32 right = in[1]; word32 right = in[1];
const word32 *const s = sbox_;
const word32* p = pbox_; const word32* p = pbox_;
word32 tmp;
left ^= p[0]; left ^= p[0];
BF_ROUNDS // roll back up and use s and p index instead of just p
for (unsigned i = 0; i < ROUNDS / 2; i++) {
right ^= (((s[GETBYTE(left,3)] + s[256+GETBYTE(left,2)])
^ s[2*256+GETBYTE(left,1)]) + s[3*256+GETBYTE(left,0)])
^ p[2*i+1];
#if ROUNDS == 20 left ^= (((s[GETBYTE(right,3)] + s[256+GETBYTE(right,2)])
BF_EXTRA_ROUNDS ^ s[2*256+GETBYTE(right,1)]) + s[3*256+GETBYTE(right,0)])
#endif ^ p[2*i+2];
}
right ^= p[ROUNDS + 1]; right ^= p[ROUNDS + 1];
@ -188,17 +197,23 @@ typedef BlockGetAndPut<word32, BigEndian> gpBlock;
void Blowfish::ProcessAndXorBlock(const byte* in, const byte* xOr, byte* out) void Blowfish::ProcessAndXorBlock(const byte* in, const byte* xOr, byte* out)
const const
{ {
word32 tmp, left, right; word32 left, right;
const word32 *const s = sbox_;
const word32* p = pbox_; const word32* p = pbox_;
gpBlock::Get(in)(left)(right); gpBlock::Get(in)(left)(right);
left ^= p[0]; left ^= p[0];
BF_ROUNDS // roll back up and use s and p index instead of just p
for (unsigned i = 0; i < ROUNDS / 2; i++) {
right ^= (((s[GETBYTE(left,3)] + s[256+GETBYTE(left,2)])
^ s[2*256+GETBYTE(left,1)]) + s[3*256+GETBYTE(left,0)])
^ p[2*i+1];
#if ROUNDS == 20 left ^= (((s[GETBYTE(right,3)] + s[256+GETBYTE(right,2)])
BF_EXTRA_ROUNDS ^ s[2*256+GETBYTE(right,1)]) + s[3*256+GETBYTE(right,0)])
#endif ^ p[2*i+2];
}
right ^= p[ROUNDS + 1]; right ^= p[ROUNDS + 1];

21
extra/yassl/taocrypt/src/coding.cpp
View File

@ -11,8 +11,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
/* coding.cpp implements hex and base64 encoding/decoing /* coding.cpp implements hex and base64 encoding/decoing
@ -94,7 +95,6 @@ void HexEncoder::Encode()
void HexDecoder::Decode() void HexDecoder::Decode()
{ {
word32 bytes = coded_.size(); word32 bytes = coded_.size();
assert((bytes % 2) == 0);
decoded_.New(bytes / 2); decoded_.New(bytes / 2);
word32 i(0); word32 i(0);
@ -103,15 +103,9 @@ void HexDecoder::Decode()
byte b = coded_.next() - 0x30; // 0 starts at 0x30 byte b = coded_.next() - 0x30; // 0 starts at 0x30
byte b2 = coded_.next() - 0x30; byte b2 = coded_.next() - 0x30;
// sanity checks
assert( b < sizeof(hexDecode)/sizeof(hexDecode[0]) );
assert( b2 < sizeof(hexDecode)/sizeof(hexDecode[0]) );
b = hexDecode[b]; b = hexDecode[b];
b2 = hexDecode[b2]; b2 = hexDecode[b2];
assert( b != bad && b2 != bad );
decoded_[i++] = (b << 4) | b2; decoded_[i++] = (b << 4) | b2;
bytes -= 2; bytes -= 2;
} }
@ -173,9 +167,9 @@ void Base64Encoder::Encode()
} }
encoded_[i++] = '\n'; encoded_[i++] = '\n';
assert(i == outSz);
if (i == outSz)
plain_.reset(encoded_); plain_.reset(encoded_);
} }
@ -196,7 +190,6 @@ void Base64Decoder::Decode()
byte e3 = coded_.next(); byte e3 = coded_.next();
byte e4 = coded_.next(); byte e4 = coded_.next();
// do asserts first
if (e1 == 0) // end file 0's if (e1 == 0) // end file 0's
break; break;

3
extra/yassl/taocrypt/src/dsa.cpp
View File

@ -183,7 +183,8 @@ word32 DSA_Signer::Sign(const byte* sha_digest, byte* sig,
Integer kInv = k.InverseMod(q); Integer kInv = k.InverseMod(q);
s_ = (kInv * (H + x*r_)) % q; s_ = (kInv * (H + x*r_)) % q;
assert(!!r_ && !!s_); if (!(!!r_ && !!s_))
return -1;
int rSz = r_.ByteCount(); int rSz = r_.ByteCount();

17
extra/yassl/taocrypt/src/hash.cpp
View File

@ -21,7 +21,6 @@
#include "runtime.hpp" #include "runtime.hpp"
#include <string.h> #include <string.h>
#include <assert.h>
#include "hash.hpp" #include "hash.hpp"
@ -31,8 +30,6 @@ namespace TaoCrypt {
HASHwithTransform::HASHwithTransform(word32 digSz, word32 buffSz) HASHwithTransform::HASHwithTransform(word32 digSz, word32 buffSz)
{ {
assert(digSz <= MaxDigestSz);
assert(buffSz <= MaxBufferSz);
} }
@ -73,15 +70,15 @@ void HASHwithTransform::Update(const byte* data, word32 len)
// Final process, place digest in hash // Final process, place digest in hash
void HASHwithTransform::Final(byte* hash) void HASHwithTransform::Final(byte* hash)
{ {
word32 blockSz = getBlockSize(); word32 blockSz = getBlockSize();
word32 digestSz = getDigestSize(); word32 digestSz = getDigestSize();
word32 padSz = getPadSize(); word32 padSz = getPadSize();
ByteOrder order = getByteOrder(); ByteOrder order = getByteOrder();
AddLength(buffLen_); // before adding pads AddLength(buffLen_); // before adding pads
HashLengthType preLoLen = GetBitCountLo(); HashLengthType preLoLen = GetBitCountLo();
HashLengthType preHiLen = GetBitCountHi(); HashLengthType preHiLen = GetBitCountHi();
byte* local = reinterpret_cast<byte*>(buffer_); byte* local = reinterpret_cast<byte*>(buffer_);
local[buffLen_++] = 0x80; // add 1 local[buffLen_++] = 0x80; // add 1
@ -95,7 +92,7 @@ void HASHwithTransform::Final(byte* hash)
buffLen_ = 0; buffLen_ = 0;
} }
memset(&local[buffLen_], 0, padSz - buffLen_); memset(&local[buffLen_], 0, padSz - buffLen_);
ByteReverseIf(local, local, blockSz, order); ByteReverseIf(local, local, blockSz, order);
memcpy(&local[padSz], order ? &preHiLen : &preLoLen, sizeof(preLoLen)); memcpy(&local[padSz], order ? &preHiLen : &preLoLen, sizeof(preLoLen));
@ -113,8 +110,6 @@ void HASHwithTransform::Final(byte* hash)
HASH64withTransform::HASH64withTransform(word32 digSz, word32 buffSz) HASH64withTransform::HASH64withTransform(word32 digSz, word32 buffSz)
{ {
assert(digSz <= MaxDigestSz);
assert(buffSz <= MaxBufferSz);
} }

317
extra/yassl/taocrypt/src/hc128.cpp Normal file
View File

@ -0,0 +1,317 @@
/*
Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to the
Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/
#include "runtime.hpp"
#include "hc128.hpp"
namespace TaoCrypt {
#ifdef BIG_ENDIAN_ORDER
#define LITTLE32(x) ByteReverse((word32)x)
#else
#define LITTLE32(x) (x)
#endif
/*h1 function*/
#define h1(x, y) { \
byte a,c; \
a = (byte) (x); \
c = (byte) ((x) >> 16); \
y = (T_[512+a])+(T_[512+256+c]); \
}
/*h2 function*/
#define h2(x, y) { \
byte a,c; \
a = (byte) (x); \
c = (byte) ((x) >> 16); \
y = (T_[a])+(T_[256+c]); \
}
/*one step of HC-128, update P and generate 32 bits keystream*/
#define step_P(u,v,a,b,c,d,n){ \
word32 tem0,tem1,tem2,tem3; \
h1((X_[(d)]),tem3); \
tem0 = rotrFixed((T_[(v)]),23); \
tem1 = rotrFixed((X_[(c)]),10); \
tem2 = rotrFixed((X_[(b)]),8); \
(T_[(u)]) += tem2+(tem0 ^ tem1); \
(X_[(a)]) = (T_[(u)]); \
(n) = tem3 ^ (T_[(u)]) ; \
}
/*one step of HC-128, update Q and generate 32 bits keystream*/
#define step_Q(u,v,a,b,c,d,n){ \
word32 tem0,tem1,tem2,tem3; \
h2((Y_[(d)]),tem3); \
tem0 = rotrFixed((T_[(v)]),(32-23)); \
tem1 = rotrFixed((Y_[(c)]),(32-10)); \
tem2 = rotrFixed((Y_[(b)]),(32-8)); \
(T_[(u)]) += tem2 + (tem0 ^ tem1); \
(Y_[(a)]) = (T_[(u)]); \
(n) = tem3 ^ (T_[(u)]) ; \
}
/*16 steps of HC-128, generate 512 bits keystream*/
void HC128::GenerateKeystream(word32* keystream)
{
word32 cc,dd;
cc = counter1024_ & 0x1ff;
dd = (cc+16)&0x1ff;
if (counter1024_ < 512)
{
counter1024_ = (counter1024_ + 16) & 0x3ff;
step_P(cc+0, cc+1, 0, 6, 13,4, keystream[0]);
step_P(cc+1, cc+2, 1, 7, 14,5, keystream[1]);
step_P(cc+2, cc+3, 2, 8, 15,6, keystream[2]);
step_P(cc+3, cc+4, 3, 9, 0, 7, keystream[3]);
step_P(cc+4, cc+5, 4, 10,1, 8, keystream[4]);
step_P(cc+5, cc+6, 5, 11,2, 9, keystream[5]);
step_P(cc+6, cc+7, 6, 12,3, 10,keystream[6]);
step_P(cc+7, cc+8, 7, 13,4, 11,keystream[7]);
step_P(cc+8, cc+9, 8, 14,5, 12,keystream[8]);
step_P(cc+9, cc+10,9, 15,6, 13,keystream[9]);
step_P(cc+10,cc+11,10,0, 7, 14,keystream[10]);
step_P(cc+11,cc+12,11,1, 8, 15,keystream[11]);
step_P(cc+12,cc+13,12,2, 9, 0, keystream[12]);
step_P(cc+13,cc+14,13,3, 10,1, keystream[13]);
step_P(cc+14,cc+15,14,4, 11,2, keystream[14]);
step_P(cc+15,dd+0, 15,5, 12,3, keystream[15]);
}
else
{
counter1024_ = (counter1024_ + 16) & 0x3ff;
step_Q(512+cc+0, 512+cc+1, 0, 6, 13,4, keystream[0]);
step_Q(512+cc+1, 512+cc+2, 1, 7, 14,5, keystream[1]);
step_Q(512+cc+2, 512+cc+3, 2, 8, 15,6, keystream[2]);
step_Q(512+cc+3, 512+cc+4, 3, 9, 0, 7, keystream[3]);
step_Q(512+cc+4, 512+cc+5, 4, 10,1, 8, keystream[4]);
step_Q(512+cc+5, 512+cc+6, 5, 11,2, 9, keystream[5]);
step_Q(512+cc+6, 512+cc+7, 6, 12,3, 10,keystream[6]);
step_Q(512+cc+7, 512+cc+8, 7, 13,4, 11,keystream[7]);
step_Q(512+cc+8, 512+cc+9, 8, 14,5, 12,keystream[8]);
step_Q(512+cc+9, 512+cc+10,9, 15,6, 13,keystream[9]);
step_Q(512+cc+10,512+cc+11,10,0, 7, 14,keystream[10]);
step_Q(512+cc+11,512+cc+12,11,1, 8, 15,keystream[11]);
step_Q(512+cc+12,512+cc+13,12,2, 9, 0, keystream[12]);
step_Q(512+cc+13,512+cc+14,13,3, 10,1, keystream[13]);
step_Q(512+cc+14,512+cc+15,14,4, 11,2, keystream[14]);
step_Q(512+cc+15,512+dd+0, 15,5, 12,3, keystream[15]);
}
}
/* The following defines the initialization functions */
#define f1(x) (rotrFixed((x),7) ^ rotrFixed((x),18) ^ ((x) >> 3))
#define f2(x) (rotrFixed((x),17) ^ rotrFixed((x),19) ^ ((x) >> 10))
/*update table P*/
#define update_P(u,v,a,b,c,d){ \
word32 tem0,tem1,tem2,tem3; \
tem0 = rotrFixed((T_[(v)]),23); \
tem1 = rotrFixed((X_[(c)]),10); \
tem2 = rotrFixed((X_[(b)]),8); \
h1((X_[(d)]),tem3); \
(T_[(u)]) = ((T_[(u)]) + tem2+(tem0^tem1)) ^ tem3; \
(X_[(a)]) = (T_[(u)]); \
}
/*update table Q*/
#define update_Q(u,v,a,b,c,d){ \
word32 tem0,tem1,tem2,tem3; \
tem0 = rotrFixed((T_[(v)]),(32-23)); \
tem1 = rotrFixed((Y_[(c)]),(32-10)); \
tem2 = rotrFixed((Y_[(b)]),(32-8)); \
h2((Y_[(d)]),tem3); \
(T_[(u)]) = ((T_[(u)]) + tem2+(tem0^tem1)) ^ tem3; \
(Y_[(a)]) = (T_[(u)]); \
}
/*16 steps of HC-128, without generating keystream, */
/*but use the outputs to update P and Q*/
void HC128::SetupUpdate() /*each time 16 steps*/
{
word32 cc,dd;
cc = counter1024_ & 0x1ff;
dd = (cc+16)&0x1ff;
if (counter1024_ < 512)
{
counter1024_ = (counter1024_ + 16) & 0x3ff;
update_P(cc+0, cc+1, 0, 6, 13, 4);
update_P(cc+1, cc+2, 1, 7, 14, 5);
update_P(cc+2, cc+3, 2, 8, 15, 6);
update_P(cc+3, cc+4, 3, 9, 0, 7);
update_P(cc+4, cc+5, 4, 10,1, 8);
update_P(cc+5, cc+6, 5, 11,2, 9);
update_P(cc+6, cc+7, 6, 12,3, 10);
update_P(cc+7, cc+8, 7, 13,4, 11);
update_P(cc+8, cc+9, 8, 14,5, 12);
update_P(cc+9, cc+10,9, 15,6, 13);
update_P(cc+10,cc+11,10,0, 7, 14);
update_P(cc+11,cc+12,11,1, 8, 15);
update_P(cc+12,cc+13,12,2, 9, 0);
update_P(cc+13,cc+14,13,3, 10, 1);
update_P(cc+14,cc+15,14,4, 11, 2);
update_P(cc+15,dd+0, 15,5, 12, 3);
}
else
{
counter1024_ = (counter1024_ + 16) & 0x3ff;
update_Q(512+cc+0, 512+cc+1, 0, 6, 13, 4);
update_Q(512+cc+1, 512+cc+2, 1, 7, 14, 5);
update_Q(512+cc+2, 512+cc+3, 2, 8, 15, 6);
update_Q(512+cc+3, 512+cc+4, 3, 9, 0, 7);
update_Q(512+cc+4, 512+cc+5, 4, 10,1, 8);
update_Q(512+cc+5, 512+cc+6, 5, 11,2, 9);
update_Q(512+cc+6, 512+cc+7, 6, 12,3, 10);
update_Q(512+cc+7, 512+cc+8, 7, 13,4, 11);
update_Q(512+cc+8, 512+cc+9, 8, 14,5, 12);
update_Q(512+cc+9, 512+cc+10,9, 15,6, 13);
update_Q(512+cc+10,512+cc+11,10,0, 7, 14);
update_Q(512+cc+11,512+cc+12,11,1, 8, 15);
update_Q(512+cc+12,512+cc+13,12,2, 9, 0);
update_Q(512+cc+13,512+cc+14,13,3, 10, 1);
update_Q(512+cc+14,512+cc+15,14,4, 11, 2);
update_Q(512+cc+15,512+dd+0, 15,5, 12, 3);
}
}
/* for the 128-bit key: key[0]...key[15]
* key[0] is the least significant byte of ctx->key[0] (K_0);
* key[3] is the most significant byte of ctx->key[0] (K_0);
* ...
* key[12] is the least significant byte of ctx->key[3] (K_3)
* key[15] is the most significant byte of ctx->key[3] (K_3)
*
* for the 128-bit iv: iv[0]...iv[15]
* iv[0] is the least significant byte of ctx->iv[0] (IV_0);
* iv[3] is the most significant byte of ctx->iv[0] (IV_0);
* ...
* iv[12] is the least significant byte of ctx->iv[3] (IV_3)
* iv[15] is the most significant byte of ctx->iv[3] (IV_3)
*/
void HC128::SetIV(const byte* iv)
{
word32 i;
for (i = 0; i < (128 >> 5); i++)
iv_[i] = LITTLE32(((word32*)iv)[i]);
for (; i < 8; i++) iv_[i] = iv_[i-4];
/* expand the key and IV into the table T */
/* (expand the key and IV into the table P and Q) */
for (i = 0; i < 8; i++) T_[i] = key_[i];
for (i = 8; i < 16; i++) T_[i] = iv_[i-8];
for (i = 16; i < (256+16); i++)
T_[i] = f2(T_[i-2]) + T_[i-7] + f1(T_[i-15]) + T_[i-16]+i;
for (i = 0; i < 16; i++) T_[i] = T_[256+i];
for (i = 16; i < 1024; i++)
T_[i] = f2(T_[i-2]) + T_[i-7] + f1(T_[i-15]) + T_[i-16]+256+i;
/* initialize counter1024, X and Y */
counter1024_ = 0;
for (i = 0; i < 16; i++) X_[i] = T_[512-16+i];
for (i = 0; i < 16; i++) Y_[i] = T_[512+512-16+i];
/* run the cipher 1024 steps before generating the output */
for (i = 0; i < 64; i++) SetupUpdate();
}
void HC128::SetKey(const byte* key, const byte* iv)
{
word32 i;
/* Key size in bits 128 */
for (i = 0; i < (128 >> 5); i++)
key_[i] = LITTLE32(((word32*)key)[i]);
for ( ; i < 8 ; i++) key_[i] = key_[i-4];
SetIV(iv);
}
/* The following defines the encryption of data stream */
void HC128::Process(byte* output, const byte* input, word32 msglen)
{
word32 i, keystream[16];
for ( ; msglen >= 64; msglen -= 64, input += 64, output += 64)
{
GenerateKeystream(keystream);
/* unroll loop */
((word32*)output)[0] = ((word32*)input)[0] ^ LITTLE32(keystream[0]);
((word32*)output)[1] = ((word32*)input)[1] ^ LITTLE32(keystream[1]);
((word32*)output)[2] = ((word32*)input)[2] ^ LITTLE32(keystream[2]);
((word32*)output)[3] = ((word32*)input)[3] ^ LITTLE32(keystream[3]);
((word32*)output)[4] = ((word32*)input)[4] ^ LITTLE32(keystream[4]);
((word32*)output)[5] = ((word32*)input)[5] ^ LITTLE32(keystream[5]);
((word32*)output)[6] = ((word32*)input)[6] ^ LITTLE32(keystream[6]);
((word32*)output)[7] = ((word32*)input)[7] ^ LITTLE32(keystream[7]);
((word32*)output)[8] = ((word32*)input)[8] ^ LITTLE32(keystream[8]);
((word32*)output)[9] = ((word32*)input)[9] ^ LITTLE32(keystream[9]);
((word32*)output)[10] = ((word32*)input)[10] ^ LITTLE32(keystream[10]);
((word32*)output)[11] = ((word32*)input)[11] ^ LITTLE32(keystream[11]);
((word32*)output)[12] = ((word32*)input)[12] ^ LITTLE32(keystream[12]);
((word32*)output)[13] = ((word32*)input)[13] ^ LITTLE32(keystream[13]);
((word32*)output)[14] = ((word32*)input)[14] ^ LITTLE32(keystream[14]);
((word32*)output)[15] = ((word32*)input)[15] ^ LITTLE32(keystream[15]);
}
if (msglen > 0)
{
GenerateKeystream(keystream);
#ifdef BIG_ENDIAN_ORDER
{
word32 wordsLeft = msglen / sizeof(word32);
if (msglen % sizeof(word32)) wordsLeft++;
ByteReverse(keystream, keystream, wordsLeft * sizeof(word32));
}
#endif
for (i = 0; i < msglen; i++)
output[i] = input[i] ^ ((byte*)keystream)[i];
}
}
} // namespace

105
extra/yassl/taocrypt/src/integer.cpp
View File

@ -1,5 +1,5 @@
/* /*
Copyright (c) 2005, 2010, Oracle and/or its affiliates Copyright (c) 2005, 2012, Oracle and/or its affiliates
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -11,8 +11,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
@ -72,7 +73,8 @@ template <class T>
CPP_TYPENAME AlignedAllocator<T>::pointer AlignedAllocator<T>::allocate( CPP_TYPENAME AlignedAllocator<T>::pointer AlignedAllocator<T>::allocate(
size_type n, const void *) size_type n, const void *)
{ {
CheckSize(n); if (n > max_size())
return 0;
if (n == 0) if (n == 0)
return 0; return 0;
if (n >= 4) if (n >= 4)
@ -90,16 +92,13 @@ CPP_TYPENAME AlignedAllocator<T>::pointer AlignedAllocator<T>::allocate(
#endif #endif
#ifdef TAOCRYPT_NO_ALIGNED_ALLOC #ifdef TAOCRYPT_NO_ALIGNED_ALLOC
assert(m_pBlock == 0);
m_pBlock = p; m_pBlock = p;
if (!IsAlignedOn(p, 16)) if (!IsAlignedOn(p, 16))
{ {
assert(IsAlignedOn(p, 8));
p = (byte *)p + 8; p = (byte *)p + 8;
} }
#endif #endif
assert(IsAlignedOn(p, 16));
return (T*)p; return (T*)p;
} }
return NEW_TC T[n]; return NEW_TC T[n];
@ -115,7 +114,6 @@ void AlignedAllocator<T>::deallocate(void* p, size_type n)
#ifdef TAOCRYPT_MM_MALLOC_AVAILABLE #ifdef TAOCRYPT_MM_MALLOC_AVAILABLE
_mm_free(p); _mm_free(p);
#elif defined(TAOCRYPT_NO_ALIGNED_ALLOC) #elif defined(TAOCRYPT_NO_ALIGNED_ALLOC)
assert(m_pBlock == p || (byte*)m_pBlock+8 == p);
free(m_pBlock); free(m_pBlock);
m_pBlock = 0; m_pBlock = 0;
#else #else
@ -283,14 +281,14 @@ DWord() {}
private: private:
struct dword_struct struct dword_struct
{ {
#ifdef LITTLE_ENDIAN_ORDER #ifdef LITTLE_ENDIAN_ORDER
word low; word low;
word high; word high;
#else #else
word high; word high;
word low; word low;
#endif #endif
}; };
union union
@ -364,9 +362,6 @@ private:
template <class S, class D> template <class S, class D>
S DivideThreeWordsByTwo(S* A, S B0, S B1, D* dummy_VC6_WorkAround = 0) S DivideThreeWordsByTwo(S* A, S B0, S B1, D* dummy_VC6_WorkAround = 0)
{ {
// assert {A[2],A[1]} < {B1,B0}, so quotient can fit in a S
assert(A[2] < B1 || (A[2]==B1 && A[1] < B0));
// estimate the quotient: do a 2 S by 1 S divide // estimate the quotient: do a 2 S by 1 S divide
S Q; S Q;
if (S(B1+1) == 0) if (S(B1+1) == 0)
@ -392,7 +387,6 @@ S DivideThreeWordsByTwo(S* A, S B0, S B1, D* dummy_VC6_WorkAround = 0)
A[1] = u.GetLowHalf(); A[1] = u.GetLowHalf();
A[2] += u.GetHighHalf(); A[2] += u.GetHighHalf();
Q++; Q++;
assert(Q); // shouldn't overflow
} }
return Q; return Q;
@ -490,7 +484,6 @@ static int Compare(const word *A, const word *B, unsigned int N)
static word Increment(word *A, unsigned int N, word B=1) static word Increment(word *A, unsigned int N, word B=1)
{ {
assert(N);
word t = A[0]; word t = A[0];
A[0] = t+B; A[0] = t+B;
if (A[0] >= t) if (A[0] >= t)
@ -503,7 +496,6 @@ static word Increment(word *A, unsigned int N, word B=1)
static word Decrement(word *A, unsigned int N, word B=1) static word Decrement(word *A, unsigned int N, word B=1)
{ {
assert(N);
word t = A[0]; word t = A[0];
A[0] = t-B; A[0] = t-B;
if (A[0] <= t) if (A[0] <= t)
@ -537,14 +529,11 @@ static word LinearMultiply(word *C, const word *A, word B, unsigned int N)
static word AtomicInverseModPower2(word A) static word AtomicInverseModPower2(word A)
{ {
assert(A%2==1);
word R=A%8; word R=A%8;
for (unsigned i=3; i<WORD_BITS; i*=2) for (unsigned i=3; i<WORD_BITS; i*=2)
R = R*(2-R*A); R = R*(2-R*A);
assert(word(R*A)==1);
return R; return R;
} }
@ -575,14 +564,11 @@ public:
static void TAOCRYPT_CDECL Square2(word *R, const word *A); static void TAOCRYPT_CDECL Square2(word *R, const word *A);
static void TAOCRYPT_CDECL Square4(word *R, const word *A); static void TAOCRYPT_CDECL Square4(word *R, const word *A);
static void TAOCRYPT_CDECL Square8(word *R, const word *A) {assert(false);}
static unsigned int TAOCRYPT_CDECL SquareRecursionLimit() {return 4;} static unsigned int TAOCRYPT_CDECL SquareRecursionLimit() {return 4;}
}; };
word Portable::Add(word *C, const word *A, const word *B, unsigned int N) word Portable::Add(word *C, const word *A, const word *B, unsigned int N)
{ {
assert (N%2 == 0);
DWord u(0, 0); DWord u(0, 0);
for (unsigned int i = 0; i < N; i+=2) for (unsigned int i = 0; i < N; i+=2)
{ {
@ -596,8 +582,6 @@ word Portable::Add(word *C, const word *A, const word *B, unsigned int N)
word Portable::Subtract(word *C, const word *A, const word *B, unsigned int N) word Portable::Subtract(word *C, const word *A, const word *B, unsigned int N)
{ {
assert (N%2 == 0);
DWord u(0, 0); DWord u(0, 0);
for (unsigned int i = 0; i < N; i+=2) for (unsigned int i = 0; i < N; i+=2)
{ {
@ -1012,7 +996,7 @@ void Portable::Multiply8Bottom(word *R, const word *A, const word *B)
static jmp_buf s_env; static jmp_buf s_env;
static void SigIllHandler(int) static void SigIllHandler(int)
{ {
longjmp(s_env, 1); longjmp(s_env, 1);
} }
#endif #endif
@ -2129,8 +2113,6 @@ void P4Optimized::Multiply8Bottom(word *C, const word *A, const word *B)
void RecursiveMultiply(word *R, word *T, const word *A, const word *B, void RecursiveMultiply(word *R, word *T, const word *A, const word *B,
unsigned int N) unsigned int N)
{ {
assert(N>=2 && N%2==0);
if (LowLevel::MultiplyRecursionLimit() >= 8 && N==8) if (LowLevel::MultiplyRecursionLimit() >= 8 && N==8)
LowLevel::Multiply8(R, A, B); LowLevel::Multiply8(R, A, B);
else if (LowLevel::MultiplyRecursionLimit() >= 4 && N==4) else if (LowLevel::MultiplyRecursionLimit() >= 4 && N==4)
@ -2187,7 +2169,6 @@ void RecursiveMultiply(word *R, word *T, const word *A, const word *B,
carry += LowLevel::Add(T0, T0, R2, N); carry += LowLevel::Add(T0, T0, R2, N);
carry += LowLevel::Add(R1, R1, T0, N); carry += LowLevel::Add(R1, R1, T0, N);
assert (carry >= 0 && carry <= 2);
Increment(R3, N2, carry); Increment(R3, N2, carry);
} }
} }
@ -2195,9 +2176,6 @@ void RecursiveMultiply(word *R, word *T, const word *A, const word *B,
void RecursiveSquare(word *R, word *T, const word *A, unsigned int N) void RecursiveSquare(word *R, word *T, const word *A, unsigned int N)
{ {
assert(N && N%2==0);
if (LowLevel::SquareRecursionLimit() >= 8 && N==8)
LowLevel::Square8(R, A);
if (LowLevel::SquareRecursionLimit() >= 4 && N==4) if (LowLevel::SquareRecursionLimit() >= 4 && N==4)
LowLevel::Square4(R, A); LowLevel::Square4(R, A);
else if (N==2) else if (N==2)
@ -2226,7 +2204,6 @@ void RecursiveSquare(word *R, word *T, const word *A, unsigned int N)
void RecursiveMultiplyBottom(word *R, word *T, const word *A, const word *B, void RecursiveMultiplyBottom(word *R, word *T, const word *A, const word *B,
unsigned int N) unsigned int N)
{ {
assert(N>=2 && N%2==0);
if (LowLevel::MultiplyBottomRecursionLimit() >= 8 && N==8) if (LowLevel::MultiplyBottomRecursionLimit() >= 8 && N==8)
LowLevel::Multiply8Bottom(R, A, B); LowLevel::Multiply8Bottom(R, A, B);
else if (LowLevel::MultiplyBottomRecursionLimit() >= 4 && N==4) else if (LowLevel::MultiplyBottomRecursionLimit() >= 4 && N==4)
@ -2249,8 +2226,6 @@ void RecursiveMultiplyBottom(word *R, word *T, const word *A, const word *B,
void RecursiveMultiplyTop(word *R, word *T, const word *L, const word *A, void RecursiveMultiplyTop(word *R, word *T, const word *L, const word *A,
const word *B, unsigned int N) const word *B, unsigned int N)
{ {
assert(N>=2 && N%2==0);
if (N==4) if (N==4)
{ {
LowLevel::Multiply4(T, A, B); LowLevel::Multiply4(T, A, B);
@ -2314,7 +2289,6 @@ void RecursiveMultiplyTop(word *R, word *T, const word *L, const word *A,
carry += Increment(R0, N2, c2+t); carry += Increment(R0, N2, c2+t);
carry += LowLevel::Add(R0, R0, T1, N2); carry += LowLevel::Add(R0, R0, T1, N2);
carry += LowLevel::Add(R0, R0, T3, N2); carry += LowLevel::Add(R0, R0, T3, N2);
assert (carry >= 0 && carry <= 2);
CopyWords(R1, T3, N2); CopyWords(R1, T3, N2);
Increment(R1, N2, carry); Increment(R1, N2, carry);
@ -2363,9 +2337,6 @@ void AsymmetricMultiply(word *R, word *T, const word *A, unsigned int NA,
STL::swap(NA, NB); STL::swap(NA, NB);
} }
assert(NB % NA == 0);
assert((NB/NA)%2 == 0); // NB is an even multiple of NA
if (NA==2 && !A[1]) if (NA==2 && !A[1])
{ {
switch (A[0]) switch (A[0])
@ -2432,8 +2403,6 @@ static inline unsigned int EvenWordCount(const word *X, unsigned int N)
unsigned int AlmostInverse(word *R, word *T, const word *A, unsigned int NA, unsigned int AlmostInverse(word *R, word *T, const word *A, unsigned int NA,
const word *M, unsigned int N) const word *M, unsigned int N)
{ {
assert(NA<=N && N && N%2==0);
word *b = T; word *b = T;
word *c = T+N; word *c = T+N;
word *f = T+2*N; word *f = T+2*N;
@ -2459,7 +2428,6 @@ unsigned int AlmostInverse(word *R, word *T, const word *A, unsigned int NA,
ShiftWordsRightByWords(f, fgLen, 1); ShiftWordsRightByWords(f, fgLen, 1);
if (c[bcLen-1]) bcLen+=2; if (c[bcLen-1]) bcLen+=2;
assert(bcLen <= N);
ShiftWordsLeftByWords(c, bcLen, 1); ShiftWordsLeftByWords(c, bcLen, 1);
k+=WORD_BITS; k+=WORD_BITS;
t=f[0]; t=f[0];
@ -2488,7 +2456,6 @@ unsigned int AlmostInverse(word *R, word *T, const word *A, unsigned int NA,
{ {
c[bcLen] = t; c[bcLen] = t;
bcLen+=2; bcLen+=2;
assert(bcLen <= N);
} }
if (f[fgLen-2]==0 && g[fgLen-2]==0 && f[fgLen-1]==0 && g[fgLen-1]==0) if (f[fgLen-2]==0 && g[fgLen-2]==0 && f[fgLen-1]==0 && g[fgLen-1]==0)
@ -2507,7 +2474,6 @@ unsigned int AlmostInverse(word *R, word *T, const word *A, unsigned int NA,
{ {
b[bcLen] = 1; b[bcLen] = 1;
bcLen+=2; bcLen+=2;
assert(bcLen <= N);
} }
} }
} }
@ -2621,11 +2587,14 @@ void Integer::Decode(Source& source)
} }
word32 length = GetLength(source); word32 length = GetLength(source);
if (length == 0 || source.GetError().What()) return;
if ( (b = source.next()) == 0x00) if ( (b = source.next()) == 0x00)
length--; length--;
else else
source.prev(); source.prev();
if (source.IsLeft(length) == false) return;
unsigned int words = (length + WORD_SIZE - 1) / WORD_SIZE; unsigned int words = (length + WORD_SIZE - 1) / WORD_SIZE;
words = RoundupSize(words); words = RoundupSize(words);
@ -2740,8 +2709,6 @@ void Integer::Randomize(RandomNumberGenerator& rng, unsigned int nbits)
void Integer::Randomize(RandomNumberGenerator& rng, const Integer& min, void Integer::Randomize(RandomNumberGenerator& rng, const Integer& min,
const Integer& max) const Integer& max)
{ {
assert(min <= max);
Integer range = max - min; Integer range = max - min;
const unsigned int nbits = range.BitCount(); const unsigned int nbits = range.BitCount();
@ -2880,7 +2847,7 @@ Integer& Integer::operator++()
else else
{ {
word borrow = Decrement(reg_.get_buffer(), reg_.size()); word borrow = Decrement(reg_.get_buffer(), reg_.size());
assert(!borrow); (void)borrow; // shut up compiler
if (WordCount()==0) if (WordCount()==0)
*this = Zero(); *this = Zero();
} }
@ -2997,7 +2964,6 @@ void PositiveSubtract(Integer &diff, const Integer &a, const Integer& b)
b.reg_.get_buffer(), bSize); b.reg_.get_buffer(), bSize);
CopyWords(diff.reg_+bSize, a.reg_+bSize, aSize-bSize); CopyWords(diff.reg_+bSize, a.reg_+bSize, aSize-bSize);
borrow = Decrement(diff.reg_+bSize, aSize-bSize, borrow); borrow = Decrement(diff.reg_+bSize, aSize-bSize, borrow);
assert(!borrow);
diff.sign_ = Integer::POSITIVE; diff.sign_ = Integer::POSITIVE;
} }
else else
@ -3006,7 +2972,6 @@ void PositiveSubtract(Integer &diff, const Integer &a, const Integer& b)
a.reg_.get_buffer(), aSize); a.reg_.get_buffer(), aSize);
CopyWords(diff.reg_+aSize, b.reg_+aSize, bSize-aSize); CopyWords(diff.reg_+aSize, b.reg_+aSize, bSize-aSize);
borrow = Decrement(diff.reg_+aSize, bSize-aSize, borrow); borrow = Decrement(diff.reg_+aSize, bSize-aSize, borrow);
assert(!borrow);
diff.sign_ = Integer::NEGATIVE; diff.sign_ = Integer::NEGATIVE;
} }
} }
@ -3066,7 +3031,6 @@ bool Integer::GetBit(unsigned int n) const
unsigned long Integer::GetBits(unsigned int i, unsigned int n) const unsigned long Integer::GetBits(unsigned int i, unsigned int n) const
{ {
assert(n <= sizeof(unsigned long)*8);
unsigned long v = 0; unsigned long v = 0;
for (unsigned int j=0; j<n; j++) for (unsigned int j=0; j<n; j++)
v |= GetBit(i+j) << j; v |= GetBit(i+j) << j;
@ -3126,8 +3090,6 @@ bool Integer::IsConvertableToLong() const
signed long Integer::ConvertToLong() const signed long Integer::ConvertToLong() const
{ {
assert(IsConvertableToLong());
unsigned long value = reg_[0]; unsigned long value = reg_[0];
value += SafeLeftShift<WORD_BITS, unsigned long>(reg_[1]); value += SafeLeftShift<WORD_BITS, unsigned long>(reg_[1]);
return sign_ == POSITIVE ? value : -(signed long)value; return sign_ == POSITIVE ? value : -(signed long)value;
@ -3226,11 +3188,9 @@ static inline void AtomicDivide(word *Q, const word *A, const word *B)
{ {
// multiply quotient and divisor and add remainder, make sure it // multiply quotient and divisor and add remainder, make sure it
// equals dividend // equals dividend
assert(!T[2] && !T[3] && (T[1] < B[1] || (T[1]==B[1] && T[0]<B[0])));
word P[4]; word P[4];
Portable::Multiply2(P, Q, B); Portable::Multiply2(P, Q, B);
Add(P, P, T, 4); Add(P, P, T, 4);
assert(memcmp(P, A, 4*WORD_SIZE)==0);
} }
#endif #endif
} }
@ -3240,8 +3200,6 @@ static inline void AtomicDivide(word *Q, const word *A, const word *B)
static void CorrectQuotientEstimate(word *R, word *T, word *Q, const word *B, static void CorrectQuotientEstimate(word *R, word *T, word *Q, const word *B,
unsigned int N) unsigned int N)
{ {
assert(N && N%2==0);
if (Q[1]) if (Q[1])
{ {
T[N] = T[N+1] = 0; T[N] = T[N+1] = 0;
@ -3259,13 +3217,12 @@ static void CorrectQuotientEstimate(word *R, word *T, word *Q, const word *B,
} }
word borrow = Subtract(R, R, T, N+2); word borrow = Subtract(R, R, T, N+2);
assert(!borrow && !R[N+1]); (void)borrow; // shut up compiler
while (R[N] || Compare(R, B, N) >= 0) while (R[N] || Compare(R, B, N) >= 0)
{ {
R[N] -= Subtract(R, R, B, N); R[N] -= Subtract(R, R, B, N);
Q[1] += (++Q[0]==0); Q[1] += (++Q[0]==0);
assert(Q[0] || Q[1]); // no overflow
} }
} }
@ -3279,10 +3236,6 @@ static void CorrectQuotientEstimate(word *R, word *T, word *Q, const word *B,
void Divide(word* R, word* Q, word* T, const word* A, unsigned int NA, void Divide(word* R, word* Q, word* T, const word* A, unsigned int NA,
const word* B, unsigned int NB) const word* B, unsigned int NB)
{ {
assert(NA && NB && NA%2==0 && NB%2==0);
assert(B[NB-1] || B[NB-2]);
assert(NB <= NA);
// set up temporary work space // set up temporary work space
word *const TA=T; word *const TA=T;
word *const TB=T+NA+2; word *const TB=T+NA+2;
@ -3293,7 +3246,6 @@ void Divide(word* R, word* Q, word* T, const word* A, unsigned int NA,
TB[0] = TB[NB-1] = 0; TB[0] = TB[NB-1] = 0;
CopyWords(TB+shiftWords, B, NB-shiftWords); CopyWords(TB+shiftWords, B, NB-shiftWords);
unsigned shiftBits = WORD_BITS - BitPrecision(TB[NB-1]); unsigned shiftBits = WORD_BITS - BitPrecision(TB[NB-1]);
assert(shiftBits < WORD_BITS);
ShiftWordsLeftByBits(TB, NB, shiftBits); ShiftWordsLeftByBits(TB, NB, shiftBits);
// copy A into TA and normalize it // copy A into TA and normalize it
@ -3313,7 +3265,6 @@ void Divide(word* R, word* Q, word* T, const word* A, unsigned int NA,
else else
{ {
NA+=2; NA+=2;
assert(Compare(TA+NA-NB, TB, NB) < 0);
} }
word BT[2]; word BT[2];
@ -3339,8 +3290,6 @@ void PositiveDivide(Integer& remainder, Integer& quotient,
unsigned aSize = a.WordCount(); unsigned aSize = a.WordCount();
unsigned bSize = b.WordCount(); unsigned bSize = b.WordCount();
assert(bSize);
if (a.PositiveCompare(b) == -1) if (a.PositiveCompare(b) == -1)
{ {
remainder = a; remainder = a;
@ -3428,8 +3377,6 @@ Integer Integer::Modulo(const Integer &b) const
void Integer::Divide(word &remainder, Integer &quotient, void Integer::Divide(word &remainder, Integer &quotient,
const Integer &dividend, word divisor) const Integer &dividend, word divisor)
{ {
assert(divisor);
if ((divisor & (divisor-1)) == 0) // divisor is a power of 2 if ((divisor & (divisor-1)) == 0) // divisor is a power of 2
{ {
quotient = dividend >> (BitPrecision(divisor)-1); quotient = dividend >> (BitPrecision(divisor)-1);
@ -3469,8 +3416,6 @@ Integer Integer::DividedBy(word b) const
word Integer::Modulo(word divisor) const word Integer::Modulo(word divisor) const
{ {
assert(divisor);
word remainder; word remainder;
if ((divisor & (divisor-1)) == 0) // divisor is a power of 2 if ((divisor & (divisor-1)) == 0) // divisor is a power of 2
@ -3516,7 +3461,6 @@ Integer Integer::SquareRoot() const
// overestimate square root // overestimate square root
Integer x, y = Power2((BitCount()+1)/2); Integer x, y = Power2((BitCount()+1)/2);
assert(y*y >= *this);
do do
{ {
@ -3561,8 +3505,6 @@ Integer Integer::Gcd(const Integer &a, const Integer &b)
Integer Integer::InverseMod(const Integer &m) const Integer Integer::InverseMod(const Integer &m) const
{ {
assert(m.NotNegative());
if (IsNegative() || *this>=m) if (IsNegative() || *this>=m)
return (*this%m).InverseMod(m); return (*this%m).InverseMod(m);
@ -3805,7 +3747,7 @@ void MontgomeryReduce(word *R, word *T, const word *X, const word *M,
word borrow = Subtract(T, X+N, T, N); word borrow = Subtract(T, X+N, T, N);
// defend against timing attack by doing this Add even when not needed // defend against timing attack by doing this Add even when not needed
word carry = Add(T+N, T, M, N); word carry = Add(T+N, T, M, N);
assert(carry || !borrow); (void)carry; // shut up compiler
CopyWords(R, T + (borrow ? N : 0), N); CopyWords(R, T + (borrow ? N : 0), N);
} }
@ -3861,7 +3803,6 @@ MontgomeryRepresentation::MontgomeryRepresentation(const Integer &m)
u((word)0, modulus.reg_.size()), u((word)0, modulus.reg_.size()),
workspace(5*modulus.reg_.size()) workspace(5*modulus.reg_.size())
{ {
assert(modulus.IsOdd());
RecursiveInverseModPower2(u.reg_.get_buffer(), workspace.get_buffer(), RecursiveInverseModPower2(u.reg_.get_buffer(), workspace.get_buffer(),
modulus.reg_.get_buffer(), modulus.reg_.size()); modulus.reg_.get_buffer(), modulus.reg_.size());
} }
@ -3872,7 +3813,6 @@ const Integer& MontgomeryRepresentation::Multiply(const Integer &a,
word *const T = workspace.begin(); word *const T = workspace.begin();
word *const R = result.reg_.begin(); word *const R = result.reg_.begin();
const unsigned int N = modulus.reg_.size(); const unsigned int N = modulus.reg_.size();
assert(a.reg_.size()<=N && b.reg_.size()<=N);
AsymmetricMultiply(T, T+2*N, a.reg_.get_buffer(), a.reg_.size(), AsymmetricMultiply(T, T+2*N, a.reg_.get_buffer(), a.reg_.size(),
b.reg_.get_buffer(), b.reg_.size()); b.reg_.get_buffer(), b.reg_.size());
@ -3887,7 +3827,6 @@ const Integer& MontgomeryRepresentation::Square(const Integer &a) const
word *const T = workspace.begin(); word *const T = workspace.begin();
word *const R = result.reg_.begin(); word *const R = result.reg_.begin();
const unsigned int N = modulus.reg_.size(); const unsigned int N = modulus.reg_.size();
assert(a.reg_.size()<=N);
TaoCrypt::Square(T, T+2*N, a.reg_.get_buffer(), a.reg_.size()); TaoCrypt::Square(T, T+2*N, a.reg_.get_buffer(), a.reg_.size());
SetWords(T+2*a.reg_.size(), 0, 2*N-2*a.reg_.size()); SetWords(T+2*a.reg_.size(), 0, 2*N-2*a.reg_.size());
@ -3901,7 +3840,6 @@ Integer MontgomeryRepresentation::ConvertOut(const Integer &a) const
word *const T = workspace.begin(); word *const T = workspace.begin();
word *const R = result.reg_.begin(); word *const R = result.reg_.begin();
const unsigned int N = modulus.reg_.size(); const unsigned int N = modulus.reg_.size();
assert(a.reg_.size()<=N);
CopyWords(T, a.reg_.get_buffer(), a.reg_.size()); CopyWords(T, a.reg_.get_buffer(), a.reg_.size());
SetWords(T+a.reg_.size(), 0, 2*N-a.reg_.size()); SetWords(T+a.reg_.size(), 0, 2*N-a.reg_.size());
@ -3918,7 +3856,6 @@ const Integer& MontgomeryRepresentation::MultiplicativeInverse(
word *const T = workspace.begin(); word *const T = workspace.begin();
word *const R = result.reg_.begin(); word *const R = result.reg_.begin();
const unsigned int N = modulus.reg_.size(); const unsigned int N = modulus.reg_.size();
assert(a.reg_.size()<=N);
CopyWords(T, a.reg_.get_buffer(), a.reg_.size()); CopyWords(T, a.reg_.get_buffer(), a.reg_.size());
SetWords(T+a.reg_.size(), 0, 2*N-a.reg_.size()); SetWords(T+a.reg_.size(), 0, 2*N-a.reg_.size());

0
extra/yassl/taocrypt/src/make.bat Normal file → Executable file
View File

2
extra/yassl/taocrypt/src/md4.cpp
View File

@ -27,7 +27,7 @@
#include "algorithm.hpp" #include "algorithm.hpp"
#endif #endif
namespace STL = STL_NAMESPACE; namespace STL = STL_NAMESPACE;

18
extra/yassl/taocrypt/src/md5.cpp
View File

@ -30,7 +30,7 @@
namespace STL = STL_NAMESPACE; namespace STL = STL_NAMESPACE;
namespace TaoCrypt { namespace TaoCrypt {
@ -108,14 +108,14 @@ void MD5::Update(const byte* data, word32 len)
// at once for asm // at once for asm
if (buffLen_ == 0) { if (buffLen_ == 0) {
word32 times = len / BLOCK_SIZE; word32 times = len / BLOCK_SIZE;
if (times) { if (times) {
AsmTransform(data, times); AsmTransform(data, times);
const word32 add = BLOCK_SIZE * times; const word32 add = BLOCK_SIZE * times;
AddLength(add); AddLength(add);
len -= add; len -= add;
data += add; data += add;
} }
} }
// cache any data left // cache any data left

27
extra/yassl/taocrypt/src/misc.cpp
View File

@ -11,8 +11,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
/* based on Wei Dai's misc.cpp from CryptoPP */ /* based on Wei Dai's misc.cpp from CryptoPP */
@ -40,28 +41,28 @@ namespace STL = STL_NAMESPACE;
void* operator new(size_t sz, TaoCrypt::new_t) void* operator new(size_t sz, TaoCrypt::new_t)
{ {
void* ptr = malloc(sz ? sz : 1); void* ptr = malloc(sz ? sz : 1);
if (!ptr) abort(); if (!ptr) abort();
return ptr; return ptr;
} }
void operator delete(void* ptr, TaoCrypt::new_t) void operator delete(void* ptr, TaoCrypt::new_t)
{ {
if (ptr) free(ptr); if (ptr) free(ptr);
} }
void* operator new[](size_t sz, TaoCrypt::new_t nt) void* operator new[](size_t sz, TaoCrypt::new_t nt)
{ {
return ::operator new(sz, nt); return ::operator new(sz, nt);
} }
void operator delete[](void* ptr, TaoCrypt::new_t nt) void operator delete[](void* ptr, TaoCrypt::new_t nt)
{ {
::operator delete(ptr, nt); ::operator delete(ptr, nt);
} }
@ -88,7 +89,6 @@ namespace STL = STL_NAMESPACE;
// Handler for pure virtual functions // Handler for pure virtual functions
namespace __Crun { namespace __Crun {
void pure_error() { void pure_error() {
assert(!"Aborted: pure virtual method called.");
} }
} }
@ -99,7 +99,6 @@ namespace __Crun {
extern "C" { extern "C" {
int __cxa_pure_virtual() { int __cxa_pure_virtual() {
assert(!"Aborted: pure virtual method called.");
return 0; return 0;
} }
@ -204,8 +203,8 @@ bool HaveCpuId()
return true; return true;
#else #else
word32 eax, ebx; word32 eax, ebx;
__asm__ __volatile __asm__ __volatile
( (
/* Put EFLAGS in eax and ebx */ /* Put EFLAGS in eax and ebx */
"pushf;" "pushf;"
"pushf;" "pushf;"
@ -222,9 +221,9 @@ bool HaveCpuId()
"pop %0;" "pop %0;"
"popf" "popf"
: "=r" (eax), "=r" (ebx) : "=r" (eax), "=r" (ebx)
: :
: "cc" : "cc"
); );
if (eax == ebx) if (eax == ebx)
return false; return false;

250
extra/yassl/taocrypt/src/rabbit.cpp Normal file
View File

@ -0,0 +1,250 @@
/*
Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to the
Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/
#include "runtime.hpp"
#include "rabbit.hpp"
namespace TaoCrypt {
#define U32V(x) (word32)(x)
#ifdef BIG_ENDIAN_ORDER
#define LITTLE32(x) ByteReverse((word32)x)
#else
#define LITTLE32(x) (x)
#endif
// local
namespace {
/* Square a 32-bit unsigned integer to obtain the 64-bit result and return */
/* the upper 32 bits XOR the lower 32 bits */
word32 RABBIT_g_func(word32 x)
{
/* Temporary variables */
word32 a, b, h, l;
/* Construct high and low argument for squaring */
a = x&0xFFFF;
b = x>>16;
/* Calculate high and low result of squaring */
h = (((U32V(a*a)>>17) + U32V(a*b))>>15) + b*b;
l = x*x;
/* Return high XOR low */
return U32V(h^l);
}
} // namespace local
/* Calculate the next internal state */
void Rabbit::NextState(RabbitCtx which)
{
/* Temporary variables */
word32 g[8], c_old[8], i;
Ctx* ctx;
if (which == Master)
ctx = &masterCtx_;
else
ctx = &workCtx_;
/* Save old counter values */
for (i=0; i<8; i++)
c_old[i] = ctx->c[i];
/* Calculate new counter values */
ctx->c[0] = U32V(ctx->c[0] + 0x4D34D34D + ctx->carry);
ctx->c[1] = U32V(ctx->c[1] + 0xD34D34D3 + (ctx->c[0] < c_old[0]));
ctx->c[2] = U32V(ctx->c[2] + 0x34D34D34 + (ctx->c[1] < c_old[1]));
ctx->c[3] = U32V(ctx->c[3] + 0x4D34D34D + (ctx->c[2] < c_old[2]));
ctx->c[4] = U32V(ctx->c[4] + 0xD34D34D3 + (ctx->c[3] < c_old[3]));
ctx->c[5] = U32V(ctx->c[5] + 0x34D34D34 + (ctx->c[4] < c_old[4]));
ctx->c[6] = U32V(ctx->c[6] + 0x4D34D34D + (ctx->c[5] < c_old[5]));
ctx->c[7] = U32V(ctx->c[7] + 0xD34D34D3 + (ctx->c[6] < c_old[6]));
ctx->carry = (ctx->c[7] < c_old[7]);
/* Calculate the g-values */
for (i=0;i<8;i++)
g[i] = RABBIT_g_func(U32V(ctx->x[i] + ctx->c[i]));
/* Calculate new state values */
ctx->x[0] = U32V(g[0] + rotlFixed(g[7],16) + rotlFixed(g[6], 16));
ctx->x[1] = U32V(g[1] + rotlFixed(g[0], 8) + g[7]);
ctx->x[2] = U32V(g[2] + rotlFixed(g[1],16) + rotlFixed(g[0], 16));
ctx->x[3] = U32V(g[3] + rotlFixed(g[2], 8) + g[1]);
ctx->x[4] = U32V(g[4] + rotlFixed(g[3],16) + rotlFixed(g[2], 16));
ctx->x[5] = U32V(g[5] + rotlFixed(g[4], 8) + g[3]);
ctx->x[6] = U32V(g[6] + rotlFixed(g[5],16) + rotlFixed(g[4], 16));
ctx->x[7] = U32V(g[7] + rotlFixed(g[6], 8) + g[5]);
}
/* IV setup */
void Rabbit::SetIV(const byte* iv)
{
/* Temporary variables */
word32 i0, i1, i2, i3, i;
/* Generate four subvectors */
i0 = LITTLE32(*(word32*)(iv+0));
i2 = LITTLE32(*(word32*)(iv+4));
i1 = (i0>>16) | (i2&0xFFFF0000);
i3 = (i2<<16) | (i0&0x0000FFFF);
/* Modify counter values */
workCtx_.c[0] = masterCtx_.c[0] ^ i0;
workCtx_.c[1] = masterCtx_.c[1] ^ i1;
workCtx_.c[2] = masterCtx_.c[2] ^ i2;
workCtx_.c[3] = masterCtx_.c[3] ^ i3;
workCtx_.c[4] = masterCtx_.c[4] ^ i0;
workCtx_.c[5] = masterCtx_.c[5] ^ i1;
workCtx_.c[6] = masterCtx_.c[6] ^ i2;
workCtx_.c[7] = masterCtx_.c[7] ^ i3;
/* Copy state variables */
for (i=0; i<8; i++)
workCtx_.x[i] = masterCtx_.x[i];
workCtx_.carry = masterCtx_.carry;
/* Iterate the system four times */
for (i=0; i<4; i++)
NextState(Work);
}
/* Key setup */
void Rabbit::SetKey(const byte* key, const byte* iv)
{
/* Temporary variables */
word32 k0, k1, k2, k3, i;
/* Generate four subkeys */
k0 = LITTLE32(*(word32*)(key+ 0));
k1 = LITTLE32(*(word32*)(key+ 4));
k2 = LITTLE32(*(word32*)(key+ 8));
k3 = LITTLE32(*(word32*)(key+12));
/* Generate initial state variables */
masterCtx_.x[0] = k0;
masterCtx_.x[2] = k1;
masterCtx_.x[4] = k2;
masterCtx_.x[6] = k3;
masterCtx_.x[1] = U32V(k3<<16) | (k2>>16);
masterCtx_.x[3] = U32V(k0<<16) | (k3>>16);
masterCtx_.x[5] = U32V(k1<<16) | (k0>>16);
masterCtx_.x[7] = U32V(k2<<16) | (k1>>16);
/* Generate initial counter values */
masterCtx_.c[0] = rotlFixed(k2, 16);
masterCtx_.c[2] = rotlFixed(k3, 16);
masterCtx_.c[4] = rotlFixed(k0, 16);
masterCtx_.c[6] = rotlFixed(k1, 16);
masterCtx_.c[1] = (k0&0xFFFF0000) | (k1&0xFFFF);
masterCtx_.c[3] = (k1&0xFFFF0000) | (k2&0xFFFF);
masterCtx_.c[5] = (k2&0xFFFF0000) | (k3&0xFFFF);
masterCtx_.c[7] = (k3&0xFFFF0000) | (k0&0xFFFF);
/* Clear carry bit */
masterCtx_.carry = 0;
/* Iterate the system four times */
for (i=0; i<4; i++)
NextState(Master);
/* Modify the counters */
for (i=0; i<8; i++)
masterCtx_.c[i] ^= masterCtx_.x[(i+4)&0x7];
/* Copy master instance to work instance */
for (i=0; i<8; i++) {
workCtx_.x[i] = masterCtx_.x[i];
workCtx_.c[i] = masterCtx_.c[i];
}
workCtx_.carry = masterCtx_.carry;
if (iv) SetIV(iv);
}
/* Encrypt/decrypt a message of any size */
void Rabbit::Process(byte* output, const byte* input, word32 msglen)
{
/* Temporary variables */
word32 i;
byte buffer[16];
/* Encrypt/decrypt all full blocks */
while (msglen >= 16) {
/* Iterate the system */
NextState(Work);
/* Encrypt/decrypt 16 bytes of data */
*(word32*)(output+ 0) = *(word32*)(input+ 0) ^
LITTLE32(workCtx_.x[0] ^ (workCtx_.x[5]>>16) ^
U32V(workCtx_.x[3]<<16));
*(word32*)(output+ 4) = *(word32*)(input+ 4) ^
LITTLE32(workCtx_.x[2] ^ (workCtx_.x[7]>>16) ^
U32V(workCtx_.x[5]<<16));
*(word32*)(output+ 8) = *(word32*)(input+ 8) ^
LITTLE32(workCtx_.x[4] ^ (workCtx_.x[1]>>16) ^
U32V(workCtx_.x[7]<<16));
*(word32*)(output+12) = *(word32*)(input+12) ^
LITTLE32(workCtx_.x[6] ^ (workCtx_.x[3]>>16) ^
U32V(workCtx_.x[1]<<16));
/* Increment pointers and decrement length */
input += 16;
output += 16;
msglen -= 16;
}
/* Encrypt/decrypt remaining data */
if (msglen) {
/* Iterate the system */
NextState(Work);
/* Generate 16 bytes of pseudo-random data */
*(word32*)(buffer+ 0) = LITTLE32(workCtx_.x[0] ^
(workCtx_.x[5]>>16) ^ U32V(workCtx_.x[3]<<16));
*(word32*)(buffer+ 4) = LITTLE32(workCtx_.x[2] ^
(workCtx_.x[7]>>16) ^ U32V(workCtx_.x[5]<<16));
*(word32*)(buffer+ 8) = LITTLE32(workCtx_.x[4] ^
(workCtx_.x[1]>>16) ^ U32V(workCtx_.x[7]<<16));
*(word32*)(buffer+12) = LITTLE32(workCtx_.x[6] ^
(workCtx_.x[3]>>16) ^ U32V(workCtx_.x[1]<<16));
/* Encrypt/decrypt the data */
for (i=0; i<msglen; i++)
output[i] = input[i] ^ buffer[i];
}
}
} // namespace

75
extra/yassl/taocrypt/src/random.cpp
View File

@ -1,6 +1,5 @@
/* /*
Copyright (c) 2005-2007 MySQL AB, 2009 Sun Microsystems, Inc. Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
Use is subject to license terms.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -12,8 +11,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
@ -92,78 +92,17 @@ void OS_Seed::GenerateSeed(byte* output, word32 sz)
} }
#elif defined(__NETWARE__)
/* The OS_Seed implementation for Netware */
#include <nks/thread.h>
#include <nks/plat.h>
// Loop on high resulution Read Time Stamp Counter
static void NetwareSeed(byte* output, word32 sz)
{
word32 tscResult;
for (word32 i = 0; i < sz; i += sizeof(tscResult)) {
#if defined(__GNUC__)
asm volatile("rdtsc" : "=A" (tscResult));
#else
#ifdef __MWERKS__
asm {
#else
__asm {
#endif
rdtsc
mov tscResult, eax
}
#endif
memcpy(output, &tscResult, sizeof(tscResult));
output += sizeof(tscResult);
NXThreadYield(); // induce more variance
}
}
OS_Seed::OS_Seed()
{
}
OS_Seed::~OS_Seed()
{
}
void OS_Seed::GenerateSeed(byte* output, word32 sz)
{
/*
Try to use NXSeedRandom as it will generate a strong
seed using the onboard 82802 chip
As it's not always supported, fallback to default
implementation if an error is returned
*/
if (NXSeedRandom(sz, output) != 0)
{
NetwareSeed(output, sz);
}
}
#else #else
/* The default OS_Seed implementation */ /* The default OS_Seed implementation */
OS_Seed::OS_Seed() OS_Seed::OS_Seed()
{ {
fd_ = open("/dev/urandom",O_RDONLY); fd_ = open("/dev/urandom",O_RDONLY);
if (fd_ == -1) { if (fd_ == -1) {
fd_ = open("/dev/random",O_RDONLY); fd_ = open("/dev/random",O_RDONLY);
if (fd_ == -1) if (fd_ == -1)
error_.SetError(OPEN_RAN_E); error_.SetError(OPEN_RAN_E);
} }
} }

16
extra/yassl/taocrypt/src/ripemd.cpp
View File

@ -110,14 +110,14 @@ void RIPEMD160::Update(const byte* data, word32 len)
// all at once for asm // all at once for asm
if (buffLen_ == 0) { if (buffLen_ == 0) {
word32 times = len / BLOCK_SIZE; word32 times = len / BLOCK_SIZE;
if (times) { if (times) {
AsmTransform(data, times); AsmTransform(data, times);
const word32 add = BLOCK_SIZE * times; const word32 add = BLOCK_SIZE * times;
AddLength(add); AddLength(add);
len -= add; len -= add;
data += add; data += add;
} }
} }
// cache any data left // cache any data left

7
extra/yassl/taocrypt/src/rsa.cpp
View File

@ -61,7 +61,6 @@ Integer RSA_PrivateKey::CalculateInverse(RandomNumberGenerator& rng,
Integer y = ModularRoot(re, dq_, dp_, q_, p_, u_); Integer y = ModularRoot(re, dq_, dp_, q_, p_, u_);
y = modn.Divide(y, r); // unblind y = modn.Divide(y, r); // unblind
assert(modn.Exponentiate(y, e_) == x); // check
return y; return y;
} }
@ -124,7 +123,8 @@ word32 RSA_BlockType2::UnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen,
unsigned i=1; unsigned i=1;
while (i<pkcsBlockLen && pkcsBlock[i++]) { // null body while (i<pkcsBlockLen && pkcsBlock[i++]) { // null body
} }
assert(i==pkcsBlockLen || pkcsBlock[i-1]==0); if (!(i==pkcsBlockLen || pkcsBlock[i-1]==0))
return 0;
unsigned int outputLen = pkcsBlockLen - i; unsigned int outputLen = pkcsBlockLen - i;
invalid = (outputLen > maxOutputLen) || invalid; invalid = (outputLen > maxOutputLen) || invalid;
@ -179,7 +179,8 @@ word32 RSA_BlockType1::UnPad(const byte* pkcsBlock, word32 pkcsBlockLen,
unsigned i=1; unsigned i=1;
while (i<pkcsBlockLen && pkcsBlock[i++]) { // null body while (i<pkcsBlockLen && pkcsBlock[i++]) { // null body
} }
assert(i==pkcsBlockLen || pkcsBlock[i-1]==0); if (!(i==pkcsBlockLen || pkcsBlock[i-1]==0))
return 0;
unsigned int outputLen = pkcsBlockLen - i; unsigned int outputLen = pkcsBlockLen - i;
invalid = (outputLen > maxOutputLen) || invalid; invalid = (outputLen > maxOutputLen) || invalid;

16
extra/yassl/taocrypt/src/sha.cpp
View File

@ -344,14 +344,14 @@ void SHA::Update(const byte* data, word32 len)
// all at once for asm // all at once for asm
if (buffLen_ == 0) { if (buffLen_ == 0) {
word32 times = len / BLOCK_SIZE; word32 times = len / BLOCK_SIZE;
if (times) { if (times) {
AsmTransform(data, times); AsmTransform(data, times);
const word32 add = BLOCK_SIZE * times; const word32 add = BLOCK_SIZE * times;
AddLength(add); AddLength(add);
len -= add; len -= add;
data += add; data += add;
} }
} }
// cache any data left // cache any data left

1
extra/yassl/taocrypt/src/template_instnt.cpp
View File

@ -61,7 +61,6 @@ template class PBKDF2_HMAC<SHA>;
template class HMAC<MD5>; template class HMAC<MD5>;
template class HMAC<SHA>; template class HMAC<SHA>;
template class HMAC<RIPEMD160>; template class HMAC<RIPEMD160>;
} }
namespace mySTL { namespace mySTL {

7
extra/yassl/taocrypt/src/twofish.cpp
View File

@ -11,8 +11,9 @@
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; see the file COPYING. If not, write to the
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301 USA.
*/ */
/* C++ based on Wei Dai's twofish.cpp from CryptoPP */ /* C++ based on Wei Dai's twofish.cpp from CryptoPP */
@ -140,8 +141,6 @@ inline word32 Twofish::h(word32 x, const word32* key, unsigned int kLen)
void Twofish::SetKey(const byte* userKey, word32 keylen, CipherDir /*dummy*/) void Twofish::SetKey(const byte* userKey, word32 keylen, CipherDir /*dummy*/)
{ {
assert(keylen >= 16 && keylen <= 32);
unsigned int len = (keylen <= 16 ? 2 : (keylen <= 24 ? 3 : 4)); unsigned int len = (keylen <= 16 ? 2 : (keylen <= 24 ? 3 : 4));
word32 key[8]; word32 key[8];
GetUserKey(LittleEndianOrder, key, len*2, userKey, keylen); GetUserKey(LittleEndianOrder, key, len*2, userKey, keylen);

16
extra/yassl/taocrypt/taocrypt.dsp
View File

@ -138,6 +138,10 @@ SOURCE=.\src\hash.cpp
# End Source File # End Source File
# Begin Source File # Begin Source File
SOURCE=.\src\hc128.cpp
# End Source File
# Begin Source File
SOURCE=.\src\integer.cpp SOURCE=.\src\integer.cpp
# End Source File # End Source File
# Begin Source File # Begin Source File
@ -158,6 +162,10 @@ SOURCE=.\src\misc.cpp
# End Source File # End Source File
# Begin Source File # Begin Source File
SOURCE=.\src\rabbit.cpp
# End Source File
# Begin Source File
SOURCE=.\src\random.cpp SOURCE=.\src\random.cpp
# End Source File # End Source File
# Begin Source File # Begin Source File
@ -238,6 +246,10 @@ SOURCE=.\include\hash.hpp
# End Source File # End Source File
# Begin Source File # Begin Source File
SOURCE=.\include\hc128.hpp
# End Source File
# Begin Source File
SOURCE=.\include\hmac.hpp SOURCE=.\include\hmac.hpp
# End Source File # End Source File
# Begin Source File # Begin Source File
@ -274,6 +286,10 @@ SOURCE=.\include\pwdbased.hpp
# End Source File # End Source File
# Begin Source File # Begin Source File
SOURCE=.\include\rabbit.hpp
# End Source File
# Begin Source File
SOURCE=.\include\random.hpp SOURCE=.\include\random.hpp
# End Source File # End Source File
# Begin Source File # Begin Source File

0
extra/yassl/taocrypt/test/make.bat Normal file → Executable file
View File

29
extra/yassl/taocrypt/test/memory.cpp
View File

@ -310,3 +310,32 @@ void operator delete[](void* ptr)
{ {
::operator delete(ptr); ::operator delete(ptr);
} }
extern "C" {
void* XMALLOC(size_t sz, void* head)
{
return ::operator new(sz);
}
void* XREALLOC(void* ptr, size_t sz, void* heap)
{
void* ret = ::operator new(sz);
if (ret && ptr)
memcpy(ret, ptr, sz);
if (ret)
::operator delete(ptr);
return ret;
}
void XFREE(void* ptr, void* heap)
{
::operator delete(ptr);
}
} // extern "C"

158
extra/yassl/taocrypt/test/test.cpp
View File

@ -27,6 +27,8 @@
#include "coding.hpp" #include "coding.hpp"
#include "random.hpp" #include "random.hpp"
#include "pwdbased.hpp" #include "pwdbased.hpp"
#include "rabbit.hpp"
#include "hc128.hpp"
@ -86,16 +88,18 @@ using TaoCrypt::PBKDF2_HMAC;
using TaoCrypt::tcArrayDelete; using TaoCrypt::tcArrayDelete;
using TaoCrypt::GetCert; using TaoCrypt::GetCert;
using TaoCrypt::GetPKCS_Cert; using TaoCrypt::GetPKCS_Cert;
using TaoCrypt::Rabbit;
using TaoCrypt::HC128;
struct testVector { struct testVector {
byte* input_; byte* input_;
byte* output_; byte* output_;
size_t inLen_; word32 inLen_;
size_t outLen_; word32 outLen_;
testVector(const char* in, const char* out) : input_((byte*)in), testVector(const char* in, const char* out) : input_((byte*)in),
output_((byte*)out), inLen_(strlen(in)), outLen_(strlen(out)) {} output_((byte*)out), inLen_((word32)strlen(in)),
outLen_((word32)strlen(out)) {}
}; };
int sha_test(); int sha_test();
@ -120,13 +124,15 @@ int dsa_test();
int dh_test(); int dh_test();
int pwdbased_test(); int pwdbased_test();
int pkcs12_test(); int pkcs12_test();
int rabbit_test();
int hc128_test();
TaoCrypt::RandomNumberGenerator rng; TaoCrypt::RandomNumberGenerator rng;
void err_sys(const char* msg, int es) void err_sys(const char* msg, int es)
{ {
printf("%s", msg); printf("%s\n", msg);
exit(es); exit(es);
} }
@ -162,7 +168,7 @@ byte* cipher = 0; // block output
void taocrypt_test(void* args) void taocrypt_test(void* args)
{ {
((func_args*)args)->return_code = -1; // error state ((func_args*)args)->return_code = -1; // error state
msg = NEW_TC byte[24]; msg = NEW_TC byte[24];
plain = NEW_TC byte[24]; plain = NEW_TC byte[24];
cipher = NEW_TC byte[24]; cipher = NEW_TC byte[24];
@ -229,6 +235,16 @@ void taocrypt_test(void* args)
else else
printf( "ARC4 test passed!\n"); printf( "ARC4 test passed!\n");
if ( (ret = rabbit_test()) )
err_sys("Rabbit test failed!\n", ret);
else
printf( "Rabbit test passed!\n");
if ( (ret = hc128_test()) )
err_sys("HC128 test failed!\n", ret);
else
printf( "HC128 test passed!\n");
if ( (ret = des_test()) ) if ( (ret = des_test()) )
err_sys("DES test failed!\n", ret); err_sys("DES test failed!\n", ret);
else else
@ -306,16 +322,16 @@ void taocrypt_test(void* args)
void file_test(const char* file, byte* check) void file_test(const char* file, byte* check)
{ {
FILE* f; FILE* f;
int i(0); int i = 0;
MD5 md5; MD5 md5;
byte buf[1024]; byte buf[1024];
byte md5sum[MD5::DIGEST_SIZE]; byte md5sum[MD5::DIGEST_SIZE];
if( !( f = fopen( file, "rb" ) )) { if( !( f = fopen( file, "rb" ) )) {
printf("Can't open %s\n", file); printf("Can't open %s\n", file);
return; return;
} }
while( ( i = fread(buf, 1, sizeof(buf), f )) > 0 ) while( ( i = (int)fread(buf, 1, sizeof(buf), f )) > 0 )
md5.Update(buf, i); md5.Update(buf, i);
md5.Final(md5sum); md5.Final(md5sum);
@ -704,7 +720,7 @@ int hmac_test()
int times( sizeof(test_hmacMD5) / sizeof(testVector) ); int times( sizeof(test_hmacMD5) / sizeof(testVector) );
for (int i = 0; i < times; ++i) { for (int i = 0; i < times; ++i) {
hmacMD5.SetKey((byte*)keys[i], strlen(keys[i])); hmacMD5.SetKey((byte*)keys[i], (word32)strlen(keys[i]));
hmacMD5.Update(test_hmacMD5[i].input_, test_hmacMD5[i].inLen_); hmacMD5.Update(test_hmacMD5[i].input_, test_hmacMD5[i].inLen_);
hmacMD5.Final(hash); hmacMD5.Final(hash);
@ -747,8 +763,8 @@ int arc4_test()
ARC4::Encryption enc; ARC4::Encryption enc;
ARC4::Decryption dec; ARC4::Decryption dec;
enc.SetKey((byte*)keys[i], strlen(keys[i])); enc.SetKey((byte*)keys[i], (word32)strlen(keys[i]));
dec.SetKey((byte*)keys[i], strlen(keys[i])); dec.SetKey((byte*)keys[i], (word32)strlen(keys[i]));
enc.Process(cipher, test_arc4[i].input_, test_arc4[i].outLen_); enc.Process(cipher, test_arc4[i].input_, test_arc4[i].outLen_);
dec.Process(plain, cipher, test_arc4[i].outLen_); dec.Process(plain, cipher, test_arc4[i].outLen_);
@ -764,6 +780,114 @@ int arc4_test()
} }
int rabbit_test()
{
byte cipher[16];
byte plain[16];
const char* keys[] =
{
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
"\xAC\xC3\x51\xDC\xF1\x62\xFC\x3B\xFE\x36\x3D\x2E\x29\x13\x28\x91"
};
const char* ivs[] =
{
"\x00\x00\x00\x00\x00\x00\x00\x00",
"\x59\x7E\x26\xC1\x75\xF5\x73\xC3",
0
};
testVector test_rabbit[] =
{
testVector("\x00\x00\x00\x00\x00\x00\x00\x00",
"\xED\xB7\x05\x67\x37\x5D\xCD\x7C"),
testVector("\x00\x00\x00\x00\x00\x00\x00\x00",
"\x6D\x7D\x01\x22\x92\xCC\xDC\xE0"),
testVector("\x00\x00\x00\x00\x00\x00\x00\x00",
"\x9C\x51\xE2\x87\x84\xC3\x7F\xE9")
};
int times( sizeof(test_rabbit) / sizeof(testVector) );
for (int i = 0; i < times; ++i) {
Rabbit::Encryption enc;
Rabbit::Decryption dec;
enc.SetKey((byte*)keys[i], (byte*)ivs[i]);
dec.SetKey((byte*)keys[i], (byte*)ivs[i]);
enc.Process(cipher, test_rabbit[i].input_, test_rabbit[i].outLen_);
dec.Process(plain, cipher, test_rabbit[i].outLen_);
if (memcmp(plain, test_rabbit[i].input_, test_rabbit[i].outLen_))
return -230 - i;
if (memcmp(cipher, test_rabbit[i].output_, test_rabbit[i].outLen_))
return -240 - i;
}
return 0;
}
int hc128_test()
{
byte cipher[16];
byte plain[16];
const char* keys[] =
{
"\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
"\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD",
"\x0F\x62\xB5\x08\x5B\xAE\x01\x54\xA7\xFA\x4D\xA0\xF3\x46\x99\xEC"
};
const char* ivs[] =
{
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
"\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
"\x0D\x74\xDB\x42\xA9\x10\x77\xDE\x45\xAC\x13\x7A\xE1\x48\xAF\x16",
"\x28\x8F\xF6\x5D\xC4\x2B\x92\xF9\x60\xC7\x2E\x95\xFC\x63\xCA\x31"
};
testVector test_hc128[] =
{
testVector("\x00\x00\x00\x00\x00\x00\x00\x00",
"\x37\x86\x02\xB9\x8F\x32\xA7\x48"),
testVector("\x00\x00\x00\x00\x00\x00\x00\x00",
"\x33\x7F\x86\x11\xC6\xED\x61\x5F"),
testVector("\x00\x00\x00\x00\x00\x00\x00\x00",
"\x2E\x1E\xD1\x2A\x85\x51\xC0\x5A"),
testVector("\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
"\x1C\xD8\xAE\xDD\xFE\x52\xE2\x17\xE8\x35\xD0\xB7\xE8\x4E\x29")
};
int times( sizeof(test_hc128) / sizeof(testVector) );
for (int i = 0; i < times; ++i) {
HC128::Encryption enc;
HC128::Decryption dec;
enc.SetKey((byte*)keys[i], (byte*)ivs[i]);
dec.SetKey((byte*)keys[i], (byte*)ivs[i]);
enc.Process(cipher, test_hc128[i].input_, test_hc128[i].outLen_);
dec.Process(plain, cipher, test_hc128[i].outLen_);
if (memcmp(plain, test_hc128[i].input_, test_hc128[i].outLen_))
return -330 - i;
if (memcmp(cipher, test_hc128[i].output_, test_hc128[i].outLen_))
return -340 - i;
}
return 0;
}
int des_test() int des_test()
{ {
//ECB mode //ECB mode
@ -1026,7 +1150,7 @@ int rsa_test()
RSAES_Encryptor enc(priv); RSAES_Encryptor enc(priv);
byte message[] = "Everyone gets Friday off."; byte message[] = "Everyone gets Friday off.";
const int len(strlen((char*)message)); const word32 len = (word32)strlen((char*)message);
byte cipher[64]; byte cipher[64];
enc.Encrypt(message, len, cipher, rng); enc.Encrypt(message, len, cipher, rng);
@ -1054,6 +1178,8 @@ int rsa_test()
} }
} }
CertDecoder cd(source2, true, 0, false, CertDecoder::CA); CertDecoder cd(source2, true, 0, false, CertDecoder::CA);
if (cd.GetError().What())
err_sys("cert error", -80);
Source source3(cd.GetPublicKey().GetKey(), cd.GetPublicKey().size()); Source source3(cd.GetPublicKey().GetKey(), cd.GetPublicKey().size());
RSA_PublicKey pub(source3); RSA_PublicKey pub(source3);
@ -1174,6 +1300,7 @@ int pwdbased_test()
} }
/*
int pkcs12_test() int pkcs12_test()
{ {
Source cert; Source cert;
@ -1206,4 +1333,5 @@ int pkcs12_test()
return 0; return 0;
} }
*/

0
extra/yassl/testsuite/make.bat Normal file → Executable file
View File

104
extra/yassl/testsuite/test.hpp
View File

@ -23,6 +23,7 @@
#include "runtime.hpp" #include "runtime.hpp"
#include "openssl/ssl.h" /* openssl compatibility test */ #include "openssl/ssl.h" /* openssl compatibility test */
#include "error.hpp"
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <assert.h> #include <assert.h>
@ -32,6 +33,10 @@
#ifdef _WIN32 #ifdef _WIN32
#include <winsock2.h> #include <winsock2.h>
#include <process.h> #include <process.h>
#ifdef TEST_IPV6 // don't require newer SDK for IPV4
#include <ws2tcpip.h>
#include <wspiapi.h>
#endif
#define SOCKET_T unsigned int #define SOCKET_T unsigned int
#else #else
#include <string.h> #include <string.h>
@ -42,6 +47,9 @@
#include <sys/time.h> #include <sys/time.h>
#include <sys/types.h> #include <sys/types.h>
#include <sys/socket.h> #include <sys/socket.h>
#ifdef TEST_IPV6
#include <netdb.h>
#endif
#include <pthread.h> #include <pthread.h>
#ifdef NON_BLOCKING #ifdef NON_BLOCKING
#include <fcntl.h> #include <fcntl.h>
@ -50,8 +58,14 @@
#endif /* _WIN32 */ #endif /* _WIN32 */
#if !defined(_SOCKLEN_T) && \ #ifdef _MSC_VER
(defined(_WIN32) || defined(__NETWARE__) || defined(__APPLE__)) // disable conversion warning
// 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy
#pragma warning(disable:4244 4996)
#endif
#if !defined(_SOCKLEN_T) && (defined(_WIN32) || defined(__APPLE__))
typedef int socklen_t; typedef int socklen_t;
#endif #endif
@ -60,25 +74,30 @@
#if defined(__hpux) #if defined(__hpux)
// HPUX uses int* for third parameter to accept // HPUX uses int* for third parameter to accept
typedef int* ACCEPT_THIRD_T; typedef int* ACCEPT_THIRD_T;
#elif defined(__NETWARE__)
// NetWare uses size_t* for third parameter to accept
typedef size_t* ACCEPT_THIRD_T;
#else #else
typedef socklen_t* ACCEPT_THIRD_T; typedef socklen_t* ACCEPT_THIRD_T;
#endif #endif
#ifdef TEST_IPV6
typedef sockaddr_in6 SOCKADDR_IN_T;
#define AF_INET_V AF_INET6
#else
typedef sockaddr_in SOCKADDR_IN_T;
#define AF_INET_V AF_INET
#endif
// Check if _POSIX_THREADS should be forced // Check if _POSIX_THREADS should be forced
#if !defined(_POSIX_THREADS) && (defined(__NETWARE__) || defined(__hpux)) #if !defined(_POSIX_THREADS) && defined(__hpux)
// HPUX does not define _POSIX_THREADS as it's not _fully_ implemented // HPUX does not define _POSIX_THREADS as it's not _fully_ implemented
// Netware supports pthreads but does not announce it
#define _POSIX_THREADS #define _POSIX_THREADS
#endif #endif
#ifndef _POSIX_THREADS #ifndef _POSIX_THREADS
typedef unsigned int THREAD_RETURN; typedef unsigned int THREAD_RETURN;
typedef unsigned long THREAD_TYPE; typedef HANDLE THREAD_TYPE;
#define YASSL_API __stdcall #define YASSL_API __stdcall
#else #else
typedef void* THREAD_RETURN; typedef void* THREAD_RETURN;
@ -125,8 +144,8 @@ void start_thread(THREAD_FUNC, func_args*, THREAD_TYPE*);
void join_thread(THREAD_TYPE); void join_thread(THREAD_TYPE);
// yaSSL // yaSSL
const char* const yasslIP = "127.0.0.1"; const char* const yasslIP = "127.0.0.1";
const unsigned short yasslPort = 11111; const unsigned short yasslPort = 11111;
// client // client
@ -185,7 +204,7 @@ extern "C" {
static int PasswordCallBack(char* passwd, int sz, int rw, void* userdata) static int PasswordCallBack(char* passwd, int sz, int rw, void* userdata)
{ {
strncpy(passwd, "12345678", sz); strncpy(passwd, "yassl123", sz);
return 8; return 8;
} }
@ -305,14 +324,35 @@ inline void tcp_set_nonblocking(SOCKET_T& sockfd)
} }
inline void tcp_socket(SOCKET_T& sockfd, sockaddr_in& addr) inline void tcp_socket(SOCKET_T& sockfd, SOCKADDR_IN_T& addr)
{ {
sockfd = socket(AF_INET, SOCK_STREAM, 0); sockfd = socket(AF_INET_V, SOCK_STREAM, 0);
memset(&addr, 0, sizeof(addr)); memset(&addr, 0, sizeof(addr));
addr.sin_family = AF_INET;
#ifdef TEST_IPV6
addr.sin6_family = AF_INET_V;
addr.sin6_port = htons(yasslPort);
addr.sin6_addr = in6addr_loopback;
/* // for external testing later
addrinfo hints;
memset(&hints, 0, sizeof(hints));
hints.ai_family = AF_INET_V;
hints.ai_socktype = SOCK_STREAM;
hints.ai_flags = AI_PASSIVE;
getaddrinfo(yasslIP6, yasslPortStr, &hints, info);
// then use info connect(sockfd, info->ai_addr, info->ai_addrlen)
if (*info == 0)
err_sys("getaddrinfo failed");
*/ // end external testing later
#else
addr.sin_family = AF_INET_V;
addr.sin_port = htons(yasslPort); addr.sin_port = htons(yasslPort);
addr.sin_addr.s_addr = inet_addr(yasslIP); addr.sin_addr.s_addr = inet_addr(yasslIP);
#endif
} }
@ -323,13 +363,13 @@ inline void tcp_close(SOCKET_T& sockfd)
#else #else
close(sockfd); close(sockfd);
#endif #endif
sockfd = -1; sockfd = (SOCKET_T) -1;
} }
inline void tcp_connect(SOCKET_T& sockfd) inline void tcp_connect(SOCKET_T& sockfd)
{ {
sockaddr_in addr; SOCKADDR_IN_T addr;
tcp_socket(sockfd, addr); tcp_socket(sockfd, addr);
if (connect(sockfd, (const sockaddr*)&addr, sizeof(addr)) != 0) { if (connect(sockfd, (const sockaddr*)&addr, sizeof(addr)) != 0) {
@ -341,9 +381,15 @@ inline void tcp_connect(SOCKET_T& sockfd)
inline void tcp_listen(SOCKET_T& sockfd) inline void tcp_listen(SOCKET_T& sockfd)
{ {
sockaddr_in addr; SOCKADDR_IN_T addr;
tcp_socket(sockfd, addr); tcp_socket(sockfd, addr);
#ifndef _WIN32
int on = 1;
socklen_t len = sizeof(on);
setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len);
#endif
if (bind(sockfd, (const sockaddr*)&addr, sizeof(addr)) != 0) { if (bind(sockfd, (const sockaddr*)&addr, sizeof(addr)) != 0) {
tcp_close(sockfd); tcp_close(sockfd);
err_sys("tcp bind failed"); err_sys("tcp bind failed");
@ -360,7 +406,7 @@ inline void tcp_accept(SOCKET_T& sockfd, SOCKET_T& clientfd, func_args& args)
{ {
tcp_listen(sockfd); tcp_listen(sockfd);
sockaddr_in client; SOCKADDR_IN_T client;
socklen_t client_len = sizeof(client); socklen_t client_len = sizeof(client);
#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) #if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER)
@ -374,7 +420,7 @@ inline void tcp_accept(SOCKET_T& sockfd, SOCKET_T& clientfd, func_args& args)
clientfd = accept(sockfd, (sockaddr*)&client, (ACCEPT_THIRD_T)&client_len); clientfd = accept(sockfd, (sockaddr*)&client, (ACCEPT_THIRD_T)&client_len);
if (clientfd == -1) { if (clientfd == (SOCKET_T) -1) {
tcp_close(sockfd); tcp_close(sockfd);
err_sys("tcp accept failed"); err_sys("tcp accept failed");
} }
@ -392,10 +438,8 @@ inline void showPeer(SSL* ssl)
char* issuer = X509_NAME_oneline(X509_get_issuer_name(peer), 0, 0); char* issuer = X509_NAME_oneline(X509_get_issuer_name(peer), 0, 0);
char* subject = X509_NAME_oneline(X509_get_subject_name(peer), 0, 0); char* subject = X509_NAME_oneline(X509_get_subject_name(peer), 0, 0);
printf("peer's cert info:\n"); printf("peer's cert info:\n issuer : %s\n subject: %s\n", issuer,
printf("issuer : %s\n", issuer); subject);
printf("subject: %s\n", subject);
free(subject); free(subject);
free(issuer); free(issuer);
} }
@ -441,5 +485,19 @@ inline DH* set_tmpDH(SSL_CTX* ctx)
} }
inline int verify_callback(int preverify_ok, X509_STORE_CTX* ctx)
{
X509* err_cert = X509_STORE_CTX_get_current_cert(ctx);
int err = X509_STORE_CTX_get_error(ctx);
int depth = X509_STORE_CTX_get_error_depth(ctx);
// test allow self signed
if (err_cert && depth == 0 && err == TaoCrypt::SIG_OTHER_E)
return 1;
return 0;
}
#endif // yaSSL_TEST_HPP #endif // yaSSL_TEST_HPP

Some files were not shown because too many files have changed in this diff Show More