len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-11-04 18:52:31 -05:00
Code Issues Projects Releases Packages Wiki Activity

Update CyaSSL to latest version.

Browse source
This commit is contained in:
Richard Barry 2014-07-18 18:54:25 +00:00
parent 5fcd270398
commit 3d007d0b4b
445 changed files with 162375 additions and 26182 deletions
Download patch file Download diff file Expand all files Collapse all files

8
FreeRTOS-Plus/Source/CyaSSL/cyassl/callbacks.h
View file

@ -1,6 +1,6 @@
/* cyassl_callbacks.h
/* callbacks.h
*
* Copyright (C) 2012 Sawtooth Consulting Ltd.
* Copyright (C) 2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -76,5 +76,5 @@ typedef struct timeoutInfo_st {
#endif
#endif /* CyaSSL_CALLBACKS_H */
#endif /* CYASSL_CALLBACKS_H */

1178
FreeRTOS-Plus/Source/CyaSSL/cyassl/certs_test.h Normal file
View file

File diff suppressed because it is too large Load diff

10
FreeRTOS-Plus/Source/CyaSSL/cyassl/crl.h
View file

@ -1,6 +1,6 @@
/* crl.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,13 +16,16 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifndef CYASSL_CRL_H
#define CYASSL_CRL_H
#ifdef HAVE_CRL
#include <cyassl/ssl.h>
#include <cyassl/ctaocrypt/asn.h>
@ -33,7 +36,7 @@
typedef struct CYASSL_CRL CYASSL_CRL;
CYASSL_LOCAL int InitCRL(CYASSL_CRL*, CYASSL_CERT_MANAGER*);
CYASSL_LOCAL void FreeCRL(CYASSL_CRL*);
CYASSL_LOCAL void FreeCRL(CYASSL_CRL*, int dynamic);
CYASSL_LOCAL int LoadCRL(CYASSL_CRL* crl, const char* path, int type, int mon);
CYASSL_LOCAL int BufferLoadCRL(CYASSL_CRL*, const byte*, long, int);
@ -44,4 +47,5 @@ CYASSL_LOCAL int CheckCertCRL(CYASSL_CRL*, DecodedCert*);
} /* extern "C" */
#endif
#endif /* HAVE_CRL */
#endif /* CYASSL_CRL_H */

89
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/aes.h
View file

@ -1,6 +1,6 @@
/* aes.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -28,6 +28,11 @@
#include <cyassl/ctaocrypt/types.h>
#ifdef HAVE_CAVIUM
#include <cyassl/ctaocrypt/logging.h>
#include "cavium_common.h"
#endif
#ifdef CYASSL_AESNI
#include <wmmintrin.h>
@ -36,6 +41,8 @@
#if defined (__GNUC__)
#define ALIGN16 __attribute__ ( (aligned (16)))
#elif defined(_MSC_VER)
/* disable align warning, we want alignment ! */
#pragma warning(disable: 4324)
#define ALIGN16 __declspec (align (16))
#else
#define ALIGN16
@ -53,6 +60,8 @@
#endif
#define CYASSL_AES_CAVIUM_MAGIC 0xBEEF0002
enum {
AES_ENC_TYPE = 1, /* cipher unique type */
AES_ENCRYPTION = 0,
@ -76,31 +85,91 @@ typedef struct Aes {
ALIGN16 byte M0[256][AES_BLOCK_SIZE];
#endif /* GCM_TABLE */
#endif /* HAVE_AESGCM */
#ifdef CYASSL_AESNI
byte use_aesni;
#endif /* CYASSL_AESNI */
#ifdef HAVE_CAVIUM
AesType type; /* aes key type */
int devId; /* nitrox device id */
word32 magic; /* using cavium magic */
word64 contextHandle; /* nitrox context memory handle */
#endif
#ifdef CYASSL_AES_COUNTER
word32 left; /* unsued bytes left from last call */
#endif
#ifdef CYASSL_PIC32MZ_CRYPT
word32 key_ce[AES_BLOCK_SIZE*2/sizeof(word32)] ;
word32 iv_ce [AES_BLOCK_SIZE /sizeof(word32)] ;
int keylen ;
#endif
} Aes;
CYASSL_API int AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
int dir);
CYASSL_API int AesSetIV(Aes* aes, const byte* iv);
CYASSL_API void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
CYASSL_API void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
CYASSL_API int AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
CYASSL_API int AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
CYASSL_API void AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
CYASSL_API void AesEncryptDirect(Aes* aes, byte* out, const byte* in);
CYASSL_API void AesDecryptDirect(Aes* aes, byte* out, const byte* in);
CYASSL_API int AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir);
#ifdef HAVE_AESGCM
CYASSL_API void AesGcmSetKey(Aes* aes, const byte* key, word32 len,
const byte* implicitIV);
CYASSL_API void AesGcmSetExpIV(Aes* aes, const byte* iv);
CYASSL_API void AesGcmGetExpIV(Aes* aes, byte* iv);
CYASSL_API void AesGcmIncExpIV(Aes* aes);
CYASSL_API void AesGcmSetKey(Aes* aes, const byte* key, word32 len);
CYASSL_API void AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
const byte* iv, word32 ivSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
CYASSL_API int AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
const byte* iv, word32 ivSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
typedef struct Gmac {
Aes aes;
} Gmac;
CYASSL_API void GmacSetKey(Gmac* gmac, const byte* key, word32 len);
CYASSL_API void GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
const byte* authIn, word32 authInSz,
byte* authTag, word32 authTagSz);
#endif /* HAVE_AESGCM */
#ifdef HAVE_AESCCM
CYASSL_API void AesCcmSetKey(Aes* aes, const byte* key, word32 keySz);
CYASSL_API void AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
const byte* nonce, word32 nonceSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
CYASSL_API int AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
const byte* nonce, word32 nonceSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#endif /* HAVE_AESCCM */
#ifdef HAVE_CAVIUM
CYASSL_API int AesInitCavium(Aes*, int);
CYASSL_API void AesFreeCavium(Aes*);
#endif
#ifdef HAVE_FIPS
/* fips wrapper calls, user can call direct */
CYASSL_API int AesSetKey_fips(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir);
CYASSL_API int AesSetIV_fips(Aes* aes, const byte* iv);
CYASSL_API int AesCbcEncrypt_fips(Aes* aes, byte* out, const byte* in,
word32 sz);
CYASSL_API int AesCbcDecrypt_fips(Aes* aes, byte* out, const byte* in,
word32 sz);
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define AesSetKey AesSetKey_fips
#define AesSetIV AesSetIV_fips
#define AesCbcEncrypt AesCbcEncrypt_fips
#define AesCbcDecrypt AesCbcDecrypt_fips
#endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */
#ifdef __cplusplus

15
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/arc4.h
View file

@ -1,6 +1,6 @@
/* arc4.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -32,6 +32,8 @@
#endif
#define CYASSL_ARC4_CAVIUM_MAGIC 0xBEEF0001
enum {
ARC4_ENC_TYPE = 4, /* cipher unique type */
ARC4_STATE_SIZE = 256
@ -42,11 +44,20 @@ typedef struct Arc4 {
byte x;
byte y;
byte state[ARC4_STATE_SIZE];
#ifdef HAVE_CAVIUM
int devId; /* nitrox device id */
word32 magic; /* using cavium magic */
word64 contextHandle; /* nitrox context memory handle */
#endif
} Arc4;
CYASSL_API void Arc4Process(Arc4*, byte*, const byte*, word32);
CYASSL_API void Arc4SetKey(Arc4*, const byte*, word32);
#ifdef HAVE_CAVIUM
CYASSL_API int Arc4InitCavium(Arc4*, int);
CYASSL_API void Arc4FreeCavium(Arc4*);
#endif
#ifdef __cplusplus
} /* extern "C" */

304
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/asn.h
View file

@ -1,6 +1,6 @@
/* asn.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,9 +16,10 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifndef NO_ASN
#ifndef CTAO_CRYPT_ASN_H
#define CTAO_CRYPT_ASN_H
@ -58,10 +59,14 @@ enum ASN_Tags {
ASN_TAG_NULL = 0x05,
ASN_OBJECT_ID = 0x06,
ASN_ENUMERATED = 0x0a,
ASN_UTF8STRING = 0x0c,
ASN_SEQUENCE = 0x10,
ASN_SET = 0x11,
ASN_UTC_TIME = 0x17,
ASN_OTHER_TYPE = 0x00,
ASN_RFC822_TYPE = 0x01,
ASN_DNS_TYPE = 0x02,
ASN_DIR_TYPE = 0x04,
ASN_GENERALIZED_TIME = 0x18,
CRL_EXTENSIONS = 0xa0,
ASN_EXTENSIONS = 0xa3,
@ -76,6 +81,7 @@ enum ASN_Flags{
enum DN_Tags {
ASN_COMMON_NAME = 0x03, /* CN */
ASN_SUR_NAME = 0x04, /* SN */
ASN_SERIAL_NUMBER = 0x05, /* serialNumber */
ASN_COUNTRY_NAME = 0x06, /* C */
ASN_LOCALITY_NAME = 0x07, /* L */
ASN_STATE_NAME = 0x08, /* ST */
@ -122,6 +128,9 @@ enum Misc_ASN {
MAX_ALGO_SZ = 20,
MAX_SEQ_SZ = 5, /* enum(seq | con) + length(4) */
MAX_SET_SZ = 5, /* enum(set | con) + length(4) */
MAX_OCTET_STR_SZ = 5, /* enum(set | con) + length(4) */
MAX_EXP_SZ = 5, /* enum(contextspec|con|exp) + length(4) */
MAX_PRSTR_SZ = 5, /* enum(prstr) + length(4) */
MAX_VERSION_SZ = 5, /* enum + id + version(byte) + (header(2))*/
MAX_ENCODED_DIG_SZ = 73, /* sha512 + enum(bit or octet) + legnth(4) */
MAX_RSA_INT_SZ = 517, /* RSA raw sz 4096 for bits + tag + len(4) */
@ -132,6 +141,11 @@ enum Misc_ASN {
MAX_CA_SZ = 32, /* Max encoded CA basic constraint length */
MAX_SN_SZ = 35, /* Max encoded serial number (INT) length */
#ifdef CYASSL_CERT_GEN
#ifdef CYASSL_CERT_REQ
/* Max encoded cert req attributes length */
MAX_ATTRIB_SZ = MAX_SEQ_SZ * 3 + (11 + MAX_SEQ_SZ) * 2 +
MAX_PRSTR_SZ + CTC_NAME_SIZE, /* 11 is the OID size */
#endif
#ifdef CYASSL_ALT_NAMES
MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + CTC_MAX_ALT_SIZE,
#else
@ -141,15 +155,18 @@ enum Misc_ASN {
#endif
MAX_OCSP_EXT_SZ = 58, /* Max OCSP Extension length */
MAX_OCSP_NONCE_SZ = 18, /* OCSP Nonce size */
EIGHTK_BUF = 8192, /* Tmp buffer size */
MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2
/* use bigger NTRU size */
};
enum Oid_Types {
hashType = 0,
sigType = 1,
keyType = 2
hashType = 0,
sigType = 1,
keyType = 2,
curveType = 3,
blkType = 4
};
@ -163,10 +180,16 @@ enum Hash_Sum {
};
enum Block_Sum {
DESb = 69,
DES3b = 652
};
enum Key_Sum {
DSAk = 515,
RSAk = 645,
NTRUk = 364,
NTRUk = 274,
ECDSAk = 518
};
@ -187,11 +210,38 @@ enum KDF_Sum {
enum Extensions_Sum {
BASIC_CA_OID = 133,
ALT_NAMES_OID = 131,
CRL_DIST_OID = 145,
AUTH_INFO_OID = 69,
CA_ISSUER_OID = 117
BASIC_CA_OID = 133,
ALT_NAMES_OID = 131,
CRL_DIST_OID = 145,
AUTH_INFO_OID = 69,
CA_ISSUER_OID = 117,
AUTH_KEY_OID = 149,
SUBJ_KEY_OID = 128,
CERT_POLICY_OID = 146,
KEY_USAGE_OID = 129, /* 2.5.29.15 */
INHIBIT_ANY_OID = 168, /* 2.5.29.54 */
EXT_KEY_USAGE_OID = 151, /* 2.5.29.37 */
NAME_CONS_OID = 144 /* 2.5.29.30 */
};
enum CertificatePolicy_Sum {
CP_ANY_OID = 146 /* id-ce 32 0 */
};
enum SepHardwareName_Sum {
HW_NAME_OID = 79 /* 1.3.6.1.5.5.7.8.4 from RFC 4108*/
};
enum AuthInfo_Sum {
AIA_OCSP_OID = 116, /* 1.3.6.1.5.5.7.48.1 */
AIA_CA_ISSUER_OID = 117 /* 1.3.6.1.5.5.7.48.2 */
};
enum ExtKeyUsage_Sum { /* From RFC 5280 */
EKU_ANY_OID = 151, /* 2.5.29.37.0, anyExtendedKeyUsage */
EKU_SERVER_AUTH_OID = 71, /* 1.3.6.1.5.5.7.3.1, id-kp-serverAuth */
EKU_CLIENT_AUTH_OID = 72, /* 1.3.6.1.5.5.7.3.2, id-kp-clientAuth */
EKU_OCSP_SIGN_OID = 79, /* 1.3.6.1.5.5.7.3.9, OCSPSigning */
};
@ -201,6 +251,22 @@ enum VerifyType {
};
/* Key usage extension bits */
#define KEYUSE_DIGITAL_SIG 0x0100
#define KEYUSE_CONTENT_COMMIT 0x0080
#define KEYUSE_KEY_ENCIPHER 0x0040
#define KEYUSE_DATA_ENCIPHER 0x0020
#define KEYUSE_KEY_AGREE 0x0010
#define KEYUSE_KEY_CERT_SIGN 0x0008
#define KEYUSE_CRL_SIGN 0x0004
#define KEYUSE_ENCIPHER_ONLY 0x0002
#define KEYUSE_DECIPHER_ONLY 0x0001
#define EXTKEYUSE_ANY 0x08
#define EXTKEYUSE_OCSP_SIGN 0x04
#define EXTKEYUSE_CLIENT_AUTH 0x02
#define EXTKEYUSE_SERVER_AUTH 0x01
typedef struct DNS_entry DNS_entry;
struct DNS_entry {
@ -208,7 +274,46 @@ struct DNS_entry {
char* name; /* actual DNS name */
};
typedef struct Base_entry Base_entry;
struct Base_entry {
Base_entry* next; /* next on name base list */
char* name; /* actual name base */
int nameSz; /* name length */
byte type; /* Name base type (DNS or RFC822) */
};
struct DecodedName {
char* fullName;
int fullNameLen;
int entryCount;
int cnIdx;
int cnLen;
int snIdx;
int snLen;
int cIdx;
int cLen;
int lIdx;
int lLen;
int stIdx;
int stLen;
int oIdx;
int oLen;
int ouIdx;
int ouLen;
int emailIdx;
int emailLen;
int uidIdx;
int uidLen;
int serialIdx;
int serialLen;
};
typedef struct DecodedCert DecodedCert;
typedef struct DecodedName DecodedName;
typedef struct Signer Signer;
@ -221,7 +326,13 @@ struct DecodedCert {
word32 sigLength; /* length of signature */
word32 signatureOID; /* sum of algorithm object id */
word32 keyOID; /* sum of key algo object id */
int version; /* cert version, 1 or 3 */
DNS_entry* altNames; /* alt names list of dns entries */
#ifndef IGNORE_NAME_CONSTRAINTS
DNS_entry* altEmailNames; /* alt names list of RFC822 entries */
Base_entry* permittedNames; /* Permitted name bases */
Base_entry* excludedNames; /* Excluded name bases */
#endif /* IGNORE_NAME_CONSTRAINTS */
byte subjectHash[SHA_SIZE]; /* hash of all Names */
byte issuerHash[SHA_SIZE]; /* hash of all Names */
#ifdef HAVE_OCSP
@ -229,7 +340,8 @@ struct DecodedCert {
#endif /* HAVE_OCSP */
byte* signature; /* not owned, points into raw cert */
char* subjectCN; /* CommonName */
int subjectCNLen;
int subjectCNLen; /* CommonName Length */
char subjectCNEnc; /* CommonName Encoding */
int subjectCNStored; /* have we saved a copy we own */
char issuer[ASN_NAME_MAX]; /* full name including common name */
char subject[ASN_NAME_MAX]; /* full name including common name */
@ -247,38 +359,122 @@ struct DecodedCert {
int extAuthInfoSz; /* length of the URI */
byte* extCrlInfo; /* CRL Distribution Points */
int extCrlInfoSz; /* length of the URI */
byte isCA; /* CA basic constraint true */
#ifdef CYASSL_CERT_GEN
/* easy access to subject info for other sign */
char* subjectSN;
int subjectSNLen;
char* subjectC;
int subjectCLen;
char* subjectL;
int subjectLLen;
char* subjectST;
int subjectSTLen;
char* subjectO;
int subjectOLen;
char* subjectOU;
int subjectOULen;
char* subjectEmail;
int subjectEmailLen;
byte extSubjKeyId[SHA_SIZE]; /* Subject Key ID */
byte extSubjKeyIdSet; /* Set when the SKID was read from cert */
byte extAuthKeyId[SHA_SIZE]; /* Authority Key ID */
byte extAuthKeyIdSet; /* Set when the AKID was read from cert */
#ifndef IGNORE_NAME_CONSTRAINTS
byte extNameConstraintSet;
#endif /* IGNORE_NAME_CONSTRAINTS */
byte isCA; /* CA basic constraint true */
byte extKeyUsageSet;
word16 extKeyUsage; /* Key usage bitfield */
byte extExtKeyUsageSet; /* Extended Key Usage */
byte extExtKeyUsage; /* Extended Key usage bitfield */
#ifdef OPENSSL_EXTRA
byte extBasicConstSet;
byte extBasicConstCrit;
byte extBasicConstPlSet;
word32 pathLength; /* CA basic constraint path length, opt */
byte extSubjAltNameSet;
byte extSubjAltNameCrit;
byte extAuthKeyIdCrit;
#ifndef IGNORE_NAME_CONSTRAINTS
byte extNameConstraintCrit;
#endif /* IGNORE_NAME_CONSTRAINTS */
byte extSubjKeyIdCrit;
byte extKeyUsageCrit;
byte extExtKeyUsageCrit;
byte* extExtKeyUsageSrc;
word32 extExtKeyUsageSz;
word32 extExtKeyUsageCount;
byte* extAuthKeyIdSrc;
word32 extAuthKeyIdSz;
byte* extSubjKeyIdSrc;
word32 extSubjKeyIdSz;
#endif
#ifdef HAVE_ECC
word32 pkCurveOID; /* Public Key's curve OID */
#endif /* HAVE_ECC */
byte* beforeDate;
int beforeDateLen;
byte* afterDate;
int afterDateLen;
#ifdef HAVE_PKCS7
byte* issuerRaw; /* pointer to issuer inside source */
int issuerRawLen;
#endif
#ifndef IGNORE_NAME_CONSTRAINT
byte* subjectRaw; /* pointer to subject inside source */
int subjectRawLen;
#endif
#if defined(CYASSL_CERT_GEN)
/* easy access to subject info for other sign */
char* subjectSN;
int subjectSNLen;
char subjectSNEnc;
char* subjectC;
int subjectCLen;
char subjectCEnc;
char* subjectL;
int subjectLLen;
char subjectLEnc;
char* subjectST;
int subjectSTLen;
char subjectSTEnc;
char* subjectO;
int subjectOLen;
char subjectOEnc;
char* subjectOU;
int subjectOULen;
char subjectOUEnc;
char* subjectEmail;
int subjectEmailLen;
#endif /* CYASSL_CERT_GEN */
#ifdef OPENSSL_EXTRA
DecodedName issuerName;
DecodedName subjectName;
#endif /* OPENSSL_EXTRA */
#ifdef CYASSL_SEP
int deviceTypeSz;
byte* deviceType;
int hwTypeSz;
byte* hwType;
int hwSerialNumSz;
byte* hwSerialNum;
#ifdef OPENSSL_EXTRA
byte extCertPolicySet;
byte extCertPolicyCrit;
#endif /* OPENSSL_EXTRA */
#endif /* CYASSL_SEP */
};
#ifdef SHA_DIGEST_SIZE
#define SIGNER_DIGEST_SIZE SHA_DIGEST_SIZE
#else
#define SIGNER_DIGEST_SIZE 20
#endif
/* CA Signers */
/* if change layout change PERSIST_CERT_CACHE functions too */
struct Signer {
byte* publicKey;
word32 pubKeySize;
word32 keyOID; /* key type */
word16 keyUsage;
byte* publicKey;
int nameLen;
char* name; /* common name */
byte hash[SHA_DIGEST_SIZE]; /* sha hash of names in certificate */
#ifndef IGNORE_NAME_CONSTRAINTS
Base_entry* permittedNames;
Base_entry* excludedNames;
#endif /* IGNORE_NAME_CONSTRAINTS */
byte subjectNameHash[SIGNER_DIGEST_SIZE];
/* sha hash of names in certificate */
#ifndef NO_SKID
byte subjectKeyIdHash[SIGNER_DIGEST_SIZE];
/* sha hash of names in certificate */
#endif
Signer* next;
};
@ -291,6 +487,9 @@ struct Signer {
#endif
CYASSL_TEST_API void FreeAltNames(DNS_entry*, void*);
#ifndef IGNORE_NAME_CONSTRAINTS
CYASSL_TEST_API void FreeNameSubtrees(Base_entry*, void*);
#endif /* IGNORE_NAME_CONSTRAINTS */
CYASSL_TEST_API void InitDecodedCert(DecodedCert*, byte*, word32, void*);
CYASSL_TEST_API void FreeDecodedCert(DecodedCert*);
CYASSL_TEST_API int ParseCert(DecodedCert*, int type, int verify, void* cm);
@ -302,7 +501,8 @@ CYASSL_LOCAL word32 EncodeSignature(byte* out, const byte* digest, word32 digSz,
int hashOID);
CYASSL_LOCAL Signer* MakeSigner(void*);
CYASSL_LOCAL void FreeSigners(Signer*, void*);
CYASSL_LOCAL void FreeSigner(Signer*, void*);
CYASSL_LOCAL void FreeSignerTable(Signer**, int, void*);
CYASSL_LOCAL int ToTraditional(byte* buffer, word32 length);
@ -310,15 +510,37 @@ CYASSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*, int);
CYASSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType);
/* ASN.1 helper functions */
CYASSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len,
word32 maxIdx);
CYASSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len,
word32 maxIdx);
CYASSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len,
word32 maxIdx);
CYASSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx,
int* version);
CYASSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
word32 maxIdx);
CYASSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid,
word32 maxIdx);
CYASSL_LOCAL word32 SetLength(word32 length, byte* output);
CYASSL_LOCAL word32 SetSequence(word32 len, byte* output);
CYASSL_LOCAL word32 SetOctetString(word32 len, byte* output);
CYASSL_LOCAL word32 SetImplicit(byte tag, byte number, word32 len,byte* output);
CYASSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output);
CYASSL_LOCAL word32 SetSet(word32 len, byte* output);
CYASSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz);
CYASSL_LOCAL int SetMyVersion(word32 version, byte* output, int header);
CYASSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output);
CYASSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,
int maxIdx);
#ifdef HAVE_ECC
/* ASN sig helpers */
CYASSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r,
mp_int* s);
CYASSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen,
mp_int* r, mp_int* s);
/* private key helpers */
CYASSL_LOCAL int EccPrivateKeyDecode(const byte* input,word32* inOutIdx,
ecc_key*,word32);
#endif
#ifdef CYASSL_CERT_GEN
@ -328,7 +550,8 @@ enum cert_enums {
JOINT_LEN = 2,
EMAIL_JOINT_LEN = 9,
RSA_KEY = 10,
NTRU_KEY = 11
NTRU_KEY = 11,
ECC_KEY = 12
};
@ -415,6 +638,7 @@ struct OcspResponse {
struct OcspRequest {
DecodedCert* cert;
byte useNonce;
byte nonce[MAX_OCSP_NONCE_SZ];
int nonceSz;
@ -431,7 +655,8 @@ struct OcspRequest {
CYASSL_LOCAL void InitOcspResponse(OcspResponse*, CertStatus*, byte*, word32);
CYASSL_LOCAL int OcspResponseDecode(OcspResponse*);
CYASSL_LOCAL void InitOcspRequest(OcspRequest*, DecodedCert*, byte*, word32);
CYASSL_LOCAL void InitOcspRequest(OcspRequest*, DecodedCert*,
byte, byte*, word32);
CYASSL_LOCAL int EncodeOcspRequest(OcspRequest*);
CYASSL_LOCAL int CompareOcspReqResp(OcspRequest*, OcspResponse*);
@ -460,7 +685,7 @@ struct DecodedCRL {
word32 signatureOID; /* sum of algorithm object id */
byte* signature; /* pointer into raw source, not owned */
byte issuerHash[SHA_DIGEST_SIZE]; /* issuer hash */
byte crlHash[MD5_DIGEST_SIZE]; /* raw crl data hash */
byte crlHash[SHA_DIGEST_SIZE]; /* raw crl data hash */
byte lastDate[MAX_DATE_SIZE]; /* last date updated */
byte nextDate[MAX_DATE_SIZE]; /* next update date */
byte lastDateFormat; /* format of last date */
@ -470,7 +695,7 @@ struct DecodedCRL {
};
CYASSL_LOCAL void InitDecodedCRL(DecodedCRL*);
CYASSL_LOCAL int ParseCRL(DecodedCRL*, const byte* buff, long sz, void* cm);
CYASSL_LOCAL int ParseCRL(DecodedCRL*, const byte* buff, word32 sz, void* cm);
CYASSL_LOCAL void FreeDecodedCRL(DecodedCRL*);
@ -483,3 +708,4 @@ CYASSL_LOCAL void FreeDecodedCRL(DecodedCRL*);
#endif /* CTAO_CRYPT_ASN_H */
#endif /* !NO_ASN */

52
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/asn_public.h
View file

@ -1,6 +1,6 @@
/* asn_public.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -24,6 +24,7 @@
#define CTAO_CRYPT_ASN_PUBLIC_H
#include <cyassl/ctaocrypt/types.h>
#include <cyassl/ctaocrypt/ecc.h>
#ifdef CYASSL_CERT_GEN
#include <cyassl/ctaocrypt/rsa.h>
#endif
@ -40,7 +41,9 @@ enum CertType {
PRIVATEKEY_TYPE,
DH_PARAM_TYPE,
CRL_TYPE,
CA_TYPE
CA_TYPE,
ECC_PRIVATEKEY_TYPE,
CERTREQ_TYPE
};
@ -59,24 +62,40 @@ enum Ctc_SigType {
CTC_SHA512wECDSA = 526
};
enum Ctc_Encoding {
CTC_UTF8 = 0x0c, /* utf8 */
CTC_PRINTABLE = 0x13 /* printable */
};
#ifdef CYASSL_CERT_GEN
#ifndef HAVE_ECC
typedef struct ecc_key ecc_key;
#endif
enum Ctc_Misc {
CTC_NAME_SIZE = 64,
CTC_DATE_SIZE = 32,
CTC_MAX_ALT_SIZE = 8192, /* may be huge */
CTC_SERIAL_SIZE = 8
CTC_NAME_SIZE = 64,
CTC_DATE_SIZE = 32,
CTC_MAX_ALT_SIZE = 16384, /* may be huge */
CTC_SERIAL_SIZE = 8
};
typedef struct CertName {
char country[CTC_NAME_SIZE];
char countryEnc;
char state[CTC_NAME_SIZE];
char stateEnc;
char locality[CTC_NAME_SIZE];
char localityEnc;
char sur[CTC_NAME_SIZE];
char surEnc;
char org[CTC_NAME_SIZE];
char orgEnc;
char unit[CTC_NAME_SIZE];
char unitEnc;
char commonName[CTC_NAME_SIZE];
char commonNameEnc;
char email[CTC_NAME_SIZE]; /* !!!! email has to be last !!!! */
} CertName;
@ -102,6 +121,9 @@ typedef struct Cert {
byte afterDate[CTC_DATE_SIZE]; /* after date copy */
int afterDateSz; /* size of copy */
#endif
#ifdef CYASSL_CERT_REQ
char challengePw[CTC_NAME_SIZE];
#endif
} Cert;
@ -119,8 +141,14 @@ typedef struct Cert {
keyType = RSA_KEY (default)
*/
CYASSL_API void InitCert(Cert*);
CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
CYASSL_API int SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
ecc_key*, RNG*);
#ifdef CYASSL_CERT_REQ
CYASSL_API int MakeCertReq(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
ecc_key*);
#endif
CYASSL_API int SignCert(int requestSz, int sigType, byte* derBuffer,
word32 derSz, RsaKey*, ecc_key*, RNG*);
CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
RNG*);
CYASSL_API int SetIssuer(Cert*, const char*);
@ -146,6 +174,12 @@ CYASSL_API int SetDatesBuffer(Cert*, const byte*, int);
word32 outputSz, int type);
#endif
#ifdef HAVE_ECC
/* private key helpers */
CYASSL_API int EccPrivateKeyDecode(const byte* input,word32* inOutIdx,
ecc_key*,word32);
#endif
#ifdef __cplusplus
} /* extern "C" */

154
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/blake2-impl.h Normal file
View file

@ -0,0 +1,154 @@
/*
BLAKE2 reference source code package - reference C implementations
Written in 2012 by Samuel Neves <sneves@dei.uc.pt>
To the extent possible under law, the author(s) have dedicated all copyright
and related and neighboring rights to this software to the public domain
worldwide. This software is distributed without any warranty.
You should have received a copy of the CC0 Public Domain Dedication along with
this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
*/
/* blake2-impl.h
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifndef CTAOCRYPT_BLAKE2_IMPL_H
#define CTAOCRYPT_BLAKE2_IMPL_H
#include <cyassl/ctaocrypt/types.h>
static inline word32 load32( const void *src )
{
#if defined(LITTLE_ENDIAN_ORDER)
return *( word32 * )( src );
#else
const byte *p = ( byte * )src;
word32 w = *p++;
w |= ( word32 )( *p++ ) << 8;
w |= ( word32 )( *p++ ) << 16;
w |= ( word32 )( *p++ ) << 24;
return w;
#endif
}
static inline word64 load64( const void *src )
{
#if defined(LITTLE_ENDIAN_ORDER)
return *( word64 * )( src );
#else
const byte *p = ( byte * )src;
word64 w = *p++;
w |= ( word64 )( *p++ ) << 8;
w |= ( word64 )( *p++ ) << 16;
w |= ( word64 )( *p++ ) << 24;
w |= ( word64 )( *p++ ) << 32;
w |= ( word64 )( *p++ ) << 40;
w |= ( word64 )( *p++ ) << 48;
w |= ( word64 )( *p++ ) << 56;
return w;
#endif
}
static inline void store32( void *dst, word32 w )
{
#if defined(LITTLE_ENDIAN_ORDER)
*( word32 * )( dst ) = w;
#else
byte *p = ( byte * )dst;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w;
#endif
}
static inline void store64( void *dst, word64 w )
{
#if defined(LITTLE_ENDIAN_ORDER)
*( word64 * )( dst ) = w;
#else
byte *p = ( byte * )dst;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w;
#endif
}
static inline word64 load48( const void *src )
{
const byte *p = ( const byte * )src;
word64 w = *p++;
w |= ( word64 )( *p++ ) << 8;
w |= ( word64 )( *p++ ) << 16;
w |= ( word64 )( *p++ ) << 24;
w |= ( word64 )( *p++ ) << 32;
w |= ( word64 )( *p++ ) << 40;
return w;
}
static inline void store48( void *dst, word64 w )
{
byte *p = ( byte * )dst;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w;
}
static inline word32 rotl32( const word32 w, const unsigned c )
{
return ( w << c ) | ( w >> ( 32 - c ) );
}
static inline word64 rotl64( const word64 w, const unsigned c )
{
return ( w << c ) | ( w >> ( 64 - c ) );
}
static inline word32 rotr32( const word32 w, const unsigned c )
{
return ( w >> c ) | ( w << ( 32 - c ) );
}
static inline word64 rotr64( const word64 w, const unsigned c )
{
return ( w >> c ) | ( w << ( 64 - c ) );
}
/* prevents compiler optimizing out memset() */
static inline void secure_zero_memory( void *v, word64 n )
{
volatile byte *p = ( volatile byte * )v;
while( n-- ) *p++ = 0;
}
#endif /* CTAOCRYPT_BLAKE2_IMPL_H */

183
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/blake2-int.h Normal file
View file

@ -0,0 +1,183 @@
/*
BLAKE2 reference source code package - reference C implementations
Written in 2012 by Samuel Neves <sneves@dei.uc.pt>
To the extent possible under law, the author(s) have dedicated all copyright
and related and neighboring rights to this software to the public domain
worldwide. This software is distributed without any warranty.
You should have received a copy of the CC0 Public Domain Dedication along with
this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
*/
/* blake2-int.h
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifndef CTAOCRYPT_BLAKE2_INT_H
#define CTAOCRYPT_BLAKE2_INT_H
#include <cyassl/ctaocrypt/types.h>
#if defined(_MSC_VER)
#define ALIGN(x) __declspec(align(x))
#elif defined(__GNUC__)
#define ALIGN(x) __attribute__((aligned(x)))
#else
#define ALIGN(x)
#endif
#if defined(__cplusplus)
extern "C" {
#endif
enum blake2s_constant
{
BLAKE2S_BLOCKBYTES = 64,
BLAKE2S_OUTBYTES = 32,
BLAKE2S_KEYBYTES = 32,
BLAKE2S_SALTBYTES = 8,
BLAKE2S_PERSONALBYTES = 8
};
enum blake2b_constant
{
BLAKE2B_BLOCKBYTES = 128,
BLAKE2B_OUTBYTES = 64,
BLAKE2B_KEYBYTES = 64,
BLAKE2B_SALTBYTES = 16,
BLAKE2B_PERSONALBYTES = 16
};
#pragma pack(push, 1)
typedef struct __blake2s_param
{
byte digest_length; /* 1 */
byte key_length; /* 2 */
byte fanout; /* 3 */
byte depth; /* 4 */
word32 leaf_length; /* 8 */
byte node_offset[6];/* 14 */
byte node_depth; /* 15 */
byte inner_length; /* 16 */
/* byte reserved[0]; */
byte salt[BLAKE2B_SALTBYTES]; /* 24 */
byte personal[BLAKE2S_PERSONALBYTES]; /* 32 */
} blake2s_param;
ALIGN( 64 ) typedef struct __blake2s_state
{
word32 h[8];
word32 t[2];
word32 f[2];
byte buf[2 * BLAKE2S_BLOCKBYTES];
word64 buflen;
byte last_node;
} blake2s_state ;
typedef struct __blake2b_param
{
byte digest_length; /* 1 */
byte key_length; /* 2 */
byte fanout; /* 3 */
byte depth; /* 4 */
word32 leaf_length; /* 8 */
word64 node_offset; /* 16 */
byte node_depth; /* 17 */
byte inner_length; /* 18 */
byte reserved[14]; /* 32 */
byte salt[BLAKE2B_SALTBYTES]; /* 48 */
byte personal[BLAKE2B_PERSONALBYTES]; /* 64 */
} blake2b_param;
ALIGN( 64 ) typedef struct __blake2b_state
{
word64 h[8];
word64 t[2];
word64 f[2];
byte buf[2 * BLAKE2B_BLOCKBYTES];
word64 buflen;
byte last_node;
} blake2b_state;
typedef struct __blake2sp_state
{
blake2s_state S[8][1];
blake2s_state R[1];
byte buf[8 * BLAKE2S_BLOCKBYTES];
word64 buflen;
} blake2sp_state;
typedef struct __blake2bp_state
{
blake2b_state S[4][1];
blake2b_state R[1];
byte buf[4 * BLAKE2B_BLOCKBYTES];
word64 buflen;
} blake2bp_state;
#pragma pack(pop)
/* Streaming API */
int blake2s_init( blake2s_state *S, const byte outlen );
int blake2s_init_key( blake2s_state *S, const byte outlen, const void *key, const byte keylen );
int blake2s_init_param( blake2s_state *S, const blake2s_param *P );
int blake2s_update( blake2s_state *S, const byte *in, word64 inlen );
int blake2s_final( blake2s_state *S, byte *out, byte outlen );
int blake2b_init( blake2b_state *S, const byte outlen );
int blake2b_init_key( blake2b_state *S, const byte outlen, const void *key, const byte keylen );
int blake2b_init_param( blake2b_state *S, const blake2b_param *P );
int blake2b_update( blake2b_state *S, const byte *in, word64 inlen );
int blake2b_final( blake2b_state *S, byte *out, byte outlen );
int blake2sp_init( blake2sp_state *S, const byte outlen );
int blake2sp_init_key( blake2sp_state *S, const byte outlen, const void *key, const byte keylen );
int blake2sp_update( blake2sp_state *S, const byte *in, word64 inlen );
int blake2sp_final( blake2sp_state *S, byte *out, byte outlen );
int blake2bp_init( blake2bp_state *S, const byte outlen );
int blake2bp_init_key( blake2bp_state *S, const byte outlen, const void *key, const byte keylen );
int blake2bp_update( blake2bp_state *S, const byte *in, word64 inlen );
int blake2bp_final( blake2bp_state *S, byte *out, byte outlen );
/* Simple API */
int blake2s( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen );
int blake2b( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen );
int blake2sp( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen );
int blake2bp( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen );
static inline int blake2( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen )
{
return blake2b( out, in, key, outlen, inlen, keylen );
}
#if defined(__cplusplus)
}
#endif
#endif /* CTAOCRYPT_BLAKE2_INT_H */

60
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/blake2.h Normal file
View file

@ -0,0 +1,60 @@
/* blake2.h
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_BLAKE2
#ifndef CTAOCRYPT_BLAKE2_H
#define CTAOCRYPT_BLAKE2_H
#include <cyassl/ctaocrypt/blake2-int.h>
#ifdef __cplusplus
extern "C" {
#endif
/* in bytes, variable digest size up to 512 bits (64 bytes) */
enum {
BLAKE2B_ID = 7, /* hash type unique */
BLAKE2B_256 = 32 /* 256 bit type, SSL default */
};
/* BLAKE2b digest */
typedef struct Blake2b {
blake2b_state S[1]; /* our state */
word32 digestSz; /* digest size used on init */
} Blake2b;
CYASSL_API int InitBlake2b(Blake2b*, word32);
CYASSL_API int Blake2bUpdate(Blake2b*, const byte*, word32);
CYASSL_API int Blake2bFinal(Blake2b*, byte*, word32);
#ifdef __cplusplus
}
#endif
#endif /* CTAOCRYPT_BLAKE2_H */
#endif /* HAVE_BLAKE2 */

96
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/camellia.h Normal file
View file

@ -0,0 +1,96 @@
/* camellia.h ver 1.2.0
*
* Copyright (c) 2006,2007
* NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer as
* the first lines of this file unmodified.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/* camellia.h
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CAMELLIA
#ifndef CTAO_CRYPT_CAMELLIA_H
#define CTAO_CRYPT_CAMELLIA_H
#include <cyassl/ctaocrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
enum {
CAMELLIA_BLOCK_SIZE = 16
};
#define CAMELLIA_TABLE_BYTE_LEN 272
#define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / sizeof(word32))
typedef word32 KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN];
typedef struct Camellia {
word32 keySz;
KEY_TABLE_TYPE key;
word32 reg[CAMELLIA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
word32 tmp[CAMELLIA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
} Camellia;
CYASSL_API int CamelliaSetKey(Camellia* cam,
const byte* key, word32 len, const byte* iv);
CYASSL_API int CamelliaSetIV(Camellia* cam, const byte* iv);
CYASSL_API void CamelliaEncryptDirect(Camellia* cam, byte* out, const byte* in);
CYASSL_API void CamelliaDecryptDirect(Camellia* cam, byte* out, const byte* in);
CYASSL_API void CamelliaCbcEncrypt(Camellia* cam,
byte* out, const byte* in, word32 sz);
CYASSL_API void CamelliaCbcDecrypt(Camellia* cam,
byte* out, const byte* in, word32 sz);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* CTAO_CRYPT_AES_H */
#endif /* HAVE_CAMELLIA */

13
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/coding.h
View file

@ -1,6 +1,6 @@
/* coding.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -39,10 +39,17 @@ CYASSL_LOCAL int Base64_Decode(const byte* in, word32 inLen, byte* out,
CYASSL_API
int Base64_Encode(const byte* in, word32 inLen, byte* out,
word32* outLen);
CYASSL_LOCAL
CYASSL_API
int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out,
word32* outLen);
#endif
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_FIPS)
CYASSL_API
int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen);
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif

52
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/compress.h Normal file
View file

@ -0,0 +1,52 @@
/* compress.h
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_LIBZ
#ifndef CTAO_CRYPT_COMPRESS_H
#define CTAO_CRYPT_COMPRESS_H
#include <cyassl/ctaocrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
#define COMPRESS_FIXED 1
CYASSL_API int Compress(byte*, word32, const byte*, word32, word32);
CYASSL_API int DeCompress(byte*, word32, const byte*, word32);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* CTAO_CRYPT_COMPRESS_H */
#endif /* HAVE_LIBZ */

70
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/des3.h
View file

@ -1,6 +1,6 @@
/* des3.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -33,6 +33,8 @@
extern "C" {
#endif
#define CYASSL_3DES_CAVIUM_MAGIC 0xBEEF0003
enum {
DES_ENC_TYPE = 2, /* cipher unique type */
DES3_ENC_TYPE = 3, /* cipher unique type */
@ -40,15 +42,28 @@ enum {
DES_KS_SIZE = 32,
DES_ENCRYPTION = 0,
DES_DECRYPTION = 1,
DES_DECRYPTION = 1
};
#define DES_IVLEN 8
#define DES_KEYLEN 8
#define DES3_IVLEN 8
#define DES3_KEYLEN 24
#ifdef STM32F2_CRYPTO
enum {
DES_CBC = 0,
DES_ECB = 1
};
#endif
/* DES encryption and decryption */
typedef struct Des {
word32 key[DES_KS_SIZE];
word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */
word32 key[DES_KS_SIZE];
} Des;
@ -57,19 +72,50 @@ typedef struct Des3 {
word32 key[3][DES_KS_SIZE];
word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */
#ifdef HAVE_CAVIUM
int devId; /* nitrox device id */
word32 magic; /* using cavium magic */
word64 contextHandle; /* nitrox context memory handle */
#endif
} Des3;
CYASSL_API void Des_SetKey(Des* des, const byte* key, const byte* iv, int dir);
CYASSL_API int Des_SetKey(Des* des, const byte* key, const byte* iv, int dir);
CYASSL_API void Des_SetIV(Des* des, const byte* iv);
CYASSL_API void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz);
CYASSL_API void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz);
CYASSL_API void Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz);
CYASSL_API int Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz);
CYASSL_API int Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz);
CYASSL_API int Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz);
CYASSL_API void Des3_SetKey(Des3* des, const byte* key, const byte* iv,int dir);
CYASSL_API void Des3_SetIV(Des3* des, const byte* iv);
CYASSL_API void Des3_CbcEncrypt(Des3* des, byte* out, const byte* in,word32 sz);
CYASSL_API void Des3_CbcDecrypt(Des3* des, byte* out, const byte* in,word32 sz);
CYASSL_API int Des3_SetKey(Des3* des, const byte* key, const byte* iv,int dir);
CYASSL_API int Des3_SetIV(Des3* des, const byte* iv);
CYASSL_API int Des3_CbcEncrypt(Des3* des, byte* out, const byte* in,word32 sz);
CYASSL_API int Des3_CbcDecrypt(Des3* des, byte* out, const byte* in,word32 sz);
#ifdef HAVE_CAVIUM
CYASSL_API int Des3_InitCavium(Des3*, int);
CYASSL_API void Des3_FreeCavium(Des3*);
#endif
#ifdef HAVE_FIPS
/* fips wrapper calls, user can call direct */
CYASSL_API int Des3_SetKey_fips(Des3* des, const byte* key, const byte* iv,
int dir);
CYASSL_API int Des3_SetIV_fips(Des3* des, const byte* iv);
CYASSL_API int Des3_CbcEncrypt_fips(Des3* des, byte* out, const byte* in,
word32 sz);
CYASSL_API int Des3_CbcDecrypt_fips(Des3* des, byte* out, const byte* in,
word32 sz);
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define Des3_SetKey Des3_SetKey_fips
#define Des3_SetIV Des3_SetIV_fips
#define Des3_CbcEncrypt Des3_CbcEncrypt_fips
#define Des3_CbcDecrypt Des3_CbcDecrypt_fips
#endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */
#ifdef __cplusplus

4
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/dh.h
View file

@ -1,6 +1,6 @@
/* dh.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

4
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/dsa.h
View file

@ -1,6 +1,6 @@
/* dsa.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

73
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/ecc.h
View file

@ -1,6 +1,6 @@
/* ecc.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_ECC
@ -49,7 +49,7 @@ typedef struct {
int size; /* The size of the curve in octets */
const char* name; /* name of this curve */
const char* prime; /* prime that defines the field, curve is in (hex) */
const char* B; /* fields B param (hex) */
const char* Bf; /* fields B param (hex) */
const char* order; /* order of the curve (hex) */
const char* Gx; /* x coordinate of the base point on curve (hex) */
const char* Gy; /* y coordinate of the base point on curve (hex) */
@ -91,12 +91,14 @@ CYASSL_API
int ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
RNG* rng, ecc_key* key);
CYASSL_API
int ecc_verify_hash(const byte* sig, word32 siglen, byte* hash, word32 hashlen,
int* stat, ecc_key* key);
int ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
word32 hashlen, int* stat, ecc_key* key);
CYASSL_API
void ecc_init(ecc_key* key);
CYASSL_API
void ecc_free(ecc_key* key);
CYASSL_API
void ecc_fp_free(void);
/* ASN key helpers */
@ -107,6 +109,8 @@ int ecc_import_x963(const byte* in, word32 inLen, ecc_key* key);
CYASSL_API
int ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
word32 pubSz, ecc_key* key);
CYASSL_API
int ecc_export_private_only(ecc_key* key, byte* out, word32* outLen);
/* size helper */
CYASSL_API
@ -114,12 +118,63 @@ int ecc_size(ecc_key* key);
CYASSL_API
int ecc_sig_size(ecc_key* key);
/* TODO: fix mutex types */
#define MUTEX_GLOBAL(x) int (x);
#define MUTEX_LOCK(x)
#define MUTEX_UNLOCK(x)
#ifdef HAVE_ECC_ENCRYPT
/* ecc encrypt */
enum ecEncAlgo {
ecAES_128_CBC = 1, /* default */
ecAES_256_CBC = 2
};
enum ecKdfAlgo {
ecHKDF_SHA256 = 1, /* default */
ecHKDF_SHA1 = 2
};
enum ecMacAlgo {
ecHMAC_SHA256 = 1, /* default */
ecHMAC_SHA1 = 2
};
enum {
KEY_SIZE_128 = 16,
KEY_SIZE_256 = 32,
IV_SIZE_64 = 8,
EXCHANGE_SALT_SZ = 16,
EXCHANGE_INFO_SZ = 23
};
enum ecFlags {
REQ_RESP_CLIENT = 1,
REQ_RESP_SERVER = 2
};
typedef struct ecEncCtx ecEncCtx;
CYASSL_API
ecEncCtx* ecc_ctx_new(int flags, RNG* rng);
CYASSL_API
void ecc_ctx_free(ecEncCtx*);
CYASSL_API
int ecc_ctx_reset(ecEncCtx*, RNG*); /* reset for use again w/o alloc/free */
CYASSL_API
const byte* ecc_ctx_get_own_salt(ecEncCtx*);
CYASSL_API
int ecc_ctx_set_peer_salt(ecEncCtx*, const byte* salt);
CYASSL_API
int ecc_ctx_set_info(ecEncCtx*, const byte* info, int sz);
CYASSL_API
int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
CYASSL_API
int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
#endif /* HAVE_ECC_ENCRYPT */
#ifdef __cplusplus
} /* extern "C" */

45
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/error.h → FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/error-crypt.h
View file

@ -1,6 +1,6 @@
/* error.h
/* error-crypt.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -33,13 +33,13 @@
/* error codes */
enum {
MAX_ERROR_SZ = 80, /* max size of error string */
MAX_CODE_E = -100, /* errors -101 - -199 */
MAX_CODE_E = -100, /* errors -101 - -299 */
OPEN_RAN_E = -101, /* opening random device error */
READ_RAN_E = -102, /* reading random device error */
WINCRYPT_E = -103, /* windows crypt init error */
CRYPTGEN_E = -104, /* windows crypt generation error */
RAN_BLOCK_E = -105, /* reading random device would block */
BAD_MUTEX_E = -106, /* Bad mutex operation */
MP_INIT_E = -110, /* mp_init error state */
MP_READ_E = -111, /* mp_read error state */
@ -88,6 +88,7 @@ enum {
ASN_SIG_KEY_E = -157, /* ASN sig error, unsupported key type */
ASN_DH_KEY_E = -158, /* ASN key init error, invalid input */
ASN_NTRU_KEY_E = -159, /* ASN ntru key decode error, invalid input */
ASN_CRIT_EXT_E = -160, /* ASN unsupported critical extension */
ECC_BAD_ARG_E = -170, /* ECC input argument of wrong type */
ASN_ECC_KEY_E = -171, /* ASN ECC bad input */
@ -99,12 +100,41 @@ enum {
ALT_NAME_E = -177, /* alt name size problem, too big */
AES_GCM_AUTH_E = -180, /* AES-GCM Authentication check failure */
AES_CCM_AUTH_E = -181, /* AES-CCM Authentication check failure */
MIN_CODE_E = -200 /* errors -101 - -199 */
CAVIUM_INIT_E = -182, /* Cavium Init type error */
COMPRESS_INIT_E = -183, /* Compress init error */
COMPRESS_E = -184, /* Compress error */
DECOMPRESS_INIT_E = -185, /* DeCompress init error */
DECOMPRESS_E = -186, /* DeCompress error */
BAD_ALIGN_E = -187, /* Bad alignment for operation, no alloc */
ASN_NO_SIGNER_E = -188, /* ASN no signer to confirm failure */
ASN_CRL_CONFIRM_E = -189, /* ASN CRL signature confirm failure */
ASN_CRL_NO_SIGNER_E = -190, /* ASN CRL no signer to confirm failure */
ASN_OCSP_CONFIRM_E = -191, /* ASN OCSP signature confirm failure */
BAD_ENC_STATE_E = -192, /* Bad ecc enc state operation */
BAD_PADDING_E = -193, /* Bad padding, msg not correct length */
REQ_ATTRIBUTE_E = -194, /* setting cert request attributes error */
PKCS7_OID_E = -195, /* PKCS#7, mismatched OID error */
PKCS7_RECIP_E = -196, /* PKCS#7, recipient error */
FIPS_NOT_ALLOWED_E = -197, /* FIPS not allowed error */
ASN_NAME_INVALID_E = -198, /* ASN name constraint error */
RNG_FAILURE_E = -199, /* RNG Failed, Reinitialize */
HMAC_MIN_KEYLEN_E = -200, /* FIPS Mode HMAC Minimum Key Length error */
MIN_CODE_E = -300 /* errors -101 - -299 */
};
CYASSL_API void CTaoCryptErrorString(int error, char* buffer);
CYASSL_API void CTaoCryptErrorString(int err, char* buff);
CYASSL_API const char* CTaoCryptGetErrorString(int error);
#ifdef __cplusplus
@ -113,3 +143,4 @@ CYASSL_API void CTaoCryptErrorString(int error, char* buffer);
#endif /* CTAO_CRYPT_ERROR_H */

43
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/fips_test.h Normal file
View file

@ -0,0 +1,43 @@
/* fips_test.h
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifndef CTAO_CRYPT_FIPS_TEST_H
#define CTAO_CRYPT_FIPS_TEST_H
#include <cyassl/ctaocrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
/* Known Answer Test string inputs are hex */
CYASSL_LOCAL int DoKnownAnswerTests(void);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* CTAO_CRYPT_FIPS_TEST_H */

8
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/hc128.h
View file

@ -1,6 +1,6 @@
/* hc128.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -47,8 +47,8 @@ typedef struct HC128 {
} HC128;
CYASSL_API void Hc128_Process(HC128*, byte*, const byte*, word32);
CYASSL_API void Hc128_SetKey(HC128*, const byte* key, const byte* iv);
CYASSL_API int Hc128_Process(HC128*, byte*, const byte*, word32);
CYASSL_API int Hc128_SetKey(HC128*, const byte* key, const byte* iv);
#ifdef __cplusplus

142
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/hmac.h
View file

@ -1,6 +1,6 @@
/* hmac.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -25,51 +25,111 @@
#ifndef CTAO_CRYPT_HMAC_H
#define CTAO_CRYPT_HMAC_H
#include <cyassl/ctaocrypt/md5.h>
#include <cyassl/ctaocrypt/sha.h>
#include <cyassl/ctaocrypt/types.h>
#ifndef NO_MD5
#include <cyassl/ctaocrypt/md5.h>
#endif
#ifndef NO_SHA
#include <cyassl/ctaocrypt/sha.h>
#endif
#ifndef NO_SHA256
#include <cyassl/ctaocrypt/sha256.h>
#endif
#ifdef CYASSL_SHA384
#ifdef CYASSL_SHA512
#include <cyassl/ctaocrypt/sha512.h>
#endif
#ifdef HAVE_BLAKE2
#include <cyassl/ctaocrypt/blake2.h>
#endif
#ifdef HAVE_CAVIUM
#include <cyassl/ctaocrypt/logging.h>
#include "cavium_common.h"
#endif
#ifdef __cplusplus
extern "C" {
#endif
#define CYASSL_HMAC_CAVIUM_MAGIC 0xBEEF0005
enum {
HMAC_FIPS_MIN_KEY = 14, /* 112 bit key length minimum */
IPAD = 0x36,
OPAD = 0x5C,
#if defined(CYASSL_SHA384)
INNER_HASH_SIZE = SHA384_DIGEST_SIZE,
/* If any hash is not enabled, add the ID here. */
#ifdef NO_MD5
MD5 = 0,
#endif
#ifdef NO_SHA
SHA = 1,
#endif
#ifdef NO_SHA256
SHA256 = 2,
#endif
#ifndef CYASSL_SHA512
SHA512 = 4,
#endif
#ifndef CYASSL_SHA384
SHA384 = 5,
#endif
#ifndef HAVE_BLAKE2
BLAKE2B_ID = 7,
#endif
/* Select the largest available hash for the buffer size. */
#if defined(CYASSL_SHA512)
MAX_DIGEST_SIZE = SHA512_DIGEST_SIZE,
HMAC_BLOCK_SIZE = SHA512_BLOCK_SIZE
#elif defined(HAVE_BLAKE2)
MAX_DIGEST_SIZE = BLAKE2B_OUTBYTES,
HMAC_BLOCK_SIZE = BLAKE2B_BLOCKBYTES,
#elif defined(CYASSL_SHA384)
MAX_DIGEST_SIZE = SHA384_DIGEST_SIZE,
HMAC_BLOCK_SIZE = SHA384_BLOCK_SIZE
#elif !defined(NO_SHA256)
INNER_HASH_SIZE = SHA256_DIGEST_SIZE,
HMAC_BLOCK_SIZE = SHA256_BLOCK_SIZE,
SHA384 = 5
MAX_DIGEST_SIZE = SHA256_DIGEST_SIZE,
HMAC_BLOCK_SIZE = SHA256_BLOCK_SIZE
#elif !defined(NO_SHA)
MAX_DIGEST_SIZE = SHA_DIGEST_SIZE,
HMAC_BLOCK_SIZE = SHA_BLOCK_SIZE
#elif !defined(NO_MD5)
MAX_DIGEST_SIZE = MD5_DIGEST_SIZE,
HMAC_BLOCK_SIZE = MD5_BLOCK_SIZE
#else
INNER_HASH_SIZE = SHA_DIGEST_SIZE,
HMAC_BLOCK_SIZE = SHA_BLOCK_SIZE,
SHA256 = 2, /* hash type unique */
SHA384 = 5
#error "You have to have some kind of hash if you want to use HMAC."
#endif
};
/* hash union */
typedef union {
Md5 md5;
Sha sha;
#ifndef NO_MD5
Md5 md5;
#endif
#ifndef NO_SHA
Sha sha;
#endif
#ifndef NO_SHA256
Sha256 sha256;
#endif
#ifdef CYASSL_SHA384
Sha384 sha384;
#endif
#ifdef CYASSL_SHA512
Sha512 sha512;
#endif
#ifdef HAVE_BLAKE2
Blake2b blake2b;
#endif
} Hash;
/* Hmac digest */
@ -77,16 +137,58 @@ typedef struct Hmac {
Hash hash;
word32 ipad[HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
word32 opad[HMAC_BLOCK_SIZE / sizeof(word32)];
word32 innerHash[INNER_HASH_SIZE / sizeof(word32)]; /* max size */
word32 innerHash[MAX_DIGEST_SIZE / sizeof(word32)];
byte macType; /* md5 sha or sha256 */
byte innerHashKeyed; /* keyed flag */
#ifdef HAVE_CAVIUM
word16 keyLen; /* hmac key length */
word16 dataLen;
HashType type; /* hmac key type */
int devId; /* nitrox device id */
word32 magic; /* using cavium magic */
word64 contextHandle; /* nitrox context memory handle */
byte* data; /* buffered input data for one call */
#endif
} Hmac;
/* does init */
CYASSL_API void HmacSetKey(Hmac*, int type, const byte* key, word32 keySz);
CYASSL_API void HmacUpdate(Hmac*, const byte*, word32);
CYASSL_API void HmacFinal(Hmac*, byte*);
CYASSL_API int HmacSetKey(Hmac*, int type, const byte* key, word32 keySz);
CYASSL_API int HmacUpdate(Hmac*, const byte*, word32);
CYASSL_API int HmacFinal(Hmac*, byte*);
#ifdef HAVE_CAVIUM
CYASSL_API int HmacInitCavium(Hmac*, int);
CYASSL_API void HmacFreeCavium(Hmac*);
#endif
CYASSL_API int CyaSSL_GetHmacMaxSize(void);
#ifdef HAVE_HKDF
CYASSL_API int HKDF(int type, const byte* inKey, word32 inKeySz,
const byte* salt, word32 saltSz,
const byte* info, word32 infoSz,
byte* out, word32 outSz);
#endif /* HAVE_HKDF */
#ifdef HAVE_FIPS
/* fips wrapper calls, user can call direct */
CYASSL_API int HmacSetKey_fips(Hmac*, int type, const byte* key,
word32 keySz);
CYASSL_API int HmacUpdate_fips(Hmac*, const byte*, word32);
CYASSL_API int HmacFinal_fips(Hmac*, byte*);
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define HmacSetKey HmacSetKey_fips
#define HmacUpdate HmacUpdate_fips
#define HmacFinal HmacFinal_fips
#endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */
#ifdef __cplusplus

10
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/include.am
View file

@ -6,12 +6,15 @@ nobase_include_HEADERS+= \
cyassl/ctaocrypt/arc4.h \
cyassl/ctaocrypt/asn.h \
cyassl/ctaocrypt/asn_public.h \
cyassl/ctaocrypt/camellia.h \
cyassl/ctaocrypt/coding.h \
cyassl/ctaocrypt/compress.h \
cyassl/ctaocrypt/des3.h \
cyassl/ctaocrypt/dh.h \
cyassl/ctaocrypt/dsa.h \
cyassl/ctaocrypt/ecc.h \
cyassl/ctaocrypt/error.h \
cyassl/ctaocrypt/error-crypt.h \
cyassl/ctaocrypt/fips_test.h \
cyassl/ctaocrypt/hc128.h \
cyassl/ctaocrypt/hmac.h \
cyassl/ctaocrypt/integer.h \
@ -19,6 +22,8 @@ nobase_include_HEADERS+= \
cyassl/ctaocrypt/md4.h \
cyassl/ctaocrypt/md5.h \
cyassl/ctaocrypt/misc.h \
cyassl/ctaocrypt/pkcs7.h \
cyassl/ctaocrypt/wc_port.h \
cyassl/ctaocrypt/pwdbased.h \
cyassl/ctaocrypt/rabbit.h \
cyassl/ctaocrypt/random.h \
@ -28,6 +33,9 @@ nobase_include_HEADERS+= \
cyassl/ctaocrypt/sha256.h \
cyassl/ctaocrypt/sha512.h \
cyassl/ctaocrypt/sha.h \
cyassl/ctaocrypt/blake2.h \
cyassl/ctaocrypt/blake2-int.h \
cyassl/ctaocrypt/blake2-impl.h \
cyassl/ctaocrypt/tfm.h \
cyassl/ctaocrypt/types.h \
cyassl/ctaocrypt/visibility.h \

32
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/integer.h
View file

@ -1,6 +1,6 @@
/* integer.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
/*
@ -70,6 +70,10 @@ extern "C" {
#define MP_64BIT
#endif
#endif
/* if intel compiler doesn't provide 128 bit type don't turn on 64bit */
#if defined(MP_64BIT) && defined(__INTEL_COMPILER) && !defined(HAVE___UINT128_T)
#undef MP_64BIT
#endif
/* some default configurations.
*
@ -82,33 +86,23 @@ extern "C" {
#ifdef MP_8BIT
typedef unsigned char mp_digit;
typedef unsigned short mp_word;
#elif defined(MP_16BIT)
#elif defined(MP_16BIT) || defined(NO_64BIT)
typedef unsigned short mp_digit;
typedef unsigned long mp_word;
typedef unsigned int mp_word;
#elif defined(MP_64BIT)
/* for GCC only on supported platforms */
#ifndef CRYPT
typedef unsigned long long ulong64;
typedef signed long long long64;
#endif
typedef unsigned long mp_digit;
typedef unsigned long long mp_digit; /* 64 bit type, 128 uses mode(TI) */
typedef unsigned long mp_word __attribute__ ((mode(TI)));
#define DIGIT_BIT 60
#else
/* this is the default case, 28-bit digits */
/* this is to make porting into LibTomCrypt easier :-) */
#ifndef CRYPT
#if defined(_MSC_VER) || defined(__BORLANDC__)
typedef unsigned __int64 ulong64;
typedef signed __int64 long64;
#else
typedef unsigned long long ulong64;
typedef signed long long long64;
#endif
#endif
typedef unsigned int mp_digit; /* long could be 64 now, changed TAO */
typedef ulong64 mp_word;
@ -235,15 +229,16 @@ int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y);
/* functions added to support above needed, removed TOOM and KARATSUBA */
int mp_count_bits (mp_int * a);
int mp_leading_bit (mp_int * a);
int mp_init_copy (mp_int * a, mp_int * b);
int mp_copy (mp_int * a, mp_int * b);
int mp_grow (mp_int * a, int size);
void bn_reverse (unsigned char *s, int len);
int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d);
void mp_zero (mp_int * a);
void mp_clamp (mp_int * a);
void mp_exch (mp_int * a, mp_int * b);
void mp_rshd (mp_int * a, int b);
void mp_rshb (mp_int * a, int b);
int mp_mod_2d (mp_int * a, int b, mp_int * c);
int mp_mul_2d (mp_int * a, int b, mp_int * c);
int mp_lshd (mp_int * a, int b);
@ -295,6 +290,7 @@ int mp_2expt (mp_int * a, int b);
int mp_reduce_2k_setup(mp_int *a, mp_digit *d);
int mp_add_d (mp_int* a, mp_digit b, mp_int* c);
int mp_set_int (mp_int * a, unsigned long b);
int mp_sub_d (mp_int * a, mp_digit b, mp_int * c);
/* end support added functions */
/* added */
@ -314,10 +310,6 @@ int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e,
int mp_lcm (mp_int * a, mp_int * b, mp_int * c);
#endif
#if defined(CYASSL_KEY_GEN) || defined(HAVE_ECC) || !defined(NO_PWDBASED)
int mp_sub_d (mp_int * a, mp_digit b, mp_int * c);
#endif
#ifdef __cplusplus
}
#endif

6
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/logging.h
View file

@ -1,6 +1,6 @@
/* logging.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
/* submitted by eof */
@ -58,7 +58,7 @@ CYASSL_API int CyaSSL_SetLoggingCb(CyaSSL_Logging_cb log_function);
#define CYASSL_ENTER(m)
#define CYASSL_LEAVE(m, r)
#define CYASSL_ERROR(e)
#define CYASSL_ERROR(e)
#define CYASSL_MSG(m)
#endif /* DEBUG_CYASSL */

5
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/md2.h
View file

@ -1,6 +1,6 @@
/* md2.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -54,6 +54,7 @@ typedef struct Md2 {
CYASSL_API void InitMd2(Md2*);
CYASSL_API void Md2Update(Md2*, const byte*, word32);
CYASSL_API void Md2Final(Md2*, byte*);
CYASSL_API int Md2Hash(const byte*, word32, byte*);
#ifdef __cplusplus

4
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/md4.h
View file

@ -1,6 +1,6 @@
/* md4.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

22
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/md5.h
View file

@ -1,6 +1,6 @@
/* md5.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,9 +16,10 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifndef NO_MD5
#ifndef CTAO_CRYPT_MD5_H
#define CTAO_CRYPT_MD5_H
@ -32,26 +33,37 @@
/* in bytes */
enum {
#ifdef STM32F2_HASH
MD5_REG_SIZE = 4, /* STM32 register size, bytes */
#endif
MD5 = 0, /* hash type unique */
MD5_BLOCK_SIZE = 64,
MD5_DIGEST_SIZE = 16,
MD5_PAD_SIZE = 56
};
#ifdef CYASSL_PIC32MZ_HASH
#include "port/pic32/pic32mz-crypt.h"
#endif
/* MD5 digest */
typedef struct Md5 {
word32 buffLen; /* in bytes */
word32 loLen; /* length in bytes */
word32 hiLen; /* length in bytes */
word32 digest[MD5_DIGEST_SIZE / sizeof(word32)];
word32 buffer[MD5_BLOCK_SIZE / sizeof(word32)];
#ifndef CYASSL_PIC32MZ_HASH
word32 digest[MD5_DIGEST_SIZE / sizeof(word32)];
#else
word32 digest[PIC32_HASH_SIZE / sizeof(word32)];
pic32mz_desc desc ; /* Crypt Engine descripter */
#endif
} Md5;
CYASSL_API void InitMd5(Md5*);
CYASSL_API void Md5Update(Md5*, const byte*, word32);
CYASSL_API void Md5Final(Md5*, byte*);
CYASSL_API int Md5Hash(const byte*, word32, byte*);
#ifdef __cplusplus
@ -59,4 +71,4 @@ CYASSL_API void Md5Final(Md5*, byte*);
#endif
#endif /* CTAO_CRYPT_MD5_H */
#endif /* NO_MD5 */

4
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/memory.h
View file

@ -1,6 +1,6 @@
/* memory.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
/* submitted by eof */

8
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/misc.h
View file

@ -1,6 +1,6 @@
/* misc.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -42,13 +42,11 @@ CYASSL_LOCAL
word32 ByteReverseWord32(word32);
CYASSL_LOCAL
void ByteReverseWords(word32*, const word32*, word32);
CYASSL_LOCAL
void ByteReverseBytes(byte*, const byte*, word32);
CYASSL_LOCAL
void XorWords(word*, const word*, word32);
CYASSL_LOCAL
void xorbuf(byte*, const byte*, word32);
void xorbuf(void*, const void*, word32);
#ifdef WORD64_AVAILABLE
CYASSL_LOCAL

4
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/mpi_class.h
View file

@ -1,6 +1,6 @@
/* mpi_class.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

4
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/mpi_superclass.h
View file

@ -1,6 +1,6 @@
/* mpi_superclass.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

123
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/pkcs7.h Normal file
View file

@ -0,0 +1,123 @@
/* pkcs7.h
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_PKCS7
#ifndef CTAO_CRYPT_PKCS7_H
#define CTAO_CRYPT_PKCS7_H
#include <cyassl/ctaocrypt/types.h>
#include <cyassl/ctaocrypt/asn.h>
#include <cyassl/ctaocrypt/asn_public.h>
#include <cyassl/ctaocrypt/random.h>
#include <cyassl/ctaocrypt/des3.h>
#ifdef __cplusplus
extern "C" {
#endif
/* PKCS#7 content types, ref RFC 2315 (Section 14) */
enum PKCS7_TYPES {
PKCS7_MSG = 650, /* 1.2.840.113549.1.7 */
DATA = 651, /* 1.2.840.113549.1.7.1 */
SIGNED_DATA = 652, /* 1.2.840.113549.1.7.2 */
ENVELOPED_DATA = 653, /* 1.2.840.113549.1.7.3 */
SIGNED_AND_ENVELOPED_DATA = 654, /* 1.2.840.113549.1.7.4 */
DIGESTED_DATA = 655, /* 1.2.840.113549.1.7.5 */
ENCRYPTED_DATA = 656 /* 1.2.840.113549.1.7.6 */
};
enum Pkcs7_Misc {
PKCS7_NONCE_SZ = 16,
MAX_ENCRYPTED_KEY_SZ = 512, /* max enc. key size, RSA <= 4096 */
MAX_CONTENT_KEY_LEN = DES3_KEYLEN, /* highest current cipher is 3DES */
MAX_RECIP_SZ = MAX_VERSION_SZ +
MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ +
MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ
};
typedef struct PKCS7Attrib {
byte* oid;
word32 oidSz;
byte* value;
word32 valueSz;
} PKCS7Attrib;
typedef struct PKCS7 {
byte* content; /* inner content, not owner */
word32 contentSz; /* content size */
int contentOID; /* PKCS#7 content type OID sum */
RNG* rng;
int hashOID;
int encryptOID; /* key encryption algorithm OID */
byte* singleCert; /* recipient cert, DER, not owner */
word32 singleCertSz; /* size of recipient cert buffer, bytes */
byte issuerHash[SHA_SIZE]; /* hash of all alt Names */
byte* issuer; /* issuer name of singleCert */
word32 issuerSz; /* length of issuer name */
byte issuerSn[MAX_SN_SZ]; /* singleCert's serial number */
word32 issuerSnSz; /* length of serial number */
byte publicKey[512];
word32 publicKeySz;
byte* privateKey; /* private key, DER, not owner */
word32 privateKeySz; /* size of private key buffer, bytes */
PKCS7Attrib* signedAttribs;
word32 signedAttribsSz;
} PKCS7;
CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output);
CYASSL_LOCAL int GetContentType(const byte* input, word32* inOutIdx,
word32* oid, word32 maxIdx);
CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz,
int keyEncAlgo, int blockKeySz,
RNG* rng, byte* contentKeyPlain,
byte* contentKeyEnc,
int* keyEncSz, byte* out, word32 outSz);
CYASSL_API int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz);
CYASSL_API void PKCS7_Free(PKCS7* pkcs7);
CYASSL_API int PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz);
CYASSL_API int PKCS7_EncodeSignedData(PKCS7* pkcs7,
byte* output, word32 outputSz);
CYASSL_API int PKCS7_VerifySignedData(PKCS7* pkcs7,
byte* pkiMsg, word32 pkiMsgSz);
CYASSL_API int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7,
byte* output, word32 outputSz);
CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
word32 pkiMsgSz, byte* output,
word32 outputSz);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* CTAO_CRYPT_PKCS7_H */
#endif /* HAVE_PKCS7 */

4
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/pwdbased.h
View file

@ -1,6 +1,6 @@
/* pwdbased.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

8
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/rabbit.h
View file

@ -1,6 +1,6 @@
/* rabbit.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -52,8 +52,8 @@ typedef struct Rabbit {
} Rabbit;
CYASSL_API void RabbitProcess(Rabbit*, byte*, const byte*, word32);
CYASSL_API void RabbitSetKey(Rabbit*, const byte* key, const byte* iv);
CYASSL_API int RabbitProcess(Rabbit*, byte*, const byte*, word32);
CYASSL_API int RabbitSetKey(Rabbit*, const byte* key, const byte* iv);
#ifdef __cplusplus

96
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/random.h
View file

@ -1,6 +1,6 @@
/* random.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,14 +16,24 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifndef CTAO_CRYPT_RANDOM_H
#define CTAO_CRYPT_RANDOM_H
#include <cyassl/ctaocrypt/arc4.h>
#include <cyassl/ctaocrypt/types.h>
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
#ifdef NO_SHA256
#error "Hash DRBG requires SHA-256."
#endif /* NO_SHA256 */
#include <cyassl/ctaocrypt/sha256.h>
#else /* HAVE_HASHDRBG || NO_RC4 */
#include <cyassl/ctaocrypt/arc4.h>
#endif /* HAVE_HASHDRBG || NO_RC4 */
#ifdef __cplusplus
extern "C" {
@ -49,20 +59,92 @@ typedef struct OS_Seed {
#endif
} OS_Seed;
CYASSL_LOCAL
int GenerateSeed(OS_Seed* os, byte* seed, word32 sz);
#if defined(CYASSL_MDK_ARM)
#undef RNG
#define RNG CyaSSL_RNG /* for avoiding name conflict in "stm32f2xx.h" */
#endif
/* secure Random Nnumber Generator */
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
#define DRBG_SEED_LEN (440/8)
/* Hash-based Deterministic Random Bit Generator */
typedef struct RNG {
OS_Seed seed;
Arc4 cipher;
Sha256 sha;
byte digest[SHA256_DIGEST_SIZE];
byte V[DRBG_SEED_LEN];
byte C[DRBG_SEED_LEN];
word32 reseedCtr;
byte status;
} RNG;
#else /* HAVE_HASHDRBG || NO_RC4 */
#define CYASSL_RNG_CAVIUM_MAGIC 0xBEEF0004
/* secure Random Number Generator */
typedef struct RNG {
OS_Seed seed;
Arc4 cipher;
#ifdef HAVE_CAVIUM
int devId; /* nitrox device id */
word32 magic; /* using cavium magic */
#endif
} RNG;
#ifdef HAVE_CAVIUM
CYASSL_API int InitRngCavium(RNG*, int);
#endif
#endif /* HAVE_HASH_DRBG || NO_RC4 */
CYASSL_API int InitRng(RNG*);
CYASSL_API void RNG_GenerateBlock(RNG*, byte*, word32 sz);
CYASSL_API byte RNG_GenerateByte(RNG*);
CYASSL_API int RNG_GenerateBlock(RNG*, byte*, word32 sz);
CYASSL_API int RNG_GenerateByte(RNG*, byte*);
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
CYASSL_API int FreeRng(RNG*);
CYASSL_API int RNG_HealthTest(int reseed,
const byte* entropyA, word32 entropyASz,
const byte* entropyB, word32 entropyBSz,
const byte* output, word32 outputSz);
#endif /* HAVE_HASHDRBG || NO_RC4 */
#ifdef HAVE_FIPS
/* fips wrapper calls, user can call direct */
CYASSL_API int InitRng_fips(RNG* rng);
CYASSL_API int FreeRng_fips(RNG* rng);
CYASSL_API int RNG_GenerateBlock_fips(RNG* rng, byte* buf, word32 bufSz);
CYASSL_API int RNG_HealthTest_fips(int reseed,
const byte* entropyA, word32 entropyASz,
const byte* entropyB, word32 entropyBSz,
const byte* output, word32 outputSz);
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define InitRng InitRng_fips
#define FreeRng FreeRng_fips
#define RNG_GenerateBlock RNG_GenerateBlock_fips
#define RNG_HealthTest RNG_HealthTest_fips
#endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */
#ifdef __cplusplus

4
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/ripemd.h
View file

@ -1,6 +1,6 @@
/* ripemd.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

69
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/rsa.h
View file

@ -1,6 +1,6 @@
/* rsa.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,9 +16,10 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifndef NO_RSA
#ifndef CTAO_CRYPT_RSA_H
#define CTAO_CRYPT_RSA_H
@ -31,6 +32,7 @@
extern "C" {
#endif
#define CYASSL_RSA_CAVIUM_MAGIC 0xBEEF0006
enum {
RSA_PUBLIC = 0,
@ -42,11 +44,25 @@ typedef struct RsaKey {
mp_int n, e, d, p, q, dP, dQ, u;
int type; /* public or private */
void* heap; /* for user memory overrides */
#ifdef HAVE_CAVIUM
int devId; /* nitrox device id */
word32 magic; /* using cavium magic */
word64 contextHandle; /* nitrox context memory handle */
byte* c_n; /* cavium byte buffers for key parts */
byte* c_e;
byte* c_d;
byte* c_p;
byte* c_q;
byte* c_dP;
byte* c_dQ;
byte* c_u; /* sizes in bytes */
word16 c_nSz, c_eSz, c_dSz, c_pSz, c_qSz, c_dP_Sz, c_dQ_Sz, c_uSz;
#endif
} RsaKey;
CYASSL_API void InitRsaKey(RsaKey* key, void*);
CYASSL_API void FreeRsaKey(RsaKey* key);
CYASSL_API int InitRsaKey(RsaKey* key, void*);
CYASSL_API int FreeRsaKey(RsaKey* key);
CYASSL_API int RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, RNG* rng);
@ -71,6 +87,50 @@ CYASSL_API int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*,
CYASSL_API int RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
#endif
#ifdef HAVE_CAVIUM
CYASSL_API int RsaInitCavium(RsaKey*, int);
CYASSL_API void RsaFreeCavium(RsaKey*);
#endif
#ifdef HAVE_FIPS
/* fips wrapper calls, user can call direct */
CYASSL_API int InitRsaKey_fips(RsaKey* key, void*);
CYASSL_API int FreeRsaKey_fips(RsaKey* key);
CYASSL_API int RsaPublicEncrypt_fips(const byte* in,word32 inLen,byte* out,
word32 outLen, RsaKey* key, RNG* rng);
CYASSL_API int RsaPrivateDecryptInline_fips(byte* in, word32 inLen,
byte** out, RsaKey* key);
CYASSL_API int RsaPrivateDecrypt_fips(const byte* in, word32 inLen,
byte* out,word32 outLen,RsaKey* key);
CYASSL_API int RsaSSL_Sign_fips(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, RNG* rng);
CYASSL_API int RsaSSL_VerifyInline_fips(byte* in, word32 inLen, byte** out,
RsaKey* key);
CYASSL_API int RsaSSL_Verify_fips(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key);
CYASSL_API int RsaEncryptSize_fips(RsaKey* key);
CYASSL_API int RsaPrivateKeyDecode_fips(const byte* input, word32* inOutIdx,
RsaKey*, word32);
CYASSL_API int RsaPublicKeyDecode_fips(const byte* input, word32* inOutIdx,
RsaKey*, word32);
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define InitRsaKey InitRsaKey_fips
#define FreeRsaKey FreeRsaKey_fips
#define RsaPublicEncrypt RsaPublicEncrypt_fips
#define RsaPrivateDecryptInline RsaPrivateDecryptInline_fips
#define RsaPrivateDecrypt RsaPrivateDecrypt_fips
#define RsaSSL_Sign RsaSSL_Sign_fips
#define RsaSSL_VerifyInline RsaSSL_VerifyInline_fips
#define RsaSSL_Verify RsaSSL_Verify_fips
#define RsaEncryptSize RsaEncryptSize_fips
/* no implicit KeyDecodes since in asn.c (not rsa.c) */
#endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */
#ifdef __cplusplus
@ -79,3 +139,4 @@ CYASSL_API int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*,
#endif /* CTAO_CRYPT_RSA_H */
#endif /* NO_RSA */

395
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/settings.h
View file

@ -1,6 +1,6 @@
/* settings.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
/* Place OS specific preprocessor flags, defines, includes here, will be
@ -45,18 +45,50 @@
/* Uncomment next line if using Microchip PIC32 ethernet starter kit */
/* #define MICROCHIP_PIC32 */
/* Uncomment next line if using Microchip TCP/IP stack, version 5 */
/* #define MICROCHIP_TCPIP_V5 */
/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */
/* #define MICROCHIP_TCPIP */
/* Uncomment next line if using PIC32MZ Crypto Engine */
/* #define CYASSL_MICROCHIP_PIC32MZ */
/* Uncomment next line if using FreeRTOS */
/* #define FREERTOS */
/* Uncomment next line if using FreeRTOS Windows Simulator */
/* #define FREERTOS_WINSIM */
/* Uncomment next line if using RTIP */
/* #define EBSNET */
/* Uncomment next line if using lwip */
/* #define CYASSL_LWIP */
/* Uncomment next line if building CyaSSL for a game console */
/* #define CYASSL_GAME_BUILD */
/* Uncomment next line if building CyaSSL for LSR */
/* #define CYASSL_LSR */
/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */
/* #define FREESCALE_MQX */
/* Uncomment next line if using STM32F2 */
/* #define CYASSL_STM32F2 */
/* Uncomment next line if using Comverge settings */
/* #define COMVERGE */
/* Uncomment next line if using QL SEP settings */
/* #define CYASSL_QL */
/* Uncomment next line if building for EROAD */
/* #define CYASSL_EROAD */
/* Uncomment next line if building for IAR EWARM */
/* #define CYASSL_IAR_ARM */
#include <cyassl/ctaocrypt/visibility.h>
@ -64,38 +96,181 @@
#define SIZEOF_LONG_LONG 8
#endif
#ifdef CYASSL_USER_SETTINGS
#include <user_settings.h>
#endif
#ifdef COMVERGE
#define THREADX
#define HAVE_NETX
#define CYASSL_USER_IO
#define NO_WRITEV
#define NO_DEV_RANDOM
#define NO_FILESYSTEM
#define NO_SHA512
#define NO_DH
#define NO_DSA
#define NO_HC128
#define NO_RSA
#define NO_SESSION_CACHE
#define HAVE_ECC
#endif
#ifdef THREADX
#define SIZEOF_LONG_LONG 8
#endif
#ifdef MICROCHIP_PIC32
/* use MBED plus no filesystem */
#define MBED
#ifdef HAVE_NETX
#include "nx_api.h"
#endif
#if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */
#define CYASSL_LWIP
#define NO_WRITEV
#define SINGLE_THREADED
#define CYASSL_USER_IO
#define NO_FILESYSTEM
#endif
#if defined(CYASSL_IAR_ARM)
#define NO_MAIN_DRIVER
#define SINGLE_THREADED
#define USE_CERT_BUFFERS_1024
#define BENCH_EMBEDDED
#define NO_FILESYSTEM
#define NO_WRITEV
#define CYASSL_USER_IO
#define BENCH_EMBEDDED
#endif
#ifdef MICROCHIP_PIC32
/* #define CYASSL_MICROCHIP_PIC32MZ */
#define SIZEOF_LONG_LONG 8
#define SINGLE_THREADED
#define CYASSL_USER_IO
#define NO_WRITEV
#define NO_DEV_RANDOM
#define NO_FILESYSTEM
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#endif
#ifdef CYASSL_MICROCHIP_PIC32MZ
#define CYASSL_PIC32MZ_CE
#define CYASSL_PIC32MZ_CRYPT
#define HAVE_AES_ENGINE
#define CYASSL_PIC32MZ_RNG
/* #define CYASSL_PIC32MZ_HASH */
#define CYASSL_AES_COUNTER
#define HAVE_AESGCM
#define NO_BIG_INT
#endif
#ifdef MICROCHIP_TCPIP_V5
/* include timer functions */
#include "TCPIP Stack/TCPIP.h"
#endif
#ifdef MICROCHIP_TCPIP
/* include timer, NTP functions */
#ifdef MICROCHIP_MPLAB_HARMONY
#include "tcpip/tcpip.h"
#else
#include "system/system_services.h"
#include "tcpip/sntp.h"
#endif
#endif
#ifdef MBED
#define SINGLE_THREADED
#define CYASSL_USER_IO
#define NO_FILESYSTEM
#define NO_CERT
#define USE_CERT_BUFFERS_1024
#define NO_WRITEV
#define NO_DEV_RANDOM
#define NO_SHA512
#define NO_DH
#define NO_DSA
#define NO_HC128
#endif /* MBED */
#define HAVE_ECC
#define NO_SESSION_CACHE
#define CYASSL_CMSIS_RTOS
#endif
#ifdef CYASSL_EROAD
#define FREESCALE_MQX
#define FREESCALE_MMCAU
#define SINGLE_THREADED
#define NO_STDIO_FILESYSTEM
#define CYASSL_LEANPSK
#define HAVE_NULL_CIPHER
#define NO_OLD_TLS
#define NO_ASN
#define NO_BIG_INT
#define NO_RSA
#define NO_DSA
#define NO_DH
#define NO_CERTS
#define NO_PWDBASED
#define NO_DES3
#define NO_MD4
#define NO_RC4
#define NO_MD5
#define NO_SESSION_CACHE
#define NO_MAIN_DRIVER
#endif
#ifdef FREERTOS_WINSIM
#define FREERTOS
#define USE_WINDOWS_API
#endif
/* Micrium will use Visual Studio for compilation but not the Win32 API */
#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \
&& !defined(EBSNET) && !defined(CYASSL_EROAD)
#define USE_WINDOWS_API
#endif
#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER)
#include <stdlib.h>
#define XMALLOC(s, h, type) malloc((s))
#define XFREE(p, h, type) free((p))
#define XREALLOC(p, n, h, t) realloc((p), (n))
#endif
#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL)
#undef XMALLOC
#define XMALLOC yaXMALLOC
#undef XFREE
#define XFREE yaXFREE
#undef XREALLOC
#define XREALLOC yaXREALLOC
#endif
#ifdef FREERTOS
#define NO_WRITEV
#define NO_SHA512
#define NO_DH
#define NO_DSA
#define NO_HC128
#ifndef NO_WRITEV
#define NO_WRITEV
#endif
#ifndef NO_SHA512
#define NO_SHA512
#endif
#ifndef NO_DH
#define NO_DH
#endif
#ifndef NO_DSA
#define NO_DSA
#endif
#ifndef NO_HC128
#define NO_HC128
#endif
#ifndef SINGLE_THREADED
#include "FreeRTOS.h"
@ -103,6 +278,39 @@
#endif
#endif
#ifdef EBSNET
#include "rtip.h"
/* #define DEBUG_CYASSL */
#define NO_CYASSL_DIR /* tbd */
#if (POLLOS)
#define SINGLE_THREADED
#endif
#if (RTPLATFORM)
#if (!RTP_LITTLE_ENDIAN)
#define BIG_ENDIAN_ORDER
#endif
#else
#if (!KS_LITTLE_ENDIAN)
#define BIG_ENDIAN_ORDER
#endif
#endif
#if (WINMSP3)
#undef SIZEOF_LONG
#define SIZEOF_LONG_LONG 8
#else
#sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG
#endif
#define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC))
#define XFREE(p, h, type) (rtp_free(p))
#define XREALLOC(p, n, h, t) realloc((p), (n))
#endif /* EBSNET */
#ifdef CYASSL_GAME_BUILD
#define SIZEOF_LONG_LONG 8
#if defined(__PPU) || defined(__XENON)
@ -110,6 +318,86 @@
#endif
#endif
#ifdef CYASSL_LSR
#define HAVE_WEBSERVER
#define SIZEOF_LONG_LONG 8
#define CYASSL_LOW_MEMORY
#define NO_WRITEV
#define NO_SHA512
#define NO_DH
#define NO_DSA
#define NO_HC128
#define NO_DEV_RANDOM
#define NO_CYASSL_DIR
#define NO_RABBIT
#ifndef NO_FILESYSTEM
#define LSR_FS
#include "inc/hw_types.h"
#include "fs.h"
#endif
#define CYASSL_LWIP
#include <errno.h> /* for tcp errno */
#define CYASSL_SAFERTOS
#if defined(__IAR_SYSTEMS_ICC__)
/* enum uses enum */
#pragma diag_suppress=Pa089
#endif
#endif
#ifdef CYASSL_SAFERTOS
#ifndef SINGLE_THREADED
#include "SafeRTOS/semphr.h"
#endif
#include "SafeRTOS/heap.h"
#define XMALLOC(s, h, type) pvPortMalloc((s))
#define XFREE(p, h, type) vPortFree((p))
#define XREALLOC(p, n, h, t) pvPortRealloc((p), (n))
#endif
#ifdef CYASSL_LOW_MEMORY
#undef RSA_LOW_MEM
#define RSA_LOW_MEM
#undef CYASSL_SMALL_STACK
#define CYASSL_SMALL_STACK
#undef TFM_TIMING_RESISTANT
#define TFM_TIMING_RESISTANT
#endif
#ifdef FREESCALE_MQX
#define SIZEOF_LONG_LONG 8
#define NO_WRITEV
#define NO_DEV_RANDOM
#define NO_RABBIT
#define NO_CYASSL_DIR
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#define FREESCALE_K70_RNGA
/* #define FREESCALE_K53_RNGB */
#include "mqx.h"
#ifndef NO_FILESYSTEM
#include "mfs.h"
#include "fio.h"
#endif
#ifndef SINGLE_THREADED
#include "mutex.h"
#endif
#define XMALLOC(s, h, t) (void *)_mem_alloc_system((s))
#define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));}
/* Note: MQX has no realloc, using fastmath above */
#endif
#ifdef CYASSL_STM32F2
#define SIZEOF_LONG_LONG 8
#define NO_DEV_RANDOM
#define NO_CYASSL_DIR
#define NO_RABBIT
#define STM32F2_RNG
#define STM32F2_CRYPTO
#define KEIL_INTRINSICS
#endif
#ifdef MICRIUM
#include "stdlib.h"
@ -306,10 +594,91 @@
#endif /* MICRIUM */
#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC)
#ifdef CYASSL_QL
#ifndef CYASSL_SEP
#define CYASSL_SEP
#endif
#ifndef OPENSSL_EXTRA
#define OPENSSL_EXTRA
#endif
#ifndef SESSION_CERTS
#define SESSION_CERTS
#endif
#ifndef HAVE_AESCCM
#define HAVE_AESCCM
#endif
#ifndef ATOMIC_USER
#define ATOMIC_USER
#endif
#ifndef CYASSL_DER_LOAD
#define CYASSL_DER_LOAD
#endif
#ifndef KEEP_PEER_CERT
#define KEEP_PEER_CERT
#endif
#ifndef HAVE_ECC
#define HAVE_ECC
#endif
#ifndef SESSION_INDEX
#define SESSION_INDEX
#endif
#endif /* CYASSL_QL */
#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \
!defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY)
#define USE_CYASSL_MEMORY
#endif
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS)
#undef KEEP_PEER_CERT
#define KEEP_PEER_CERT
#endif
/* stream ciphers except arc4 need 32bit alignment, intel ok without */
#ifndef XSTREAM_ALIGNMENT
#if defined(__x86_64__) || defined(__ia64__) || defined(__i386__)
#define NO_XSTREAM_ALIGNMENT
#else
#define XSTREAM_ALIGNMENT
#endif
#endif
/* FreeScale MMCAU hardware crypto has 4 byte alignment */
#ifdef FREESCALE_MMCAU
#define CYASSL_MMCAU_ALIGNMENT 4
#endif
/* if using hardware crypto and have alignment requirements, specify the
requirement here. The record header of SSL/TLS will prvent easy alignment.
This hint tries to help as much as possible. */
#ifndef CYASSL_GENERAL_ALIGNMENT
#ifdef CYASSL_AESNI
#define CYASSL_GENERAL_ALIGNMENT 16
#elif defined(XSTREAM_ALIGNMENT)
#define CYASSL_GENERAL_ALIGNMENT 4
#elif defined(FREESCALE_MMCAU)
#define CYASSL_GENERAL_ALIGNMENT CYASSL_MMCAU_ALIGNMENT
#else
#define CYASSL_GENERAL_ALIGNMENT 0
#endif
#endif
#ifdef HAVE_CRL
/* not widely supported yet */
#undef NO_SKID
#define NO_SKID
#endif
#ifdef __INTEL_COMPILER
#pragma warning(disable:2259) /* explicit casts to smaller sizes, disable */
#endif
/* Place any other flags or defines here */

42
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/sha.h
View file

@ -1,6 +1,6 @@
/* sha.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,10 +16,12 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifndef NO_SHA
#ifndef CTAO_CRYPT_SHA_H
#define CTAO_CRYPT_SHA_H
@ -32,31 +34,59 @@
/* in bytes */
enum {
#ifdef STM32F2_HASH
SHA_REG_SIZE = 4, /* STM32 register size, bytes */
#endif
SHA = 1, /* hash type unique */
SHA_BLOCK_SIZE = 64,
SHA_DIGEST_SIZE = 20,
SHA_PAD_SIZE = 56
};
#ifdef CYASSL_PIC32MZ_HASH
#include "port/pic32/pic32mz-crypt.h"
#endif
/* Sha digest */
typedef struct Sha {
word32 buffLen; /* in bytes */
word32 loLen; /* length in bytes */
word32 hiLen; /* length in bytes */
word32 digest[SHA_DIGEST_SIZE / sizeof(word32)];
word32 buffer[SHA_BLOCK_SIZE / sizeof(word32)];
#ifndef CYASSL_PIC32MZ_HASH
word32 digest[SHA_DIGEST_SIZE / sizeof(word32)];
#else
word32 digest[PIC32_HASH_SIZE / sizeof(word32)];
pic32mz_desc desc; /* Crypt Engine descripter */
#endif
} Sha;
CYASSL_API void InitSha(Sha*);
CYASSL_API void ShaUpdate(Sha*, const byte*, word32);
CYASSL_API void ShaFinal(Sha*, byte*);
CYASSL_API int InitSha(Sha*);
CYASSL_API int ShaUpdate(Sha*, const byte*, word32);
CYASSL_API int ShaFinal(Sha*, byte*);
CYASSL_API int ShaHash(const byte*, word32, byte*);
#ifdef HAVE_FIPS
/* fips wrapper calls, user can call direct */
CYASSL_API int InitSha_fips(Sha*);
CYASSL_API int ShaUpdate_fips(Sha*, const byte*, word32);
CYASSL_API int ShaFinal_fips(Sha*, byte*);
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define InitSha InitSha_fips
#define ShaUpdate ShaUpdate_fips
#define ShaFinal ShaFinal_fips
#endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* CTAO_CRYPT_SHA_H */
#endif /* NO_SHA */

33
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/sha256.h
View file

@ -1,6 +1,6 @@
/* sha256.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -34,6 +34,10 @@
extern "C" {
#endif
#ifdef CYASSL_PIC32MZ_HASH
#include "port/pic32/pic32mz-crypt.h"
#endif
/* in bytes */
enum {
@ -51,14 +55,33 @@ typedef struct Sha256 {
word32 hiLen; /* length in bytes */
word32 digest[SHA256_DIGEST_SIZE / sizeof(word32)];
word32 buffer[SHA256_BLOCK_SIZE / sizeof(word32)];
#ifdef CYASSL_PIC32MZ_HASH
pic32mz_desc desc ; /* Crypt Engine descripter */
#endif
} Sha256;
CYASSL_API void InitSha256(Sha256*);
CYASSL_API void Sha256Update(Sha256*, const byte*, word32);
CYASSL_API void Sha256Final(Sha256*, byte*);
CYASSL_API int InitSha256(Sha256*);
CYASSL_API int Sha256Update(Sha256*, const byte*, word32);
CYASSL_API int Sha256Final(Sha256*, byte*);
CYASSL_API int Sha256Hash(const byte*, word32, byte*);
#ifdef HAVE_FIPS
/* fips wrapper calls, user can call direct */
CYASSL_API int InitSha256_fips(Sha256*);
CYASSL_API int Sha256Update_fips(Sha256*, const byte*, word32);
CYASSL_API int Sha256Final_fips(Sha256*, byte*);
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define InitSha256 InitSha256_fips
#define Sha256Update Sha256Update_fips
#define Sha256Final Sha256Final_fips
#endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */
#ifdef __cplusplus
} /* extern "C" */
#endif

47
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/sha512.h
View file

@ -1,6 +1,6 @@
/* sha512.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -51,12 +51,13 @@ typedef struct Sha512 {
} Sha512;
CYASSL_API void InitSha512(Sha512*);
CYASSL_API void Sha512Update(Sha512*, const byte*, word32);
CYASSL_API void Sha512Final(Sha512*, byte*);
CYASSL_API int InitSha512(Sha512*);
CYASSL_API int Sha512Update(Sha512*, const byte*, word32);
CYASSL_API int Sha512Final(Sha512*, byte*);
CYASSL_API int Sha512Hash(const byte*, word32, byte*);
#ifdef CYASSL_SHA384
#if defined(CYASSL_SHA384) || defined(HAVE_AESGCM)
/* in bytes */
enum {
@ -77,9 +78,37 @@ typedef struct Sha384 {
} Sha384;
CYASSL_API void InitSha384(Sha384*);
CYASSL_API void Sha384Update(Sha384*, const byte*, word32);
CYASSL_API void Sha384Final(Sha384*, byte*);
CYASSL_API int InitSha384(Sha384*);
CYASSL_API int Sha384Update(Sha384*, const byte*, word32);
CYASSL_API int Sha384Final(Sha384*, byte*);
CYASSL_API int Sha384Hash(const byte*, word32, byte*);
#ifdef HAVE_FIPS
/* fips wrapper calls, user can call direct */
CYASSL_API int InitSha512_fips(Sha512*);
CYASSL_API int Sha512Update_fips(Sha512*, const byte*, word32);
CYASSL_API int Sha512Final_fips(Sha512*, byte*);
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define InitSha512 InitSha512_fips
#define Sha512Update Sha512Update_fips
#define Sha512Final Sha512Final_fips
#endif /* FIPS_NO_WRAPPERS */
/* fips wrapper calls, user can call direct */
CYASSL_API int InitSha384_fips(Sha384*);
CYASSL_API int Sha384Update_fips(Sha384*, const byte*, word32);
CYASSL_API int Sha384Final_fips(Sha384*, byte*);
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define InitSha384 InitSha384_fips
#define Sha384Update Sha384Update_fips
#define Sha384Final Sha384Final_fips
#endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */
#endif /* CYASSL_SHA384 */

113
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/tfm.h
View file

@ -1,6 +1,6 @@
/* tfm.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -54,6 +54,7 @@
#endif
#ifndef NO_64BIT
/* autodetect x86-64 and make sure we are using 64-bit digits with x86-64 asm */
#if defined(__x86_64__)
#if defined(TFM_X86) || defined(TFM_SSE2) || defined(TFM_ARM)
@ -72,6 +73,12 @@
#if defined(__x86_64__) && !defined(FP_64BIT)
#define FP_64BIT
#endif
/* if intel compiler doesn't provide 128 bit type don't turn on 64bit */
#if defined(FP_64BIT) && defined(__INTEL_COMPILER) && !defined(HAVE___UINT128_T)
#undef FP_64BIT
#undef TFM_X86_64
#endif
#endif /* NO_64BIT */
/* try to detect x86-32 */
#if defined(__i386__) && !defined(TFM_SSE2)
@ -198,24 +205,24 @@
*/
#if defined(FP_64BIT)
/* for GCC only on supported platforms */
#ifndef CRYPT
typedef unsigned long ulong64;
#endif
typedef ulong64 fp_digit;
typedef unsigned long long fp_digit; /* 64bit, 128 uses mode(TI) below */
typedef unsigned long fp_word __attribute__ ((mode(TI)));
#else
/* this is to make porting into LibTomCrypt easier :-) */
#ifndef CRYPT
#if defined(_MSC_VER) || defined(__BORLANDC__)
typedef unsigned __int64 ulong64;
typedef signed __int64 long64;
#else
typedef unsigned long long ulong64;
typedef signed long long long64;
#endif
#endif
typedef unsigned int fp_digit;
typedef ulong64 fp_word;
#ifndef NO_64BIT
typedef unsigned int fp_digit;
typedef ulong64 fp_word;
#else
/* some procs like coldfire prefer not to place multiply into 64bit type
even though it exists */
typedef unsigned short fp_digit;
typedef unsigned int fp_word;
#endif
#endif
/* # of digits this is */
@ -291,7 +298,7 @@ typedef struct {
#define TFM_MUL12
#define TFM_MUL17
#endif
#ifdef TFM_SMALL_SET
#ifdef TFM_HUGE_SET
#define TFM_MUL20
#define TFM_MUL24
#define TFM_MUL28
@ -314,7 +321,7 @@ typedef struct {
#define TFM_SQR12
#define TFM_SQR17
#endif
#ifdef TFM_SMALL_SET
#ifdef TFM_HUGE_SET
#define TFM_SQR20
#define TFM_SQR24
#define TFM_SQR28
@ -357,7 +364,7 @@ typedef struct {
void fp_set(fp_int *a, fp_digit b);
/* copy from a to b */
#define fp_copy(a, b) (void)(((a) != (b)) ? (XMEMCPY((b), (a), sizeof(fp_int))) : (void)0)
#define fp_copy(a, b) (void)(((a) != (b)) ? ((void)XMEMCPY((b), (a), sizeof(fp_int))) : (void)0)
#define fp_init_copy(a, b) fp_copy(b, a)
/* clamp digits */
@ -370,6 +377,9 @@ void fp_set(fp_int *a, fp_digit b);
/* right shift x digits */
void fp_rshd(fp_int *a, int x);
/* right shift x bits */
void fp_rshb(fp_int *a, int x);
/* left shift x digits */
void fp_lshd(fp_int *a, int x);
@ -485,6 +495,7 @@ int fp_exptmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
/* radix conersions */
int fp_count_bits(fp_int *a);
int fp_leading_bit(fp_int *a);
int fp_unsigned_bin_size(fp_int *a);
void fp_read_unsigned_bin(fp_int *a, unsigned char *b, int c);
@ -504,104 +515,104 @@ void s_fp_add(fp_int *a, fp_int *b, fp_int *c);
void s_fp_sub(fp_int *a, fp_int *b, fp_int *c);
void fp_reverse(unsigned char *s, int len);
void fp_mul_comba(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba(fp_int *a, fp_int *b, fp_int *c);
#ifdef TFM_SMALL_SET
void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba_small(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL3
void fp_mul_comba3(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba3(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL4
void fp_mul_comba4(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba4(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL6
void fp_mul_comba6(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba6(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL7
void fp_mul_comba7(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba7(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL8
void fp_mul_comba8(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba8(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL9
void fp_mul_comba9(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba9(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL12
void fp_mul_comba12(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba12(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL17
void fp_mul_comba17(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba17(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL20
void fp_mul_comba20(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba20(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL24
void fp_mul_comba24(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba24(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL28
void fp_mul_comba28(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba28(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL32
void fp_mul_comba32(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba32(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL48
void fp_mul_comba48(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba48(fp_int *a, fp_int *b, fp_int *c);
#endif
#ifdef TFM_MUL64
void fp_mul_comba64(fp_int *A, fp_int *B, fp_int *C);
void fp_mul_comba64(fp_int *a, fp_int *b, fp_int *c);
#endif
void fp_sqr_comba(fp_int *A, fp_int *B);
void fp_sqr_comba(fp_int *a, fp_int *b);
#ifdef TFM_SMALL_SET
void fp_sqr_comba_small(fp_int *A, fp_int *B);
void fp_sqr_comba_small(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR3
void fp_sqr_comba3(fp_int *A, fp_int *B);
void fp_sqr_comba3(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR4
void fp_sqr_comba4(fp_int *A, fp_int *B);
void fp_sqr_comba4(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR6
void fp_sqr_comba6(fp_int *A, fp_int *B);
void fp_sqr_comba6(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR7
void fp_sqr_comba7(fp_int *A, fp_int *B);
void fp_sqr_comba7(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR8
void fp_sqr_comba8(fp_int *A, fp_int *B);
void fp_sqr_comba8(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR9
void fp_sqr_comba9(fp_int *A, fp_int *B);
void fp_sqr_comba9(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR12
void fp_sqr_comba12(fp_int *A, fp_int *B);
void fp_sqr_comba12(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR17
void fp_sqr_comba17(fp_int *A, fp_int *B);
void fp_sqr_comba17(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR20
void fp_sqr_comba20(fp_int *A, fp_int *B);
void fp_sqr_comba20(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR24
void fp_sqr_comba24(fp_int *A, fp_int *B);
void fp_sqr_comba24(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR28
void fp_sqr_comba28(fp_int *A, fp_int *B);
void fp_sqr_comba28(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR32
void fp_sqr_comba32(fp_int *A, fp_int *B);
void fp_sqr_comba32(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR48
void fp_sqr_comba48(fp_int *A, fp_int *B);
void fp_sqr_comba48(fp_int *a, fp_int *b);
#endif
#ifdef TFM_SQR64
void fp_sqr_comba64(fp_int *A, fp_int *B);
void fp_sqr_comba64(fp_int *a, fp_int *b);
#endif
/*extern const char *fp_s_rmap;*/
@ -636,7 +647,7 @@ int mp_mul (mp_int * a, mp_int * b, mp_int * c);
int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
int mp_mod(mp_int *a, mp_int *b, mp_int *c);
int mp_invmod(mp_int *a, mp_int *b, mp_int *c);
int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y);
int mp_exptmod (mp_int * g, mp_int * x, mp_int * p, mp_int * y);
int mp_cmp(mp_int *a, mp_int *b);
int mp_cmp_d(mp_int *a, mp_digit b);
@ -650,12 +661,14 @@ int mp_copy(fp_int* a, fp_int* b);
int mp_isodd(mp_int* a);
int mp_iszero(mp_int* a);
int mp_count_bits(mp_int *a);
int mp_leading_bit(mp_int *a);
int mp_set_int(fp_int *a, fp_digit b);
void mp_rshb(mp_int *a, int x);
#ifdef HAVE_ECC
int mp_read_radix(mp_int* a, const char* str, int radix);
int mp_set(fp_int *a, fp_digit b);
int mp_sqr(fp_int *A, fp_int *B);
int mp_sqr(fp_int *a, fp_int *b);
int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp);
int mp_montgomery_setup(fp_int *a, fp_digit *rho);
int mp_div_2(fp_int * a, fp_int * b);

157
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/types.h
View file

@ -1,6 +1,6 @@
/* types.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -24,13 +24,14 @@
#define CTAO_CRYPT_TYPES_H
#include <cyassl/ctaocrypt/settings.h>
#include <cyassl/ctaocrypt/wc_port.h>
#ifdef __cplusplus
extern "C" {
#endif
#if defined(WORDS_BIGENDIAN) || (defined(__MWERKS__) && !defined(__INTEL__))
#if defined(WORDS_BIGENDIAN)
#define BIG_ENDIAN_ORDER
#endif
@ -51,10 +52,10 @@
#if !defined(_MSC_VER) && !defined(__BCPLUSPLUS__)
#if !defined(SIZEOF_LONG_LONG) && !defined(SIZEOF_LONG)
#if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) \
|| defined(__mips64) || defined(__x86_64__))
|| defined(__mips64) || defined(__x86_64__))
/* long should be 64bit */
#define SIZEOF_LONG 8
#elif (defined__i386__)
#elif defined(__i386__) || defined(__CORTEX_M3__)
/* long long should be 64bit */
#define SIZEOF_LONG_LONG 8
#endif
@ -66,11 +67,15 @@
#define WORD64_AVAILABLE
#define W64LIT(x) x##ui64
typedef unsigned __int64 word64;
#elif SIZEOF_LONG == 8
#elif defined(SIZEOF_LONG) && SIZEOF_LONG == 8
#define WORD64_AVAILABLE
#define W64LIT(x) x##LL
typedef unsigned long word64;
#elif SIZEOF_LONG_LONG == 8
#elif defined(SIZEOF_LONG_LONG) && SIZEOF_LONG_LONG == 8
#define WORD64_AVAILABLE
#define W64LIT(x) x##LL
typedef unsigned long long word64;
#elif defined(__SIZEOF_LONG_LONG__) && __SIZEOF_LONG_LONG__ == 8
#define WORD64_AVAILABLE
#define W64LIT(x) x##LL
typedef unsigned long long word64;
@ -82,7 +87,7 @@
/* These platforms have 64-bit CPU registers. */
#if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || \
defined(__mips64) || defined(__x86_64__))
defined(__mips64) || defined(__x86_64__) || defined(_M_X64))
typedef word64 word;
#else
typedef word32 word;
@ -93,11 +98,12 @@
enum {
WORD_SIZE = sizeof(word),
BIT_SIZE = 8,
WORD_BITS = WORD_SIZE * BIT_SIZE
CYASSL_WORD_SIZE = sizeof(word),
CYASSL_BIT_SIZE = 8,
CYASSL_WORD_BITS = CYASSL_WORD_SIZE * CYASSL_BIT_SIZE
};
#define CYASSL_MAX_16BIT 0xffffU
/* use inlining if compiler allows */
#ifndef INLINE
@ -106,13 +112,15 @@ enum {
#define INLINE __inline
#elif defined(__GNUC__)
#define INLINE inline
#elif defined(__IAR_SYSTEMS_ICC__)
#define INLINE inline
#elif defined(THREADX)
#define INLINE _Inline
#else
#define INLINE
#define INLINE
#endif
#else
#define INLINE
#define INLINE
#endif
#endif
@ -131,8 +139,21 @@ enum {
#endif
/* set up thread local storage if available */
#ifdef HAVE_THREAD_LS
#if defined(_MSC_VER)
#define THREAD_LS_T __declspec(thread)
#else
#define THREAD_LS_T __thread
#endif
#else
#define THREAD_LS_T
#endif
/* Micrium will use Visual Studio for compilation but not the Win32 API */
#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS)
#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \
&& !defined(EBSNET)
#define USE_WINDOWS_API
#endif
@ -141,16 +162,24 @@ enum {
/* default to libc stuff */
/* XREALLOC is used once in normal math lib, not in fast math lib */
/* XFREE on some embeded systems doesn't like free(0) so test */
#ifdef XMALLOC_USER
#if defined(XMALLOC_USER)
/* prototypes for user heap override functions */
#include <stddef.h> /* for size_t */
extern void *XMALLOC(size_t n, void* heap, int type);
extern void *XREALLOC(void *p, size_t n, void* heap, int type);
extern void XFREE(void *p, void* heap, int type);
#elif !defined(MICRIUM_MALLOC)
/* default C runtime, can install different routines at runtime */
#elif defined(NO_CYASSL_MEMORY)
/* just use plain C stdlib stuff if desired */
#include <stdlib.h>
#define XMALLOC(s, h, t) ((void)h, (void)t, malloc((s)))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));}
#define XREALLOC(p, n, h, t) realloc((p), (n))
#elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \
&& !defined(CYASSL_SAFERTOS) && !defined(FREESCALE_MQX) \
&& !defined(CYASSL_LEANPSK)
/* default C runtime, can install different routines at runtime via cbs */
#include <cyassl/ctaocrypt/memory.h>
#define XMALLOC(s, h, t) CyaSSL_Malloc((s))
#define XMALLOC(s, h, t) ((void)h, (void)t, CyaSSL_Malloc((s)))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) CyaSSL_Free((xp));}
#define XREALLOC(p, n, h, t) CyaSSL_Realloc((p), (n))
#endif
@ -172,47 +201,83 @@ enum {
#define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n))
#define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
#define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n))
#ifndef USE_WINDOWS_API
#define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
#define XSNPRINTF snprintf
#else
#define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n))
#define XSNPRINTF _snprintf
#endif
#endif
#ifdef HAVE_ECC
#ifndef CTYPE_USER
#include <ctype.h>
#ifndef CTYPE_USER
#include <ctype.h>
#if defined(HAVE_ECC) || defined(HAVE_OCSP)
#define XTOUPPER(c) toupper((c))
#define XISALPHA(c) isalpha((c))
#endif
/* needed by CyaSSL_check_domain_name() */
#ifdef __CYGWIN__
/* Cygwin uses a macro version of tolower() by default, use the
* function version. */
#undef tolower
#endif
#define XTOLOWER(c) tolower((c))
#endif
/* memory allocation types for user hints */
enum {
DYNAMIC_TYPE_CA = 1,
DYNAMIC_TYPE_CERT = 2,
DYNAMIC_TYPE_KEY = 3,
DYNAMIC_TYPE_FILE = 4,
DYNAMIC_TYPE_SUBJECT_CN = 5,
DYNAMIC_TYPE_PUBLIC_KEY = 6,
DYNAMIC_TYPE_SIGNER = 7,
DYNAMIC_TYPE_NONE = 8,
DYNAMIC_TYPE_BIGINT = 9,
DYNAMIC_TYPE_RSA = 10,
DYNAMIC_TYPE_METHOD = 11,
DYNAMIC_TYPE_OUT_BUFFER = 12,
DYNAMIC_TYPE_IN_BUFFER = 13,
DYNAMIC_TYPE_INFO = 14,
DYNAMIC_TYPE_DH = 15,
DYNAMIC_TYPE_DOMAIN = 16,
DYNAMIC_TYPE_SSL = 17,
DYNAMIC_TYPE_CTX = 18,
DYNAMIC_TYPE_WRITEV = 19,
DYNAMIC_TYPE_OPENSSL = 20,
DYNAMIC_TYPE_DSA = 21,
DYNAMIC_TYPE_CRL = 22,
DYNAMIC_TYPE_REVOKED = 23,
DYNAMIC_TYPE_CRL_ENTRY = 24,
DYNAMIC_TYPE_CA = 1,
DYNAMIC_TYPE_CERT = 2,
DYNAMIC_TYPE_KEY = 3,
DYNAMIC_TYPE_FILE = 4,
DYNAMIC_TYPE_SUBJECT_CN = 5,
DYNAMIC_TYPE_PUBLIC_KEY = 6,
DYNAMIC_TYPE_SIGNER = 7,
DYNAMIC_TYPE_NONE = 8,
DYNAMIC_TYPE_BIGINT = 9,
DYNAMIC_TYPE_RSA = 10,
DYNAMIC_TYPE_METHOD = 11,
DYNAMIC_TYPE_OUT_BUFFER = 12,
DYNAMIC_TYPE_IN_BUFFER = 13,
DYNAMIC_TYPE_INFO = 14,
DYNAMIC_TYPE_DH = 15,
DYNAMIC_TYPE_DOMAIN = 16,
DYNAMIC_TYPE_SSL = 17,
DYNAMIC_TYPE_CTX = 18,
DYNAMIC_TYPE_WRITEV = 19,
DYNAMIC_TYPE_OPENSSL = 20,
DYNAMIC_TYPE_DSA = 21,
DYNAMIC_TYPE_CRL = 22,
DYNAMIC_TYPE_REVOKED = 23,
DYNAMIC_TYPE_CRL_ENTRY = 24,
DYNAMIC_TYPE_CERT_MANAGER = 25,
DYNAMIC_TYPE_CRL_MONITOR = 26,
DYNAMIC_TYPE_OCSP_STATUS = 27,
DYNAMIC_TYPE_OCSP_ENTRY = 28,
DYNAMIC_TYPE_ALTNAME = 29
DYNAMIC_TYPE_ALTNAME = 29,
DYNAMIC_TYPE_SUITES = 30,
DYNAMIC_TYPE_CIPHER = 31,
DYNAMIC_TYPE_RNG = 32,
DYNAMIC_TYPE_ARRAYS = 33,
DYNAMIC_TYPE_DTLS_POOL = 34,
DYNAMIC_TYPE_SOCKADDR = 35,
DYNAMIC_TYPE_LIBZ = 36,
DYNAMIC_TYPE_ECC = 37,
DYNAMIC_TYPE_TMP_BUFFER = 38,
DYNAMIC_TYPE_DTLS_MSG = 39,
DYNAMIC_TYPE_CAVIUM_TMP = 40,
DYNAMIC_TYPE_CAVIUM_RSA = 41,
DYNAMIC_TYPE_X509 = 42,
DYNAMIC_TYPE_TLSX = 43,
DYNAMIC_TYPE_OCSP = 44,
DYNAMIC_TYPE_SIGNATURE = 45
};
/* max error buffer string size */
enum {
CYASSL_MAX_ERROR_SZ = 80
};
/* stack protection */

4
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/visibility.h
View file

@ -1,6 +1,6 @@
/* visibility.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
/* Visibility control macros */

195
FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/wc_port.h Normal file
View file

@ -0,0 +1,195 @@
/* port.h
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifndef CTAO_CRYPT_PORT_H
#define CTAO_CRYPT_PORT_H
#ifdef __cplusplus
extern "C" {
#endif
#ifdef USE_WINDOWS_API
#ifdef CYASSL_GAME_BUILD
#include "system/xtl.h"
#else
#ifndef WIN32_LEAN_AND_MEAN
#define WIN32_LEAN_AND_MEAN
#endif
#if defined(_WIN32_WCE) || defined(WIN32_LEAN_AND_MEAN)
/* On WinCE winsock2.h must be included before windows.h */
#include <winsock2.h>
#endif
#include <windows.h>
#endif
#elif defined(THREADX)
#ifndef SINGLE_THREADED
#include "tx_api.h"
#endif
#elif defined(MICRIUM)
/* do nothing, just don't pick Unix */
#elif defined(FREERTOS) || defined(CYASSL_SAFERTOS)
/* do nothing */
#elif defined(EBSNET)
/* do nothing */
#elif defined(FREESCALE_MQX)
/* do nothing */
#elif defined(CYASSL_MDK_ARM)
#if defined(CYASSL_MDK5)
#include "cmsis_os.h"
#else
#include <rtl.h>
#endif
#elif defined(CYASSL_CMSIS_RTOS)
#include "cmsis_os.h"
#else
#ifndef SINGLE_THREADED
#define CYASSL_PTHREADS
#include <pthread.h>
#endif
#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
#include <unistd.h> /* for close of BIO */
#endif
#endif
#ifdef SINGLE_THREADED
typedef int CyaSSL_Mutex;
#else /* MULTI_THREADED */
/* FREERTOS comes first to enable use of FreeRTOS Windows simulator only */
#ifdef FREERTOS
typedef xSemaphoreHandle CyaSSL_Mutex;
#elif defined(CYASSL_SAFERTOS)
typedef struct CyaSSL_Mutex {
signed char mutexBuffer[portQUEUE_OVERHEAD_BYTES];
xSemaphoreHandle mutex;
} CyaSSL_Mutex;
#elif defined(USE_WINDOWS_API)
typedef CRITICAL_SECTION CyaSSL_Mutex;
#elif defined(CYASSL_PTHREADS)
typedef pthread_mutex_t CyaSSL_Mutex;
#elif defined(THREADX)
typedef TX_MUTEX CyaSSL_Mutex;
#elif defined(MICRIUM)
typedef OS_MUTEX CyaSSL_Mutex;
#elif defined(EBSNET)
typedef RTP_MUTEX CyaSSL_Mutex;
#elif defined(FREESCALE_MQX)
typedef MUTEX_STRUCT CyaSSL_Mutex;
#elif defined(CYASSL_MDK_ARM)
#if defined(CYASSL_CMSIS_RTOS)
typedef osMutexId CyaSSL_Mutex;
#else
typedef OS_MUT CyaSSL_Mutex;
#endif
#elif defined(CYASSL_CMSIS_RTOS)
typedef osMutexId CyaSSL_Mutex;
#else
#error Need a mutex type in multithreaded mode
#endif /* USE_WINDOWS_API */
#endif /* SINGLE_THREADED */
CYASSL_LOCAL int InitMutex(CyaSSL_Mutex*);
CYASSL_LOCAL int FreeMutex(CyaSSL_Mutex*);
CYASSL_LOCAL int LockMutex(CyaSSL_Mutex*);
CYASSL_LOCAL int UnLockMutex(CyaSSL_Mutex*);
/* filesystem abstraction layer, used by ssl.c */
#ifndef NO_FILESYSTEM
#if defined(EBSNET)
#define XFILE int
#define XFOPEN(NAME, MODE) vf_open((const char *)NAME, VO_RDONLY, 0);
#define XFSEEK vf_lseek
#define XFTELL vf_tell
#define XREWIND vf_rewind
#define XFREAD(BUF, SZ, AMT, FD) vf_read(FD, BUF, SZ*AMT)
#define XFWRITE(BUF, SZ, AMT, FD) vf_write(FD, BUF, SZ*AMT)
#define XFCLOSE vf_close
#define XSEEK_END VSEEK_END
#define XBADFILE -1
#elif defined(LSR_FS)
#include <fs.h>
#define XFILE struct fs_file*
#define XFOPEN(NAME, MODE) fs_open((char*)NAME);
#define XFSEEK(F, O, W) (void)F
#define XFTELL(F) (F)->len
#define XREWIND(F) (void)F
#define XFREAD(BUF, SZ, AMT, F) fs_read(F, (char*)BUF, SZ*AMT)
#define XFWRITE(BUF, SZ, AMT, F) fs_write(F, (char*)BUF, SZ*AMT)
#define XFCLOSE fs_close
#define XSEEK_END 0
#define XBADFILE NULL
#elif defined(FREESCALE_MQX)
#define XFILE MQX_FILE_PTR
#define XFOPEN fopen
#define XFSEEK fseek
#define XFTELL ftell
#define XREWIND(F) fseek(F, 0, IO_SEEK_SET)
#define XFREAD fread
#define XFWRITE fwrite
#define XFCLOSE fclose
#define XSEEK_END IO_SEEK_END
#define XBADFILE NULL
#elif defined(MICRIUM)
#include <fs.h>
#define XFILE FS_FILE*
#define XFOPEN fs_fopen
#define XFSEEK fs_fseek
#define XFTELL fs_ftell
#define XREWIND fs_rewind
#define XFREAD fs_fread
#define XFWRITE fs_fwrite
#define XFCLOSE fs_fclose
#define XSEEK_END FS_SEEK_END
#define XBADFILE NULL
#else
/* stdio, default case */
#define XFILE FILE*
#if defined(CYASSL_MDK_ARM)
#include <stdio.h>
extern FILE * CyaSSL_fopen(const char *name, const char *mode) ;
#define XFOPEN CyaSSL_fopen
#else
#define XFOPEN fopen
#endif
#define XFSEEK fseek
#define XFTELL ftell
#define XREWIND rewind
#define XFREAD fread
#define XFWRITE fwrite
#define XFCLOSE fclose
#define XSEEK_END SEEK_END
#define XBADFILE NULL
#endif
#endif /* NO_FILESYSTEM */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* CTAO_CRYPT_PORT_H */

150
FreeRTOS-Plus/Source/CyaSSL/cyassl/error-ssl.h Normal file
View file

@ -0,0 +1,150 @@
/* error-ssl.h
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifndef CYASSL_ERROR_H
#define CYASSL_ERROR_H
#include <cyassl/ctaocrypt/error-crypt.h> /* pull in CTaoCrypt errors */
#ifdef __cplusplus
extern "C" {
#endif
enum CyaSSL_ErrorCodes {
INPUT_CASE_ERROR = -301, /* process input state error */
PREFIX_ERROR = -302, /* bad index to key rounds */
MEMORY_ERROR = -303, /* out of memory */
VERIFY_FINISHED_ERROR = -304, /* verify problem on finished */
VERIFY_MAC_ERROR = -305, /* verify mac problem */
PARSE_ERROR = -306, /* parse error on header */
UNKNOWN_HANDSHAKE_TYPE = -307, /* weird handshake type */
SOCKET_ERROR_E = -308, /* error state on socket */
SOCKET_NODATA = -309, /* expected data, not there */
INCOMPLETE_DATA = -310, /* don't have enough data to
complete task */
UNKNOWN_RECORD_TYPE = -311, /* unknown type in record hdr */
DECRYPT_ERROR = -312, /* error during decryption */
FATAL_ERROR = -313, /* recvd alert fatal error */
ENCRYPT_ERROR = -314, /* error during encryption */
FREAD_ERROR = -315, /* fread problem */
NO_PEER_KEY = -316, /* need peer's key */
NO_PRIVATE_KEY = -317, /* need the private key */
RSA_PRIVATE_ERROR = -318, /* error during rsa priv op */
NO_DH_PARAMS = -319, /* server missing DH params */
BUILD_MSG_ERROR = -320, /* build message failure */
BAD_HELLO = -321, /* client hello malformed */
DOMAIN_NAME_MISMATCH = -322, /* peer subject name mismatch */
WANT_READ = -323, /* want read, call again */
NOT_READY_ERROR = -324, /* handshake layer not ready */
PMS_VERSION_ERROR = -325, /* pre m secret version error */
VERSION_ERROR = -326, /* record layer version error */
WANT_WRITE = -327, /* want write, call again */
BUFFER_ERROR = -328, /* malformed buffer input */
VERIFY_CERT_ERROR = -329, /* verify cert error */
VERIFY_SIGN_ERROR = -330, /* verify sign error */
CLIENT_ID_ERROR = -331, /* psk client identity error */
SERVER_HINT_ERROR = -332, /* psk server hint error */
PSK_KEY_ERROR = -333, /* psk key error */
ZLIB_INIT_ERROR = -334, /* zlib init error */
ZLIB_COMPRESS_ERROR = -335, /* zlib compression error */
ZLIB_DECOMPRESS_ERROR = -336, /* zlib decompression error */
GETTIME_ERROR = -337, /* gettimeofday failed ??? */
GETITIMER_ERROR = -338, /* getitimer failed ??? */
SIGACT_ERROR = -339, /* sigaction failed ??? */
SETITIMER_ERROR = -340, /* setitimer failed ??? */
LENGTH_ERROR = -341, /* record layer length error */
PEER_KEY_ERROR = -342, /* can't decode peer key */
ZERO_RETURN = -343, /* peer sent close notify */
SIDE_ERROR = -344, /* wrong client/server type */
NO_PEER_CERT = -345, /* peer didn't send key */
NTRU_KEY_ERROR = -346, /* NTRU key error */
NTRU_DRBG_ERROR = -347, /* NTRU drbg error */
NTRU_ENCRYPT_ERROR = -348, /* NTRU encrypt error */
NTRU_DECRYPT_ERROR = -349, /* NTRU decrypt error */
ECC_CURVETYPE_ERROR = -350, /* Bad ECC Curve Type */
ECC_CURVE_ERROR = -351, /* Bad ECC Curve */
ECC_PEERKEY_ERROR = -352, /* Bad Peer ECC Key */
ECC_MAKEKEY_ERROR = -353, /* Bad Make ECC Key */
ECC_EXPORT_ERROR = -354, /* Bad ECC Export Key */
ECC_SHARED_ERROR = -355, /* Bad ECC Shared Secret */
NOT_CA_ERROR = -357, /* Not a CA cert error */
BAD_PATH_ERROR = -358, /* Bad path for opendir */
BAD_CERT_MANAGER_ERROR = -359, /* Bad Cert Manager */
OCSP_CERT_REVOKED = -360, /* OCSP Certificate revoked */
CRL_CERT_REVOKED = -361, /* CRL Certificate revoked */
CRL_MISSING = -362, /* CRL Not loaded */
MONITOR_RUNNING_E = -363, /* CRL Monitor already running */
THREAD_CREATE_E = -364, /* Thread Create Error */
OCSP_NEED_URL = -365, /* OCSP need an URL for lookup */
OCSP_CERT_UNKNOWN = -366, /* OCSP responder doesn't know */
OCSP_LOOKUP_FAIL = -367, /* OCSP lookup not successful */
MAX_CHAIN_ERROR = -368, /* max chain depth exceeded */
COOKIE_ERROR = -369, /* dtls cookie error */
SEQUENCE_ERROR = -370, /* dtls sequence error */
SUITES_ERROR = -371, /* suites pointer error */
SSL_NO_PEM_HEADER = -372, /* no PEM header found */
OUT_OF_ORDER_E = -373, /* out of order message */
BAD_KEA_TYPE_E = -374, /* bad KEA type found */
SANITY_CIPHER_E = -375, /* sanity check on cipher error */
RECV_OVERFLOW_E = -376, /* RXCB returned more than rqed */
GEN_COOKIE_E = -377, /* Generate Cookie Error */
NO_PEER_VERIFY = -378, /* Need peer cert verify Error */
FWRITE_ERROR = -379, /* fwrite problem */
CACHE_MATCH_ERROR = -380, /* chache hdr match error */
UNKNOWN_SNI_HOST_NAME_E = -381, /* Unrecognized host name Error */
UNKNOWN_MAX_FRAG_LEN_E = -382, /* Unrecognized max frag len Error */
KEYUSE_SIGNATURE_E = -383, /* KeyUse digSignature error */
KEYUSE_ENCIPHER_E = -385, /* KeyUse keyEncipher error */
EXTKEYUSE_AUTH_E = -386, /* ExtKeyUse server|client_auth */
SEND_OOB_READ_E = -387, /* Send Cb out of bounds read */
/* add strings to SetErrorString !!!!! */
/* begin negotiation parameter errors */
UNSUPPORTED_SUITE = -390, /* unsupported cipher suite */
MATCH_SUITE_ERROR = -391 /* can't match cipher suite */
/* end negotiation parameter errors only 10 for now */
/* add strings to SetErrorString !!!!! */
};
#ifdef CYASSL_CALLBACKS
enum {
MIN_PARAM_ERR = UNSUPPORTED_SUITE,
MAX_PARAM_ERR = MIN_PARAM_ERR - 10
};
#endif
CYASSL_LOCAL
void SetErrorString(int err, char* buff);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* CyaSSL_ERROR_H */

133
FreeRTOS-Plus/Source/CyaSSL/cyassl/error.h
View file

@ -1,133 +0,0 @@
/* error.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifndef CYASSL_ERROR_H
#define CYASSL_ERROR_H
#include <cyassl/ctaocrypt/error.h> /* pull in CTaoCrypt errors */
#ifdef __cplusplus
extern "C" {
#endif
enum CyaSSL_ErrorCodes {
INPUT_CASE_ERROR = -201, /* process input state error */
PREFIX_ERROR = -202, /* bad index to key rounds */
MEMORY_ERROR = -203, /* out of memory */
VERIFY_FINISHED_ERROR = -204, /* verify problem on finished */
VERIFY_MAC_ERROR = -205, /* verify mac problem */
PARSE_ERROR = -206, /* parse error on header */
UNKNOWN_HANDSHAKE_TYPE = -207, /* weird handshake type */
SOCKET_ERROR_E = -208, /* error state on socket */
SOCKET_NODATA = -209, /* expected data, not there */
INCOMPLETE_DATA = -210, /* don't have enough data to
complete task */
UNKNOWN_RECORD_TYPE = -211, /* unknown type in record hdr */
DECRYPT_ERROR = -212, /* error during decryption */
FATAL_ERROR = -213, /* recvd alert fatal error */
ENCRYPT_ERROR = -214, /* error during encryption */
FREAD_ERROR = -215, /* fread problem */
NO_PEER_KEY = -216, /* need peer's key */
NO_PRIVATE_KEY = -217, /* need the private key */
RSA_PRIVATE_ERROR = -218, /* error during rsa priv op */
NO_DH_PARAMS = -219, /* server missing DH params */
BUILD_MSG_ERROR = -220, /* build message failure */
BAD_HELLO = -221, /* client hello malformed */
DOMAIN_NAME_MISMATCH = -222, /* peer subject name mismatch */
WANT_READ = -223, /* want read, call again */
NOT_READY_ERROR = -224, /* handshake layer not ready */
PMS_VERSION_ERROR = -225, /* pre m secret version error */
VERSION_ERROR = -226, /* record layer version error */
WANT_WRITE = -227, /* want write, call again */
BUFFER_ERROR = -228, /* malformed buffer input */
VERIFY_CERT_ERROR = -229, /* verify cert error */
VERIFY_SIGN_ERROR = -230, /* verify sign error */
CLIENT_ID_ERROR = -231, /* psk client identity error */
SERVER_HINT_ERROR = -232, /* psk server hint error */
PSK_KEY_ERROR = -233, /* psk key error */
ZLIB_INIT_ERROR = -234, /* zlib init error */
ZLIB_COMPRESS_ERROR = -235, /* zlib compression error */
ZLIB_DECOMPRESS_ERROR = -236, /* zlib decompression error */
GETTIME_ERROR = -237, /* gettimeofday failed ??? */
GETITIMER_ERROR = -238, /* getitimer failed ??? */
SIGACT_ERROR = -239, /* sigaction failed ??? */
SETITIMER_ERROR = -240, /* setitimer failed ??? */
LENGTH_ERROR = -241, /* record layer length error */
PEER_KEY_ERROR = -242, /* can't decode peer key */
ZERO_RETURN = -243, /* peer sent close notify */
SIDE_ERROR = -244, /* wrong client/server type */
NO_PEER_CERT = -245, /* peer didn't send key */
NTRU_KEY_ERROR = -246, /* NTRU key error */
NTRU_DRBG_ERROR = -247, /* NTRU drbg error */
NTRU_ENCRYPT_ERROR = -248, /* NTRU encrypt error */
NTRU_DECRYPT_ERROR = -249, /* NTRU decrypt error */
ECC_CURVETYPE_ERROR = -250, /* Bad ECC Curve Type */
ECC_CURVE_ERROR = -251, /* Bad ECC Curve */
ECC_PEERKEY_ERROR = -252, /* Bad Peer ECC Key */
ECC_MAKEKEY_ERROR = -253, /* Bad Make ECC Key */
ECC_EXPORT_ERROR = -254, /* Bad ECC Export Key */
ECC_SHARED_ERROR = -255, /* Bad ECC Shared Secret */
BAD_MUTEX_ERROR = -256, /* Bad mutex */
NOT_CA_ERROR = -257, /* Not a CA cert error */
BAD_PATH_ERROR = -258, /* Bad path for opendir */
BAD_CERT_MANAGER_ERROR = -259, /* Bad Cert Manager */
OCSP_CERT_REVOKED = -260, /* OCSP Certificate revoked */
CRL_CERT_REVOKED = -261, /* CRL Certificate revoked */
CRL_MISSING = -262, /* CRL Not loaded */
MONITOR_RUNNING_E = -263, /* CRL Monitor already running */
THREAD_CREATE_E = -264, /* Thread Create Error */
OCSP_NEED_URL = -265, /* OCSP need an URL for lookup */
OCSP_CERT_UNKNOWN = -266, /* OCSP responder doesn't know */
OCSP_LOOKUP_FAIL = -267, /* OCSP lookup not successful */
MAX_CHAIN_ERROR = -268, /* max chain depth exceeded */
COOKIE_ERROR = -269, /* dtls cookie error */
/* add strings to SetErrorString !!!!! */
/* begin negotiation parameter errors */
UNSUPPORTED_SUITE = -290, /* unsupported cipher suite */
MATCH_SUITE_ERROR = -291 /* can't match cipher suite */
/* end negotiation parameter errors only 10 for now */
/* add strings to SetErrorString !!!!! */
};
#ifdef CYASSL_CALLBACKS
enum {
MIN_PARAM_ERR = UNSUPPORTED_SUITE,
MAX_PARAM_ERR = MIN_PARAM_ERR - 10
};
#endif
CYASSL_LOCAL
void SetErrorString(int error, char* buffer);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* CyaSSL_ERROR_H */

9
FreeRTOS-Plus/Source/CyaSSL/cyassl/include.am
View file

@ -8,13 +8,18 @@ include cyassl/openssl/include.am
EXTRA_DIST+= cyassl/sniffer_error.rc
nobase_include_HEADERS+= \
cyassl/error.h \
cyassl/internal.h \
cyassl/error-ssl.h \
cyassl/ssl.h \
cyassl/sniffer_error.h \
cyassl/sniffer.h \
cyassl/callbacks.h \
cyassl/certs_test.h \
cyassl/test.h \
cyassl/version.h \
cyassl/options.h \
cyassl/ocsp.h \
cyassl/crl.h
noinst_HEADERS+= \
cyassl/internal.h

1229
FreeRTOS-Plus/Source/CyaSSL/cyassl/internal.h
View file

File diff suppressed because it is too large Load diff

16
FreeRTOS-Plus/Source/CyaSSL/cyassl/ocsp.h
View file

@ -1,6 +1,6 @@
/* ssl.h
/* ocsp.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -25,6 +25,7 @@
#ifndef CYASSL_OCSP_H
#define CYASSL_OCSP_H
#ifdef HAVE_OCSP
#include <cyassl/ssl.h>
#include <cyassl/ctaocrypt/asn.h>
@ -35,18 +36,17 @@
typedef struct CYASSL_OCSP CYASSL_OCSP;
CYASSL_LOCAL int CyaSSL_OCSP_Init(CYASSL_OCSP*);
CYASSL_LOCAL void CyaSSL_OCSP_Cleanup(CYASSL_OCSP*);
CYASSL_LOCAL int CyaSSL_OCSP_set_override_url(CYASSL_OCSP*, const char*);
CYASSL_LOCAL int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP*, DecodedCert*);
CYASSL_LOCAL int InitOCSP(CYASSL_OCSP*, CYASSL_CERT_MANAGER*);
CYASSL_LOCAL void FreeOCSP(CYASSL_OCSP*, int dynamic);
CYASSL_LOCAL int CheckCertOCSP(CYASSL_OCSP*, DecodedCert*);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_OCSP */
#endif /* CYASSL_OCSP_H */

4
FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/des.h
View file

@ -1,6 +1,6 @@
/* des.h
*
* Copyright (C) 2012 Sawtooth Consulting Ltd.
* Copyright (C) 2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

8
FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/evp.h
View file

@ -1,6 +1,6 @@
/* evp.h
*
* Copyright (C) 2012 Sawtooth Consulting Ltd.
* Copyright (C) 2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -95,8 +95,10 @@ typedef struct CYASSL_EVP_MD_CTX {
typedef union {
Aes aes;
#ifndef NO_DES3
Des des;
Des3 des3;
#endif
Arc4 arc4;
} CYASSL_Cipher;
@ -123,7 +125,7 @@ typedef struct CYASSL_EVP_CIPHER_CTX {
int keyLen; /* user may set for variable */
unsigned char enc; /* if encrypt side, then true */
unsigned char cipherType;
unsigned char iv[64]; /* working iv pointer into cipher */
unsigned char iv[AES_BLOCK_SIZE]; /* working iv pointer into cipher */
CYASSL_Cipher cipher;
} CYASSL_EVP_CIPHER_CTX;

4
FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/hmac.h
View file

@ -1,6 +1,6 @@
/* hmac.h
*
* Copyright (C) 2012 Sawtooth Consulting Ltd.
* Copyright (C) 2013 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

2
FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/sha.h
View file

@ -54,7 +54,7 @@ CYASSL_API void CyaSSL_SHA256_Update(CYASSL_SHA256_CTX*, const void*,
CYASSL_API void CyaSSL_SHA256_Final(unsigned char*, CYASSL_SHA256_CTX*);
enum {
SHA256_DIGEST_LENGTH = 20
SHA256_DIGEST_LENGTH = 32
};

8
FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/ssl.h
View file

@ -1,6 +1,6 @@
/* ssl.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* a with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -92,6 +92,8 @@ typedef CYASSL_X509_STORE_CTX X509_STORE_CTX;
#ifdef CYASSL_DTLS
#define DTLSv1_client_method CyaDTLSv1_client_method
#define DTLSv1_server_method CyaDTLSv1_server_method
#define DTLSv1_2_client_method CyaDTLSv1_2_client_method
#define DTLSv1_2_server_method CyaDTLSv1_2_server_method
#endif
@ -116,6 +118,7 @@ typedef CYASSL_X509_STORE_CTX X509_STORE_CTX;
#define SSL_write CyaSSL_write
#define SSL_read CyaSSL_read
#define SSL_peek CyaSSL_peek
#define SSL_accept CyaSSL_accept
#define SSL_CTX_free CyaSSL_CTX_free
#define SSL_free CyaSSL_free
@ -139,6 +142,7 @@ typedef CYASSL_X509_STORE_CTX X509_STORE_CTX;
#define ERR_error_string CyaSSL_ERR_error_string
#define ERR_error_string_n CyaSSL_ERR_error_string_n
#define ERR_reason_error_string CyaSSL_ERR_reason_error_string
#define SSL_set_ex_data CyaSSL_set_ex_data
#define SSL_get_shutdown CyaSSL_get_shutdown

34
FreeRTOS-Plus/Source/CyaSSL/cyassl/options.h Normal file
View file

@ -0,0 +1,34 @@
/* options.h.in
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
/* default blank options for autoconf */
#pragma once
#ifdef __cplusplus
extern "C" {
#endif
#ifdef __cplusplus
}
#endif

34
FreeRTOS-Plus/Source/CyaSSL/cyassl/options.h.in Normal file
View file

@ -0,0 +1,34 @@
/* options.h.in
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
/* default blank options for autoconf */
#pragma once
#ifdef __cplusplus
extern "C" {
#endif
#ifdef __cplusplus
}
#endif

4
FreeRTOS-Plus/Source/CyaSSL/cyassl/sniffer.h
View file

@ -1,6 +1,6 @@
/* sniffer.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

7
FreeRTOS-Plus/Source/CyaSSL/cyassl/sniffer_error.h
View file

@ -1,6 +1,6 @@
/* sniffer_error.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -99,6 +99,9 @@
#define BAD_DECRYPT_TYPE 65
#define BAD_FINISHED_MSG 66
#define BAD_COMPRESSION_STR 67
#define BAD_DERIVE_STR 68
#define ACK_MISSED_STR 69
#define BAD_DECRYPT 70
/* !!!! also add to msgTable in sniffer.c and .rc file !!!! */

3
FreeRTOS-Plus/Source/CyaSSL/cyassl/sniffer_error.rc
View file

@ -81,5 +81,8 @@ STRINGTABLE
66, "Bad Finished Message Processing"
67, "Bad Compression Type"
68, "Bad DeriveKeys Error"
69, "Saw ACK for Missing Packet Error"
70, "Bad Decrypt Operation"
}

605
FreeRTOS-Plus/Source/CyaSSL/cyassl/ssl.h
View file

@ -1,6 +1,6 @@
/* ssl.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -32,7 +32,11 @@
#ifndef NO_FILESYSTEM
#include <stdio.h> /* ERR_printf */
#ifdef FREESCALE_MQX
#include <fio.h>
#else
#include <stdio.h> /* ERR_printf */
#endif
#endif
#ifdef YASSL_PREFIX
@ -55,7 +59,6 @@
extern "C" {
#endif
typedef struct CYASSL CYASSL;
typedef struct CYASSL_SESSION CYASSL_SESSION;
typedef struct CYASSL_METHOD CYASSL_METHOD;
@ -66,6 +69,7 @@ typedef struct CYASSL_X509_NAME CYASSL_X509_NAME;
typedef struct CYASSL_X509_CHAIN CYASSL_X509_CHAIN;
typedef struct CYASSL_CERT_MANAGER CYASSL_CERT_MANAGER;
typedef struct CYASSL_SOCKADDR CYASSL_SOCKADDR;
/* redeclare guard */
#define CYASSL_TYPES_DEFINED
@ -91,6 +95,13 @@ typedef struct CYASSL_dynlock_value CYASSL_dynlock_value;
typedef struct CYASSL_EVP_PKEY {
int type; /* openssh dereference */
int save_type; /* openssh dereference */
int pkey_sz;
union {
char* ptr;
} pkey;
#ifdef HAVE_ECC
int pkey_curve;
#endif
} CYASSL_EVP_PKEY;
typedef struct CYASSL_MD4_CTX {
@ -104,9 +115,19 @@ typedef struct CYASSL_COMP_METHOD {
typedef struct CYASSL_X509_STORE {
int cache; /* stunnel dereference */
int cache; /* stunnel dereference */
CYASSL_CERT_MANAGER* cm;
} CYASSL_X509_STORE;
typedef struct CYASSL_ALERT {
int code;
int level;
} CYASSL_ALERT;
typedef struct CYASSL_ALERT_HISTORY {
CYASSL_ALERT last_rx;
CYASSL_ALERT last_tx;
} CYASSL_ALERT_HISTORY;
typedef struct CYASSL_X509_REVOKED {
CYASSL_ASN1_INTEGER* serialNumber; /* stunnel dereference */
@ -121,17 +142,45 @@ typedef struct CYASSL_X509_OBJECT {
} CYASSL_X509_OBJECT;
/* in internal.h too, change there !! */
typedef struct CYASSL_X509_STORE_CTX {
int error;
int error_depth;
CYASSL_X509_STORE* store; /* Store full of a CA cert chain */
CYASSL_X509* current_cert; /* stunnel dereference */
char* domain; /* subject CN domain name */
void* ex_data; /* external data, for fortress build */
/* in internal.h too, change there !! */
void* userCtx; /* user ctx */
int error; /* current error */
int error_depth; /* cert depth for this error */
int discardSessionCerts; /* so verify callback can flag for discard */
} CYASSL_X509_STORE_CTX;
/* Valid Alert types from page 16/17 */
enum AlertDescription {
close_notify = 0,
unexpected_message = 10,
bad_record_mac = 20,
decompression_failure = 30,
handshake_failure = 40,
no_certificate = 41,
bad_certificate = 42,
unsupported_certificate = 43,
certificate_revoked = 44,
certificate_expired = 45,
certificate_unknown = 46,
illegal_parameter = 47,
decrypt_error = 51,
protocol_version = 70,
no_renegotiation = 100,
unrecognized_name = 112
};
enum AlertLevel {
alert_warning = 1,
alert_fatal = 2
};
CYASSL_API CYASSL_METHOD *CyaSSLv3_server_method(void);
CYASSL_API CYASSL_METHOD *CyaSSLv3_client_method(void);
CYASSL_API CYASSL_METHOD *CyaTLSv1_server_method(void);
@ -144,9 +193,11 @@ CYASSL_API CYASSL_METHOD *CyaTLSv1_2_client_method(void);
#ifdef CYASSL_DTLS
CYASSL_API CYASSL_METHOD *CyaDTLSv1_client_method(void);
CYASSL_API CYASSL_METHOD *CyaDTLSv1_server_method(void);
CYASSL_API CYASSL_METHOD *CyaDTLSv1_2_client_method(void);
CYASSL_API CYASSL_METHOD *CyaDTLSv1_2_server_method(void);
#endif
#ifndef NO_FILESYSTEM
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
CYASSL_API int CyaSSL_CTX_use_certificate_file(CYASSL_CTX*, const char*, int);
CYASSL_API int CyaSSL_CTX_use_PrivateKey_file(CYASSL_CTX*, const char*, int);
@ -173,30 +224,47 @@ CYASSL_API int CyaSSL_use_RSAPrivateKey_file(CYASSL*, const char*, int);
CYASSL_API int CyaSSL_PemCertToDer(const char*, unsigned char*, int);
#endif /* NO_FILESYSTEM */
#endif /* !NO_FILESYSTEM && !NO_CERTS */
CYASSL_API CYASSL_CTX* CyaSSL_CTX_new(CYASSL_METHOD*);
CYASSL_API CYASSL* CyaSSL_new(CYASSL_CTX*);
CYASSL_API int CyaSSL_set_fd (CYASSL*, int);
CYASSL_API int CyaSSL_get_fd(const CYASSL*);
CYASSL_API void CyaSSL_set_using_nonblock(CYASSL*, int);
CYASSL_API int CyaSSL_get_using_nonblock(CYASSL*);
CYASSL_API int CyaSSL_connect(CYASSL*); /* please see note at top of README
if you get an error from connect */
CYASSL_API int CyaSSL_write(CYASSL*, const void*, int);
CYASSL_API int CyaSSL_read(CYASSL*, void*, int);
CYASSL_API int CyaSSL_peek(CYASSL*, void*, int);
CYASSL_API int CyaSSL_accept(CYASSL*);
CYASSL_API void CyaSSL_CTX_free(CYASSL_CTX*);
CYASSL_API void CyaSSL_free(CYASSL*);
CYASSL_API int CyaSSL_shutdown(CYASSL*);
CYASSL_API int CyaSSL_send(CYASSL*, const void*, int sz, int flags);
CYASSL_API int CyaSSL_recv(CYASSL*, void*, int sz, int flags);
CYASSL_API void CyaSSL_CTX_set_quiet_shutdown(CYASSL_CTX*, int);
CYASSL_API void CyaSSL_set_quiet_shutdown(CYASSL*, int);
CYASSL_API int CyaSSL_get_error(CYASSL*, int);
CYASSL_API int CyaSSL_get_alert_history(CYASSL*, CYASSL_ALERT_HISTORY *);
CYASSL_API int CyaSSL_set_session(CYASSL* ssl,CYASSL_SESSION* session);
CYASSL_API int CyaSSL_set_session(CYASSL* ssl,CYASSL_SESSION* session);
CYASSL_API CYASSL_SESSION* CyaSSL_get_session(CYASSL* ssl);
CYASSL_API void CyaSSL_flush_sessions(CYASSL_CTX *ctx, long tm);
CYASSL_API void CyaSSL_flush_sessions(CYASSL_CTX *ctx, long tm);
CYASSL_API int CyaSSL_SetServerID(CYASSL* ssl, const unsigned char*,
int, int);
#ifdef SESSION_INDEX
CYASSL_API int CyaSSL_GetSessionIndex(CYASSL* ssl);
CYASSL_API int CyaSSL_GetSessionAtIndex(int index, CYASSL_SESSION* session);
#endif /* SESSION_INDEX */
#if defined(SESSION_INDEX) && defined(SESSION_CERTS)
CYASSL_API
CYASSL_X509_CHAIN* CyaSSL_SESSION_get_peer_chain(CYASSL_SESSION* session);
#endif /* SESSION_INDEX && SESSION_CERTS */
typedef int (*VerifyCallback)(int, CYASSL_X509_STORE_CTX*);
typedef int (*pem_password_cb)(char*, int, int, void*);
@ -204,6 +272,7 @@ typedef int (*pem_password_cb)(char*, int, int, void*);
CYASSL_API void CyaSSL_CTX_set_verify(CYASSL_CTX*, int,
VerifyCallback verify_callback);
CYASSL_API void CyaSSL_set_verify(CYASSL*, int, VerifyCallback verify_callback);
CYASSL_API void CyaSSL_SetCertCbCtx(CYASSL*, void*);
CYASSL_API int CyaSSL_pending(CYASSL*);
@ -211,14 +280,39 @@ CYASSL_API void CyaSSL_load_error_strings(void);
CYASSL_API int CyaSSL_library_init(void);
CYASSL_API long CyaSSL_CTX_set_session_cache_mode(CYASSL_CTX*, long);
/* session cache persistence */
CYASSL_API int CyaSSL_save_session_cache(const char*);
CYASSL_API int CyaSSL_restore_session_cache(const char*);
CYASSL_API int CyaSSL_memsave_session_cache(void*, int);
CYASSL_API int CyaSSL_memrestore_session_cache(const void*, int);
CYASSL_API int CyaSSL_get_session_cache_memsize(void);
/* certificate cache persistence, uses ctx since certs are per ctx */
CYASSL_API int CyaSSL_CTX_save_cert_cache(CYASSL_CTX*, const char*);
CYASSL_API int CyaSSL_CTX_restore_cert_cache(CYASSL_CTX*, const char*);
CYASSL_API int CyaSSL_CTX_memsave_cert_cache(CYASSL_CTX*, void*, int, int*);
CYASSL_API int CyaSSL_CTX_memrestore_cert_cache(CYASSL_CTX*, const void*, int);
CYASSL_API int CyaSSL_CTX_get_cert_cache_memsize(CYASSL_CTX*);
/* only supports full name from cipher_name[] delimited by : */
CYASSL_API int CyaSSL_CTX_set_cipher_list(CYASSL_CTX*, const char*);
CYASSL_API int CyaSSL_set_cipher_list(CYASSL*, const char*);
/* Nonblocking DTLS helper functions */
CYASSL_API int CyaSSL_dtls_get_current_timeout(CYASSL* ssl);
CYASSL_API int CyaSSL_dtls_set_timeout_init(CYASSL* ssl, int);
CYASSL_API int CyaSSL_dtls_set_timeout_max(CYASSL* ssl, int);
CYASSL_API int CyaSSL_dtls_got_timeout(CYASSL* ssl);
CYASSL_API int CyaSSL_dtls(CYASSL* ssl);
CYASSL_API int CyaSSL_dtls_set_peer(CYASSL*, void*, unsigned int);
CYASSL_API int CyaSSL_dtls_get_peer(CYASSL*, void*, unsigned int*);
CYASSL_API int CyaSSL_ERR_GET_REASON(int err);
CYASSL_API char* CyaSSL_ERR_error_string(unsigned long,char*);
CYASSL_API void CyaSSL_ERR_error_string_n(unsigned long e, char* buf,
unsigned long sz);
CYASSL_API const char* CyaSSL_ERR_reason_error_string(unsigned long);
/* extras */
@ -238,6 +332,7 @@ CYASSL_API void CyaSSL_SESSION_free(CYASSL_SESSION* session);
CYASSL_API int CyaSSL_is_init_finished(CYASSL*);
CYASSL_API const char* CyaSSL_get_version(CYASSL*);
CYASSL_API int CyaSSL_get_current_cipher_suite(CYASSL* ssl);
CYASSL_API CYASSL_CIPHER* CyaSSL_get_current_cipher(CYASSL*);
CYASSL_API char* CyaSSL_CIPHER_description(CYASSL_CIPHER*, char*, int);
CYASSL_API const char* CyaSSL_CIPHER_get_name(const CYASSL_CIPHER* cipher);
@ -322,7 +417,23 @@ CYASSL_API int CyaSSL_X509_STORE_CTX_get_error_depth(CYASSL_X509_STORE_CTX*);
CYASSL_API char* CyaSSL_X509_NAME_oneline(CYASSL_X509_NAME*, char*, int);
CYASSL_API CYASSL_X509_NAME* CyaSSL_X509_get_issuer_name(CYASSL_X509*);
CYASSL_API CYASSL_X509_NAME* CyaSSL_X509_get_subject_name(CYASSL_X509*);
CYASSL_API int CyaSSL_X509_ext_isSet_by_NID(CYASSL_X509*, int);
CYASSL_API int CyaSSL_X509_ext_get_critical_by_NID(CYASSL_X509*, int);
CYASSL_API int CyaSSL_X509_get_isCA(CYASSL_X509*);
CYASSL_API int CyaSSL_X509_get_isSet_pathLength(CYASSL_X509*);
CYASSL_API unsigned int CyaSSL_X509_get_pathLength(CYASSL_X509*);
CYASSL_API unsigned int CyaSSL_X509_get_keyUsage(CYASSL_X509*);
CYASSL_API unsigned char* CyaSSL_X509_get_authorityKeyID(
CYASSL_X509*, unsigned char*, int*);
CYASSL_API unsigned char* CyaSSL_X509_get_subjectKeyID(
CYASSL_X509*, unsigned char*, int*);
CYASSL_API int CyaSSL_X509_NAME_entry_count(CYASSL_X509_NAME*);
CYASSL_API int CyaSSL_X509_NAME_get_text_by_NID(
CYASSL_X509_NAME*, int, char*, int);
CYASSL_API int CyaSSL_X509_verify_cert(CYASSL_X509_STORE_CTX*);
CYASSL_API const char* CyaSSL_X509_verify_cert_error_string(long);
CYASSL_API int CyaSSL_X509_get_signature_type(CYASSL_X509*);
CYASSL_API int CyaSSL_X509_get_signature(CYASSL_X509*, unsigned char*, int*);
CYASSL_API int CyaSSL_X509_LOOKUP_add_dir(CYASSL_X509_LOOKUP*,const char*,long);
CYASSL_API int CyaSSL_X509_LOOKUP_load_file(CYASSL_X509_LOOKUP*, const char*,
@ -333,10 +444,16 @@ CYASSL_API CYASSL_X509_LOOKUP_METHOD* CyaSSL_X509_LOOKUP_file(void);
CYASSL_API CYASSL_X509_LOOKUP* CyaSSL_X509_STORE_add_lookup(CYASSL_X509_STORE*,
CYASSL_X509_LOOKUP_METHOD*);
CYASSL_API CYASSL_X509_STORE* CyaSSL_X509_STORE_new(void);
CYASSL_API void CyaSSL_X509_STORE_free(CYASSL_X509_STORE*);
CYASSL_API int CyaSSL_X509_STORE_add_cert(
CYASSL_X509_STORE*, CYASSL_X509*);
CYASSL_API int CyaSSL_X509_STORE_set_default_paths(CYASSL_X509_STORE*);
CYASSL_API int CyaSSL_X509_STORE_get_by_subject(CYASSL_X509_STORE_CTX*,
int, CYASSL_X509_NAME*, CYASSL_X509_OBJECT*);
CYASSL_API CYASSL_X509_STORE_CTX* CyaSSL_X509_STORE_CTX_new(void);
CYASSL_API int CyaSSL_X509_STORE_CTX_init(CYASSL_X509_STORE_CTX*,
CYASSL_X509_STORE*, CYASSL_X509*, STACK_OF(CYASSL_X509)*);
CYASSL_API void CyaSSL_X509_STORE_CTX_free(CYASSL_X509_STORE_CTX*);
CYASSL_API void CyaSSL_X509_STORE_CTX_cleanup(CYASSL_X509_STORE_CTX*);
CYASSL_API CYASSL_ASN1_TIME* CyaSSL_X509_CRL_get_lastUpdate(CYASSL_X509_CRL*);
@ -405,7 +522,6 @@ CYASSL_API long CyaSSL_CTX_sess_timeouts(CYASSL_CTX*);
CYASSL_API long CyaSSL_CTX_sess_number(CYASSL_CTX*);
CYASSL_API long CyaSSL_CTX_sess_get_cache_size(CYASSL_CTX*);
#define CYASSL_DEFAULT_CIPHER_LIST "" /* default all */
#define CYASSL_RSA_F4 0x10001L
@ -428,6 +544,9 @@ enum {
OCSP_RESPONSE = 8,
OCSP_BASICRESP = 16,
CYASSL_OCSP_URL_OVERRIDE = 1,
CYASSL_OCSP_NO_NONCE = 2,
CYASSL_CRL_CHECKALL = 1,
ASN1_GENERALIZEDTIME = 4,
@ -501,7 +620,7 @@ enum {
/* extras end */
#ifndef NO_FILESYSTEM
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
/* CyaSSL extension, provide last error from SSL_get_error
since not using thread storage error queue */
CYASSL_API void CyaSSL_ERR_print_errors_fp(FILE*, int err);
@ -601,8 +720,9 @@ CYASSL_API int CyaSSL_RAND_status(void);
CYASSL_API int CyaSSL_RAND_bytes(unsigned char* buf, int num);
CYASSL_API CYASSL_METHOD *CyaSSLv23_server_method(void);
CYASSL_API long CyaSSL_CTX_set_options(CYASSL_CTX*, long);
CYASSL_API int CyaSSL_CTX_check_private_key(CYASSL_CTX*);
#ifndef NO_CERTS
CYASSL_API int CyaSSL_CTX_check_private_key(CYASSL_CTX*);
#endif /* !NO_CERTS */
CYASSL_API void CyaSSL_ERR_free_strings(void);
CYASSL_API void CyaSSL_ERR_remove_state(unsigned long);
@ -640,8 +760,8 @@ CYASSL_API void CyaSSL_CTX_sess_set_remove_cb(CYASSL_CTX*,
void (*f)(CYASSL_CTX*, CYASSL_SESSION*));
CYASSL_API int CyaSSL_i2d_SSL_SESSION(CYASSL_SESSION*,unsigned char**);
CYASSL_API CYASSL_SESSION* CyaSSL_d2i_SSL_SESSION(CYASSL_SESSION**,const unsigned char**,
long);
CYASSL_API CYASSL_SESSION* CyaSSL_d2i_SSL_SESSION(CYASSL_SESSION**,
const unsigned char**, long);
CYASSL_API long CyaSSL_SESSION_get_timeout(const CYASSL_SESSION*);
CYASSL_API long CyaSSL_SESSION_get_time(const CYASSL_SESSION*);
@ -682,6 +802,10 @@ CYASSL_API int CyaSSL_get_chain_count(CYASSL_X509_CHAIN* chain);
CYASSL_API int CyaSSL_get_chain_length(CYASSL_X509_CHAIN*, int idx);
/* index cert */
CYASSL_API unsigned char* CyaSSL_get_chain_cert(CYASSL_X509_CHAIN*, int idx);
/* index cert in X509 */
CYASSL_API CYASSL_X509* CyaSSL_get_chain_X509(CYASSL_X509_CHAIN*, int idx);
/* free X509 */
CYASSL_API void CyaSSL_FreeX509(CYASSL_X509*);
/* get index cert in PEM */
CYASSL_API int CyaSSL_get_chain_cert_pem(CYASSL_X509_CHAIN*, int idx,
unsigned char* buffer, int inLen, int* outLen);
@ -689,14 +813,40 @@ CYASSL_API const unsigned char* CyaSSL_get_sessionID(const CYASSL_SESSION* s);
CYASSL_API int CyaSSL_X509_get_serial_number(CYASSL_X509*,unsigned char*,int*);
CYASSL_API char* CyaSSL_X509_get_subjectCN(CYASSL_X509*);
CYASSL_API const unsigned char* CyaSSL_X509_get_der(CYASSL_X509*, int*);
CYASSL_API const unsigned char* CyaSSL_X509_notBefore(CYASSL_X509*);
CYASSL_API const unsigned char* CyaSSL_X509_notAfter(CYASSL_X509*);
CYASSL_API int CyaSSL_X509_version(CYASSL_X509*);
CYASSL_API
CYASSL_API int CyaSSL_cmp_peer_cert_to_file(CYASSL*, const char*);
CYASSL_API char* CyaSSL_X509_get_next_altname(CYASSL_X509*);
CYASSL_API CYASSL_X509*
CyaSSL_X509_d2i(CYASSL_X509** x509, const unsigned char* in, int len);
#ifndef NO_FILESYSTEM
#ifndef NO_STDIO_FILESYSTEM
CYASSL_API CYASSL_X509*
CyaSSL_X509_d2i_fp(CYASSL_X509** x509, FILE* file);
#endif
CYASSL_API CYASSL_X509*
CyaSSL_X509_load_certificate_file(const char* fname, int format);
#endif
#ifdef CYASSL_SEP
CYASSL_API unsigned char*
CyaSSL_X509_get_device_type(CYASSL_X509*, unsigned char*, int*);
CYASSL_API unsigned char*
CyaSSL_X509_get_hw_type(CYASSL_X509*, unsigned char*, int*);
CYASSL_API unsigned char*
CyaSSL_X509_get_hw_serial_number(CYASSL_X509*, unsigned char*, int*);
#endif
/* connect enough to get peer cert */
CYASSL_API int CyaSSL_connect_cert(CYASSL* ssl);
/* XXX This should be #ifndef NO_DH */
#ifndef NO_CERTS
/* server Diffie-Hellman parameters */
CYASSL_API int CyaSSL_SetTmpDH(CYASSL*, const unsigned char* p, int pSz,
const unsigned char* g, int gSz);
@ -713,23 +863,31 @@ CYASSL_API int CyaSSL_CTX_SetTmpDH(CYASSL_CTX*, const unsigned char* p,
CYASSL_API int CyaSSL_CTX_SetTmpDH_buffer(CYASSL_CTX*, const unsigned char* b,
long sz, int format);
CYASSL_API int CyaSSL_CTX_SetTmpEC_DHE_Sz(CYASSL_CTX*, unsigned short);
#ifndef NO_FILESYSTEM
CYASSL_API int CyaSSL_CTX_SetTmpDH_file(CYASSL_CTX*, const char* f,
int format);
#endif
#endif
/* keyblock size in bytes or -1 */
/* need to call CyaSSL_KeepArrays before handshake to save keys */
CYASSL_API int CyaSSL_get_keyblock_size(CYASSL*);
CYASSL_API int CyaSSL_get_keys(CYASSL*,unsigned char** ms, unsigned int* msLen,
unsigned char** sr, unsigned int* srLen,
unsigned char** cr, unsigned int* crLen);
/* Computes EAP-TLS and EAP-TTLS keying material from the master_secret. */
CYASSL_API int CyaSSL_make_eap_keys(CYASSL*, void* key, unsigned int len,
const char* label);
#ifndef _WIN32
#ifndef NO_WRITEV
#ifdef __PPU
#include <sys/types.h>
#include <sys/socket.h>
#else
#elif !defined(CYASSL_MDK_ARM) && !defined(CYASSL_IAR_ARM)
#include <sys/uio.h>
#endif
/* allow writev style writing */
@ -739,36 +897,92 @@ CYASSL_API int CyaSSL_get_keys(CYASSL*,unsigned char** ms, unsigned int* msLen,
#endif
/* SSL_CTX versions */
CYASSL_API int CyaSSL_CTX_load_verify_buffer(CYASSL_CTX*, const unsigned char*,
long, int);
CYASSL_API int CyaSSL_CTX_use_certificate_buffer(CYASSL_CTX*,
#ifndef NO_CERTS
/* SSL_CTX versions */
CYASSL_API int CyaSSL_CTX_UnloadCAs(CYASSL_CTX*);
CYASSL_API int CyaSSL_CTX_load_verify_buffer(CYASSL_CTX*,
const unsigned char*, long, int);
CYASSL_API int CyaSSL_CTX_use_PrivateKey_buffer(CYASSL_CTX*,
CYASSL_API int CyaSSL_CTX_use_certificate_buffer(CYASSL_CTX*,
const unsigned char*, long, int);
CYASSL_API int CyaSSL_CTX_use_certificate_chain_buffer(CYASSL_CTX*,
CYASSL_API int CyaSSL_CTX_use_PrivateKey_buffer(CYASSL_CTX*,
const unsigned char*, long, int);
CYASSL_API int CyaSSL_CTX_use_certificate_chain_buffer(CYASSL_CTX*,
const unsigned char*, long);
CYASSL_API int CyaSSL_CTX_set_group_messages(CYASSL_CTX*);
/* SSL versions */
CYASSL_API int CyaSSL_use_certificate_buffer(CYASSL*, const unsigned char*,
long, int);
CYASSL_API int CyaSSL_use_PrivateKey_buffer(CYASSL*, const unsigned char*, long,
int);
CYASSL_API int CyaSSL_use_certificate_chain_buffer(CYASSL*,
const unsigned char*, long);
/* SSL versions */
CYASSL_API int CyaSSL_use_certificate_buffer(CYASSL*, const unsigned char*,
long, int);
CYASSL_API int CyaSSL_use_PrivateKey_buffer(CYASSL*, const unsigned char*,
long, int);
CYASSL_API int CyaSSL_use_certificate_chain_buffer(CYASSL*,
const unsigned char*, long);
CYASSL_API int CyaSSL_UnloadCertsKeys(CYASSL*);
#endif
CYASSL_API int CyaSSL_CTX_set_group_messages(CYASSL_CTX*);
CYASSL_API int CyaSSL_set_group_messages(CYASSL*);
/* I/O callbacks */
typedef int (*CallbackIORecv)(char *buf, int sz, void *ctx);
typedef int (*CallbackIOSend)(char *buf, int sz, void *ctx);
typedef int (*CallbackIORecv)(CYASSL *ssl, char *buf, int sz, void *ctx);
typedef int (*CallbackIOSend)(CYASSL *ssl, char *buf, int sz, void *ctx);
CYASSL_API void CyaSSL_SetIORecv(CYASSL_CTX*, CallbackIORecv);
CYASSL_API void CyaSSL_SetIOSend(CYASSL_CTX*, CallbackIOSend);
CYASSL_API void CyaSSL_SetIOReadCtx(CYASSL* ssl, void *ctx);
CYASSL_API void CyaSSL_SetIOReadCtx( CYASSL* ssl, void *ctx);
CYASSL_API void CyaSSL_SetIOWriteCtx(CYASSL* ssl, void *ctx);
CYASSL_API void* CyaSSL_GetIOReadCtx( CYASSL* ssl);
CYASSL_API void* CyaSSL_GetIOWriteCtx(CYASSL* ssl);
CYASSL_API void CyaSSL_SetIOReadFlags( CYASSL* ssl, int flags);
CYASSL_API void CyaSSL_SetIOWriteFlags(CYASSL* ssl, int flags);
#ifndef CYASSL_USER_IO
/* default IO callbacks */
CYASSL_API int EmbedReceive(CYASSL* ssl, char* buf, int sz, void* ctx);
CYASSL_API int EmbedSend(CYASSL* ssl, char* buf, int sz, void* ctx);
#ifdef HAVE_OCSP
CYASSL_API int EmbedOcspLookup(void*, const char*, int, unsigned char*,
int, unsigned char**);
CYASSL_API void EmbedOcspRespFree(void*, unsigned char*);
#endif
#ifdef CYASSL_DTLS
CYASSL_API int EmbedReceiveFrom(CYASSL* ssl, char* buf, int sz, void*);
CYASSL_API int EmbedSendTo(CYASSL* ssl, char* buf, int sz, void* ctx);
CYASSL_API int EmbedGenerateCookie(CYASSL* ssl, unsigned char* buf,
int sz, void*);
#endif /* CYASSL_DTLS */
#endif /* CYASSL_USER_IO */
#ifdef HAVE_NETX
CYASSL_API void CyaSSL_SetIO_NetX(CYASSL* ssl, NX_TCP_SOCKET* nxsocket,
ULONG waitoption);
#endif
typedef int (*CallbackGenCookie)(CYASSL* ssl, unsigned char* buf, int sz,
void* ctx);
CYASSL_API void CyaSSL_CTX_SetGenCookie(CYASSL_CTX*, CallbackGenCookie);
CYASSL_API void CyaSSL_SetCookieCtx(CYASSL* ssl, void *ctx);
CYASSL_API void* CyaSSL_GetCookieCtx(CYASSL* ssl);
/* I/O Callback default errors */
enum IOerrors {
CYASSL_CBIO_ERR_GENERAL = -1, /* general unexpected err */
CYASSL_CBIO_ERR_WANT_READ = -2, /* need to call read again */
CYASSL_CBIO_ERR_WANT_WRITE = -2, /* need to call write again */
CYASSL_CBIO_ERR_CONN_RST = -3, /* connection reset */
CYASSL_CBIO_ERR_ISR = -4, /* interrupt */
CYASSL_CBIO_ERR_CONN_CLOSE = -5, /* connection closed or epipe */
CYASSL_CBIO_ERR_TIMEOUT = -6 /* socket timeout */
};
/* CA cache callbacks */
enum {
CYASSL_SSLV3 = 0,
@ -779,42 +993,299 @@ enum {
CYASSL_CHAIN_CA = 2 /* added to cache from trusted chain */
};
CYASSL_API int CyaSSL_GetObjectSize(void); /* object size based on build */
CYASSL_API int CyaSSL_SetVersion(CYASSL* ssl, int version);
CYASSL_API int CyaSSL_KeyPemToDer(const unsigned char*, int sz, unsigned char*,
int, const char*);
CYASSL_API int CyaSSL_CertPemToDer(const unsigned char*, int sz, unsigned char*,
int, int);
typedef void (*CallbackCACache)(unsigned char* der, int sz, int type);
typedef void (*CbMissingCRL)(const char* url);
typedef int (*CbOCSPIO)(void*, const char*, int,
unsigned char*, int, unsigned char**);
typedef void (*CbOCSPRespFree)(void*,unsigned char*);
CYASSL_API void CyaSSL_CTX_SetCACb(CYASSL_CTX*, CallbackCACache);
/* User Atomic Record Layer CallBacks */
typedef int (*CallbackMacEncrypt)(CYASSL* ssl, unsigned char* macOut,
const unsigned char* macIn, unsigned int macInSz, int macContent,
int macVerify, unsigned char* encOut, const unsigned char* encIn,
unsigned int encSz, void* ctx);
CYASSL_API void CyaSSL_CTX_SetMacEncryptCb(CYASSL_CTX*, CallbackMacEncrypt);
CYASSL_API void CyaSSL_SetMacEncryptCtx(CYASSL* ssl, void *ctx);
CYASSL_API void* CyaSSL_GetMacEncryptCtx(CYASSL* ssl);
typedef int (*CallbackDecryptVerify)(CYASSL* ssl,
unsigned char* decOut, const unsigned char* decIn,
unsigned int decSz, int content, int verify, unsigned int* padSz,
void* ctx);
CYASSL_API void CyaSSL_CTX_SetDecryptVerifyCb(CYASSL_CTX*,
CallbackDecryptVerify);
CYASSL_API void CyaSSL_SetDecryptVerifyCtx(CYASSL* ssl, void *ctx);
CYASSL_API void* CyaSSL_GetDecryptVerifyCtx(CYASSL* ssl);
CYASSL_API const unsigned char* CyaSSL_GetMacSecret(CYASSL*, int);
CYASSL_API const unsigned char* CyaSSL_GetClientWriteKey(CYASSL*);
CYASSL_API const unsigned char* CyaSSL_GetClientWriteIV(CYASSL*);
CYASSL_API const unsigned char* CyaSSL_GetServerWriteKey(CYASSL*);
CYASSL_API const unsigned char* CyaSSL_GetServerWriteIV(CYASSL*);
CYASSL_API int CyaSSL_GetKeySize(CYASSL*);
CYASSL_API int CyaSSL_GetIVSize(CYASSL*);
CYASSL_API int CyaSSL_GetSide(CYASSL*);
CYASSL_API int CyaSSL_IsTLSv1_1(CYASSL*);
CYASSL_API int CyaSSL_GetBulkCipher(CYASSL*);
CYASSL_API int CyaSSL_GetCipherBlockSize(CYASSL*);
CYASSL_API int CyaSSL_GetAeadMacSize(CYASSL*);
CYASSL_API int CyaSSL_GetHmacSize(CYASSL*);
CYASSL_API int CyaSSL_GetHmacType(CYASSL*);
CYASSL_API int CyaSSL_GetCipherType(CYASSL*);
CYASSL_API int CyaSSL_SetTlsHmacInner(CYASSL*, unsigned char*,
unsigned int, int, int);
/* Atomic User Needs */
enum {
CYASSL_SERVER_END = 0,
CYASSL_CLIENT_END = 1,
CYASSL_BLOCK_TYPE = 2,
CYASSL_STREAM_TYPE = 3,
CYASSL_AEAD_TYPE = 4,
CYASSL_TLS_HMAC_INNER_SZ = 13 /* SEQ_SZ + ENUM + VERSION_SZ + LEN_SZ */
};
/* for GetBulkCipher and internal use */
enum BulkCipherAlgorithm {
cyassl_cipher_null,
cyassl_rc4,
cyassl_rc2,
cyassl_des,
cyassl_triple_des, /* leading 3 (3des) not valid identifier */
cyassl_des40,
cyassl_idea,
cyassl_aes,
cyassl_aes_gcm,
cyassl_aes_ccm,
cyassl_camellia,
cyassl_hc128, /* CyaSSL extensions */
cyassl_rabbit
};
CYASSL_API CYASSL_CERT_MANAGER* CyaSSL_CertManagerNew(void);
CYASSL_API void CyaSSL_CertManagerFree(CYASSL_CERT_MANAGER*);
/* Public Key Callback support */
typedef int (*CallbackEccSign)(CYASSL* ssl,
const unsigned char* in, unsigned int inSz,
unsigned char* out, unsigned int* outSz,
const unsigned char* keyDer, unsigned int keySz,
void* ctx);
CYASSL_API void CyaSSL_CTX_SetEccSignCb(CYASSL_CTX*, CallbackEccSign);
CYASSL_API void CyaSSL_SetEccSignCtx(CYASSL* ssl, void *ctx);
CYASSL_API void* CyaSSL_GetEccSignCtx(CYASSL* ssl);
CYASSL_API int CyaSSL_CertManagerLoadCA(CYASSL_CERT_MANAGER*, const char* f,
const char* d);
CYASSL_API int CyaSSL_CertManagerVerify(CYASSL_CERT_MANAGER*, const char* f,
int format);
CYASSL_API int CyaSSL_CertManagerVerifyBuffer(CYASSL_CERT_MANAGER* cm,
const unsigned char* buff, int sz, int format);
CYASSL_API int CyaSSL_CertManagerCheckCRL(CYASSL_CERT_MANAGER*, unsigned char*,
int sz);
CYASSL_API int CyaSSL_CertManagerEnableCRL(CYASSL_CERT_MANAGER*, int options);
CYASSL_API int CyaSSL_CertManagerDisableCRL(CYASSL_CERT_MANAGER*);
CYASSL_API int CyaSSL_CertManagerLoadCRL(CYASSL_CERT_MANAGER*, const char*, int,
int);
CYASSL_API int CyaSSL_CertManagerSetCRL_Cb(CYASSL_CERT_MANAGER*, CbMissingCRL);
typedef int (*CallbackEccVerify)(CYASSL* ssl,
const unsigned char* sig, unsigned int sigSz,
const unsigned char* hash, unsigned int hashSz,
const unsigned char* keyDer, unsigned int keySz,
int* result, void* ctx);
CYASSL_API void CyaSSL_CTX_SetEccVerifyCb(CYASSL_CTX*, CallbackEccVerify);
CYASSL_API void CyaSSL_SetEccVerifyCtx(CYASSL* ssl, void *ctx);
CYASSL_API void* CyaSSL_GetEccVerifyCtx(CYASSL* ssl);
CYASSL_API int CyaSSL_EnableCRL(CYASSL* ssl, int options);
CYASSL_API int CyaSSL_DisableCRL(CYASSL* ssl);
CYASSL_API int CyaSSL_LoadCRL(CYASSL*, const char*, int, int);
CYASSL_API int CyaSSL_SetCRL_Cb(CYASSL*, CbMissingCRL);
typedef int (*CallbackRsaSign)(CYASSL* ssl,
const unsigned char* in, unsigned int inSz,
unsigned char* out, unsigned int* outSz,
const unsigned char* keyDer, unsigned int keySz,
void* ctx);
CYASSL_API void CyaSSL_CTX_SetRsaSignCb(CYASSL_CTX*, CallbackRsaSign);
CYASSL_API void CyaSSL_SetRsaSignCtx(CYASSL* ssl, void *ctx);
CYASSL_API void* CyaSSL_GetRsaSignCtx(CYASSL* ssl);
typedef int (*CallbackRsaVerify)(CYASSL* ssl,
unsigned char* sig, unsigned int sigSz,
unsigned char** out,
const unsigned char* keyDer, unsigned int keySz,
void* ctx);
CYASSL_API void CyaSSL_CTX_SetRsaVerifyCb(CYASSL_CTX*, CallbackRsaVerify);
CYASSL_API void CyaSSL_SetRsaVerifyCtx(CYASSL* ssl, void *ctx);
CYASSL_API void* CyaSSL_GetRsaVerifyCtx(CYASSL* ssl);
/* RSA Public Encrypt cb */
typedef int (*CallbackRsaEnc)(CYASSL* ssl,
const unsigned char* in, unsigned int inSz,
unsigned char* out, unsigned int* outSz,
const unsigned char* keyDer, unsigned int keySz,
void* ctx);
CYASSL_API void CyaSSL_CTX_SetRsaEncCb(CYASSL_CTX*, CallbackRsaEnc);
CYASSL_API void CyaSSL_SetRsaEncCtx(CYASSL* ssl, void *ctx);
CYASSL_API void* CyaSSL_GetRsaEncCtx(CYASSL* ssl);
/* RSA Private Decrypt cb */
typedef int (*CallbackRsaDec)(CYASSL* ssl,
unsigned char* in, unsigned int inSz,
unsigned char** out,
const unsigned char* keyDer, unsigned int keySz,
void* ctx);
CYASSL_API void CyaSSL_CTX_SetRsaDecCb(CYASSL_CTX*, CallbackRsaDec);
CYASSL_API void CyaSSL_SetRsaDecCtx(CYASSL* ssl, void *ctx);
CYASSL_API void* CyaSSL_GetRsaDecCtx(CYASSL* ssl);
#ifndef NO_CERTS
CYASSL_API void CyaSSL_CTX_SetCACb(CYASSL_CTX*, CallbackCACache);
CYASSL_API CYASSL_CERT_MANAGER* CyaSSL_CertManagerNew(void);
CYASSL_API void CyaSSL_CertManagerFree(CYASSL_CERT_MANAGER*);
CYASSL_API int CyaSSL_CertManagerLoadCA(CYASSL_CERT_MANAGER*, const char* f,
const char* d);
CYASSL_API int CyaSSL_CertManagerUnloadCAs(CYASSL_CERT_MANAGER* cm);
CYASSL_API int CyaSSL_CertManagerVerify(CYASSL_CERT_MANAGER*, const char* f,
int format);
CYASSL_API int CyaSSL_CertManagerVerifyBuffer(CYASSL_CERT_MANAGER* cm,
const unsigned char* buff, long sz, int format);
CYASSL_API int CyaSSL_CertManagerCheckCRL(CYASSL_CERT_MANAGER*,
unsigned char*, int sz);
CYASSL_API int CyaSSL_CertManagerEnableCRL(CYASSL_CERT_MANAGER*,
int options);
CYASSL_API int CyaSSL_CertManagerDisableCRL(CYASSL_CERT_MANAGER*);
CYASSL_API int CyaSSL_CertManagerLoadCRL(CYASSL_CERT_MANAGER*, const char*,
int, int);
CYASSL_API int CyaSSL_CertManagerSetCRL_Cb(CYASSL_CERT_MANAGER*,
CbMissingCRL);
CYASSL_API int CyaSSL_CertManagerCheckOCSP(CYASSL_CERT_MANAGER*,
unsigned char*, int sz);
CYASSL_API int CyaSSL_CertManagerEnableOCSP(CYASSL_CERT_MANAGER*,
int options);
CYASSL_API int CyaSSL_CertManagerDisableOCSP(CYASSL_CERT_MANAGER*);
CYASSL_API int CyaSSL_CertManagerSetOCSPOverrideURL(CYASSL_CERT_MANAGER*,
const char*);
CYASSL_API int CyaSSL_CertManagerSetOCSP_Cb(CYASSL_CERT_MANAGER*,
CbOCSPIO, CbOCSPRespFree, void*);
CYASSL_API int CyaSSL_EnableCRL(CYASSL* ssl, int options);
CYASSL_API int CyaSSL_DisableCRL(CYASSL* ssl);
CYASSL_API int CyaSSL_LoadCRL(CYASSL*, const char*, int, int);
CYASSL_API int CyaSSL_SetCRL_Cb(CYASSL*, CbMissingCRL);
CYASSL_API int CyaSSL_EnableOCSP(CYASSL*, int options);
CYASSL_API int CyaSSL_DisableOCSP(CYASSL*);
CYASSL_API int CyaSSL_SetOCSP_OverrideURL(CYASSL*, const char*);
CYASSL_API int CyaSSL_SetOCSP_Cb(CYASSL*, CbOCSPIO, CbOCSPRespFree, void*);
CYASSL_API int CyaSSL_CTX_EnableCRL(CYASSL_CTX* ctx, int options);
CYASSL_API int CyaSSL_CTX_DisableCRL(CYASSL_CTX* ctx);
CYASSL_API int CyaSSL_CTX_LoadCRL(CYASSL_CTX*, const char*, int, int);
CYASSL_API int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX*, CbMissingCRL);
CYASSL_API int CyaSSL_CTX_EnableOCSP(CYASSL_CTX*, int options);
CYASSL_API int CyaSSL_CTX_DisableOCSP(CYASSL_CTX*);
CYASSL_API int CyaSSL_CTX_SetOCSP_OverrideURL(CYASSL_CTX*, const char*);
CYASSL_API int CyaSSL_CTX_SetOCSP_Cb(CYASSL_CTX*,
CbOCSPIO, CbOCSPRespFree, void*);
#endif /* !NO_CERTS */
/* end of handshake frees temporary arrays, if user needs for get_keys or
psk hints, call KeepArrays before handshake and then FreeArrays when done
if don't want to wait for object free */
CYASSL_API void CyaSSL_KeepArrays(CYASSL*);
CYASSL_API void CyaSSL_FreeArrays(CYASSL*);
/* cavium additions */
CYASSL_API int CyaSSL_UseCavium(CYASSL*, int devId);
CYASSL_API int CyaSSL_CTX_UseCavium(CYASSL_CTX*, int devId);
/* TLS Extensions */
/* Server Name Indication */
#ifdef HAVE_SNI
/* SNI types */
enum {
CYASSL_SNI_HOST_NAME = 0
};
CYASSL_API int CyaSSL_UseSNI(CYASSL* ssl, unsigned char type, const void* data,
unsigned short size);
CYASSL_API int CyaSSL_CTX_UseSNI(CYASSL_CTX* ctx, unsigned char type,
const void* data, unsigned short size);
#ifndef NO_CYASSL_SERVER
/* SNI options */
enum {
CYASSL_SNI_CONTINUE_ON_MISMATCH = 0x01, /* do not abort on mismatch flag */
CYASSL_SNI_ANSWER_ON_MISMATCH = 0x02 /* fake match on mismatch flag */
};
CYASSL_API void CyaSSL_SNI_SetOptions(CYASSL* ssl, unsigned char type,
unsigned char options);
CYASSL_API void CyaSSL_CTX_SNI_SetOptions(CYASSL_CTX* ctx, unsigned char type,
unsigned char options);
/* SNI status */
enum {
CYASSL_SNI_NO_MATCH = 0,
CYASSL_SNI_FAKE_MATCH = 1, /* if CYASSL_SNI_ANSWER_ON_MISMATCH is enabled */
CYASSL_SNI_REAL_MATCH = 2
};
CYASSL_API unsigned char CyaSSL_SNI_Status(CYASSL* ssl, unsigned char type);
CYASSL_API unsigned short CyaSSL_SNI_GetRequest(CYASSL *ssl, unsigned char type,
void** data);
CYASSL_API int CyaSSL_SNI_GetFromBuffer(
const unsigned char* clientHello, unsigned int helloSz,
unsigned char type, unsigned char* sni, unsigned int* inOutSz);
#endif /* NO_CYASSL_SERVER */
#endif /* HAVE_SNI */
/* Maximum Fragment Length */
#ifdef HAVE_MAX_FRAGMENT
/* Fragment lengths */
enum {
CYASSL_MFL_2_9 = 1, /* 512 bytes */
CYASSL_MFL_2_10 = 2, /* 1024 bytes */
CYASSL_MFL_2_11 = 3, /* 2048 bytes */
CYASSL_MFL_2_12 = 4, /* 4096 bytes */
CYASSL_MFL_2_13 = 5 /* 8192 bytes *//* CyaSSL ONLY!!! */
};
#ifndef NO_CYASSL_CLIENT
CYASSL_API int CyaSSL_UseMaxFragment(CYASSL* ssl, unsigned char mfl);
CYASSL_API int CyaSSL_CTX_UseMaxFragment(CYASSL_CTX* ctx, unsigned char mfl);
#endif /* NO_CYASSL_CLIENT */
#endif /* HAVE_MAX_FRAGMENT */
/* Truncated HMAC */
#ifdef HAVE_TRUNCATED_HMAC
#ifndef NO_CYASSL_CLIENT
CYASSL_API int CyaSSL_UseTruncatedHMAC(CYASSL* ssl);
CYASSL_API int CyaSSL_CTX_UseTruncatedHMAC(CYASSL_CTX* ctx);
#endif /* NO_CYASSL_CLIENT */
#endif /* HAVE_TRUNCATED_HMAC */
/* Elliptic Curves */
#ifdef HAVE_SUPPORTED_CURVES
enum {
CYASSL_ECC_SECP160R1 = 0x10,
CYASSL_ECC_SECP192R1 = 0x13,
CYASSL_ECC_SECP224R1 = 0x15,
CYASSL_ECC_SECP256R1 = 0x17,
CYASSL_ECC_SECP384R1 = 0x18,
CYASSL_ECC_SECP521R1 = 0x19
};
#ifndef NO_CYASSL_CLIENT
CYASSL_API int CyaSSL_UseSupportedCurve(CYASSL* ssl, unsigned short name);
CYASSL_API int CyaSSL_CTX_UseSupportedCurve(CYASSL_CTX* ctx,
unsigned short name);
#endif /* NO_CYASSL_CLIENT */
#endif /* HAVE_SUPPORTED_CURVES */
CYASSL_API int CyaSSL_CTX_EnableCRL(CYASSL_CTX* ctx, int options);
CYASSL_API int CyaSSL_CTX_DisableCRL(CYASSL_CTX* ctx);
CYASSL_API int CyaSSL_CTX_LoadCRL(CYASSL_CTX*, const char*, int, int);
CYASSL_API int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX*, CbMissingCRL);
#define CYASSL_CRL_MONITOR 0x01 /* monitor this dir flag */
#define CYASSL_CRL_START_MON 0x02 /* start monitoring flag */
@ -837,13 +1308,13 @@ CYASSL_API int CyaSSL_accept_ex(CYASSL*, HandShakeCallBack, TimeoutCallBack,
#endif /* CYASSL_CALLBACKS */
CYASSL_API long CyaSSL_CTX_OCSP_set_options(CYASSL_CTX*, long);
CYASSL_API int CyaSSL_CTX_OCSP_set_override_url(CYASSL_CTX*, const char*);
#ifdef CYASSL_HAVE_WOLFSCEP
CYASSL_API void CyaSSL_wolfSCEP(void);
#endif /* CYASSL_HAVE_WOLFSCEP */
/* OCSP Options */
#define CYASSL_OCSP_ENABLE 0x0001 /* Enable OCSP lookups */
#define CYASSL_OCSP_URL_OVERRIDE 0x0002 /* Use the override URL instead of URL
* in certificate */
#ifdef CYASSL_HAVE_CERT_SERVICE
CYASSL_API void CyaSSL_cert_service(void);
#endif
#ifdef __cplusplus

1177
FreeRTOS-Plus/Source/CyaSSL/cyassl/test.h
View file

File diff suppressed because it is too large Load diff

8
FreeRTOS-Plus/Source/CyaSSL/cyassl/version.h
View file

@ -1,6 +1,6 @@
/* cyassl_version.h.in
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -26,8 +26,8 @@
extern "C" {
#endif
#define LIBCYASSL_VERSION_STRING "2.3.0"
#define LIBCYASSL_VERSION_HEX 0x02003000
#define LIBCYASSL_VERSION_STRING "3.1.0"
#define LIBCYASSL_VERSION_HEX 0x03001000
#ifdef __cplusplus
}

4
FreeRTOS-Plus/Source/CyaSSL/cyassl/version.h.in
View file

@ -1,6 +1,6 @@
/* cyassl_version.h.in
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/