Commit 3a34f4c9 authored by unknown's avatar unknown

Import yaSSL version 1.4.0


extra/yassl/FLOSS-EXCEPTIONS:
  Import patch yassl.diff
extra/yassl/README:
  Import patch yassl.diff
extra/yassl/examples/client/client.cpp:
  Import patch yassl.diff
extra/yassl/examples/echoclient/echoclient.cpp:
  Import patch yassl.diff
extra/yassl/examples/echoserver/echoserver.cpp:
  Import patch yassl.diff
extra/yassl/examples/server/server.cpp:
  Import patch yassl.diff
extra/yassl/include/buffer.hpp:
  Import patch yassl.diff
extra/yassl/include/cert_wrapper.hpp:
  Import patch yassl.diff
extra/yassl/include/crypto_wrapper.hpp:
  Import patch yassl.diff
extra/yassl/include/factory.hpp:
  Import patch yassl.diff
extra/yassl/include/openssl/ssl.h:
  Import patch yassl.diff
extra/yassl/include/socket_wrapper.hpp:
  Import patch yassl.diff
extra/yassl/include/yassl_error.hpp:
  Import patch yassl.diff
extra/yassl/include/yassl_imp.hpp:
  Import patch yassl.diff
extra/yassl/include/yassl_int.hpp:
  Import patch yassl.diff
extra/yassl/include/yassl_types.hpp:
  Import patch yassl.diff
extra/yassl/src/cert_wrapper.cpp:
  Import patch yassl.diff
extra/yassl/src/crypto_wrapper.cpp:
  Import patch yassl.diff
extra/yassl/src/handshake.cpp:
  Import patch yassl.diff
extra/yassl/src/socket_wrapper.cpp:
  Import patch yassl.diff
extra/yassl/src/ssl.cpp:
  Import patch yassl.diff
extra/yassl/src/template_instnt.cpp:
  Import patch yassl.diff
extra/yassl/src/yassl.cpp:
  Import patch yassl.diff
extra/yassl/src/yassl_error.cpp:
  Import patch yassl.diff
extra/yassl/src/yassl_imp.cpp:
  Import patch yassl.diff
extra/yassl/src/yassl_int.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/COPYING:
  Import patch yassl.diff
extra/yassl/taocrypt/INSTALL:
  Import patch yassl.diff
extra/yassl/taocrypt/README:
  Import patch yassl.diff
extra/yassl/taocrypt/include/asn.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/block.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/blowfish.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/error.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/file.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/integer.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/misc.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/pwdbased.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/twofish.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/mySTL/algorithm.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/mySTL/helpers.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/mySTL/list.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/mySTL/memory.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/mySTL/memory_array.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/mySTL/pair.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/mySTL/stdexcept.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/mySTL/vector.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/algebra.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/asn.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/blowfish.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/des.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/dh.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/integer.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/md4.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/md5.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/random.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/ripemd.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/sha.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/template_instnt.cpp:
  Import patch yassl.diff
extra/yassl/testsuite/test.hpp:
  Import patch yassl.diff
BitKeeper/deleted/.del-algorithm.hpp:
  Delete: extra/yassl/mySTL/algorithm.hpp
BitKeeper/deleted/.del-helpers.hpp:
  Delete: extra/yassl/mySTL/helpers.hpp
BitKeeper/deleted/.del-list.hpp:
  Delete: extra/yassl/mySTL/list.hpp
BitKeeper/deleted/.del-pair.hpp:
  Delete: extra/yassl/mySTL/pair.hpp
BitKeeper/deleted/.del-stdexcept.hpp:
  Delete: extra/yassl/mySTL/stdexcept.hpp
BitKeeper/deleted/.del-vector.hpp:
  Delete: extra/yassl/mySTL/vector.hpp
BitKeeper/deleted/.del-memory.hpp:
  Delete: extra/yassl/mySTL/memory.hpp
extra/yassl/Makefile.am:
  mySTL directory has moved from yassl/ to yassl/taocrypt
extra/yassl/src/Makefile.am:
  mySTL directory has moved from yassl/ to yassl/taocrypt
extra/yassl/taocrypt/Makefile.am:
  mySTL directory has moved from yassl/ to yassl/taocrypt
extra/yassl/taocrypt/benchmark/Makefile.am:
  mySTL directory has moved from yassl/ to yassl/taocrypt
extra/yassl/taocrypt/src/Makefile.am:
  mySTL directory has moved from yassl/ to yassl/taocrypt
extra/yassl/taocrypt/src/misc.cpp:
  Remove the functions CRYPTO_lock and CRYPTO_add_lock as they would collide with OpenSSL functions
extra/yassl/taocrypt/test/Makefile.am:
  mySTL directory has moved from yassl/ to yassl/taocrypt
extra/yassl/testsuite/Makefile.am:
  mySTL directory has moved from yassl/ to yassl/taocrypt
parent 8a8a7c01
yaSSL FLOSS License Exception
****************************************
Version 0.1, 26 June 2006
Version 0.2, 31 August 2006
The Sawtooth Consulting Ltd. Exception for Free/Libre and Open Source
Software-only Applications Using yaSSL Libraries (the "FLOSS Exception").
......@@ -81,6 +81,7 @@ the GPL:
Python license (CNRI Python License) -
Python Software Foundation License 2.1.1
Sleepycat License "1999"
University of Illinois/NCSA Open Source License -
W3C License "2001"
X11 License "2001"
Zlib/libpng License -
......
SUBDIRS = taocrypt src testsuite
EXTRA_DIST = yassl.dsp yassl.dsw $(wildcard mySTL/*.hpp) CMakeLists.txt
EXTRA_DIST = yassl.dsp yassl.dsw CMakeLists.txt
yaSSL Release notes, version 1.3.7 (06/26/06)
yaSSL Release notes, version 1.4.0 (08/13/06)
This release of yaSSL contains bug fixes, portability enhancements,
nonblocking connect and accept, better OpenSSL error mapping, and
certificate caching for session resumption.
See normal build instructions below under 1.0.6.
See libcurl build instructions below under 1.3.0.
********************yaSSL Release notes, version 1.3.7 (06/26/06)
This release of yaSSL contains bug fixes, portability enhancements,
......
......@@ -27,7 +27,13 @@ void client_test(void* args)
SSL_set_fd(ssl, sockfd);
if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed");
if (SSL_connect(ssl) != SSL_SUCCESS)
{
SSL_CTX_free(ctx);
SSL_free(ssl);
tcp_close(sockfd);
err_sys("SSL_connect failed");
}
showPeer(ssl);
const char* cipher = 0;
......@@ -39,11 +45,16 @@ void client_test(void* args)
strncat(list, cipher, strlen(cipher) + 1);
}
printf("%s\n", list);
printf("Using Cipher Suite %s\n", SSL_get_cipher(ssl));
printf("Using Cipher Suite: %s\n", SSL_get_cipher(ssl));
char msg[] = "hello yassl!";
if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
{
SSL_CTX_free(ctx);
SSL_free(ssl);
tcp_close(sockfd);
err_sys("SSL_write failed");
}
char reply[1024];
reply[SSL_read(ssl, reply, sizeof(reply))] = 0;
......@@ -56,22 +67,36 @@ void client_test(void* args)
SSL_shutdown(ssl);
SSL_free(ssl);
tcp_close(sockfd);
#ifdef TEST_RESUME
tcp_connect(sockfd);
SSL_set_fd(sslResume, sockfd);
SSL_set_session(sslResume, session);
if (SSL_connect(sslResume) != SSL_SUCCESS) err_sys("SSL resume failed");
if (SSL_connect(sslResume) != SSL_SUCCESS)
{
SSL_CTX_free(ctx);
SSL_free(ssl);
tcp_close(sockfd);
err_sys("SSL resume failed");
}
showPeer(sslResume);
if (SSL_write(sslResume, msg, sizeof(msg)) != sizeof(msg))
{
SSL_CTX_free(ctx);
SSL_free(ssl);
tcp_close(sockfd);
err_sys("SSL_write failed");
}
reply[SSL_read(sslResume, reply, sizeof(reply))] = 0;
printf("Server response: %s\n", reply);
SSL_shutdown(sslResume);
SSL_free(sslResume);
tcp_close(sockfd);
#endif // TEST_RESUME
SSL_CTX_free(ctx);
......
......@@ -41,7 +41,14 @@ void echoclient_test(void* args)
SSL* ssl = SSL_new(ctx);
SSL_set_fd(ssl, sockfd);
if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed");
if (SSL_connect(ssl) != SSL_SUCCESS)
{
SSL_CTX_free(ctx);
SSL_free(ssl);
tcp_close(sockfd);
err_sys("SSL_connect failed");
}
char send[1024];
char reply[1024];
......@@ -50,7 +57,12 @@ void echoclient_test(void* args)
int sendSz = strlen(send) + 1;
if (SSL_write(ssl, send, sendSz) != sendSz)
{
SSL_CTX_free(ctx);
SSL_free(ssl);
tcp_close(sockfd);
err_sys("SSL_write failed");
}
if (strncmp(send, "quit", 4) == 0) {
fputs("sending server shutdown command: quit!\n", fout);
......@@ -63,6 +75,7 @@ void echoclient_test(void* args)
SSL_CTX_free(ctx);
SSL_free(ssl);
tcp_close(sockfd);
fflush(fout);
if (inCreated) fclose(fin);
......
......@@ -67,11 +67,23 @@ THREAD_RETURN YASSL_API echoserver_test(void* args)
socklen_t client_len = sizeof(client);
int clientfd = accept(sockfd, (sockaddr*)&client,
(ACCEPT_THIRD_T)&client_len);
if (clientfd == -1) err_sys("tcp accept failed");
if (clientfd == -1)
{
SSL_CTX_free(ctx);
tcp_close(sockfd);
err_sys("tcp accept failed");
}
SSL* ssl = SSL_new(ctx);
SSL_set_fd(ssl, clientfd);
if (SSL_accept(ssl) != SSL_SUCCESS) err_sys("SSL_accept failed");
if (SSL_accept(ssl) != SSL_SUCCESS)
{
SSL_CTX_free(ctx);
SSL_free(ssl);
tcp_close(sockfd);
tcp_close(clientfd);
err_sys("SSL_accept failed");
}
char command[1024];
int echoSz(0);
......@@ -100,7 +112,14 @@ THREAD_RETURN YASSL_API echoserver_test(void* args)
echoSz += sizeof(footer);
if (SSL_write(ssl, command, echoSz) != echoSz)
{
SSL_CTX_free(ctx);
SSL_free(ssl);
tcp_close(sockfd);
tcp_close(clientfd);
err_sys("SSL_write failed");
}
break;
}
command[echoSz] = 0;
......@@ -110,16 +129,19 @@ THREAD_RETURN YASSL_API echoserver_test(void* args)
#endif
if (SSL_write(ssl, command, echoSz) != echoSz)
{
SSL_CTX_free(ctx);
SSL_free(ssl);
tcp_close(sockfd);
tcp_close(clientfd);
err_sys("SSL_write failed");
}
}
SSL_free(ssl);
tcp_close(clientfd);
}
#ifdef _WIN32
closesocket(sockfd);
#else
close(sockfd);
#endif
tcp_close(sockfd);
DH_free(dh);
SSL_CTX_free(ctx);
......
......@@ -19,11 +19,7 @@ THREAD_RETURN YASSL_API server_test(void* args)
set_args(argc, argv, *static_cast<func_args*>(args));
tcp_accept(sockfd, clientfd, *static_cast<func_args*>(args));
#ifdef _WIN32
closesocket(sockfd);
#else
close(sockfd);
#endif
tcp_close(sockfd);
SSL_METHOD* method = TLSv1_server_method();
SSL_CTX* ctx = SSL_CTX_new(method);
......@@ -36,9 +32,17 @@ THREAD_RETURN YASSL_API server_test(void* args)
SSL* ssl = SSL_new(ctx);
SSL_set_fd(ssl, clientfd);
if (SSL_accept(ssl) != SSL_SUCCESS) err_sys("SSL_accept failed");
if (SSL_accept(ssl) != SSL_SUCCESS)
{
SSL_CTX_free(ctx);
SSL_free(ssl);
tcp_close(sockfd);
tcp_close(clientfd);
err_sys("SSL_accept failed");
}
showPeer(ssl);
printf("Using Cipher Suite %s\n", SSL_get_cipher(ssl));
printf("Using Cipher Suite: %s\n", SSL_get_cipher(ssl));
char command[1024];
command[SSL_read(ssl, command, sizeof(command))] = 0;
......@@ -46,12 +50,20 @@ THREAD_RETURN YASSL_API server_test(void* args)
char msg[] = "I hear you, fa shizzle!";
if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
{
SSL_CTX_free(ctx);
SSL_free(ssl);
tcp_close(sockfd);
tcp_close(clientfd);
err_sys("SSL_write failed");
}
DH_free(dh);
SSL_CTX_free(ctx);
SSL_free(ssl);
tcp_close(clientfd);
((func_args*)args)->return_code = 0;
return 0;
}
......
......@@ -34,7 +34,10 @@
#include <assert.h> // assert
#include "yassl_types.hpp" // ysDelete
#include "memory.hpp" // mySTL::auto_ptr
#include "algorithm.hpp" // mySTL::swap
#include STL_ALGORITHM_FILE
namespace STL = STL_NAMESPACE;
#ifdef _MSC_VER
......@@ -199,7 +202,7 @@ struct del_ptr_zero
void operator()(T*& p) const
{
T* tmp = 0;
mySTL::swap(tmp, p);
STL::swap(tmp, p);
checked_delete(tmp);
}
};
......
......@@ -41,8 +41,12 @@
#include "yassl_types.hpp" // SignatureAlgorithm
#include "buffer.hpp" // input_buffer
#include "asn.hpp" // SignerList
#include "list.hpp" // mySTL::list
#include "algorithm.hpp" // mySTL::for_each
#include STL_LIST_FILE
#include STL_ALGORITHM_FILE
namespace STL = STL_NAMESPACE;
namespace yaSSL {
......@@ -72,7 +76,7 @@ private:
// Certificate Manager keeps a list of the cert chain and public key
class CertManager {
typedef mySTL::list<x509*> CertList;
typedef STL::list<x509*> CertList;
CertList list_; // self
input_buffer privateKey_;
......@@ -120,6 +124,7 @@ public:
void setVerifyNone();
void setFailNoCert();
void setSendVerify();
void setPeerX509(X509*);
private:
CertManager(const CertManager&); // hide copy
CertManager& operator=(const CertManager&); // and assign
......
......@@ -416,7 +416,17 @@ private:
class x509;
x509* PemToDer(FILE*, CertType);
struct EncryptedInfo {
enum { IV_SZ = 32, NAME_SZ = 80 };
char name[NAME_SZ]; // max one line
byte iv[IV_SZ]; // in base16 rep
uint ivSz;
bool set;
EncryptedInfo() : ivSz(0), set(false) {}
};
x509* PemToDer(FILE*, CertType, EncryptedInfo* info = 0);
} // naemspace
......
......@@ -35,10 +35,12 @@
#ifndef yaSSL_FACTORY_HPP
#define yaSSL_FACTORY_HPP
#include "vector.hpp"
#include "pair.hpp"
#include STL_VECTOR_FILE
#include STL_PAIR_FILE
namespace STL = STL_NAMESPACE;
// VC60 workaround: it doesn't allow typename in some places
#if defined(_MSC_VER) && (_MSC_VER < 1300)
......@@ -58,8 +60,8 @@ template<class AbstractProduct,
typename ProductCreator = AbstractProduct* (*)()
>
class Factory {
typedef mySTL::pair<IdentifierType, ProductCreator> CallBack;
typedef mySTL::vector<CallBack> CallBackVector;
typedef STL::pair<IdentifierType, ProductCreator> CallBack;
typedef STL::vector<CallBack> CallBackVector;
CallBackVector callbacks_;
public:
......@@ -79,14 +81,16 @@ public:
// register callback
void Register(const IdentifierType& id, ProductCreator pc)
{
callbacks_.push_back(mySTL::make_pair(id, pc));
callbacks_.push_back(STL::make_pair(id, pc));
}
// THE Creator, returns a new object of the proper type or 0
AbstractProduct* CreateObject(const IdentifierType& id) const
{
const CallBack* first = callbacks_.begin();
const CallBack* last = callbacks_.end();
typedef typename STL::vector<CallBack>::const_iterator cIter;
cIter first = callbacks_.begin();
cIter last = callbacks_.end();
while (first != last) {
if (first->first == id)
......
......@@ -41,7 +41,7 @@
#include "rsa.h"
#define YASSL_VERSION "1.3.7"
#define YASSL_VERSION "1.4.2"
#if defined(__cplusplus)
......@@ -505,6 +505,8 @@ ASN1_TIME* X509_get_notAfter(X509* x);
#define V_ASN1_UTF8STRING 12
#define GEN_DNS 2
#define CERTFICATE_ERROR 0x14090086 /* SSLv3 error */
typedef struct MD4_CTX {
int buffer[32]; /* big enough to hold, check size in Init */
......
......@@ -71,6 +71,7 @@ typedef unsigned char byte;
class Socket {
socket_t socket_; // underlying socket descriptor
bool wouldBlock_; // for non-blocking data
bool blocking_; // is option set
public:
explicit Socket(socket_t s = INVALID_SOCKET);
~Socket();
......@@ -84,6 +85,7 @@ public:
bool wait();
bool WouldBlock() const;
bool IsBlocking() const;
void closeSocket();
void shutDown(int how = SD_SEND);
......
......@@ -54,7 +54,11 @@ enum YasslError {
verify_error = 112,
send_error = 113,
receive_error = 114,
certificate_error = 115
certificate_error = 115,
privateKey_error = 116,
badVersion_error = 117
// !!!! add error message to .cpp !!!!
// 1000+ from TaoCrypt error.hpp
......
......@@ -39,7 +39,10 @@
#include "yassl_types.hpp"
#include "factory.hpp"
#include "list.hpp" // mySTL::list
#include STL_LIST_FILE
namespace STL = STL_NAMESPACE;
namespace yaSSL {
......@@ -427,7 +430,7 @@ private:
class CertificateRequest : public HandShakeBase {
ClientCertificateType certificate_types_[CERT_TYPES];
int typeTotal_;
mySTL::list<DistinguishedName> certificate_authorities_;
STL::list<DistinguishedName> certificate_authorities_;
public:
CertificateRequest();
~CertificateRequest();
......
......@@ -40,6 +40,13 @@
#include "lock.hpp"
#include "openssl/ssl.h" // ASN1_STRING and DH
#ifdef _POSIX_THREADS
#include <pthread.h>
#endif
namespace STL = STL_NAMESPACE;
namespace yaSSL {
......@@ -80,12 +87,35 @@ enum ServerState {
};
// client connect state for nonblocking restart
enum ConnectState {
CONNECT_BEGIN = 0,
CLIENT_HELLO_SENT,
FIRST_REPLY_DONE,
FINISHED_DONE,
SECOND_REPLY_DONE
};
// server accpet state for nonblocking restart
enum AcceptState {
ACCEPT_BEGIN = 0,
ACCEPT_FIRST_REPLY_DONE,
SERVER_HELLO_DONE,
ACCEPT_SECOND_REPLY_DONE,
ACCEPT_FINISHED_DONE,
ACCEPT_THIRD_REPLY_DONE
};
// combines all states
class States {
RecordLayerState recordLayer_;
HandShakeState handshakeLayer_;
ClientState clientState_;
ServerState serverState_;
ConnectState connectState_;
AcceptState acceptState_;
char errorString_[MAX_ERROR_SZ];
YasslError what_;
public:
......@@ -95,6 +125,8 @@ public:
const HandShakeState& getHandShake() const;
const ClientState& getClient() const;
const ServerState& getServer() const;
const ConnectState& GetConnect() const;
const AcceptState& GetAccept() const;
const char* getString() const;
YasslError What() const;
......@@ -102,6 +134,8 @@ public:
HandShakeState& useHandShake();
ClientState& useClient();
ServerState& useServer();
ConnectState& UseConnect();
AcceptState& UseAccept();
char* useString();
void SetError(YasslError);
private:
......@@ -142,8 +176,9 @@ public:
X509_NAME(const char*, size_t sz);
~X509_NAME();
char* GetName();
const char* GetName() const;
ASN1_STRING* GetEntry(int i);
size_t GetLength() const;
private:
X509_NAME(const X509_NAME&); // hide copy
X509_NAME& operator=(const X509_NAME&); // and assign
......@@ -157,6 +192,9 @@ public:
~StringHolder();
ASN1_STRING* GetString();
private:
StringHolder(const StringHolder&); // hide copy
StringHolder& operator=(const StringHolder&); // and assign
};
......@@ -176,6 +214,7 @@ public:
ASN1_STRING* GetBefore();
ASN1_STRING* GetAfter();
private:
X509(const X509&); // hide copy
X509& operator=(const X509&); // and assign
......@@ -202,6 +241,7 @@ class SSL_SESSION {
uint bornOn_; // create time in seconds
uint timeout_; // timeout in seconds
RandomPool& random_; // will clean master secret
X509* peerX509_;
public:
explicit SSL_SESSION(RandomPool&);
SSL_SESSION(const SSL&, RandomPool&);
......@@ -212,17 +252,20 @@ public:
const Cipher* GetSuite() const;
uint GetBornOn() const;
uint GetTimeOut() const;
X509* GetPeerX509() const;
void SetTimeOut(uint);
SSL_SESSION& operator=(const SSL_SESSION&); // allow assign for resumption
private:
SSL_SESSION(const SSL_SESSION&); // hide copy
void CopyX509(X509*);
};
// holds all sessions
class Sessions {
mySTL::list<SSL_SESSION*> list_;
STL::list<SSL_SESSION*> list_;
RandomPool random_; // for session cleaning
Mutex mutex_; // no-op for single threaded
......@@ -241,8 +284,42 @@ private:
};
#ifdef _POSIX_THREADS
typedef pthread_t THREAD_ID_T;
#else
typedef DWORD THREAD_ID_T;
#endif
// thread error data
struct ThreadError {
THREAD_ID_T threadID_;
int errorID_;
};
// holds all errors
class Errors {
STL::list<ThreadError> list_;
Mutex mutex_;
Errors() {} // only GetErrors can create
public:
int Lookup(bool peek); // self lookup
void Add(int);
void Remove(); // remove self
~Errors() {}
friend Errors& GetErrors(); // singleton creator
private:
Errors(const Errors&); // hide copy
Errors& operator=(const Errors); // and assign
};
Sessions& GetSessions(); // forward singletons
sslFactory& GetSSL_Factory();
Errors& GetErrors();
// openSSL method and context types
......@@ -252,8 +329,10 @@ class SSL_METHOD {
bool verifyPeer_; // request or send certificate
bool verifyNone_; // whether to verify certificate
bool failNoCert_;
bool multipleProtocol_; // for SSLv23 compatibility
public:
explicit SSL_METHOD(ConnectionEnd ce, ProtocolVersion pv);
SSL_METHOD(ConnectionEnd ce, ProtocolVersion pv,
bool multipleProtocol = false);
ProtocolVersion getVersion() const;
ConnectionEnd getSide() const;
......@@ -265,6 +344,7 @@ public:
bool verifyPeer() const;
bool verifyNone() const;
bool failNoCert() const;
bool multipleProtocol() const;
private:
SSL_METHOD(const SSL_METHOD&); // hide copy
SSL_METHOD& operator=(const SSL_METHOD&); // and assign
......@@ -334,7 +414,7 @@ private:
// the SSL context
class SSL_CTX {
public:
typedef mySTL::list<x509*> CertList;
typedef STL::list<x509*> CertList;
private:
SSL_METHOD* method_;
x509* certificate_;
......@@ -342,6 +422,8 @@ private:
CertList caList_;
Ciphers ciphers_;
DH_Parms dhParms_;
pem_password_cb passwordCb_;
void* userData_;
Stats stats_;
Mutex mutex_; // for Stats
public:
......@@ -354,12 +436,16 @@ public:
const Ciphers& GetCiphers() const;
const DH_Parms& GetDH_Parms() const;
const Stats& GetStats() const;
pem_password_cb GetPasswordCb() const;
void* GetUserData() const;
void setVerifyPeer();
void setVerifyNone();
void setFailNoCert();
bool SetCipherList(const char*);
bool SetDH(const DH&);
void SetPasswordCb(pem_password_cb cb);
void SetUserData(void*);
void IncrementStats(StatsField);
void AddCA(x509* ca);
......@@ -434,13 +520,14 @@ private:
// holds input and output buffers
class Buffers {
public:
typedef mySTL::list<input_buffer*> inputList;
typedef mySTL::list<output_buffer*> outputList;
typedef STL::list<input_buffer*> inputList;
typedef STL::list<output_buffer*> outputList;
private:
inputList dataList_; // list of users app data / handshake
outputList handShakeList_; // buffered handshake msgs
input_buffer* rawInput_; // buffered raw input yet to process
public:
Buffers() {}
Buffers();
~Buffers();
const inputList& getData() const;
......@@ -448,6 +535,9 @@ public:
inputList& useData();
outputList& useHandShake();
void SetRawInput(input_buffer*); // takes ownership
input_buffer* TakeRawInput(); // takes ownership
private:
Buffers(const Buffers&); // hide copy
Buffers& operator=(const Buffers&); // and assign
......@@ -502,6 +592,7 @@ public:
const sslFactory& getFactory() const;
const Socket& getSocket() const;
YasslError GetError() const;
bool GetMultiProtocol() const;
Crypto& useCrypto();
Security& useSecurity();
......@@ -509,6 +600,7 @@ public:
sslHashes& useHashes();
Socket& useSocket();
Log& useLog();
Buffers& useBuffers();
// sets
void set_pending(Cipher suite);
......
......@@ -38,6 +38,8 @@
namespace yaSSL {
#define YASSL_LIB
#ifdef YASSL_PURE_C
......@@ -76,7 +78,7 @@ namespace yaSSL {
::operator delete[](ptr, yaSSL::ys);
}
#define NEW_YS new (ys)
#define NEW_YS new (yaSSL::ys)
// to resolve compiler generated operator delete on base classes with
// virtual destructors (when on stack), make sure doesn't get called
......@@ -122,6 +124,39 @@ typedef opaque byte;
typedef unsigned int uint;
#ifdef USE_SYS_STL
// use system STL
#define STL_VECTOR_FILE <vector>
#define STL_LIST_FILE <list>
#define STL_ALGORITHM_FILE <algorithm>
#define STL_MEMORY_FILE <memory>
#define STL_PAIR_FILE <utility>
#define STL_NAMESPACE std
#else
// use mySTL
#define STL_VECTOR_FILE "vector.hpp"
#define STL_LIST_FILE "list.hpp"
#define STL_ALGORITHM_FILE "algorithm.hpp"
#define STL_MEMORY_FILE "memory.hpp"
#define STL_PAIR_FILE "pair.hpp"
#define STL_NAMESPACE mySTL
#endif
#ifdef min
#undef min
#endif
template <typename T>
T min(T a, T b)
{
return a < b ? a : b;
}
// all length constants in bytes
const int ID_LEN = 32; // session id length
const int SUITE_LEN = 2; // cipher suite length
......@@ -163,6 +198,7 @@ const int DES_BLOCK = 8; // DES is always fixed block size 8
const int DES_IV_SZ = DES_BLOCK; // Init Vector length for DES
const int RC4_KEY_SZ = 16; // RC4 Key length
const int AES_128_KEY_SZ = 16; // AES 128bit Key length
const int AES_192_KEY_SZ = 24; // AES 192bit Key length
const int AES_256_KEY_SZ = 32; // AES 256bit Key length
const int AES_BLOCK_SZ = 16; // AES 128bit block size, rfc 3268
const int AES_IV_SZ = AES_BLOCK_SZ; // AES Init Vector length
......
INCLUDES = -I../include -I../taocrypt/include -I../mySTL
INCLUDES = -I../include -I../taocrypt/include -I../taocrypt/mySTL
noinst_LTLIBRARIES = libyassl.la
libyassl_la_SOURCES = buffer.cpp cert_wrapper.cpp crypto_wrapper.cpp \
......
......@@ -63,8 +63,8 @@ x509::x509(const x509& that) : length_(that.length_),
void x509::Swap(x509& that)
{
mySTL::swap(length_, that.length_);
mySTL::swap(buffer_, that.buffer_);
STL::swap(length_, that.length_);
STL::swap(buffer_, that.buffer_);
}
......@@ -105,11 +105,11 @@ CertManager::~CertManager()
{
ysDelete(peerX509_);
mySTL::for_each(signers_.begin(), signers_.end(), del_ptr_zero()) ;
STL::for_each(signers_.begin(), signers_.end(), del_ptr_zero()) ;
mySTL::for_each(peerList_.begin(), peerList_.end(), del_ptr_zero()) ;
STL::for_each(peerList_.begin(), peerList_.end(), del_ptr_zero()) ;
mySTL::for_each(list_.begin(), list_.end(), del_ptr_zero()) ;
STL::for_each(list_.begin(), list_.end(), del_ptr_zero()) ;
}
......@@ -242,7 +242,7 @@ uint CertManager::get_privateKeyLength() const
// Validate the peer's certificate list, from root to peer (last to first)
int CertManager::Validate()
{
CertList::iterator last = peerList_.rbegin(); // fix this
CertList::reverse_iterator last = peerList_.rbegin();
int count = peerList_.size();
while ( count > 1 ) {
......@@ -255,7 +255,7 @@ int CertManager::Validate()
const TaoCrypt::PublicKey& key = cert.GetPublicKey();
signers_.push_back(NEW_YS TaoCrypt::Signer(key.GetKey(), key.size(),
cert.GetCommonName(), cert.GetHash()));
--last;
++last;
--count;
}
......@@ -310,6 +310,23 @@ int CertManager::SetPrivateKey(const x509& key)
}
// Store OpenSSL type peer's cert
void CertManager::setPeerX509(X509* x)
{
assert(peerX509_ == 0);
if (x == 0) return;
X509_NAME* issuer = x->GetIssuer();
X509_NAME* subject = x->GetSubject();
ASN1_STRING* before = x->GetBefore();
ASN1_STRING* after = x->GetAfter();
peerX509_ = NEW_YS X509(issuer->GetName(), issuer->GetLength(),
subject->GetName(), subject->GetLength(), (const char*) before->data,
before->length, (const char*) after->data, after->length);
}
#if defined(USE_CML_LIB)
// Get the peer's certificate, extract and save public key
......
......@@ -908,7 +908,7 @@ void DiffieHellman::get_parms(byte* bp, byte* bg, byte* bpub) const
// convert PEM file to DER x509 type
x509* PemToDer(FILE* file, CertType type)
x509* PemToDer(FILE* file, CertType type, EncryptedInfo* info)
{
using namespace TaoCrypt;
......@@ -935,6 +935,37 @@ x509* PemToDer(FILE* file, CertType type)
break;
}
// remove encrypted header if there
if (fgets(line, sizeof(line), file)) {
char encHeader[] = "Proc-Type";
if (strncmp(encHeader, line, strlen(encHeader)) == 0 &&
fgets(line,sizeof(line), file)) {
char* start = strstr(line, "DES");
char* finish = strstr(line, ",");
if (!start)
start = strstr(line, "AES");
if (!info) return 0;
if ( start && finish && (start < finish)) {
memcpy(info->name, start, finish - start);
info->name[finish - start] = 0;
memcpy(info->iv, finish + 1, sizeof(info->iv));
char* newline = strstr(line, "\r");
if (!newline) newline = strstr(line, "\n");
if (newline && (newline > finish)) {
info->ivSz = newline - (finish + 1);
info->set = true;
}
}
fgets(line,sizeof(line), file); // get blank line
begin = ftell(file);
}
}
while(fgets(line, sizeof(line), file))
if (strncmp(footer, line, strlen(footer)) == 0) {
foundEnd = true;
......@@ -956,7 +987,7 @@ x509* PemToDer(FILE* file, CertType type)
Base64Decoder b64Dec(der);
uint sz = der.size();
mySTL::auto_ptr<x509> x(NEW_YS x509(sz), ysDelete);
mySTL::auto_ptr<x509> x(NEW_YS x509(sz));
memcpy(x->use_buffer(), der.get_buffer(), sz);
return x.release();
......
......@@ -37,7 +37,6 @@
namespace yaSSL {
using mySTL::min;
// Build a client hello message from cipher suites and compression method
......@@ -363,7 +362,7 @@ void p_hash(output_buffer& result, const output_buffer& secret,
uint lastLen = result.get_capacity() % len;
opaque previous[SHA_LEN]; // max size
opaque current[SHA_LEN]; // max size
mySTL::auto_ptr<Digest> hmac(ysDelete);
mySTL::auto_ptr<Digest> hmac;
if (lastLen) times += 1;
......@@ -582,7 +581,7 @@ void hmac(SSL& ssl, byte* digest, const byte* buffer, uint sz,
void TLS_hmac(SSL& ssl, byte* digest, const byte* buffer, uint sz,
ContentType content, bool verify)
{
mySTL::auto_ptr<Digest> hmac(ysDelete);
mySTL::auto_ptr<Digest> hmac;
opaque seq[SEQ_SZ] = { 0x00, 0x00, 0x00, 0x00 };
opaque length[LENGTH_SZ];
opaque inner[SIZEOF_ENUM + VERSION_SZ + LENGTH_SZ]; // type + version + len
......@@ -660,25 +659,25 @@ void build_certHashes(SSL& ssl, Hashes& hashes)
// do process input requests
mySTL::auto_ptr<input_buffer>
DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered)
// do process input requests, return 0 is done, 1 is call again to complete
int DoProcessReply(SSL& ssl)
{
// wait for input if blocking
if (!ssl.useSocket().wait()) {
ssl.SetError(receive_error);
buffered.reset(0);
return buffered;
return 0;
}
uint ready = ssl.getSocket().get_ready();
if (!ready) return buffered;
if (!ready) return 1;
// add buffered data if its there
uint buffSz = buffered.get() ? buffered.get()->get_size() : 0;
input_buffer* buffered = ssl.useBuffers().TakeRawInput();
uint buffSz = buffered ? buffered->get_size() : 0;
input_buffer buffer(buffSz + ready);
if (buffSz) {
buffer.assign(buffered.get()->get_buffer(), buffSz);
buffered.reset(0);
buffer.assign(buffered->get_buffer(), buffSz);
ysDelete(buffered);
buffered = 0;
}
// add new data
......@@ -692,10 +691,8 @@ DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered)
ssl.getStates().getServer() == clientNull)
if (buffer.peek() != handshake) {
ProcessOldClientHello(buffer, ssl);
if (ssl.GetError()) {
buffered.reset(0);
return buffered;
}
if (ssl.GetError())
return 0;
}
while(!buffer.eof()) {
......@@ -715,31 +712,28 @@ DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered)
// put header in front for next time processing
uint extra = needHdr ? 0 : RECORD_HEADER;
uint sz = buffer.get_remaining() + extra;
buffered.reset(NEW_YS input_buffer(sz, buffer.get_buffer() +
buffer.get_current() - extra, sz));
break;
ssl.useBuffers().SetRawInput(NEW_YS input_buffer(sz,
buffer.get_buffer() + buffer.get_current() - extra, sz));
return 1;
}
while (buffer.get_current() < hdr.length_ + RECORD_HEADER + offset) {
// each message in record, can be more than 1 if not encrypted
if (ssl.getSecurity().get_parms().pending_ == false) // cipher on
decrypt_message(ssl, buffer, hdr.length_);
mySTL::auto_ptr<Message> msg(mf.CreateObject(hdr.type_), ysDelete);
mySTL::auto_ptr<Message> msg(mf.CreateObject(hdr.type_));
if (!msg.get()) {
ssl.SetError(factory_error);
buffered.reset(0);
return buffered;
return 0;
}
buffer >> *msg;
msg->Process(buffer, ssl);
if (ssl.GetError()) {
buffered.reset(0);
return buffered;
}
if (ssl.GetError())
return 0;
}
offset += hdr.length_ + RECORD_HEADER;
}
return buffered;
return 0;
}
......@@ -747,16 +741,17 @@ DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered)
void processReply(SSL& ssl)
{
if (ssl.GetError()) return;
mySTL::auto_ptr<input_buffer> buffered(ysDelete);
for (;;) {
mySTL::auto_ptr<input_buffer> tmp(DoProcessReply(ssl, buffered));
if (tmp.get()) // had only part of a record's data, call again
buffered = tmp;
else
break;
if (ssl.GetError()) return;
if (DoProcessReply(ssl))
// didn't complete process
if (!ssl.getSocket().IsBlocking()) {
// keep trying now
while (!ssl.GetError())
if (DoProcessReply(ssl) == 0) break;
}
else
// user will have try again later
ssl.SetError(YasslError(SSL_ERROR_WANT_READ));
}
......@@ -793,7 +788,7 @@ void sendClientKeyExchange(SSL& ssl, BufferOutput buffer)
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
buildHeaders(ssl, hsHeader, rlHeader, ck);
buildOutput(*out.get(), rlHeader, hsHeader, ck);
hashHandShake(ssl, *out.get());
......@@ -814,7 +809,7 @@ void sendServerKeyExchange(SSL& ssl, BufferOutput buffer)
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
buildHeaders(ssl, hsHeader, rlHeader, sk);
buildOutput(*out.get(), rlHeader, hsHeader, sk);
hashHandShake(ssl, *out.get());
......@@ -839,7 +834,7 @@ void sendChangeCipher(SSL& ssl, BufferOutput buffer)
ChangeCipherSpec ccs;
RecordLayerHeader rlHeader;
buildHeader(ssl, rlHeader, ccs);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
buildOutput(*out.get(), rlHeader, ccs);
if (buffer == buffered)
......@@ -856,7 +851,7 @@ void sendFinished(SSL& ssl, ConnectionEnd side, BufferOutput buffer)
Finished fin;
buildFinished(ssl, fin, side == client_end ? client : server);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
cipherFinished(ssl, fin, *out.get()); // hashes handshake
if (ssl.getSecurity().get_resuming()) {
......@@ -955,7 +950,7 @@ void sendServerHello(SSL& ssl, BufferOutput buffer)
ServerHello sh(ssl.getSecurity().get_connection().version_);
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
buildServerHello(ssl, sh);
ssl.set_random(sh.get_random(), server_end);
......@@ -978,7 +973,7 @@ void sendServerHelloDone(SSL& ssl, BufferOutput buffer)
ServerHelloDone shd;
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
buildHeaders(ssl, hsHeader, rlHeader, shd);
buildOutput(*out.get(), rlHeader, hsHeader, shd);
......@@ -999,7 +994,7 @@ void sendCertificate(SSL& ssl, BufferOutput buffer)
Certificate cert(ssl.getCrypto().get_certManager().get_cert());
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
buildHeaders(ssl, hsHeader, rlHeader, cert);
buildOutput(*out.get(), rlHeader, hsHeader, cert);
......@@ -1021,7 +1016,7 @@ void sendCertificateRequest(SSL& ssl, BufferOutput buffer)
request.Build();
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
buildHeaders(ssl, hsHeader, rlHeader, request);
buildOutput(*out.get(), rlHeader, hsHeader, request);
......@@ -1043,7 +1038,7 @@ void sendCertificateVerify(SSL& ssl, BufferOutput buffer)
verify.Build(ssl);
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
buildHeaders(ssl, hsHeader, rlHeader, verify);
buildOutput(*out.get(), rlHeader, hsHeader, verify);
......
......@@ -41,9 +41,10 @@
#include <netinet/in.h>
#include <sys/ioctl.h>
#include <string.h>
#include <fcntl.h>
#endif // _WIN32
#if defined(__sun) || defined(__SCO_VERSION__)
#if defined(__sun) || defined(__SCO_VERSION__) || defined(__NETWARE__)
#include <sys/filio.h>
#endif
......@@ -62,7 +63,7 @@ namespace yaSSL {
Socket::Socket(socket_t s)
: socket_(s), wouldBlock_(false)
: socket_(s), wouldBlock_(false), blocking_(false)
{}
......@@ -148,6 +149,7 @@ uint Socket::receive(byte* buf, unsigned int sz, int flags)
if (get_lastError() == SOCKET_EWOULDBLOCK ||
get_lastError() == SOCKET_EAGAIN) {
wouldBlock_ = true;
blocking_ = true; // socket can block, only way to tell for win32
return 0;
}
}
......@@ -189,6 +191,12 @@ bool Socket::WouldBlock() const
}
bool Socket::IsBlocking() const
{
return blocking_;
}
void Socket::set_lastError(int errorCode)
{
#ifdef _WIN32
......
This diff is collapsed.
......@@ -65,6 +65,19 @@ template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::output_buffer*>::iterat
template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::x509*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<yaSSL::x509*>::iterator, mySTL::list<yaSSL::x509*>::iterator, yaSSL::del_ptr_zero);
template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::Digest*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<yaSSL::Digest*>::iterator, mySTL::list<yaSSL::Digest*>::iterator, yaSSL::del_ptr_zero);
template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::BulkCipher*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<yaSSL::BulkCipher*>::iterator, mySTL::list<yaSSL::BulkCipher*>::iterator, yaSSL::del_ptr_zero);
template bool list<yaSSL::ThreadError>::erase(list<yaSSL::ThreadError>::iterator);
template void list<yaSSL::ThreadError>::push_back(yaSSL::ThreadError);
template void list<yaSSL::ThreadError>::pop_front();
template void list<yaSSL::ThreadError>::pop_back();
template list<yaSSL::ThreadError>::~list();
template pair<int, yaSSL::Message* (*)()>* GetArrayMemory<pair<int, yaSSL::Message* (*)()> >(size_t);
template void FreeArrayMemory<pair<int, yaSSL::Message* (*)()> >(pair<int, yaSSL::Message* (*)()>*);
template pair<int, yaSSL::HandShakeBase* (*)()>* GetArrayMemory<pair<int, yaSSL::HandShakeBase* (*)()> >(size_t);
template void FreeArrayMemory<pair<int, yaSSL::HandShakeBase* (*)()> >(pair<int, yaSSL::HandShakeBase* (*)()>*);
template pair<int, yaSSL::ServerKeyBase* (*)()>* GetArrayMemory<pair<int, yaSSL::ServerKeyBase* (*)()> >(size_t);
template void FreeArrayMemory<pair<int, yaSSL::ServerKeyBase* (*)()> >(pair<int, yaSSL::ServerKeyBase* (*)()>*);
template pair<int, yaSSL::ClientKeyBase* (*)()>* GetArrayMemory<pair<int, yaSSL::ClientKeyBase* (*)()> >(size_t);
template void FreeArrayMemory<pair<int, yaSSL::ClientKeyBase* (*)()> >(pair<int, yaSSL::ClientKeyBase* (*)()>*);
}
namespace yaSSL {
......@@ -90,8 +103,12 @@ template void ysDelete<X509>(X509*);
template void ysDelete<Message>(Message*);
template void ysDelete<sslFactory>(sslFactory*);
template void ysDelete<Sessions>(Sessions*);
template void ysDelete<Errors>(Errors*);
template void ysArrayDelete<unsigned char>(unsigned char*);
template void ysArrayDelete<char>(char*);
template int min<int>(int, int);
template unsigned int min<unsigned int>(unsigned int, unsigned int);
}
#endif // HAVE_EXPLICIT_TEMPLATE_INSTANTIATION
......
......@@ -36,21 +36,9 @@
#include "openssl/ssl.h" // get rid of this
// yaSSL overloads hide these
void* operator new[](size_t sz)
{
return ::operator new(sz);
}
void operator delete[](void* ptr)
{
::operator delete(ptr);
}
namespace yaSSL {
using mySTL::min;
struct Base {
......
......@@ -125,13 +125,21 @@ void SetErrorString(YasslError error, char* buffer)
strncpy(buffer, "unable to proccess cerificate", max);
break;
case privateKey_error :
strncpy(buffer, "unable to proccess private key, bad format", max);
break;
case badVersion_error :
strncpy(buffer, "protocl version mismatch", max);
break;
// openssl errors
case SSL_ERROR_WANT_READ :
strncpy(buffer, "the read operation would block", max);
break;
// TaoCrypt errors
case NO_ERROR :
case NO_ERROR_E :
strncpy(buffer, "not in error state", max);
break;
......@@ -235,6 +243,10 @@ void SetErrorString(YasslError error, char* buffer)
strncpy(buffer, "ASN: bad other signature confirmation", max);
break;
case CERTFICATE_ERROR :
strncpy(buffer, "Unable to verify certificate", max);
break;
default :
strncpy(buffer, "unknown error number", max);
}
......
......@@ -139,7 +139,7 @@ void DH_Server::build(SSL& ssl)
parms_.alloc_pub(pubSz));
short sigSz = 0;
mySTL::auto_ptr<Auth> auth(ysDelete);
mySTL::auto_ptr<Auth> auth;
const CertManager& cert = ssl.getCrypto().get_certManager();
if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo)
......@@ -151,9 +151,11 @@ void DH_Server::build(SSL& ssl)
sigSz += DSS_ENCODED_EXTRA;
}
sigSz += auth->get_signatureLength();
if (!sigSz) {
ssl.SetError(privateKey_error);
return;
}
length_ = 8; // pLen + gLen + YsLen + SigLen
length_ += pSz + gSz + pubSz + sigSz;
......@@ -612,7 +614,7 @@ void HandShakeHeader::Process(input_buffer& input, SSL& ssl)
{
ssl.verifyState(*this);
const HandShakeFactory& hsf = ssl.getFactory().getHandShake();
mySTL::auto_ptr<HandShakeBase> hs(hsf.CreateObject(type_), ysDelete);
mySTL::auto_ptr<HandShakeBase> hs(hsf.CreateObject(type_));
if (!hs.get()) {
ssl.SetError(factory_error);
return;
......@@ -1214,6 +1216,20 @@ output_buffer& operator<<(output_buffer& output, const ServerHello& hello)
// Server Hello processing handler
void ServerHello::Process(input_buffer&, SSL& ssl)
{
if (ssl.GetMultiProtocol()) { // SSLv23 support
if (ssl.isTLS() && server_version_.minor_ < 1)
// downgrade to SSLv3
ssl.useSecurity().use_connection().TurnOffTLS();
}
else if (ssl.isTLS() && server_version_.minor_ < 1) {
ssl.SetError(badVersion_error);
return;
}
else if (!ssl.isTLS() && (server_version_.major_ == 3 &&
server_version_.minor_ >= 1)) {
ssl.SetError(badVersion_error);
return;
}
ssl.set_pending(cipher_suite_[1]);
ssl.set_random(random_, server_end);
if (id_len_)
......@@ -1384,11 +1400,23 @@ output_buffer& operator<<(output_buffer& output, const ClientHello& hello)
// Client Hello processing handler
void ClientHello::Process(input_buffer&, SSL& ssl)
{
if (ssl.isTLS() && client_version_.minor_ == 0) {
if (ssl.GetMultiProtocol()) { // SSLv23 support
if (ssl.isTLS() && client_version_.minor_ < 1) {
// downgrade to SSLv3
ssl.useSecurity().use_connection().TurnOffTLS();
ProtocolVersion pv = ssl.getSecurity().get_connection().version_;
ssl.useSecurity().use_parms().SetSuites(pv); // reset w/ SSL suites
}
}
else if (ssl.isTLS() && client_version_.minor_ < 1) {
ssl.SetError(badVersion_error);
return;
}
else if (!ssl.isTLS() && (client_version_.major_ == 3 &&
client_version_.minor_ >= 1)) {
ssl.SetError(badVersion_error);
return;
}
ssl.set_random(random_, client_end);
while (id_len_) { // trying to resume
......@@ -1541,7 +1569,7 @@ CertificateRequest::CertificateRequest()
CertificateRequest::~CertificateRequest()
{
mySTL::for_each(certificate_authorities_.begin(),
STL::for_each(certificate_authorities_.begin(),
certificate_authorities_.end(),
del_ptr_zero()) ;
}
......@@ -1634,9 +1662,9 @@ output_buffer& operator<<(output_buffer& output,
request.typeTotal_ - REQUEST_HEADER, tmp);
output.write(tmp, sizeof(tmp));
mySTL::list<DistinguishedName>::const_iterator first =
STL::list<DistinguishedName>::const_iterator first =
request.certificate_authorities_.begin();
mySTL::list<DistinguishedName>::const_iterator last =
STL::list<DistinguishedName>::const_iterator last =
request.certificate_authorities_.end();
while (first != last) {
uint16 sz;
......@@ -1684,7 +1712,7 @@ void CertificateVerify::Build(SSL& ssl)
uint16 sz = 0;
byte len[VERIFY_HEADER];
mySTL::auto_ptr<byte> sig(ysArrayDelete);
mySTL::auto_array<byte> sig;
// sign
const CertManager& cert = ssl.getCrypto().get_certManager();
......
This diff is collapsed.
This diff is collapsed.
Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002 Free Software
Foundation, Inc.
This file is free documentation; the Free Software Foundation gives
unlimited permission to copy, distribute and modify it.
Basic Installation
==================
These are generic installation instructions.
The `configure' shell script attempts to guess correct values for
various system-dependent variables used during compilation. It uses
those values to create a `Makefile' in each directory of the package.
It may also create one or more `.h' files containing system-dependent
definitions. Finally, it creates a shell script `config.status' that
you can run in the future to recreate the current configuration, and a
file `config.log' containing compiler output (useful mainly for
debugging `configure').
It can also use an optional file (typically called `config.cache'
and enabled with `--cache-file=config.cache' or simply `-C') that saves
the results of its tests to speed up reconfiguring. (Caching is
disabled by default to prevent problems with accidental use of stale
cache files.)
If you need to do unusual things to compile the package, please try
to figure out how `configure' could check whether to do them, and mail
diffs or instructions to the address given in the `README' so they can
be considered for the next release. If you are using the cache, and at
some point `config.cache' contains results you don't want to keep, you
may remove or edit it.
The file `configure.ac' (or `configure.in') is used to create
`configure' by a program called `autoconf'. You only need
`configure.ac' if you want to change it or regenerate `configure' using
a newer version of `autoconf'.
The simplest way to compile this package is:
1. `cd' to the directory containing the package's source code and type
`./configure' to configure the package for your system. If you're
using `csh' on an old version of System V, you might need to type
`sh ./configure' instead to prevent `csh' from trying to execute
`configure' itself.
Running `configure' takes awhile. While running, it prints some
messages telling which features it is checking for.
2. Type `make' to compile the package.
3. Optionally, type `make check' to run any self-tests that come with
the package.
4. Type `make install' to install the programs and any data files and
documentation.
5. You can remove the program binaries and object files from the
source code directory by typing `make clean'. To also remove the
files that `configure' created (so you can compile the package for
a different kind of computer), type `make distclean'. There is
also a `make maintainer-clean' target, but that is intended mainly
for the package's developers. If you use it, you may have to get
all sorts of other programs in order to regenerate files that came
with the distribution.
Compilers and Options
=====================
Some systems require unusual options for compilation or linking that
the `configure' script does not know about. Run `./configure --help'
for details on some of the pertinent environment variables.
You can give `configure' initial values for configuration parameters
by setting variables in the command line or in the environment. Here
is an example:
./configure CC=c89 CFLAGS=-O2 LIBS=-lposix
*Note Defining Variables::, for more details.
Compiling For Multiple Architectures
====================================
You can compile the package for more than one kind of computer at the
same time, by placing the object files for each architecture in their
own directory. To do this, you must use a version of `make' that
supports the `VPATH' variable, such as GNU `make'. `cd' to the
directory where you want the object files and executables to go and run
the `configure' script. `configure' automatically checks for the
source code in the directory that `configure' is in and in `..'.
If you have to use a `make' that does not support the `VPATH'
variable, you have to compile the package for one architecture at a
time in the source code directory. After you have installed the
package for one architecture, use `make distclean' before reconfiguring
for another architecture.
Installation Names
==================
By default, `make install' will install the package's files in
`/usr/local/bin', `/usr/local/man', etc. You can specify an
installation prefix other than `/usr/local' by giving `configure' the
option `--prefix=PATH'.
You can specify separate installation prefixes for
architecture-specific files and architecture-independent files. If you
give `configure' the option `--exec-prefix=PATH', the package will use
PATH as the prefix for installing programs and libraries.
Documentation and other data files will still use the regular prefix.
In addition, if you use an unusual directory layout you can give
options like `--bindir=PATH' to specify different values for particular
kinds of files. Run `configure --help' for a list of the directories
you can set and what kinds of files go in them.
If the package supports it, you can cause programs to be installed
with an extra prefix or suffix on their names by giving `configure' the
option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
Optional Features
=================
Some packages pay attention to `--enable-FEATURE' options to
`configure', where FEATURE indicates an optional part of the package.
They may also pay attention to `--with-PACKAGE' options, where PACKAGE
is something like `gnu-as' or `x' (for the X Window System). The
`README' should mention any `--enable-' and `--with-' options that the
package recognizes.
For packages that use the X Window System, `configure' can usually
find the X include and library files automatically, but if it doesn't,
you can use the `configure' options `--x-includes=DIR' and
`--x-libraries=DIR' to specify their locations.
Specifying the System Type
==========================
There may be some features `configure' cannot figure out
automatically, but needs to determine by the type of machine the package
will run on. Usually, assuming the package is built to be run on the
_same_ architectures, `configure' can figure that out, but if it prints
a message saying it cannot guess the machine type, give it the
`--build=TYPE' option. TYPE can either be a short name for the system
type, such as `sun4', or a canonical name which has the form:
CPU-COMPANY-SYSTEM
where SYSTEM can have one of these forms:
OS KERNEL-OS
See the file `config.sub' for the possible values of each field. If
`config.sub' isn't included in this package, then this package doesn't
need to know the machine type.
If you are _building_ compiler tools for cross-compiling, you should
use the `--target=TYPE' option to select the type of system they will
produce code for.
If you want to _use_ a cross compiler, that generates code for a
platform different from the build platform, you should specify the
"host" platform (i.e., that on which the generated programs will
eventually be run) with `--host=TYPE'.
Sharing Defaults
================
If you want to set default values for `configure' scripts to share,
you can create a site shell script called `config.site' that gives
default values for variables like `CC', `cache_file', and `prefix'.
`configure' looks for `PREFIX/share/config.site' if it exists, then
`PREFIX/etc/config.site' if it exists. Or, you can set the
`CONFIG_SITE' environment variable to the location of the site script.
A warning: not all `configure' scripts look for a site script.
Defining Variables
==================
Variables not defined in a site shell script can be set in the
environment passed to `configure'. However, some packages may run
configure again during the build, and the customized values of these
variables may be lost. In order to avoid this problem, you should set
them in the `configure' command line, using `VAR=value'. For example:
./configure CC=/usr/local2/bin/gcc
will cause the specified gcc to be used as the C compiler (unless it is
overridden in the site shell script).
`configure' Invocation
======================
`configure' recognizes the following options to control how it
operates.
`--help'
`-h'
Print a summary of the options to `configure', and exit.
`--version'
`-V'
Print the version of Autoconf used to generate the `configure'
script, and exit.
`--cache-file=FILE'
Enable the cache: use and save the results of the tests in FILE,
traditionally `config.cache'. FILE defaults to `/dev/null' to
disable caching.
`--config-cache'
`-C'
Alias for `--cache-file=config.cache'.
`--quiet'
`--silent'
`-q'
Do not print messages saying which checks are being made. To
suppress all normal output, redirect it to `/dev/null' (any error
messages will still be shown).
`--srcdir=DIR'
Look for the package's source code in directory DIR. Usually
`configure' can determine that directory automatically.
`configure' also accepts some other, not widely useful, options. Run
`configure --help' for more details.
SUBDIRS = src test benchmark
EXTRA_DIST = taocrypt.dsw taocrypt.dsp CMakeLists.txt
EXTRA_DIST = taocrypt.dsw taocrypt.dsp CMakeLists.txt $(wildcard mySTL/*.hpp)
TaoCrypt release 0.9.0 09/18/2006
This is the first release of TaoCrypt, it was previously only included with
yaSSL. TaoCrypt is highly portable and fast, its features include:
One way hash functions: SHA-1, MD2, MD4, MD5, RIPEMD-160
Message authentication codes: HMAC
Block Ciphers: DES, Triple-DES, AES, Blowfish, Twofish
Stream Ciphers: ARC4
Public Key Crypto: RSA, DSA, Diffie-Hellman
Password based key derivation: PBKDF2 from PKCS #5
Pseudo Random Number Generators
Lare Integer Support
Base 16/64 encoding/decoding
DER encoding/decoding
X.509 processing
SSE2 and ia32 asm for the right processors and compilers
To build on Unix
./configure
make
To test the build, from the ./test directory run ./test
On Windows
Open the taocrypt project workspace
Choose (Re)Build All
To test the build, run the test executable
Please send any questions or comments to todd@yassl.com.
INCLUDES = -I../include -I../../mySTL
INCLUDES = -I../include -I../mySTL
bin_PROGRAMS = benchmark
benchmark_SOURCES = benchmark.cpp
benchmark_LDFLAGS = -L../src
......
......@@ -33,10 +33,12 @@
#include "misc.hpp"
#include "block.hpp"
#include "list.hpp"
#include "error.hpp"
#include STL_LIST_FILE
namespace STL = STL_NAMESPACE;
namespace TaoCrypt {
......@@ -232,7 +234,7 @@ private:
};
typedef mySTL::list<Signer*> SignerList;
typedef STL::list<Signer*> SignerList;
enum SigType { SHAwDSA = 517, MD2wRSA = 646, MD5wRSA = 648, SHAwRSA =649};
......
......@@ -31,12 +31,14 @@
#ifndef TAO_CRYPT_BLOCK_HPP
#define TAO_CRYPT_BLOCK_HPP
#include "algorithm.hpp" // mySTL::swap
#include "misc.hpp"
#include <string.h> // memcpy
#include <stddef.h> // ptrdiff_t
#include STL_ALGORITHM_FILE
namespace STL = STL_NAMESPACE;
namespace TaoCrypt {
......@@ -80,7 +82,7 @@ typename A::pointer StdReallocate(A& a, T* p, typename A::size_type oldSize,
typename A::pointer newPointer = b.allocate(newSize, 0);
memcpy(newPointer, p, sizeof(T) * min(oldSize, newSize));
a.deallocate(p, oldSize);
mySTL::swap(a, b);
STL::swap(a, b);
return newPointer;
}
else {
......@@ -183,9 +185,9 @@ public:
}
void Swap(Block& other) {
mySTL::swap(sz_, other.sz_);
mySTL::swap(buffer_, other.buffer_);
mySTL::swap(allocator_, other.allocator_);
STL::swap(sz_, other.sz_);
STL::swap(buffer_, other.buffer_);
STL::swap(allocator_, other.allocator_);
}
~Block() { allocator_.deallocate(buffer_, sz_); }
......
......@@ -32,7 +32,11 @@
#include "misc.hpp"
#include "modes.hpp"
#include "algorithm.hpp"
#include STL_ALGORITHM_FILE
namespace STL = STL_NAMESPACE;
namespace TaoCrypt {
......
......@@ -37,7 +37,7 @@ namespace TaoCrypt {
enum ErrorNumber {
NO_ERROR = 0, // "not in error state"
NO_ERROR_E = 0, // "not in error state"
// RandomNumberGenerator
WINCRYPT_E = 1001, // "bad wincrypt acquire"
......@@ -78,7 +78,7 @@ SIG_OTHER_E = 1039 // "bad other signature confirmation"
struct Error {
ErrorNumber what_; // description number, 0 for no error
explicit Error(ErrorNumber w = NO_ERROR) : what_(w) {}
explicit Error(ErrorNumber w = NO_ERROR_E) : what_(w) {}
ErrorNumber What() const { return what_; }
void SetError(ErrorNumber w) { what_ = w; }
......
......@@ -83,7 +83,7 @@ private:
void Swap(Source& other)
{
buffer_.Swap(other.buffer_);
mySTL::swap(current_, other.current_);
STL::swap(current_, other.current_);
}
};
......
......@@ -44,8 +44,8 @@
#include "block.hpp"
#include "random.hpp"
#include "file.hpp"
#include "algorithm.hpp" // mySTL::swap
#include <string.h>
#include STL_ALGORITHM_FILE
#ifdef TAOCRYPT_X86ASM_AVAILABLE
......
......@@ -198,6 +198,23 @@ void CleanUp();
#endif
#ifdef USE_SYS_STL
// use system STL
#define STL_VECTOR_FILE <vector>
#define STL_LIST_FILE <list>
#define STL_ALGORITHM_FILE <algorithm>
#define STL_MEMORY_FILE <memory>
#define STL_NAMESPACE std
#else
// use mySTL
#define STL_VECTOR_FILE "vector.hpp"
#define STL_LIST_FILE "list.hpp"
#define STL_ALGORITHM_FILE "algorithm.hpp"
#define STL_MEMORY_FILE "memory.hpp"
#define STL_NAMESPACE mySTL
#endif
// ***************** DLL related ********************
#ifdef TAOCRYPT_WIN32_AVAILABLE
......
......@@ -74,7 +74,7 @@ word32 PBKDF2_HMAC<T>::DeriveKey(byte* derived, word32 dLen, const byte* pwd,
}
hmac.Final(buffer.get_buffer());
word32 segmentLen = mySTL::min(dLen, buffer.size());
word32 segmentLen = min(dLen, buffer.size());
memcpy(derived, buffer.get_buffer(), segmentLen);
for (j = 1; j < iterations; j++) {
......
......@@ -32,7 +32,11 @@
#include "misc.hpp"
#include "modes.hpp"
#include "algorithm.hpp"
#include STL_ALGORITHM_FILE
namespace STL = STL_NAMESPACE;
namespace TaoCrypt {
......
......@@ -8,7 +8,7 @@
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
*
* There are special exceptions to the terms and conditions of the GPL as it
* is applied to yaSSL. View the full text of the exception in the file
* FLOSS-EXCEPTIONS in the directory of this software distribution.
......
......@@ -113,6 +113,47 @@ PlaceIter uninit_fill_n(PlaceIter place, Size n, const T& value)
}
template <typename T>
T* GetArrayMemory(size_t items)
{
unsigned char* ret;
#ifdef YASSL_LIB
ret = NEW_YS unsigned char[sizeof(T) * items];
#else
ret = NEW_TC unsigned char[sizeof(T) * items];
#endif
return reinterpret_cast<T*>(ret);
}
template <typename T>
void FreeArrayMemory(T* ptr)
{
unsigned char* p = reinterpret_cast<unsigned char*>(ptr);
#ifdef YASSL_LIB
yaSSL::ysArrayDelete(p);
#else
TaoCrypt::tcArrayDelete(p);
#endif
}
static void* GetMemory(size_t bytes)
{
return GetArrayMemory<unsigned char>(bytes);
}
static void FreeMemory(void* ptr)
{
FreeArrayMemory(ptr);
}
} // namespace mySTL
......
......@@ -33,7 +33,6 @@
#include "helpers.hpp"
#include <stdlib.h>
namespace mySTL {
......@@ -75,8 +74,7 @@ public:
class iterator {
node* current_;
public:
iterator() : current_(0) {}
explicit iterator(node* p) : current_(p) {}
explicit iterator(node* p = 0) : current_(p) {}
T& operator*() const
{
......@@ -127,11 +125,67 @@ public:
friend class list<T>;
};
class reverse_iterator {
node* current_;
public:
explicit reverse_iterator(node* p = 0) : current_(p) {}
T& operator*() const
{
return current_->value_;
}
T* operator->() const
{
return &(operator*());
}
reverse_iterator& operator++()
{
current_ = current_->prev_;
return *this;
}
reverse_iterator& operator--()
{
current_ = current_->next_;
return *this;
}
reverse_iterator operator++(int)
{
reverse_iterator tmp = *this;
current_ = current_->prev_;
return tmp;
}
reverse_iterator operator--(int)
{
reverse_iterator tmp = *this;
current_ = current_->next_;
return tmp;
}
bool operator==(const reverse_iterator& other) const
{
return current_ == other.current_;
}
bool operator!=(const reverse_iterator& other) const
{
return current_ != other.current_;
}
friend class list<T>;
};
bool erase(iterator);
iterator begin() const { return iterator(head_); }
iterator rbegin() const { return iterator(tail_); }
iterator end() const { return iterator(); }
iterator begin() const { return iterator(head_); }
reverse_iterator rbegin() const { return reverse_iterator(tail_); }
iterator end() const { return iterator(); }
reverse_iterator rend() const { return reverse_iterator(); }
typedef iterator const_iterator; // for now
......@@ -158,7 +212,7 @@ list<T>::~list()
for (; start; start = next_) {
next_ = start->next_;
destroy(start);
free(start);
FreeMemory(start);
}
}
......@@ -166,8 +220,7 @@ list<T>::~list()
template<typename T>
void list<T>::push_front(T t)
{
void* mem = malloc(sizeof(node));
if (!mem) abort();
void* mem = GetMemory(sizeof(node));
node* add = new (reinterpret_cast<yassl_pointer>(mem)) node(t);
if (head_) {
......@@ -196,7 +249,7 @@ void list<T>::pop_front()
head_->prev_ = 0;
}
destroy(front);
free(front);
FreeMemory(front);
--sz_;
}
......@@ -204,7 +257,7 @@ void list<T>::pop_front()
template<typename T>
T list<T>::front() const
{
if (head_ == 0) return 0;
if (head_ == 0) return T();
return head_->value_;
}
......@@ -212,8 +265,7 @@ T list<T>::front() const
template<typename T>
void list<T>::push_back(T t)
{
void* mem = malloc(sizeof(node));
if (!mem) abort();
void* mem = GetMemory(sizeof(node));
node* add = new (reinterpret_cast<yassl_pointer>(mem)) node(t);
if (tail_) {
......@@ -242,7 +294,7 @@ void list<T>::pop_back()
tail_->next_ = 0;
}
destroy(rear);
free(rear);
FreeMemory(rear);
--sz_;
}
......@@ -250,7 +302,7 @@ void list<T>::pop_back()
template<typename T>
T list<T>::back() const
{
if (tail_ == 0) return 0;
if (tail_ == 0) return T();
return tail_->value_;
}
......@@ -286,7 +338,7 @@ bool list<T>::remove(T t)
del->next_->prev_ = del->prev_;
destroy(del);
free(del);
FreeMemory(del);
--sz_;
}
return true;
......@@ -309,78 +361,13 @@ bool list<T>::erase(iterator iter)
del->next_->prev_ = del->prev_;
destroy(del);
free(del);
FreeMemory(del);
--sz_;
}
return true;
}
/* MSVC can't handle ??
template<typename T>
T& list<T>::iterator::operator*() const
{
return current_->value_;
}
template<typename T>
T* list<T>::iterator::operator->() const
{
return &(operator*());
}
template<typename T>
typename list<T>::iterator& list<T>::iterator::operator++()
{
current_ = current_->next_;
return *this;
}
template<typename T>
typename list<T>::iterator& list<T>::iterator::operator--()
{
current_ = current_->prev_;
return *this;
}
template<typename T>
typename list<T>::iterator& list<T>::iterator::operator++(int)
{
iterator tmp = *this;
current_ = current_->next_;
return tmp;
}
template<typename T>
typename list<T>::iterator& list<T>::iterator::operator--(int)
{
iterator tmp = *this;
current_ = current_->prev_;
return tmp;
}
template<typename T>
bool list<T>::iterator::operator==(const iterator& other) const
{
return current_ == other.current_;
}
template<typename T>
bool list<T>::iterator::operator!=(const iterator& other) const
{
return current_ != other.current_;
}
*/ // end MSVC 6 can't handle
} // namespace mySTL
......
......@@ -31,6 +31,7 @@
#ifndef mySTL_MEMORY_HPP
#define mySTL_MEMORY_HPP
#include "memory_array.hpp" // for auto_array
#ifdef _MSC_VER
// disable operator-> warning for builtins
......@@ -43,27 +44,25 @@ namespace mySTL {
template<typename T>
struct auto_ptr_ref {
typedef void (*Deletor)(T*);
T* ptr_;
Deletor del_;
auto_ptr_ref(T* p, Deletor d) : ptr_(p), del_(d) {}
T* ptr_;
explicit auto_ptr_ref(T* p) : ptr_(p) {}
};
template<typename T>
class auto_ptr {
typedef void (*Deletor)(T*);
T* ptr_;
Deletor del_;
void Destroy()
{
del_(ptr_);
#ifdef YASSL_LIB
yaSSL::ysDelete(ptr_);
#else
TaoCrypt::tcDelete(ptr_);
#endif
}
public:
auto_ptr(T* p, Deletor d) : ptr_(p), del_(d) {}
explicit auto_ptr(Deletor d) : ptr_(0), del_(d) {}
explicit auto_ptr(T* p = 0) : ptr_(p) {}
~auto_ptr()
{
......@@ -71,14 +70,13 @@ public:
}
auto_ptr(auto_ptr& other) : ptr_(other.release()), del_(other.del_) {}
auto_ptr(auto_ptr& other) : ptr_(other.release()) {}
auto_ptr& operator=(auto_ptr& that)
{
if (this != &that) {
Destroy();
ptr_ = that.release();
del_ = that.del_;
}
return *this;
}
......@@ -115,14 +113,13 @@ public:
}
// auto_ptr_ref conversions
auto_ptr(auto_ptr_ref<T> ref) : ptr_(ref.ptr_), del_(ref.del_) {}
auto_ptr(auto_ptr_ref<T> ref) : ptr_(ref.ptr_) {}
auto_ptr& operator=(auto_ptr_ref<T> ref)
{
if (this->ptr_ != ref.ptr_) {
Destroy();
ptr_ = ref.ptr_;
del_ = ref.del_;
}
return *this;
}
......@@ -130,13 +127,13 @@ public:
template<typename T2>
operator auto_ptr<T2>()
{
return auto_ptr<T2>(this->release(), this->del_);
return auto_ptr<T2>(this->release());
}
template<typename T2>
operator auto_ptr_ref<T2>()
{
return auto_ptr_ref<T2>(this->release(), this->del_);
return auto_ptr_ref<T2>(this->release());
}
};
......
/* mySTL memory_array.hpp
*
* Copyright (C) 2003 Sawtooth Consulting Ltd.
*
* This file is part of yaSSL.
*
* yaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* There are special exceptions to the terms and conditions of the GPL as it
* is applied to yaSSL. View the full text of the exception in the file
* FLOSS-EXCEPTIONS in the directory of this software distribution.
*
* yaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* mySTL memory_arry implements auto_array
*
*/
#ifndef mySTL_MEMORY_ARRAY_HPP
#define mySTL_MEMORY_ARRAY_HPP
#ifdef _MSC_VER
// disable operator-> warning for builtins
#pragma warning(disable:4284)
#endif
namespace mySTL {
template<typename T>
struct auto_array_ref {
T* ptr_;
explicit auto_array_ref(T* p) : ptr_(p) {}
};
template<typename T>
class auto_array {
T* ptr_;
void Destroy()
{
#ifdef YASSL_LIB
yaSSL::ysArrayDelete(ptr_);
#else
TaoCrypt::tcArrayDelete(ptr_);
#endif
}
public:
explicit auto_array(T* p = 0) : ptr_(p) {}
~auto_array()
{
Destroy();
}
auto_array(auto_array& other) : ptr_(other.release()) {}
auto_array& operator=(auto_array& that)
{
if (this != &that) {
Destroy();
ptr_ = that.release();
}
return *this;
}
T* operator->() const
{
return ptr_;
}
T& operator*() const
{
return *ptr_;
}
T* get() const
{
return ptr_;
}
T* release()
{
T* tmp = ptr_;
ptr_ = 0;
return tmp;
}
void reset(T* p = 0)
{
if (ptr_ != p) {
Destroy();
ptr_ = p;
}
}
// auto_array_ref conversions
auto_array(auto_array_ref<T> ref) : ptr_(ref.ptr_) {}
auto_array& operator=(auto_array_ref<T> ref)
{
if (this->ptr_ != ref.ptr_) {
Destroy();
ptr_ = ref.ptr_;
}
return *this;
}
template<typename T2>
operator auto_array<T2>()
{
return auto_array<T2>(this->release());
}
template<typename T2>
operator auto_array_ref<T2>()
{
return auto_array_ref<T2>(this->release());
}
};
} // namespace mySTL
#endif // mySTL_MEMORY_ARRAY_HPP
......@@ -34,7 +34,6 @@
#include "helpers.hpp" // construct, destory, fill, etc.
#include "algorithm.hpp" // swap
#include <assert.h> // assert
#include <stdlib.h> // malloc
namespace mySTL {
......@@ -49,14 +48,15 @@ struct vector_base {
vector_base() : start_(0), finish_(0), end_of_storage_(0) {}
vector_base(size_t n)
{
// Don't allow malloc(0), if n is 0 use 1
start_ = static_cast<T*>(malloc((n ? n : 1) * sizeof(T)));
if (!start_) abort();
start_ = GetArrayMemory<T>(n);
finish_ = start_;
end_of_storage_ = start_ + n;
}
~vector_base() { if (start_) free(start_); }
~vector_base()
{
FreeArrayMemory(start_);
}
void Swap(vector_base& that)
{
......@@ -71,6 +71,9 @@ struct vector_base {
template <typename T>
class vector {
public:
typedef T* iterator;
typedef const T* const_iterator;
vector() {}
explicit vector(size_t n) : vec_(n)
{
......
INCLUDES = -I../include -I../../mySTL
INCLUDES = -I../include -I../mySTL
noinst_LTLIBRARIES = libtaocrypt.la
......
......@@ -29,7 +29,10 @@
#include "runtime.hpp"
#include "algebra.hpp"
#include "vector.hpp" // mySTL::vector (simple)
#include STL_VECTOR_FILE
namespace STL = STL_NAMESPACE;
namespace TaoCrypt {
......@@ -82,7 +85,7 @@ const Integer& AbstractEuclideanDomain::Mod(const Element &a,
const Integer& AbstractEuclideanDomain::Gcd(const Element &a,
const Element &b) const
{
mySTL::vector<Element> g(3);
STL::vector<Element> g(3);
g[0]= b;
g[1]= a;
unsigned int i0=0, i1=1, i2=2;
......@@ -115,7 +118,7 @@ Integer AbstractGroup::CascadeScalarMultiply(const Element &x,
const unsigned w = (expLen <= 46 ? 1 : (expLen <= 260 ? 2 : 3));
const unsigned tableSize = 1<<w;
mySTL::vector<Element> powerTable(tableSize << w);
STL::vector<Element> powerTable(tableSize << w);
powerTable[1] = x;
powerTable[tableSize] = y;
......@@ -240,8 +243,8 @@ struct WindowSlider
void AbstractGroup::SimultaneousMultiply(Integer *results, const Integer &base,
const Integer *expBegin, unsigned int expCount) const
{
mySTL::vector<mySTL::vector<Element> > buckets(expCount);
mySTL::vector<WindowSlider> exponents;
STL::vector<STL::vector<Element> > buckets(expCount);
STL::vector<WindowSlider> exponents;
exponents.reserve(expCount);
unsigned int i;
......@@ -332,6 +335,8 @@ void AbstractRing::SimultaneousExponentiate(Integer *results,
namespace mySTL {
template TaoCrypt::WindowSlider* uninit_copy<TaoCrypt::WindowSlider*, TaoCrypt::WindowSlider*>(TaoCrypt::WindowSlider*, TaoCrypt::WindowSlider*, TaoCrypt::WindowSlider*);
template void destroy<TaoCrypt::WindowSlider*>(TaoCrypt::WindowSlider*, TaoCrypt::WindowSlider*);
template TaoCrypt::WindowSlider* GetArrayMemory<TaoCrypt::WindowSlider>(size_t);
template void FreeArrayMemory<TaoCrypt::WindowSlider>(TaoCrypt::WindowSlider*);
}
#endif
......@@ -38,7 +38,8 @@
#include "sha.hpp"
#include "coding.hpp"
#include <time.h> // gmtime();
#include "memory.hpp" // mySTL::auto_ptr
#include "memory.hpp" // some auto_ptr don't have reset, also need auto_array
namespace TaoCrypt {
......@@ -202,13 +203,13 @@ void PublicKey::SetKey(const byte* k)
void PublicKey::AddToEnd(const byte* data, word32 len)
{
mySTL::auto_ptr<byte> tmp(NEW_TC byte[sz_ + len], tcArrayDelete);
mySTL::auto_array<byte> tmp(NEW_TC byte[sz_ + len]);
memcpy(tmp.get(), key_, sz_);
memcpy(tmp.get() + sz_, data, len);
byte* del = 0;
mySTL::swap(del, key_);
STL::swap(del, key_);
tcArrayDelete(del);
key_ = tmp.release();
......@@ -856,7 +857,7 @@ bool CertDecoder::ValidateSignature(SignerList* signers)
bool CertDecoder::ConfirmSignature(Source& pub)
{
HashType ht;
mySTL::auto_ptr<HASH> hasher(tcDelete);
mySTL::auto_ptr<HASH> hasher;
if (signatureOID_ == MD5wRSA) {
hasher.reset(NEW_TC MD5);
......
......@@ -133,7 +133,7 @@ void Blowfish::SetKey(const byte* key_string, word32 keylength, CipherDir dir)
if (dir==DECRYPTION)
for (i=0; i<(ROUNDS+2)/2; i++)
mySTL::swap(pbox_[i], pbox_[ROUNDS+1-i]);
STL::swap(pbox_[i], pbox_[ROUNDS+1-i]);
}
......
......@@ -34,7 +34,10 @@
#include "runtime.hpp"
#include "des.hpp"
#include "algorithm.hpp" // mySTL::swap
#include STL_ALGORITHM_FILE
namespace STL = STL_NAMESPACE;
#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM)
......@@ -265,8 +268,8 @@ void BasicDES::SetKey(const byte* key, word32 /*length*/, CipherDir dir)
// reverse key schedule order
if (dir == DECRYPTION)
for (i = 0; i < 16; i += 2) {
mySTL::swap(k_[i], k_[32 - 2 - i]);
mySTL::swap(k_[i+1], k_[32 - 1 - i]);
STL::swap(k_[i], k_[32 - 2 - i]);
STL::swap(k_[i+1], k_[32 - 1 - i]);
}
}
......
......@@ -61,7 +61,7 @@ void DH::GenerateKeyPair(RandomNumberGenerator& rng, byte* priv, byte* pub)
// Generate private value
void DH::GeneratePrivate(RandomNumberGenerator& rng, byte* priv)
{
Integer x(rng, Integer::One(), mySTL::min(p_ - 1,
Integer x(rng, Integer::One(), min(p_ - 1,
Integer::Power2(2*DiscreteLogWorkFactor(p_.BitCount())) ) );
x.Encode(priv, p_.ByteCount());
}
......
......@@ -1094,7 +1094,7 @@ static bool IsP4()
word32 cpuid[4];
CpuId(0, cpuid);
mySTL::swap(cpuid[2], cpuid[3]);
STL::swap(cpuid[2], cpuid[3]);
if (memcmp(cpuid+1, "GenuineIntel", 12) != 0)
return false;
......@@ -2384,8 +2384,8 @@ void AsymmetricMultiply(word *R, word *T, const word *A, unsigned int NA,
if (NA > NB)
{
mySTL::swap(A, B);
mySTL::swap(NA, NB);
STL::swap(A, B);
STL::swap(NA, NB);
}
assert(NB % NA == 0);
......@@ -2521,8 +2521,8 @@ unsigned int AlmostInverse(word *R, word *T, const word *A, unsigned int NA,
if (Compare(f, g, fgLen)==-1)
{
mySTL::swap(f, g);
mySTL::swap(b, c);
STL::swap(f, g);
STL::swap(b, c);
s++;
}
......@@ -3162,7 +3162,7 @@ signed long Integer::ConvertToLong() const
void Integer::Swap(Integer& a)
{
reg_.Swap(a.reg_);
mySTL::swap(sign_, a.sign_);
STL::swap(sign_, a.sign_);
}
......
......@@ -28,9 +28,11 @@
#include "runtime.hpp"
#include "md4.hpp"
#include "algorithm.hpp" // mySTL::swap
#include STL_ALGORITHM_FILE
namespace STL = STL_NAMESPACE;
namespace TaoCrypt {
......@@ -69,9 +71,9 @@ MD4& MD4::operator= (const MD4& that)
void MD4::Swap(MD4& other)
{
mySTL::swap(loLen_, other.loLen_);
mySTL::swap(hiLen_, other.hiLen_);
mySTL::swap(buffLen_, other.buffLen_);
STL::swap(loLen_, other.loLen_);
STL::swap(hiLen_, other.hiLen_);
STL::swap(buffLen_, other.buffLen_);
memcpy(digest_, other.digest_, DIGEST_SIZE);
memcpy(buffer_, other.buffer_, BLOCK_SIZE);
......
......@@ -28,7 +28,10 @@
#include "runtime.hpp"
#include "md5.hpp"
#include "algorithm.hpp" // mySTL::swap
#include STL_ALGORITHM_FILE
namespace STL = STL_NAMESPACE;
#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM)
......@@ -72,9 +75,9 @@ MD5& MD5::operator= (const MD5& that)
void MD5::Swap(MD5& other)
{
mySTL::swap(loLen_, other.loLen_);
mySTL::swap(hiLen_, other.hiLen_);
mySTL::swap(buffLen_, other.buffLen_);
STL::swap(loLen_, other.loLen_);
STL::swap(hiLen_, other.hiLen_);
STL::swap(buffLen_, other.buffLen_);
memcpy(digest_, other.digest_, DIGEST_SIZE);
memcpy(buffer_, other.buffer_, BLOCK_SIZE);
......
......@@ -29,16 +29,6 @@
#include "runtime.hpp"
#include "misc.hpp"
#if !defined(YASSL_MYSQL_COMPATIBLE)
extern "C" {
// for libcurl configure test, these are the signatures they use
// locking handled internally by library
char CRYPTO_lock() { return 0;}
char CRYPTO_add_lock() { return 0;}
} // extern "C"
#endif
#ifdef YASSL_PURE_C
void* operator new(size_t sz, TaoCrypt::new_t)
......
......@@ -31,7 +31,7 @@
#include "runtime.hpp"
#include "random.hpp"
#include <string.h>
#include <time.h>
#if defined(_WIN32)
#define _WIN32_WINNT 0x0400
......@@ -74,6 +74,8 @@ byte RandomNumberGenerator::GenerateByte()
#if defined(_WIN32)
/* The OS_Seed implementation for windows */
OS_Seed::OS_Seed()
{
if(!CryptAcquireContext(&handle_, 0, 0, PROV_RSA_FULL,
......@@ -95,8 +97,70 @@ void OS_Seed::GenerateSeed(byte* output, word32 sz)
}
#else // _WIN32
#elif defined(__NETWARE__)
/* The OS_Seed implementation for Netware */
#include <nks/thread.h>
#include <nks/plat.h>
// Loop on high resulution Read Time Stamp Counter
static void NetwareSeed(byte* output, word32 sz)
{
word32 tscResult;
for (word32 i = 0; i < sz; i += sizeof(tscResult)) {
#if defined(__GNUC__)
asm volatile("rdtsc" : "=A" (tscResult));
#else
#ifdef __MWERKS__
asm {
#else
__asm {
#endif
rdtsc
mov tscResult, eax
}
#endif
memcpy(output, &tscResult, sizeof(tscResult));
output += sizeof(tscResult);
NXThreadYield(); // induce more variance
}
}
OS_Seed::OS_Seed()
{
}
OS_Seed::~OS_Seed()
{
}
void OS_Seed::GenerateSeed(byte* output, word32 sz)
{
/*
Try to use NXSeedRandom as it will generate a strong
seed using the onboard 82802 chip
As it's not always supported, fallback to default
implementation if an error is returned
*/
if (NXSeedRandom(sz, output) != 0)
{
NetwareSeed(output, sz);
}
}
#else
/* The default OS_Seed implementation */
OS_Seed::OS_Seed()
{
......
......@@ -28,9 +28,11 @@
#include "runtime.hpp"
#include "ripemd.hpp"
#include "algorithm.hpp" // mySTL::swap
#include STL_ALGORITHM_FILE
namespace STL = STL_NAMESPACE;
#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM)
#define DO_RIPEMD_ASM
......@@ -75,9 +77,9 @@ RIPEMD160& RIPEMD160::operator= (const RIPEMD160& that)
void RIPEMD160::Swap(RIPEMD160& other)
{
mySTL::swap(loLen_, other.loLen_);
mySTL::swap(hiLen_, other.hiLen_);
mySTL::swap(buffLen_, other.buffLen_);
STL::swap(loLen_, other.loLen_);
STL::swap(hiLen_, other.hiLen_);
STL::swap(buffLen_, other.buffLen_);
memcpy(digest_, other.digest_, DIGEST_SIZE);
memcpy(buffer_, other.buffer_, BLOCK_SIZE);
......
......@@ -27,8 +27,11 @@
#include "runtime.hpp"
#include <string.h>
#include "algorithm.hpp" // mySTL::swap
#include "sha.hpp"
#include STL_ALGORITHM_FILE
namespace STL = STL_NAMESPACE;
#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM)
......@@ -96,9 +99,9 @@ SHA& SHA::operator= (const SHA& that)
void SHA::Swap(SHA& other)
{
mySTL::swap(loLen_, other.loLen_);
mySTL::swap(hiLen_, other.hiLen_);
mySTL::swap(buffLen_, other.buffLen_);
STL::swap(loLen_, other.loLen_);
STL::swap(hiLen_, other.hiLen_);
STL::swap(buffLen_, other.buffLen_);
memcpy(digest_, other.digest_, DIGEST_SIZE);
memcpy(buffer_, other.buffer_, BLOCK_SIZE);
......
......@@ -77,6 +77,13 @@ template void destroy<vector<TaoCrypt::Integer>*>(vector<TaoCrypt::Integer>*, ve
template TaoCrypt::Integer* uninit_copy<TaoCrypt::Integer*, TaoCrypt::Integer*>(TaoCrypt::Integer*, TaoCrypt::Integer*, TaoCrypt::Integer*);
template TaoCrypt::Integer* uninit_fill_n<TaoCrypt::Integer*, size_t, TaoCrypt::Integer>(TaoCrypt::Integer*, size_t, TaoCrypt::Integer const&);
template void destroy<TaoCrypt::Integer*>(TaoCrypt::Integer*, TaoCrypt::Integer*);
template TaoCrypt::byte* GetArrayMemory<TaoCrypt::byte>(size_t);
template void FreeArrayMemory<TaoCrypt::byte>(TaoCrypt::byte*);
template TaoCrypt::Integer* GetArrayMemory<TaoCrypt::Integer>(size_t);
template void FreeArrayMemory<TaoCrypt::Integer>(TaoCrypt::Integer*);
template vector<TaoCrypt::Integer>* GetArrayMemory<vector<TaoCrypt::Integer> >(size_t);
template void FreeArrayMemory<vector<TaoCrypt::Integer> >(vector<TaoCrypt::Integer>*);
template void FreeArrayMemory<void>(void*);
}
#endif
INCLUDES = -I../include -I../../mySTL
INCLUDES = -I../include -I../mySTL
bin_PROGRAMS = test
test_SOURCES = test.cpp
test_LDFLAGS = -L../src
......
INCLUDES = -I../include -I../taocrypt/include -I../mySTL
INCLUDES = -I../include -I../taocrypt/include -I../taocrypt/mySTL
bin_PROGRAMS = testsuite
testsuite_SOURCES = testsuite.cpp ../taocrypt/test/test.cpp \
../examples/client/client.cpp ../examples/server/server.cpp \
......
......@@ -27,24 +27,27 @@
#endif /* _WIN32 */
#if !defined(_SOCKLEN_T) && defined(_WIN32)
#if !defined(_SOCKLEN_T) && (defined(_WIN32) || defined(__NETWARE__))
typedef int socklen_t;
#endif
// Check type of third arg to accept
#if defined(__hpux)
// HPUX doesn't use socklent_t for third parameter to accept
#if !defined(__hpux)
typedef socklen_t* ACCEPT_THIRD_T;
#else
typedef int* ACCEPT_THIRD_T;
#else
typedef socklen_t* ACCEPT_THIRD_T;
#endif
// Check if _POSIX_THREADS should be forced
#if !defined(_POSIX_THREADS) && (defined(__NETWARE__) || defined(__hpux))
// HPUX does not define _POSIX_THREADS as it's not _fully_ implemented
#ifndef _POSIX_THREADS
// Netware supports pthreads but does not announce it
#define _POSIX_THREADS
#endif
#endif
#ifndef _POSIX_THREADS
typedef unsigned int THREAD_RETURN;
......@@ -148,6 +151,13 @@ inline void err_sys(const char* msg)
}
static int PasswordCallBack(char* passwd, int sz, int rw, void* userdata)
{
strncpy(passwd, "12345678", sz);
return 8;
}
inline void store_ca(SSL_CTX* ctx)
{
// To allow testing from serveral dirs
......@@ -168,6 +178,7 @@ inline void store_ca(SSL_CTX* ctx)
inline void set_certs(SSL_CTX* ctx)
{
store_ca(ctx);
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
// To allow testing from serveral dirs
if (SSL_CTX_use_certificate_file(ctx, cert, SSL_FILETYPE_PEM)
......@@ -193,6 +204,7 @@ inline void set_certs(SSL_CTX* ctx)
inline void set_serverCerts(SSL_CTX* ctx)
{
store_ca(ctx);
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
// To allow testing from serveral dirs
if (SSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)
......@@ -258,13 +270,27 @@ inline void tcp_socket(SOCKET_T& sockfd, sockaddr_in& addr)
}
inline void tcp_close(SOCKET_T& sockfd)
{
#ifdef _WIN32
closesocket(sockfd);
#else
close(sockfd);
#endif
sockfd = -1;
}
inline void tcp_connect(SOCKET_T& sockfd)
{
sockaddr_in addr;
tcp_socket(sockfd, addr);
if (connect(sockfd, (const sockaddr*)&addr, sizeof(addr)) != 0)
{
tcp_close(sockfd);
err_sys("tcp connect failed");
}
}
......@@ -274,9 +300,15 @@ inline void tcp_listen(SOCKET_T& sockfd)
tcp_socket(sockfd, addr);
if (bind(sockfd, (const sockaddr*)&addr, sizeof(addr)) != 0)
{
tcp_close(sockfd);
err_sys("tcp bind failed");
}
if (listen(sockfd, 3) != 0)
{
tcp_close(sockfd);
err_sys("tcp listen failed");
}
}
......@@ -299,7 +331,10 @@ inline void tcp_accept(SOCKET_T& sockfd, int& clientfd, func_args& args)
clientfd = accept(sockfd, (sockaddr*)&client, (ACCEPT_THIRD_T)&client_len);
if (clientfd == -1)
{
tcp_close(sockfd);
err_sys("tcp accept failed");
}
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment