summaryrefslogtreecommitdiff
path: root/extra
diff options
context:
space:
mode:
authorunknown <msvensson@neptunus.(none)>2006-05-12 11:19:37 +0200
committerunknown <msvensson@neptunus.(none)>2006-05-12 11:19:37 +0200
commite1827da7fbfebe19dd7e3265222e9369fe8fb532 (patch)
tree4063ebe15cf97d49ecbc21d4d7ae249bd5f62e19 /extra
parente8a5d25bea8f4723ab0c357a071467e5f1915db5 (diff)
parent144c7622c7906ac554b5bbaa60c4e89113dac1e5 (diff)
downloadmariadb-git-e1827da7fbfebe19dd7e3265222e9369fe8fb532.tar.gz
Merge neptunus.(none):/home/msvensson/mysql/mysql-5.1-md
into neptunus.(none):/home/msvensson/mysql/mysql-5.1
Diffstat (limited to 'extra')
-rw-r--r--extra/yassl/README35
-rw-r--r--extra/yassl/certs/ca-cert.pem53
-rw-r--r--extra/yassl/certs/client-cert.derbin0 -> 699 bytes
-rw-r--r--extra/yassl/certs/client-cert.pem52
-rw-r--r--extra/yassl/certs/client-key.derbin0 -> 318 bytes
-rw-r--r--extra/yassl/certs/client-key.pem9
-rw-r--r--extra/yassl/certs/dh1024.dat1
-rw-r--r--extra/yassl/certs/dsa-cert.pem68
-rw-r--r--extra/yassl/certs/dsa512.derbin0 -> 250 bytes
-rw-r--r--extra/yassl/certs/dsa512.pem8
-rw-r--r--extra/yassl/certs/server-cert.pem38
-rw-r--r--extra/yassl/certs/server-key.pem9
-rw-r--r--extra/yassl/certs/taoCert.txt50
-rw-r--r--extra/yassl/examples/client/client.cpp8
-rw-r--r--extra/yassl/examples/echoclient/echoclient.cpp1
-rw-r--r--extra/yassl/examples/echoserver/echoserver.cpp2
-rw-r--r--extra/yassl/examples/server/server.cpp2
-rw-r--r--extra/yassl/include/openssl/err.h2
-rw-r--r--extra/yassl/include/openssl/md4.h1
-rw-r--r--extra/yassl/include/openssl/md5.h3
-rw-r--r--extra/yassl/include/openssl/pem.h1
-rw-r--r--extra/yassl/include/openssl/ssl.h125
-rw-r--r--extra/yassl/include/openssl/x509.h1
-rw-r--r--extra/yassl/include/openssl/x509v3.h1
-rw-r--r--extra/yassl/include/yassl_int.hpp41
-rw-r--r--extra/yassl/include/yassl_types.hpp4
-rw-r--r--extra/yassl/lib/dummy1
-rw-r--r--extra/yassl/mySTL/helpers.hpp5
-rw-r--r--extra/yassl/src/cert_wrapper.cpp9
-rw-r--r--extra/yassl/src/make.bat2
-rw-r--r--extra/yassl/src/ssl.cpp382
-rw-r--r--extra/yassl/src/template_instnt.cpp6
-rw-r--r--extra/yassl/src/yassl_imp.cpp4
-rw-r--r--extra/yassl/src/yassl_int.cpp105
-rw-r--r--extra/yassl/taocrypt/benchmark/make.bat5
-rw-r--r--extra/yassl/taocrypt/include/asn.hpp25
-rw-r--r--extra/yassl/taocrypt/src/asn.cpp74
-rw-r--r--extra/yassl/taocrypt/src/integer.cpp6
-rw-r--r--extra/yassl/taocrypt/src/make.bat3
-rw-r--r--extra/yassl/taocrypt/src/misc.cpp9
-rw-r--r--extra/yassl/taocrypt/src/template_instnt.cpp2
-rw-r--r--extra/yassl/taocrypt/taocrypt.dsp3
-rw-r--r--extra/yassl/taocrypt/test/make.bat2
-rw-r--r--extra/yassl/testsuite/make.bat2
-rw-r--r--extra/yassl/testsuite/test.hpp6
-rw-r--r--extra/yassl/testsuite/testsuite.cpp7
-rw-r--r--extra/yassl/testsuite/testsuite.dsp4
47 files changed, 1060 insertions, 117 deletions
diff --git a/extra/yassl/README b/extra/yassl/README
index ad59fe3965e..62209723f66 100644
--- a/extra/yassl/README
+++ b/extra/yassl/README
@@ -1,4 +1,37 @@
-yaSSL Release notes, version 1.2.2 (03/27/06)
+yaSSL Release notes, version 1.3.0 (04/26/06)
+
+
+ This release of yaSSL contains minor bug fixes, portability enhancements,
+ and libcurl support.
+
+See normal build instructions below under 1.0.6.
+
+
+--To build for libcurl on Linux, Solaris, *BSD, Mac OS X, or Cygwin:
+
+ To build for libcurl the library needs to be built without C++ globals since
+ the linker will be called in a C context, also libcurl configure will expect
+ OpenSSL library names so some symbolic links are created.
+
+ ./configure --enable-pure-c
+ make
+ make openssl-links
+
+ (then go to your libcurl home and tell libcurl about yaSSL)
+ ./configure --with-ssl=/yaSSL-HomeDir
+ make
+
+
+--To build for libcurl on Win32:
+
+ Simply add the yaSSL project as a dependency to libcurl, add
+ yaSSL-Home\include and yaSSL-Home\include\openssl to the include list, and
+ define USE_SSLEAY and USE_OPENSSL
+
+ please email todd@yassl.com if you have any questions.
+
+
+*******************yaSSL Release notes, version 1.2.2 (03/27/06)
This release of yaSSL contains minor bug fixes and portability enhancements.
diff --git a/extra/yassl/certs/ca-cert.pem b/extra/yassl/certs/ca-cert.pem
new file mode 100644
index 00000000000..981dd004fc6
--- /dev/null
+++ b/extra/yassl/certs/ca-cert.pem
@@ -0,0 +1,53 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 0 (0x0)
+ Signature Algorithm: md5WithRSAEncryption
+ Issuer: C=US, ST=Oregon, L=Portland, O=sawtooth, CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
+ Validity
+ Not Before: Jan 18 20:12:32 2005 GMT
+ Not After : Oct 15 20:12:32 2007 GMT
+ Subject: C=US, ST=Oregon, L=Portland, O=sawtooth, CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (512 bit)
+ Modulus (512 bit):
+ 00:cf:2b:14:00:b0:3c:df:6f:9e:91:40:ec:c8:f6:
+ 90:b2:5b:b4:70:80:a5:a4:0a:73:c7:44:f3:2a:26:
+ c4:2f:f1:3a:f1:c3:c4:ac:fc:c3:d2:c3:bf:f5:d7:
+ 6a:38:42:ad:22:ab:c8:c4:4b:4c:1d:16:af:05:34:
+ 7d:79:97:5e:e1
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ CB:0F:1F:E9:A2:76:71:C9:E6:E8:23:A6:C1:18:B7:CC:44:CF:B9:84
+ X509v3 Authority Key Identifier:
+ keyid:CB:0F:1F:E9:A2:76:71:C9:E6:E8:23:A6:C1:18:B7:CC:44:CF:B9:84
+ DirName:/C=US/ST=Oregon/L=Portland/O=sawtooth/CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
+ serial:00
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: md5WithRSAEncryption
+ 27:f7:3d:fb:39:6f:73:a4:86:f3:a0:48:22:60:84:e9:5c:3d:
+ 28:36:05:16:44:98:07:87:e1:5d:b5:f3:a7:bc:33:5f:f4:29:
+ a9:5f:87:33:df:e6:8e:bd:e2:f3:0a:c8:00:69:ae:3d:41:47:
+ 03:ea:0b:4c:67:45:4b:ab:f3:39
+-----BEGIN CERTIFICATE-----
+MIIC7zCCApmgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBiTELMAkGA1UEBhMCVVMx
+DzANBgNVBAgTBk9yZWdvbjERMA8GA1UEBxMIUG9ydGxhbmQxETAPBgNVBAoTCHNh
+d3Rvb3RoMSQwIgYDVQQDExt3d3cuc2F3dG9vdGgtY29uc3VsdGluZy5jb20xHTAb
+BgkqhkiG9w0BCQEWDmluZm9AeWFzc2wuY29tMB4XDTA1MDExODIwMTIzMloXDTA3
+MTAxNTIwMTIzMlowgYkxCzAJBgNVBAYTAlVTMQ8wDQYDVQQIEwZPcmVnb24xETAP
+BgNVBAcTCFBvcnRsYW5kMREwDwYDVQQKEwhzYXd0b290aDEkMCIGA1UEAxMbd3d3
+LnNhd3Rvb3RoLWNvbnN1bHRpbmcuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZvQHlh
+c3NsLmNvbTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDPKxQAsDzfb56RQOzI9pCy
+W7RwgKWkCnPHRPMqJsQv8Trxw8Ss/MPSw7/112o4Qq0iq8jES0wdFq8FNH15l17h
+AgMBAAGjgekwgeYwHQYDVR0OBBYEFMsPH+midnHJ5ugjpsEYt8xEz7mEMIG2BgNV
+HSMEga4wgauAFMsPH+midnHJ5ugjpsEYt8xEz7mEoYGPpIGMMIGJMQswCQYDVQQG
+EwJVUzEPMA0GA1UECBMGT3JlZ29uMREwDwYDVQQHEwhQb3J0bGFuZDERMA8GA1UE
+ChMIc2F3dG9vdGgxJDAiBgNVBAMTG3d3dy5zYXd0b290aC1jb25zdWx0aW5nLmNv
+bTEdMBsGCSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb22CAQAwDAYDVR0TBAUwAwEB
+/zANBgkqhkiG9w0BAQQFAANBACf3Pfs5b3OkhvOgSCJghOlcPSg2BRZEmAeH4V21
+86e8M1/0KalfhzPf5o694vMKyABprj1BRwPqC0xnRUur8zk=
+-----END CERTIFICATE-----
diff --git a/extra/yassl/certs/client-cert.der b/extra/yassl/certs/client-cert.der
new file mode 100644
index 00000000000..b28e2753376
--- /dev/null
+++ b/extra/yassl/certs/client-cert.der
Binary files differ
diff --git a/extra/yassl/certs/client-cert.pem b/extra/yassl/certs/client-cert.pem
new file mode 100644
index 00000000000..81110f17252
--- /dev/null
+++ b/extra/yassl/certs/client-cert.pem
@@ -0,0 +1,52 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 0 (0x0)
+ Signature Algorithm: md5WithRSAEncryption
+ Issuer: C=US, ST=Oregon, L=Portland, O=yaSSL, CN=www.yassl.com/emailAddress=info@yassl.com
+ Validity
+ Not Before: Jan 18 19:33:15 2005 GMT
+ Not After : Oct 15 19:33:15 2007 GMT
+ Subject: C=US, ST=Oregon, L=Portland, O=yaSSL, CN=www.yassl.com/emailAddress=info@yassl.com
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (512 bit)
+ Modulus (512 bit):
+ 00:cd:1f:78:47:f8:b8:d6:08:bf:bd:7c:23:61:86:
+ 36:28:ac:ee:3c:a8:9a:94:e6:d5:26:e8:71:50:b2:
+ 26:8b:1c:1e:3f:75:b2:d3:b3:67:95:0c:fd:76:28:
+ 65:d5:ce:12:82:9e:06:00:a2:09:dd:ce:3a:26:dd:
+ 46:2a:a0:45:71
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ AE:25:5E:FA:4D:A3:5B:2B:87:DE:F1:2A:F5:42:C0:FF:CE:B5:B4:AD
+ X509v3 Authority Key Identifier:
+ keyid:AE:25:5E:FA:4D:A3:5B:2B:87:DE:F1:2A:F5:42:C0:FF:CE:B5:B4:AD
+ DirName:/C=US/ST=Oregon/L=Portland/O=yaSSL/CN=www.yassl.com/emailAddress=info@yassl.com
+ serial:00
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: md5WithRSAEncryption
+ c5:82:26:0c:1f:61:01:14:b0:ce:18:99:64:91:0e:f1:f8:90:
+ 3e:a3:0e:be:38:7c:97:ba:05:c9:2a:dc:dd:62:2d:12:61:79:
+ 7a:86:b1:97:5d:1e:e8:f7:e8:32:34:f7:8f:b1:08:3d:13:71:
+ a6:3c:15:91:85:12:35:6e:78:87
+-----BEGIN CERTIFICATE-----
+MIICtzCCAmGgAwIBAgIBADANBgkqhkiG9w0BAQQFADB4MQswCQYDVQQGEwJVUzEP
+MA0GA1UECBMGT3JlZ29uMREwDwYDVQQHEwhQb3J0bGFuZDEOMAwGA1UEChMFeWFT
+U0wxFjAUBgNVBAMTDXd3dy55YXNzbC5jb20xHTAbBgkqhkiG9w0BCQEWDmluZm9A
+eWFzc2wuY29tMB4XDTA1MDExODE5MzMxNVoXDTA3MTAxNTE5MzMxNVoweDELMAkG
+A1UEBhMCVVMxDzANBgNVBAgTBk9yZWdvbjERMA8GA1UEBxMIUG9ydGxhbmQxDjAM
+BgNVBAoTBXlhU1NMMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0wGwYJKoZIhvcN
+AQkBFg5pbmZvQHlhc3NsLmNvbTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDNH3hH
++LjWCL+9fCNhhjYorO48qJqU5tUm6HFQsiaLHB4/dbLTs2eVDP12KGXVzhKCngYA
+ogndzjom3UYqoEVxAgMBAAGjgdUwgdIwHQYDVR0OBBYEFK4lXvpNo1srh97xKvVC
+wP/OtbStMIGiBgNVHSMEgZowgZeAFK4lXvpNo1srh97xKvVCwP/OtbStoXykejB4
+MQswCQYDVQQGEwJVUzEPMA0GA1UECBMGT3JlZ29uMREwDwYDVQQHEwhQb3J0bGFu
+ZDEOMAwGA1UEChMFeWFTU0wxFjAUBgNVBAMTDXd3dy55YXNzbC5jb20xHTAbBgkq
+hkiG9w0BCQEWDmluZm9AeWFzc2wuY29tggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQEEBQADQQDFgiYMH2EBFLDOGJlkkQ7x+JA+ow6+OHyXugXJKtzdYi0SYXl6
+hrGXXR7o9+gyNPePsQg9E3GmPBWRhRI1bniH
+-----END CERTIFICATE-----
diff --git a/extra/yassl/certs/client-key.der b/extra/yassl/certs/client-key.der
new file mode 100644
index 00000000000..6e8b432a07c
--- /dev/null
+++ b/extra/yassl/certs/client-key.der
Binary files differ
diff --git a/extra/yassl/certs/client-key.pem b/extra/yassl/certs/client-key.pem
new file mode 100644
index 00000000000..6898b2796fa
--- /dev/null
+++ b/extra/yassl/certs/client-key.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOgIBAAJBAM0feEf4uNYIv718I2GGNiis7jyompTm1SbocVCyJoscHj91stOz
+Z5UM/XYoZdXOEoKeBgCiCd3OOibdRiqgRXECAwEAAQJAXwa6OVVvg7Bv63+MAI0l
+n/hlMfLGEj9R9gFvJXwywPSEQhijOZmedpHALufFPNHtwba9dmbqMkBAw9JDaAgg
+QQIhAO+mBaSmoG5AYVKYQZiASe/2wMZjaQSN+zFLyF97OX8ZAiEA2x5iRmXUkbOT
+8Td/vx8R9mq9W5CJu+cN+SWGwTYhPBkCIGZFM6NQeKaUUvQshdHO7b66Twpa4jZP
+YSNoc9pLe/4BAiB+jIvBkKo2A/rbg2waG32qTXdTXKTPiuA9Fnk/OV30cQIhANuA
+uMdo+T+rYcNGJ1hCYKDe9JWBpNfSQ+H/A7sWuW8L
+-----END RSA PRIVATE KEY-----
diff --git a/extra/yassl/certs/dh1024.dat b/extra/yassl/certs/dh1024.dat
new file mode 100644
index 00000000000..86a95518278
--- /dev/null
+++ b/extra/yassl/certs/dh1024.dat
@@ -0,0 +1 @@
+30818702818100DA9A18547FF03B385CC16508C173A7EF4EB61CB40EF8FEF3B31F145051676166BCDC3FE6B799FC394D08C26385F9413F896E09117E46209D6923602683CEA100924A6EE695281775C619DAA94EA8CB3691B4275B0183F1D39639EBC92995FE645D6C1BC28D409E585549BBD2C5DCDD6C208B04EADD8B7A6D997F72CBAD88390F020102 \ No newline at end of file
diff --git a/extra/yassl/certs/dsa-cert.pem b/extra/yassl/certs/dsa-cert.pem
new file mode 100644
index 00000000000..ecca18dae82
--- /dev/null
+++ b/extra/yassl/certs/dsa-cert.pem
@@ -0,0 +1,68 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 0 (0x0)
+ Signature Algorithm: dsaWithSHA1
+ Issuer: C=US, ST=Oregon, L=Portland, O=yaSSL DSA, CN=yaSSL DSA/emailAddress=info@yassl.com
+ Validity
+ Not Before: Jan 23 22:54:51 2005 GMT
+ Not After : Oct 20 22:54:51 2007 GMT
+ Subject: C=US, ST=Oregon, L=Portland, O=yaSSL DSA, CN=yaSSL DSA/emailAddress=info@yassl.com
+ Subject Public Key Info:
+ Public Key Algorithm: dsaEncryption
+ DSA Public Key:
+ pub:
+ 04:84:a0:26:31:72:0c:e8:4f:5d:53:17:62:b1:80:
+ ca:c0:16:5f:c3:1e:ea:c5:d9:98:38:f9:be:56:53:
+ 47:68:ce:08:22:57:1c:bb:0d:77:91:cf:5b:36:ed:
+ f3:24:82:90:8a:cd:90:7c:db:77:f9:17:2d:73:73:
+ ef:bb:b9:82
+ P:
+ 00:99:29:69:80:c9:3c:98:68:45:a9:82:fe:67:eb:
+ 95:88:c5:b4:0c:d6:26:45:95:19:2c:a0:20:5b:7e:
+ df:69:e9:dc:c3:0f:f3:61:0a:25:9b:f2:21:01:6a:
+ cd:aa:8c:37:e7:ca:66:db:56:f4:0f:7d:7a:d1:18:
+ b9:42:fd:1b:11
+ Q:
+ 00:ad:25:29:ab:0a:9f:09:1c:c1:ad:03:20:76:7f:
+ a6:b7:dd:4d:03:09
+ G:
+ 12:88:99:da:e7:d0:0b:93:9b:e6:ee:3c:21:7f:9c:
+ b3:b4:8d:a5:8c:e2:37:80:3f:17:d1:81:4f:bd:f0:
+ 71:b6:32:08:54:dd:bf:01:e2:b3:77:06:64:75:8a:
+ 04:d6:79:39:b1:02:03:03:c6:06:74:e5:90:05:0a:
+ 10:46:19:31
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ BE:F9:8C:5D:D6:1C:B4:EE:81:DD:36:56:0A:21:E4:61:44:73:E9:E2
+ X509v3 Authority Key Identifier:
+ keyid:BE:F9:8C:5D:D6:1C:B4:EE:81:DD:36:56:0A:21:E4:61:44:73:E9:E2
+ DirName:/C=US/ST=Oregon/L=Portland/O=yaSSL DSA/CN=yaSSL DSA/emailAddress=info@yassl.com
+ serial:00
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: dsaWithSHA1
+ 30:2b:02:14:74:46:9f:91:7b:24:17:3b:ee:0f:10:e3:76:62:
+ f4:dc:81:e6:fd:fe:02:13:08:f4:87:0a:ab:ba:9c:de:3a:69:
+ 72:59:b8:ec:e9:57:f4:bf:37
+-----BEGIN CERTIFICATE-----
+MIIDMTCCAvKgAwIBAgIBADAJBgcqhkjOOAQDMHgxCzAJBgNVBAYTAlVTMQ8wDQYD
+VQQIEwZPcmVnb24xETAPBgNVBAcTCFBvcnRsYW5kMRIwEAYDVQQKEwl5YVNTTCBE
+U0ExEjAQBgNVBAMTCXlhU1NMIERTQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B5YXNz
+bC5jb20wHhcNMDUwMTIzMjI1NDUxWhcNMDcxMDIwMjI1NDUxWjB4MQswCQYDVQQG
+EwJVUzEPMA0GA1UECBMGT3JlZ29uMREwDwYDVQQHEwhQb3J0bGFuZDESMBAGA1UE
+ChMJeWFTU0wgRFNBMRIwEAYDVQQDEwl5YVNTTCBEU0ExHTAbBgkqhkiG9w0BCQEW
+DmluZm9AeWFzc2wuY29tMIHwMIGoBgcqhkjOOAQBMIGcAkEAmSlpgMk8mGhFqYL+
+Z+uViMW0DNYmRZUZLKAgW37faencww/zYQolm/IhAWrNqow358pm21b0D3160Ri5
+Qv0bEQIVAK0lKasKnwkcwa0DIHZ/prfdTQMJAkASiJna59ALk5vm7jwhf5yztI2l
+jOI3gD8X0YFPvfBxtjIIVN2/AeKzdwZkdYoE1nk5sQIDA8YGdOWQBQoQRhkxA0MA
+AkAEhKAmMXIM6E9dUxdisYDKwBZfwx7qxdmYOPm+VlNHaM4IIlccuw13kc9bNu3z
+JIKQis2QfNt3+Rctc3Pvu7mCo4HVMIHSMB0GA1UdDgQWBBS++Yxd1hy07oHdNlYK
+IeRhRHPp4jCBogYDVR0jBIGaMIGXgBS++Yxd1hy07oHdNlYKIeRhRHPp4qF8pHow
+eDELMAkGA1UEBhMCVVMxDzANBgNVBAgTBk9yZWdvbjERMA8GA1UEBxMIUG9ydGxh
+bmQxEjAQBgNVBAoTCXlhU1NMIERTQTESMBAGA1UEAxMJeWFTU0wgRFNBMR0wGwYJ
+KoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbYIBADAMBgNVHRMEBTADAQH/MAkGByqG
+SM44BAMDLgAwKwIUdEafkXskFzvuDxDjdmL03IHm/f4CEwj0hwqrupzeOmlyWbjs
+6Vf0vzc=
+-----END CERTIFICATE-----
diff --git a/extra/yassl/certs/dsa512.der b/extra/yassl/certs/dsa512.der
new file mode 100644
index 00000000000..fe79ccb612b
--- /dev/null
+++ b/extra/yassl/certs/dsa512.der
Binary files differ
diff --git a/extra/yassl/certs/dsa512.pem b/extra/yassl/certs/dsa512.pem
new file mode 100644
index 00000000000..04a3dd94a77
--- /dev/null
+++ b/extra/yassl/certs/dsa512.pem
@@ -0,0 +1,8 @@
+-----BEGIN DSA PRIVATE KEY-----
+MIH3AgEAAkEAmSlpgMk8mGhFqYL+Z+uViMW0DNYmRZUZLKAgW37faencww/zYQol
+m/IhAWrNqow358pm21b0D3160Ri5Qv0bEQIVAK0lKasKnwkcwa0DIHZ/prfdTQMJ
+AkASiJna59ALk5vm7jwhf5yztI2ljOI3gD8X0YFPvfBxtjIIVN2/AeKzdwZkdYoE
+1nk5sQIDA8YGdOWQBQoQRhkxAkAEhKAmMXIM6E9dUxdisYDKwBZfwx7qxdmYOPm+
+VlNHaM4IIlccuw13kc9bNu3zJIKQis2QfNt3+Rctc3Pvu7mCAhQjg+e+aqykxwwc
+E2V27tjDFY02uA==
+-----END DSA PRIVATE KEY-----
diff --git a/extra/yassl/certs/server-cert.pem b/extra/yassl/certs/server-cert.pem
new file mode 100644
index 00000000000..403dabdf5fa
--- /dev/null
+++ b/extra/yassl/certs/server-cert.pem
@@ -0,0 +1,38 @@
+Certificate:
+ Data:
+ Version: 1 (0x0)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: md5WithRSAEncryption
+ Issuer: C=US, ST=Oregon, L=Portland, O=sawtooth, CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
+ Validity
+ Not Before: Jan 18 20:50:59 2005 GMT
+ Not After : Oct 15 20:50:59 2007 GMT
+ Subject: C=US, ST=Oregon, L=Portland, O=taoSoftDev, CN=www.taosoftdev.com/emailAddress=info@yassl.com
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (512 bit)
+ Modulus (512 bit):
+ 00:a4:68:bb:bc:b7:27:5f:3c:f5:78:c6:1a:af:b9:
+ 95:fc:7e:61:1f:a8:81:0a:ca:43:88:9a:03:e0:d0:
+ a6:79:70:16:34:b9:7c:75:54:ca:70:19:66:38:be:
+ 6e:28:7e:a5:ff:6b:3c:83:2f:39:42:c3:15:f3:bd:
+ f2:25:93:22:e7
+ Exponent: 65537 (0x10001)
+ Signature Algorithm: md5WithRSAEncryption
+ 08:36:07:8c:3a:7f:f9:91:0a:82:d1:6a:c1:34:be:bc:2d:b2:
+ 20:98:dc:45:50:53:9c:66:e6:26:71:bd:fa:d2:b4:91:d3:53:
+ c0:20:05:c0:b6:84:9a:5f:3f:61:75:f5:fd:c6:ec:e2:f6:9f:
+ a2:13:17:a9:b7:83:60:cc:cb:eb
+-----BEGIN CERTIFICATE-----
+MIIB9zCCAaECAQEwDQYJKoZIhvcNAQEEBQAwgYkxCzAJBgNVBAYTAlVTMQ8wDQYD
+VQQIEwZPcmVnb24xETAPBgNVBAcTCFBvcnRsYW5kMREwDwYDVQQKEwhzYXd0b290
+aDEkMCIGA1UEAxMbd3d3LnNhd3Rvb3RoLWNvbnN1bHRpbmcuY29tMR0wGwYJKoZI
+hvcNAQkBFg5pbmZvQHlhc3NsLmNvbTAeFw0wNTAxMTgyMDUwNTlaFw0wNzEwMTUy
+MDUwNTlaMIGCMQswCQYDVQQGEwJVUzEPMA0GA1UECBMGT3JlZ29uMREwDwYDVQQH
+EwhQb3J0bGFuZDETMBEGA1UEChMKdGFvU29mdERldjEbMBkGA1UEAxMSd3d3LnRh
+b3NvZnRkZXYuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbTBcMA0G
+CSqGSIb3DQEBAQUAA0sAMEgCQQCkaLu8tydfPPV4xhqvuZX8fmEfqIEKykOImgPg
+0KZ5cBY0uXx1VMpwGWY4vm4ofqX/azyDLzlCwxXzvfIlkyLnAgMBAAEwDQYJKoZI
+hvcNAQEEBQADQQAINgeMOn/5kQqC0WrBNL68LbIgmNxFUFOcZuYmcb360rSR01PA
+IAXAtoSaXz9hdfX9xuzi9p+iExept4NgzMvr
+-----END CERTIFICATE-----
diff --git a/extra/yassl/certs/server-key.pem b/extra/yassl/certs/server-key.pem
new file mode 100644
index 00000000000..d6055c4cfd8
--- /dev/null
+++ b/extra/yassl/certs/server-key.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOQIBAAJBAKRou7y3J1889XjGGq+5lfx+YR+ogQrKQ4iaA+DQpnlwFjS5fHVU
+ynAZZji+bih+pf9rPIMvOULDFfO98iWTIucCAwEAAQJABLVvMw931DV1vljGKORC
+1HF2LKbx0zJJzt7CX6z6J54vcE79K3NYXdU6o7/j1WTtfD47tFG+4ljGvSYPmrCI
+2QIhANfiY6is6JUJGGgeMxyWeQRPXfaE9Yrk6OhxHhpYf5CTAiEAwvWraeLPy/NE
+B+0w80mh8tCv2tpuKaYMOG53XpYX3N0CIDy/Bj3rUZLGOWjqvoUXzjupPY5lgVYw
+7Vyin87YAiUjAiAgM8X5em5KSMc+6+2+8bWfTtsNMjEqDfRMyepLpE0SvQIgTSYL
+WWfcZoRUPDM9GEuQ40nifVNjobzvjTW4aYyHCEI=
+-----END RSA PRIVATE KEY-----
diff --git a/extra/yassl/certs/taoCert.txt b/extra/yassl/certs/taoCert.txt
new file mode 100644
index 00000000000..585293e4f2b
--- /dev/null
+++ b/extra/yassl/certs/taoCert.txt
@@ -0,0 +1,50 @@
+
+***** Create a self signed cert ************
+
+1) openssl genrsa 512 > client-key.pem
+
+2) openssl req -new -x509 -nodes -md5 -days 1000 -key client-key.pem > client-cert.pem
+
+-- adding metadata to beginning
+
+3) openssl x509 -in client-cert.pem -text > tmp.pem
+
+4) mv tmp.pem client-cert.pem
+
+
+***** Create a CA, signing authority **********
+
+same as self signed, use ca prefix instead of client
+
+
+***** Create a cert signed by CA **************
+
+1) openssl req -newkey rsa:512 -md5 -days 1000 -nodes -keyout server-key.pem > server-req.pem
+
+2) copy ca-key.pem ca-cert.srl (why ????)
+
+3) openssl x509 -req -in server-req.pem -days 1000 -md5 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem
+
+
+
+***** To create a dsa cert ********************
+
+1) openssl dsaparam 512 > dsa512.param # creates group params
+
+2) openssl gendsa dsa512.param > dsa512.pem # creates private key
+
+3) openssl req -new -x509 -nodes -days 1000 -key dsa512.pem > dsa-cert.pem
+
+
+
+
+***** To convert from PEM to DER **************
+
+a) openssl x509 -in cert.pem -inform PEM -out cert.der -outform DER
+
+to convert rsa private PEM to DER :
+
+b) openssl rsa -in key.pem -outform DER -out key.der
+
+
+
diff --git a/extra/yassl/examples/client/client.cpp b/extra/yassl/examples/client/client.cpp
index 704a8e76637..94bf753210b 100644
--- a/extra/yassl/examples/client/client.cpp
+++ b/extra/yassl/examples/client/client.cpp
@@ -33,10 +33,10 @@ void client_test(void* args)
const char* cipher = 0;
int index = 0;
char list[1024];
- strcpy(list, "cipherlist");
+ strncpy(list, "cipherlist", 11);
while ( (cipher = SSL_get_cipher_list(ssl, index++)) ) {
- strcat(list, ":");
- strcat(list, cipher);
+ strncat(list, ":", 2);
+ strncat(list, cipher, strlen(cipher) + 1);
}
printf("%s\n", list);
printf("Using Cipher Suite %s\n", SSL_get_cipher(ssl));
@@ -89,6 +89,8 @@ void client_test(void* args)
args.argv = argv;
client_test(&args);
+ yaSSL_CleanUp();
+
return args.return_code;
}
diff --git a/extra/yassl/examples/echoclient/echoclient.cpp b/extra/yassl/examples/echoclient/echoclient.cpp
index ca557cca8af..fd3f7dd48a3 100644
--- a/extra/yassl/examples/echoclient/echoclient.cpp
+++ b/extra/yassl/examples/echoclient/echoclient.cpp
@@ -82,6 +82,7 @@ void echoclient_test(void* args)
args.argv = argv;
echoclient_test(&args);
+ yaSSL_CleanUp();
return args.return_code;
}
diff --git a/extra/yassl/examples/echoserver/echoserver.cpp b/extra/yassl/examples/echoserver/echoserver.cpp
index 14a37a7e175..3243cc21a7c 100644
--- a/extra/yassl/examples/echoserver/echoserver.cpp
+++ b/extra/yassl/examples/echoserver/echoserver.cpp
@@ -15,6 +15,8 @@
args.argv = argv;
echoserver_test(&args);
+ yaSSL_CleanUp();
+
return args.return_code;
}
diff --git a/extra/yassl/examples/server/server.cpp b/extra/yassl/examples/server/server.cpp
index 4d3f121cf2c..73cff19e371 100644
--- a/extra/yassl/examples/server/server.cpp
+++ b/extra/yassl/examples/server/server.cpp
@@ -67,6 +67,8 @@ THREAD_RETURN YASSL_API server_test(void* args)
args.argv = argv;
server_test(&args);
+ yaSSL_CleanUp();
+
return args.return_code;
}
diff --git a/extra/yassl/include/openssl/err.h b/extra/yassl/include/openssl/err.h
index 054d0940509..45ac1ca2469 100644
--- a/extra/yassl/include/openssl/err.h
+++ b/extra/yassl/include/openssl/err.h
@@ -1,6 +1,6 @@
/* err.h for openssl */
-#ifndef ysSSL_err_h__
+#ifndef yaSSL_err_h__
#define yaSSL_err_h__
diff --git a/extra/yassl/include/openssl/md4.h b/extra/yassl/include/openssl/md4.h
new file mode 100644
index 00000000000..2e99f977fca
--- /dev/null
+++ b/extra/yassl/include/openssl/md4.h
@@ -0,0 +1 @@
+/* md4.h for libcurl */
diff --git a/extra/yassl/include/openssl/md5.h b/extra/yassl/include/openssl/md5.h
index a1025b92782..dfaf9799c44 100644
--- a/extra/yassl/include/openssl/md5.h
+++ b/extra/yassl/include/openssl/md5.h
@@ -1 +1,4 @@
/* md5.h for openssl */
+
+#include "ssl.h" /* in there for now */
+
diff --git a/extra/yassl/include/openssl/pem.h b/extra/yassl/include/openssl/pem.h
new file mode 100644
index 00000000000..b4c63d56a4d
--- /dev/null
+++ b/extra/yassl/include/openssl/pem.h
@@ -0,0 +1 @@
+/* pem.h for libcurl */
diff --git a/extra/yassl/include/openssl/ssl.h b/extra/yassl/include/openssl/ssl.h
index b6840d006df..a7eca9138a2 100644
--- a/extra/yassl/include/openssl/ssl.h
+++ b/extra/yassl/include/openssl/ssl.h
@@ -29,8 +29,22 @@
#define yaSSL_openssl_h__
#include <stdio.h> /* ERR_print fp */
+#include "opensslv.h" /* for version number */
#include "rsa.h"
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+ void yaSSL_CleanUp(); /* call once at end of application use to
+ free static singleton memory holders,
+ not a leak per se, but helpful when
+ looking for them */
+
+#if defined(__cplusplus)
+} // extern
+#endif
+
#if defined(__cplusplus) && !defined(YASSL_MYSQL_COMPATIBLE)
namespace yaSSL {
extern "C" {
@@ -102,7 +116,6 @@ void X509_free(X509*);
typedef struct BIO BIO;
/* ASN stuff */
-typedef struct ASN1_TIME ASN1_TIME;
@@ -345,8 +358,8 @@ long SSL_CTX_sess_set_cache_size(SSL_CTX*, long);
long SSL_CTX_set_tmp_dh(SSL_CTX*, DH*);
void OpenSSL_add_all_algorithms(void);
-void SSL_library_init();
-void SSLeay_add_ssl_algorithms(void);
+int SSL_library_init();
+int SSLeay_add_ssl_algorithms(void);
SSL_CIPHER* SSL_get_current_cipher(SSL*);
@@ -371,6 +384,10 @@ typedef unsigned char DES_cblock[8];
typedef const DES_cblock const_DES_cblock;
typedef DES_cblock DES_key_schedule;
+enum {
+ DES_ENCRYPT = 1,
+ DES_DECRYPT = 0
+};
const EVP_MD* EVP_md5(void);
const EVP_CIPHER* EVP_des_ede3_cbc(void);
@@ -392,6 +409,108 @@ int RAND_write_file(const char*);
int RAND_load_file(const char*, long);
+/* for libcurl */
+int RAND_status(void);
+
+int DES_set_key(const_DES_cblock*, DES_key_schedule*);
+void DES_set_odd_parity(DES_cblock*);
+void DES_ecb_encrypt(DES_cblock*, DES_cblock*, DES_key_schedule*, int);
+
+void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX*, void* userdata);
+void SSL_SESSION_free(SSL_SESSION* session);
+
+X509* SSL_get_certificate(SSL* ssl);
+EVP_PKEY* SSL_get_privatekey(SSL* ssl);
+EVP_PKEY* X509_get_pubkey(X509* x);
+
+int EVP_PKEY_copy_parameters(EVP_PKEY* to, const EVP_PKEY* from);
+void EVP_PKEY_free(EVP_PKEY* pkey);
+void ERR_error_string_n(unsigned long e, char *buf, size_t len);
+void ERR_free_strings(void);
+void EVP_cleanup(void);
+
+void* X509_get_ext_d2i(X509* x, int nid, int* crit, int* idx);
+
+#define GEN_IPADD 7
+#define NID_subject_alt_name 85
+#define STACK_OF(x) x
+
+
+/* defined here because libcurl dereferences */
+typedef struct ASN1_STRING {
+ int type;
+ int length;
+ unsigned char* data;
+} ASN1_STRING;
+
+
+typedef struct GENERAL_NAME {
+ int type;
+ union {
+ ASN1_STRING* ia5;
+ } d;
+} GENERAL_NAME;
+
+void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *x);
+
+int sk_GENERAL_NAME_num(STACK_OF(GENERAL_NAME) *x);
+GENERAL_NAME* sk_GENERAL_NAME_value(STACK_OF(GENERAL_NAME) *x, int i);
+
+
+unsigned char* ASN1_STRING_data(ASN1_STRING* x);
+int ASN1_STRING_length(ASN1_STRING* x);
+int ASN1_STRING_type(ASN1_STRING *x);
+
+typedef ASN1_STRING X509_NAME_ENTRY;
+
+int X509_NAME_get_index_by_NID(X509_NAME* name,int nid, int lastpos);
+
+ASN1_STRING* X509_NAME_ENTRY_get_data(X509_NAME_ENTRY* ne);
+X509_NAME_ENTRY* X509_NAME_get_entry(X509_NAME* name, int loc);
+
+#define OPENSSL_malloc(x) malloc(x)
+#define OPENSSL_free(x) free(x)
+
+int ASN1_STRING_to_UTF8(unsigned char** out, ASN1_STRING* in);
+
+SSL_METHOD* SSLv23_client_method(void); /* doesn't actually roll back */
+SSL_METHOD* SSLv2_client_method(void); /* will never work, no v 2 */
+
+
+SSL_SESSION* SSL_get1_session(SSL* ssl); /* what's ref count */
+
+
+#define CRYPTO_free(x) free(x)
+#define ASN1_TIME ASN1_STRING
+
+ASN1_TIME* X509_get_notBefore(X509* x);
+ASN1_TIME* X509_get_notAfter(X509* x);
+
+
+#define ASN1_UTCTIME ASN1_STRING
+#define NID_commonName 13
+#define V_ASN1_UTF8STRING 12
+#define GEN_DNS 2
+
+
+typedef struct MD4_CTX {
+ void* ptr;
+} MD4_CTX;
+
+void MD4_Init(MD4_CTX*);
+void MD4_Update(MD4_CTX*, const void*, unsigned long);
+void MD4_Final(unsigned char*, MD4_CTX*);
+
+
+typedef struct MD5_CTX {
+ int buffer[32]; /* big enough to hold, check size in Init */
+} MD5_CTX;
+
+void MD5_Init(MD5_CTX*);
+void MD5_Update(MD5_CTX*, const void*, unsigned long);
+void MD5_Final(unsigned char*, MD5_CTX*);
+
+
#define SSL_DEFAULT_CIPHER_LIST "" /* default all */
diff --git a/extra/yassl/include/openssl/x509.h b/extra/yassl/include/openssl/x509.h
new file mode 100644
index 00000000000..dcd847c0337
--- /dev/null
+++ b/extra/yassl/include/openssl/x509.h
@@ -0,0 +1 @@
+/* x509.h for libcurl */
diff --git a/extra/yassl/include/openssl/x509v3.h b/extra/yassl/include/openssl/x509v3.h
new file mode 100644
index 00000000000..adf94af8f48
--- /dev/null
+++ b/extra/yassl/include/openssl/x509v3.h
@@ -0,0 +1 @@
+/* x509v3.h for libcurl */
diff --git a/extra/yassl/include/yassl_int.hpp b/extra/yassl/include/yassl_int.hpp
index 935bae582ea..97ae468d2f9 100644
--- a/extra/yassl/include/yassl_int.hpp
+++ b/extra/yassl/include/yassl_int.hpp
@@ -34,6 +34,7 @@
#include "cert_wrapper.hpp"
#include "log.hpp"
#include "lock.hpp"
+#include "openssl/ssl.h" // ASN1_STRING and DH
namespace yaSSL {
@@ -126,32 +127,70 @@ private:
};
+// hold add crypt references provided to callers
+class CryptProvider {
+ mySTL::list<Digest*> digestList_;
+ mySTL::list<BulkCipher*> cipherList_;
+ CryptProvider() {} // only GetCryptProvider creates
+public:
+ ~CryptProvider();
+
+ Digest* NewMd5();
+ BulkCipher* NewDesEde();
+
+ friend CryptProvider& GetCryptProvider();
+private:
+ CryptProvider(const CryptProvider&); // hide copy
+ CryptProvider& operator=(const CryptProvider&); // and assign
+};
+
+CryptProvider& GetCryptProvider();
+
#undef X509_NAME // wincrypt.h clash
// openSSL X509 names
class X509_NAME {
char* name_;
+ size_t sz_;
+ ASN1_STRING entry_;
public:
X509_NAME(const char*, size_t sz);
~X509_NAME();
char* GetName();
+ ASN1_STRING* GetEntry(int i);
private:
X509_NAME(const X509_NAME&); // hide copy
X509_NAME& operator=(const X509_NAME&); // and assign
};
+class StringHolder {
+ ASN1_STRING asnString_;
+public:
+ StringHolder(const char* str, int sz);
+ ~StringHolder();
+
+ ASN1_STRING* GetString();
+};
+
+
// openSSL X509
class X509 {
X509_NAME issuer_;
X509_NAME subject_;
+ StringHolder beforeDate_; // not valid before
+ StringHolder afterDate_; // not valid after
public:
- X509(const char* i, size_t, const char* s, size_t);
+ X509(const char* i, size_t, const char* s, size_t,
+ const char* b, int, const char* a, int);
~X509() {}
X509_NAME* GetIssuer();
X509_NAME* GetSubject();
+
+ ASN1_STRING* GetBefore();
+ ASN1_STRING* GetAfter();
private:
X509(const X509&); // hide copy
X509& operator=(const X509&); // and assign
diff --git a/extra/yassl/include/yassl_types.hpp b/extra/yassl/include/yassl_types.hpp
index bfb6467182b..76c807cd05f 100644
--- a/extra/yassl/include/yassl_types.hpp
+++ b/extra/yassl/include/yassl_types.hpp
@@ -35,10 +35,6 @@
namespace yaSSL {
-// Delete static singleton memory holders
-void CleanUp();
-
-
#ifdef YASSL_PURE_C
// library allocation
diff --git a/extra/yassl/lib/dummy b/extra/yassl/lib/dummy
new file mode 100644
index 00000000000..85c1efd587f
--- /dev/null
+++ b/extra/yassl/lib/dummy
@@ -0,0 +1 @@
+// this is a dummy file
diff --git a/extra/yassl/mySTL/helpers.hpp b/extra/yassl/mySTL/helpers.hpp
index 5aa14d838b1..df79025197a 100644
--- a/extra/yassl/mySTL/helpers.hpp
+++ b/extra/yassl/mySTL/helpers.hpp
@@ -44,6 +44,11 @@
return static_cast<void*>(d);
}
+ // for compilers that want matching delete
+ inline void operator delete(void* ptr, Dummy* d)
+ {
+ }
+
typedef Dummy* yassl_pointer;
namespace mySTL {
diff --git a/extra/yassl/src/cert_wrapper.cpp b/extra/yassl/src/cert_wrapper.cpp
index b98c7faf1d0..ae609b510ba 100644
--- a/extra/yassl/src/cert_wrapper.cpp
+++ b/extra/yassl/src/cert_wrapper.cpp
@@ -271,10 +271,13 @@ int CertManager::Validate()
else
peerKeyType_ = dsa_sa_algo;
- int iSz = cert.GetIssuer() ? strlen(cert.GetIssuer()) + 1 : 0;
- int sSz = cert.GetCommonName() ? strlen(cert.GetCommonName()) + 1 : 0;
+ int iSz = strlen(cert.GetIssuer()) + 1;
+ int sSz = strlen(cert.GetCommonName()) + 1;
+ int bSz = strlen(cert.GetBeforeDate()) + 1;
+ int aSz = strlen(cert.GetAfterDate()) + 1;
peerX509_ = NEW_YS X509(cert.GetIssuer(), iSz, cert.GetCommonName(),
- sSz);
+ sSz, cert.GetBeforeDate(), bSz,
+ cert.GetAfterDate(), aSz);
}
return 0;
}
diff --git a/extra/yassl/src/make.bat b/extra/yassl/src/make.bat
index 4c79a9c6406..148427a6f41 100644
--- a/extra/yassl/src/make.bat
+++ b/extra/yassl/src/make.bat
@@ -1,4 +1,4 @@
-# quick and dirty build file for testing different MSDEVs
+REM quick and dirty build file for testing different MSDEVs
setlocal
set myFLAGS= /I../include /I../mySTL /I../taocrypt/include /W3 /c /ZI
diff --git a/extra/yassl/src/ssl.cpp b/extra/yassl/src/ssl.cpp
index 1aab14009d3..66196514a87 100644
--- a/extra/yassl/src/ssl.cpp
+++ b/extra/yassl/src/ssl.cpp
@@ -1,4 +1,4 @@
-/* ssl.cpp
+ /* ssl.cpp
*
* Copyright (C) 2003 Sawtooth Consulting Ltd.
*
@@ -36,6 +36,7 @@
#include "openssl/ssl.h"
#include "handshake.hpp"
#include "yassl_int.hpp"
+#include "md5.hpp" // for TaoCrypt MD5 size assert
#include <stdio.h>
#ifdef _WIN32
@@ -52,6 +53,53 @@ namespace yaSSL {
using mySTL::min;
+int read_file(SSL_CTX* ctx, const char* file, int format, CertType type)
+{
+ if (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM)
+ return SSL_BAD_FILETYPE;
+
+ FILE* input = fopen(file, "rb");
+ if (!input)
+ return SSL_BAD_FILE;
+
+ if (type == CA) {
+ x509* ptr = PemToDer(file, Cert);
+ if (!ptr) {
+ fclose(input);
+ return SSL_BAD_FILE;
+ }
+ ctx->AddCA(ptr); // takes ownership
+ }
+ else {
+ x509*& x = (type == Cert) ? ctx->certificate_ : ctx->privateKey_;
+
+ if (format == SSL_FILETYPE_ASN1) {
+ fseek(input, 0, SEEK_END);
+ long sz = ftell(input);
+ rewind(input);
+ x = NEW_YS x509(sz); // takes ownership
+ size_t bytes = fread(x->use_buffer(), sz, 1, input);
+ if (bytes != 1) {
+ fclose(input);
+ return SSL_BAD_FILE;
+ }
+ }
+ else {
+ x = PemToDer(file, type);
+ if (!x) {
+ fclose(input);
+ return SSL_BAD_FILE;
+ }
+ }
+ }
+ fclose(input);
+ return SSL_SUCCESS;
+}
+
+
+extern "C" {
+
+
SSL_METHOD* SSLv3_method()
{
return SSLv3_client_method();
@@ -448,50 +496,6 @@ long SSL_CTX_set_tmp_dh(SSL_CTX* ctx, DH* dh)
}
-int read_file(SSL_CTX* ctx, const char* file, int format, CertType type)
-{
- if (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM)
- return SSL_BAD_FILETYPE;
-
- FILE* input = fopen(file, "rb");
- if (!input)
- return SSL_BAD_FILE;
-
- if (type == CA) {
- x509* ptr = PemToDer(file, Cert);
- if (!ptr) {
- fclose(input);
- return SSL_BAD_FILE;
- }
- ctx->AddCA(ptr); // takes ownership
- }
- else {
- x509*& x = (type == Cert) ? ctx->certificate_ : ctx->privateKey_;
-
- if (format == SSL_FILETYPE_ASN1) {
- fseek(input, 0, SEEK_END);
- long sz = ftell(input);
- rewind(input);
- x = NEW_YS x509(sz); // takes ownership
- size_t bytes = fread(x->use_buffer(), sz, 1, input);
- if (bytes != 1) {
- fclose(input);
- return SSL_BAD_FILE;
- }
- }
- else {
- x = PemToDer(file, type);
- if (!x) {
- fclose(input);
- return SSL_BAD_FILE;
- }
- }
- }
- fclose(input);
- return SSL_SUCCESS;
-}
-
-
int SSL_CTX_use_certificate_file(SSL_CTX* ctx, const char* file, int format)
{
return read_file(ctx, file, format, Cert);
@@ -723,8 +727,10 @@ void OpenSSL_add_all_algorithms() // compatibility only
{}
-void SSL_library_init() // compatiblity only
-{}
+int SSL_library_init() // compatiblity only
+{
+ return 1;
+}
DH* DH_new(void)
@@ -804,15 +810,13 @@ const char* X509_verify_cert_error_string(long /* error */)
const EVP_MD* EVP_md5(void)
{
- // TODO: FIX add to some list for destruction
- return NEW_YS MD5;
+ return GetCryptProvider().NewMd5();
}
const EVP_CIPHER* EVP_des_ede3_cbc(void)
{
- // TODO: FIX add to some list for destruction
- return NEW_YS DES_EDE;
+ return GetCryptProvider().NewDesEde();
}
@@ -897,6 +901,275 @@ void DES_ede3_cbc_encrypt(const byte* input, byte* output, long sz,
}
+// functions for libcurl
+int RAND_status()
+{
+ return 1; /* TaoCrypt provides enough seed */
+}
+
+
+int DES_set_key(const_DES_cblock* key, DES_key_schedule* schedule)
+{
+ memcpy(schedule, key, sizeof(const_DES_cblock));
+ return 1;
+}
+
+
+void DES_set_odd_parity(DES_cblock* key)
+{
+ // not needed now for TaoCrypt
+}
+
+
+void DES_ecb_encrypt(DES_cblock* input, DES_cblock* output,
+ DES_key_schedule* key, int enc)
+{
+ DES des;
+
+ if (enc) {
+ des.set_encryptKey(*key, 0);
+ des.encrypt(*output, *input, DES_BLOCK);
+ }
+ else {
+ des.set_decryptKey(*key, 0);
+ des.decrypt(*output, *input, DES_BLOCK);
+ }
+}
+
+
+void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX*, void* userdata)
+{
+ // yaSSL doesn't support yet, unencrypt your PEM file with userdata
+ // before handing off to yaSSL
+}
+
+
+X509* SSL_get_certificate(SSL* ssl)
+{
+ // only used to pass to get_privatekey which isn't used
+ return 0;
+}
+
+
+EVP_PKEY* SSL_get_privatekey(SSL* ssl)
+{
+ // only called, not used
+ return 0;
+}
+
+
+void SSL_SESSION_free(SSL_SESSION* session)
+{
+ // managed by singleton
+}
+
+
+
+EVP_PKEY* X509_get_pubkey(X509* x)
+{
+ // called, not used though
+ return 0;
+}
+
+
+int EVP_PKEY_copy_parameters(EVP_PKEY* to, const EVP_PKEY* from)
+{
+ // called, not used though
+ return 0;
+}
+
+
+void EVP_PKEY_free(EVP_PKEY* pkey)
+{
+ // never allocated from above
+}
+
+
+void ERR_error_string_n(unsigned long e, char *buf, size_t len)
+{
+ if (len) ERR_error_string(e, buf);
+}
+
+
+void ERR_free_strings(void)
+{
+ // handled internally
+}
+
+
+void EVP_cleanup(void)
+{
+ // nothing to do yet
+}
+
+
+ASN1_TIME* X509_get_notBefore(X509* x)
+{
+ if (x) return x->GetBefore();
+ return 0;
+}
+
+
+ASN1_TIME* X509_get_notAfter(X509* x)
+{
+ if (x) return x->GetAfter();
+ return 0;
+}
+
+
+SSL_METHOD* SSLv23_client_method(void) /* doesn't actually roll back */
+{
+ return SSLv3_client_method();
+}
+
+
+SSL_METHOD* SSLv2_client_method(void) /* will never work, no v 2 */
+{
+ return 0;
+}
+
+
+SSL_SESSION* SSL_get1_session(SSL* ssl) /* what's ref count */
+{
+ return SSL_get_session(ssl);
+}
+
+
+void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *x)
+{
+ // no extension names supported yet
+}
+
+
+int sk_GENERAL_NAME_num(STACK_OF(GENERAL_NAME) *x)
+{
+ // no extension names supported yet
+ return 0;
+}
+
+
+GENERAL_NAME* sk_GENERAL_NAME_value(STACK_OF(GENERAL_NAME) *x, int i)
+{
+ // no extension names supported yet
+ return 0;
+}
+
+
+unsigned char* ASN1_STRING_data(ASN1_STRING* x)
+{
+ if (x) return x->data;
+ return 0;
+}
+
+
+int ASN1_STRING_length(ASN1_STRING* x)
+{
+ if (x) return x->length;
+ return 0;
+}
+
+
+int ASN1_STRING_type(ASN1_STRING *x)
+{
+ if (x) return x->type;
+ return 0;
+}
+
+
+int X509_NAME_get_index_by_NID(X509_NAME* name,int nid, int lastpos)
+{
+ int idx = -1; // not found
+ const char* start = &name->GetName()[lastpos + 1];
+
+ switch (nid) {
+ case NID_commonName:
+ const char* found = strstr(start, "/CN=");
+ if (found) {
+ found += 4; // advance to str
+ idx = found - start + lastpos + 1;
+ }
+ break;
+ }
+
+ return idx;
+}
+
+
+ASN1_STRING* X509_NAME_ENTRY_get_data(X509_NAME_ENTRY* ne)
+{
+ // the same in yaSSL
+ return ne;
+}
+
+
+X509_NAME_ENTRY* X509_NAME_get_entry(X509_NAME* name, int loc)
+{
+ return name->GetEntry(loc);
+}
+
+
+// already formatted, caller responsible for freeing *out
+int ASN1_STRING_to_UTF8(unsigned char** out, ASN1_STRING* in)
+{
+ if (!in) return 0;
+
+ *out = (unsigned char*)malloc(in->length + 1);
+ if (*out) {
+ memcpy(*out, in->data, in->length);
+ (*out)[in->length] = 0;
+ }
+ return in->length;
+}
+
+
+void* X509_get_ext_d2i(X509* x, int nid, int* crit, int* idx)
+{
+ // no extensions supported yet
+ return 0;
+}
+
+
+void MD4_Init(MD4_CTX* md4)
+{
+ assert(0); // not yet supported, build compat. only
+}
+
+
+void MD4_Update(MD4_CTX* md4, const void* data, unsigned long sz)
+{
+}
+
+
+void MD4_Final(unsigned char* hash, MD4_CTX* md4)
+{
+}
+
+
+void MD5_Init(MD5_CTX* md5)
+{
+ // make sure we have a big enough buffer
+ typedef char ok[sizeof(md5->buffer) >= sizeof(TaoCrypt::MD5) ? 1 : -1];
+ (void) sizeof(ok);
+
+ // using TaoCrypt since no dynamic memory allocated
+ // and no destructor will be called
+ new (reinterpret_cast<yassl_pointer>(md5->buffer)) TaoCrypt::MD5();
+}
+
+
+void MD5_Update(MD5_CTX* md5, const void* data, unsigned long sz)
+{
+ reinterpret_cast<TaoCrypt::MD5*>(md5->buffer)->Update(
+ static_cast<const byte*>(data), static_cast<unsigned int>(sz));
+}
+
+
+void MD5_Final(unsigned char* hash, MD5_CTX* md5)
+{
+ reinterpret_cast<TaoCrypt::MD5*>(md5->buffer)->Final(hash);
+}
+
+
// functions for stunnel
void RAND_screen()
@@ -1098,8 +1371,10 @@ void DES_ede3_cbc_encrypt(const byte* input, byte* output, long sz,
}
- void SSLeay_add_ssl_algorithms() // compatibility only
- {}
+ int SSLeay_add_ssl_algorithms() // compatibility only
+ {
+ return 1;
+ }
void ERR_remove_state(unsigned long)
@@ -1129,4 +1404,5 @@ void DES_ede3_cbc_encrypt(const byte* input, byte* output, long sz,
// end stunnel needs
+} // extern "C"
} // namespace
diff --git a/extra/yassl/src/template_instnt.cpp b/extra/yassl/src/template_instnt.cpp
index 5782df213ea..43b80d59a4d 100644
--- a/extra/yassl/src/template_instnt.cpp
+++ b/extra/yassl/src/template_instnt.cpp
@@ -31,7 +31,6 @@
#include "hmac.hpp"
#include "md5.hpp"
#include "sha.hpp"
-#include "ripemd.hpp"
#include "openssl/ssl.h"
#ifdef HAVE_EXPLICIT_TEMPLATE_INSTANTIATION
@@ -51,12 +50,16 @@ template class list<yaSSL::SSL_SESSION*>;
template class list<yaSSL::input_buffer*>;
template class list<yaSSL::output_buffer*>;
template class list<yaSSL::x509*>;
+template class list<yaSSL::Digest*>;
+template class list<yaSSL::BulkCipher*>;
template void destroy<mySTL::pair<int, yaSSL::ClientKeyBase* (*)()>*>(mySTL::pair<int, yaSSL::ClientKeyBase* (*)()>*, mySTL::pair<int, yaSSL::ClientKeyBase* (*)()>*);
template yaSSL::del_ptr_zero for_each<mySTL::list<TaoCrypt::Signer*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<TaoCrypt::Signer*>::iterator, mySTL::list<TaoCrypt::Signer*>::iterator, yaSSL::del_ptr_zero);
template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::SSL_SESSION*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<yaSSL::SSL_SESSION*>::iterator, mySTL::list<yaSSL::SSL_SESSION*>::iterator, yaSSL::del_ptr_zero);
template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::input_buffer*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<yaSSL::input_buffer*>::iterator, mySTL::list<yaSSL::input_buffer*>::iterator, yaSSL::del_ptr_zero);
template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::output_buffer*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<yaSSL::output_buffer*>::iterator, mySTL::list<yaSSL::output_buffer*>::iterator, yaSSL::del_ptr_zero);
template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::x509*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<yaSSL::x509*>::iterator, mySTL::list<yaSSL::x509*>::iterator, yaSSL::del_ptr_zero);
+template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::Digest*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<yaSSL::Digest*>::iterator, mySTL::list<yaSSL::Digest*>::iterator, yaSSL::del_ptr_zero);
+template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::BulkCipher*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<yaSSL::BulkCipher*>::iterator, mySTL::list<yaSSL::BulkCipher*>::iterator, yaSSL::del_ptr_zero);
}
namespace yaSSL {
@@ -82,6 +85,7 @@ template void ysDelete<X509>(X509*);
template void ysDelete<Message>(Message*);
template void ysDelete<sslFactory>(sslFactory*);
template void ysDelete<Sessions>(Sessions*);
+template void ysDelete<CryptProvider>(CryptProvider*);
template void ysArrayDelete<unsigned char>(unsigned char*);
template void ysArrayDelete<char>(char*);
}
diff --git a/extra/yassl/src/yassl_imp.cpp b/extra/yassl/src/yassl_imp.cpp
index 1d2d5396ea0..4d6d1fc7aff 100644
--- a/extra/yassl/src/yassl_imp.cpp
+++ b/extra/yassl/src/yassl_imp.cpp
@@ -1975,7 +1975,9 @@ Connection::Connection(ProtocolVersion v, RandomPool& ran)
: pre_master_secret_(0), sequence_number_(0), peer_sequence_number_(0),
pre_secret_len_(0), send_server_key_(false), master_clean_(false),
TLS_(v.major_ >= 3 && v.minor_ >= 1), version_(v), random_(ran)
-{}
+{
+ memset(sessionID_, 0, sizeof(sessionID_));
+}
Connection::~Connection()
diff --git a/extra/yassl/src/yassl_int.cpp b/extra/yassl/src/yassl_int.cpp
index 396461a6ed5..f7fb1abfa3f 100644
--- a/extra/yassl/src/yassl_int.cpp
+++ b/extra/yassl/src/yassl_int.cpp
@@ -28,7 +28,6 @@
#include "yassl_int.hpp"
#include "handshake.hpp"
#include "timer.hpp"
-#include "openssl/ssl.h" // for DH
#ifdef YASSL_PURE_C
@@ -1375,16 +1374,51 @@ Sessions& GetSessions()
static sslFactory* sslFactoryInstance = 0;
-sslFactory& GetSSL_Factory(){
+sslFactory& GetSSL_Factory()
+{
if (!sslFactoryInstance)
sslFactoryInstance = NEW_YS sslFactory;
return *sslFactoryInstance;
}
-void CleanUp()
+static CryptProvider* cryptProviderInstance = 0;
+
+CryptProvider& GetCryptProvider()
+{
+ if (!cryptProviderInstance)
+ cryptProviderInstance = NEW_YS CryptProvider;
+ return *cryptProviderInstance;
+}
+
+
+CryptProvider::~CryptProvider()
+{
+ mySTL::for_each(digestList_.begin(), digestList_.end(), del_ptr_zero());
+ mySTL::for_each(cipherList_.begin(), cipherList_.end(), del_ptr_zero());
+}
+
+
+Digest* CryptProvider::NewMd5()
+{
+ Digest* ptr = NEW_YS MD5();
+ digestList_.push_back(ptr);
+ return ptr;
+}
+
+
+BulkCipher* CryptProvider::NewDesEde()
+{
+ BulkCipher* ptr = NEW_YS DES_EDE();
+ cipherList_.push_back(ptr);
+ return ptr;
+}
+
+
+extern "C" void yaSSL_CleanUp()
{
TaoCrypt::CleanUp();
+ ysDelete(cryptProviderInstance);
ysDelete(sslFactoryInstance);
ysDelete(sessionsInstance);
}
@@ -1978,18 +2012,20 @@ void Security::set_resuming(bool b)
X509_NAME::X509_NAME(const char* n, size_t sz)
- : name_(0)
+ : name_(0), sz_(sz)
{
if (sz) {
name_ = NEW_YS char[sz];
memcpy(name_, n, sz);
}
+ entry_.data = 0;
}
X509_NAME::~X509_NAME()
{
ysArrayDelete(name_);
+ ysArrayDelete(entry_.data);
}
@@ -1999,8 +2035,10 @@ char* X509_NAME::GetName()
}
-X509::X509(const char* i, size_t iSz, const char* s, size_t sSz)
- : issuer_(i, iSz), subject_(s, sSz)
+X509::X509(const char* i, size_t iSz, const char* s, size_t sSz,
+ const char* b, int bSz, const char* a, int aSz)
+ : issuer_(i, iSz), subject_(s, sSz),
+ beforeDate_(b, bSz), afterDate_(a, aSz)
{}
@@ -2016,6 +2054,61 @@ X509_NAME* X509::GetSubject()
}
+ASN1_STRING* X509::GetBefore()
+{
+ return beforeDate_.GetString();
+}
+
+
+ASN1_STRING* X509::GetAfter()
+{
+ return afterDate_.GetString();
+}
+
+
+ASN1_STRING* X509_NAME::GetEntry(int i)
+{
+ if (i < 0 || i >= int(sz_))
+ return 0;
+
+ if (entry_.data)
+ ysArrayDelete(entry_.data);
+ entry_.data = NEW_YS byte[sz_]; // max size;
+
+ memcpy(entry_.data, &name_[i], sz_ - i);
+ if (entry_.data[sz_ -i - 1]) {
+ entry_.data[sz_ - i] = 0;
+ entry_.length = sz_ - i;
+ }
+ else
+ entry_.length = sz_ - i - 1;
+ entry_.type = 0;
+
+ return &entry_;
+}
+
+
+StringHolder::StringHolder(const char* str, int sz)
+{
+ asnString_.length = sz;
+ asnString_.data = NEW_YS byte[sz + 1];
+ memcpy(asnString_.data, str, sz);
+ asnString_.type = 0; // not used for now
+}
+
+
+StringHolder::~StringHolder()
+{
+ ysArrayDelete(asnString_.data);
+}
+
+
+ASN1_STRING* StringHolder::GetString()
+{
+ return &asnString_;
+}
+
+
} // namespace
diff --git a/extra/yassl/taocrypt/benchmark/make.bat b/extra/yassl/taocrypt/benchmark/make.bat
index 63391578cfa..4ebe4b32417 100644
--- a/extra/yassl/taocrypt/benchmark/make.bat
+++ b/extra/yassl/taocrypt/benchmark/make.bat
@@ -1,10 +1,9 @@
-# quick and dirty build file for testing different MSDEVs
+REM quick and dirty build file for testing different MSDEVs
setlocal
set myFLAGS= /I../include /I../../mySTL /c /W3 /G6 /O2
-#set myFLAGS= /I../include /I../../mySTL /c /W3
cl %myFLAGS% benchmark.cpp
-link.exe /out:benchmark.exe ../src/taocrypt.lib benchmark.obj
+link.exe /out:benchmark.exe ../src/taocrypt.lib benchmark.obj advapi32.lib
diff --git a/extra/yassl/taocrypt/include/asn.hpp b/extra/yassl/taocrypt/include/asn.hpp
index 6a1163fbb1c..da4c0ce1349 100644
--- a/extra/yassl/taocrypt/include/asn.hpp
+++ b/extra/yassl/taocrypt/include/asn.hpp
@@ -79,20 +79,27 @@ enum ASNIdFlag
enum DNTags
{
- COMMON_NAME = 0x03
+ COMMON_NAME = 0x03, // CN
+ SUR_NAME = 0x04, // SN
+ COUNTRY_NAME = 0x06, // C
+ LOCALITY_NAME = 0x07, // L
+ STATE_NAME = 0x08, // ST
+ ORG_NAME = 0x0a, // O
+ ORGUNIT_NAME = 0x0b // OU
};
enum Constants
{
MIN_DATE_SZ = 13,
- MAX_DATE_SZ = 15,
+ MAX_DATE_SZ = 16,
MAX_ALGO_SZ = 16,
MAX_LENGTH_SZ = 5,
MAX_SEQ_SZ = 5, // enum(seq|con) + length(4)
MAX_ALGO_SIZE = 9,
MAX_DIGEST_SZ = 25, // SHA + enum(Bit or Octet) + length(4)
- DSA_SIG_SZ = 40
+ DSA_SIG_SZ = 40,
+ NAME_MAX = 512 // max total of all included names
};
@@ -205,14 +212,14 @@ enum { SHA_SIZE = 20 };
// A Signing Authority
class Signer {
PublicKey key_;
- char* name_;
+ char name_[NAME_MAX];
byte hash_[SHA_SIZE];
public:
Signer(const byte* k, word32 kSz, const char* n, const byte* h);
~Signer();
const PublicKey& GetPublicKey() const { return key_; }
- const char* GetCommonName() const { return name_; }
+ const char* GetName() const { return name_; }
const byte* GetHash() const { return hash_; }
private:
@@ -245,6 +252,8 @@ public:
const char* GetIssuer() const { return issuer_; }
const char* GetCommonName() const { return subject_; }
const byte* GetHash() const { return subjectHash_; }
+ const char* GetBeforeDate() const { return beforeDate_; }
+ const char* GetAfterDate() const { return afterDate_; }
void DecodeToKey();
private:
@@ -257,8 +266,10 @@ private:
byte subjectHash_[SHA_SIZE]; // hash of all Names
byte issuerHash_[SHA_SIZE]; // hash of all Names
byte* signature_;
- char* issuer_; // CommonName
- char* subject_; // CommonName
+ char issuer_[NAME_MAX]; // Names
+ char subject_[NAME_MAX]; // Names
+ char beforeDate_[MAX_DATE_SZ]; // valid before date
+ char afterDate_[MAX_DATE_SZ]; // valid after date
bool verify_; // Default to yes, but could be off
void ReadHeader();
diff --git a/extra/yassl/taocrypt/src/asn.cpp b/extra/yassl/taocrypt/src/asn.cpp
index 3efc26ab168..383fe65dea6 100644
--- a/extra/yassl/taocrypt/src/asn.cpp
+++ b/extra/yassl/taocrypt/src/asn.cpp
@@ -213,21 +213,17 @@ void PublicKey::AddToEnd(const byte* data, word32 len)
Signer::Signer(const byte* k, word32 kSz, const char* n, const byte* h)
- : key_(k, kSz), name_(0)
+ : key_(k, kSz)
{
- if (n) {
int sz = strlen(n);
- name_ = NEW_TC char[sz + 1];
memcpy(name_, n, sz);
name_[sz] = 0;
- }
memcpy(hash_, h, SHA::DIGEST_SIZE);
}
Signer::~Signer()
{
- tcArrayDelete(name_);
}
@@ -424,17 +420,19 @@ void DH_Decoder::Decode(DH& key)
CertDecoder::CertDecoder(Source& s, bool decode, SignerList* signers,
bool noVerify, CertType ct)
: BER_Decoder(s), certBegin_(0), sigIndex_(0), sigLength_(0),
- signature_(0), issuer_(0), subject_(0), verify_(!noVerify)
+ signature_(0), verify_(!noVerify)
{
+ issuer_[0] = 0;
+ subject_[0] = 0;
+
if (decode)
Decode(signers, ct);
+
}
CertDecoder::~CertDecoder()
{
- tcArrayDelete(subject_);
- tcArrayDelete(issuer_);
tcArrayDelete(signature_);
}
@@ -672,8 +670,12 @@ void CertDecoder::GetName(NameType nt)
SHA sha;
word32 length = GetSequence(); // length of all distinguished names
+ assert (length < NAME_MAX);
length += source_.get_index();
+ char* ptr = (nt == ISSUER) ? issuer_ : subject_;
+ word32 idx = 0;
+
while (source_.get_index() < length) {
GetSet();
GetSequence();
@@ -694,13 +696,49 @@ void CertDecoder::GetName(NameType nt)
byte id = source_.next();
b = source_.next(); // strType
word32 strLen = GetLength(source_);
+ bool copy = false;
if (id == COMMON_NAME) {
- char*& ptr = (nt == ISSUER) ? issuer_ : subject_;
- ptr = NEW_TC char[strLen + 1];
- memcpy(ptr, source_.get_current(), strLen);
- ptr[strLen] = 0;
+ memcpy(&ptr[idx], "/CN=", 4);
+ idx += 4;
+ copy = true;
+ }
+ else if (id == SUR_NAME) {
+ memcpy(&ptr[idx], "/SN=", 4);
+ idx += 4;
+ copy = true;
+ }
+ else if (id == COUNTRY_NAME) {
+ memcpy(&ptr[idx], "/C=", 3);
+ idx += 3;
+ copy = true;
+ }
+ else if (id == LOCALITY_NAME) {
+ memcpy(&ptr[idx], "/L=", 3);
+ idx += 3;
+ copy = true;
+ }
+ else if (id == STATE_NAME) {
+ memcpy(&ptr[idx], "/ST=", 4);
+ idx += 4;
+ copy = true;
}
+ else if (id == ORG_NAME) {
+ memcpy(&ptr[idx], "/O=", 3);
+ idx += 3;
+ copy = true;
+ }
+ else if (id == ORGUNIT_NAME) {
+ memcpy(&ptr[idx], "/OU=", 4);
+ idx += 4;
+ copy = true;
+ }
+
+ if (copy) {
+ memcpy(&ptr[idx], source_.get_current(), strLen);
+ idx += strLen;
+ }
+
sha.Update(source_.get_current(), strLen);
source_.advance(strLen);
}
@@ -711,6 +749,8 @@ void CertDecoder::GetName(NameType nt)
source_.advance(length);
}
}
+ ptr[idx++] = 0;
+
if (nt == ISSUER)
sha.Final(issuerHash_);
else
@@ -744,6 +784,16 @@ void CertDecoder::GetDate(DateType dt)
source_.SetError(BEFORE_DATE_E);
else
source_.SetError(AFTER_DATE_E);
+
+ // save for later use
+ if (dt == BEFORE) {
+ memcpy(beforeDate_, date, length);
+ beforeDate_[length] = 0;
+ }
+ else { // after
+ memcpy(afterDate_, date, length);
+ afterDate_[length] = 0;
+ }
}
diff --git a/extra/yassl/taocrypt/src/integer.cpp b/extra/yassl/taocrypt/src/integer.cpp
index 82a248ff7da..885ddfbf630 100644
--- a/extra/yassl/taocrypt/src/integer.cpp
+++ b/extra/yassl/taocrypt/src/integer.cpp
@@ -2428,7 +2428,7 @@ void PositiveMultiply(Integer& product, const Integer& a, const Integer& b)
product.reg_.CleanNew(RoundupSize(aSize + bSize));
product.sign_ = Integer::POSITIVE;
- WordBlock workspace(aSize + bSize);
+ AlignedWordBlock workspace(aSize + bSize);
AsymmetricMultiply(product.reg_.get_buffer(), workspace.get_buffer(),
a.reg_.get_buffer(), aSize, b.reg_.get_buffer(), bSize);
}
@@ -3375,7 +3375,7 @@ void PositiveDivide(Integer& remainder, Integer& quotient,
quotient.reg_.CleanNew(RoundupSize(aSize-bSize+2));
quotient.sign_ = Integer::POSITIVE;
- WordBlock T(aSize+2*bSize+4);
+ AlignedWordBlock T(aSize+2*bSize+4);
Divide(remainder.reg_.get_buffer(), quotient.reg_.get_buffer(),
T.get_buffer(), a.reg_.get_buffer(), aSize, b.reg_.get_buffer(),
bSize);
@@ -3595,7 +3595,7 @@ Integer Integer::InverseMod(const Integer &m) const
return !u ? Zero() : (m*(*this-u)+1)/(*this);
}
- WordBlock T(m.reg_.size() * 4);
+ AlignedWordBlock T(m.reg_.size() * 4);
Integer r((word)0, m.reg_.size());
unsigned k = AlmostInverse(r.reg_.get_buffer(), T.get_buffer(),
reg_.get_buffer(), reg_.size(),
diff --git a/extra/yassl/taocrypt/src/make.bat b/extra/yassl/taocrypt/src/make.bat
index 5a2ae580b76..ecf7e8f8469 100644
--- a/extra/yassl/taocrypt/src/make.bat
+++ b/extra/yassl/taocrypt/src/make.bat
@@ -1,8 +1,7 @@
-# quick and dirty build file for testing different MSDEVs
+REM quick and dirty build file for testing different MSDEVs
setlocal
set myFLAGS= /I../include /I../../mySTL /c /W3 /G6 /O2
-#set myFLAGS= /I../include /I../../mySTL /c /W3 /O1
cl %myFLAGS% aes.cpp
cl %myFLAGS% aestables.cpp
diff --git a/extra/yassl/taocrypt/src/misc.cpp b/extra/yassl/taocrypt/src/misc.cpp
index 3d0539187a7..4ef163a7f5d 100644
--- a/extra/yassl/taocrypt/src/misc.cpp
+++ b/extra/yassl/taocrypt/src/misc.cpp
@@ -25,6 +25,15 @@
#include "runtime.hpp"
#include "misc.hpp"
+
+extern "C" {
+
+ // for libcurl configure test, these are the signatures they use
+ // locking handled internally by library
+ char CRYPTO_lock() { return 0;}
+ char CRYPTO_add_lock() { return 0;}
+} // extern "C"
+
#ifdef YASSL_PURE_C
void* operator new(size_t sz, TaoCrypt::new_t)
diff --git a/extra/yassl/taocrypt/src/template_instnt.cpp b/extra/yassl/taocrypt/src/template_instnt.cpp
index 12bcd8238f2..5efd2d32a10 100644
--- a/extra/yassl/taocrypt/src/template_instnt.cpp
+++ b/extra/yassl/taocrypt/src/template_instnt.cpp
@@ -30,11 +30,11 @@
#include "sha.hpp"
#include "md5.hpp"
#include "hmac.hpp"
-#include "ripemd.hpp"
#include "pwdbased.hpp"
#include "algebra.hpp"
#include "vector.hpp"
#include "hash.hpp"
+#include "ripemd.hpp"
#ifdef HAVE_EXPLICIT_TEMPLATE_INSTANTIATION
namespace TaoCrypt {
diff --git a/extra/yassl/taocrypt/taocrypt.dsp b/extra/yassl/taocrypt/taocrypt.dsp
index 13b9a07419b..b741cef0096 100644
--- a/extra/yassl/taocrypt/taocrypt.dsp
+++ b/extra/yassl/taocrypt/taocrypt.dsp
@@ -64,7 +64,8 @@ LIB32=link.exe -lib
# PROP Intermediate_Dir "Debug"
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_MBCS" /D "_LIB" /YX /FD /GZ /c
-# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "include" /I "..\mySTL" /D "WIN32" /D "_DEBUG" /D "_MBCS" /D "_LIB" /FR /YX /FD /GZ /c
+# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "include" /I "..\mySTL" /D "WIN32" /D "_DEBUG" /D "_MBCS" /D "_LIB" /YX /FD /GZ /c
+# SUBTRACT CPP /Fr
# ADD BASE RSC /l 0x409 /d "_DEBUG"
# ADD RSC /l 0x409 /d "_DEBUG"
BSC32=bscmake.exe
diff --git a/extra/yassl/taocrypt/test/make.bat b/extra/yassl/taocrypt/test/make.bat
index e1a4cbce7cd..5f01db68d0d 100644
--- a/extra/yassl/taocrypt/test/make.bat
+++ b/extra/yassl/taocrypt/test/make.bat
@@ -1,4 +1,4 @@
-# quick and dirty build file for testing different MSDEVs
+REM quick and dirty build file for testing different MSDEVs
setlocal
set myFLAGS= /I../include /I../../mySTL /c /W3 /G6 /O2
diff --git a/extra/yassl/testsuite/make.bat b/extra/yassl/testsuite/make.bat
index d8a55b0d3af..1bc7ce0513d 100644
--- a/extra/yassl/testsuite/make.bat
+++ b/extra/yassl/testsuite/make.bat
@@ -1,4 +1,4 @@
-# quick and dirty build file for testing different MSDEVs
+REM quick and dirty build file for testing different MSDEVs
setlocal
set myFLAGS= /I../include /I../taocrypt/include /I../mySTL /c /W3 /G6 /O2 /MT /D"WIN32" /D"NO_MAIN_DRIVER"
diff --git a/extra/yassl/testsuite/test.hpp b/extra/yassl/testsuite/test.hpp
index 79d02b63558..259975fba0b 100644
--- a/extra/yassl/testsuite/test.hpp
+++ b/extra/yassl/testsuite/test.hpp
@@ -27,7 +27,7 @@
#endif /* _WIN32 */
-#if defined(__MACH__) || defined(_WIN32)
+#if !defined(_SOCKLEN_T) && (defined(__MACH__) || defined(_WIN32))
typedef int socklen_t;
#endif
@@ -305,8 +305,8 @@ inline void showPeer(SSL* ssl)
char* subject = X509_NAME_oneline(X509_get_subject_name(peer), 0, 0);
printf("peer's cert info:\n");
- printf("issuer is: %s\n", issuer);
- printf("subject is: %s\n", subject);
+ printf("issuer : %s\n", issuer);
+ printf("subject: %s\n", subject);
free(subject);
free(issuer);
diff --git a/extra/yassl/testsuite/testsuite.cpp b/extra/yassl/testsuite/testsuite.cpp
index af988432a86..1cf6a78ebe7 100644
--- a/extra/yassl/testsuite/testsuite.cpp
+++ b/extra/yassl/testsuite/testsuite.cpp
@@ -91,6 +91,7 @@ int main(int argc, char** argv)
assert(memcmp(input, output, sizeof(input)) == 0);
printf("\nAll tests passed!\n");
+ yaSSL_CleanUp();
return 0;
}
@@ -146,10 +147,10 @@ int test_openSSL_des()
(byte*)key, iv);
byte cipher[16];
- DES_ede3_cbc_encrypt((byte*)data, cipher, dataSz, &key[0], &key[8],
- &key[16], &iv, true);
+ DES_ede3_cbc_encrypt((byte*)data, cipher, dataSz, &key[0], &key[1],
+ &key[2], &iv, true);
byte plain[16];
- DES_ede3_cbc_encrypt(cipher, plain, 16, &key[0], &key[8], &key[16],
+ DES_ede3_cbc_encrypt(cipher, plain, 16, &key[0], &key[1], &key[2],
&iv, false);
return 0;
}
diff --git a/extra/yassl/testsuite/testsuite.dsp b/extra/yassl/testsuite/testsuite.dsp
index f896aa7f020..24c325fa878 100644
--- a/extra/yassl/testsuite/testsuite.dsp
+++ b/extra/yassl/testsuite/testsuite.dsp
@@ -42,7 +42,7 @@ RSC=rc.exe
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
-# ADD CPP /nologo /MT /W3 /GX- /O2 /I "../taocrypt/include" /I "../include" /I "../mySTL" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "NO_MAIN_DRIVER" /YX /FD /c
+# ADD CPP /nologo /MT /W3 /O2 /I "../taocrypt/include" /I "../include" /I "../mySTL" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "NO_MAIN_DRIVER" /YX /FD /c
# ADD BASE RSC /l 0x409 /d "NDEBUG"
# ADD RSC /l 0x409 /d "NDEBUG"
BSC32=bscmake.exe
@@ -67,7 +67,7 @@ LINK32=link.exe
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
-# ADD CPP /nologo /MTd /W3 /Gm /GX- /ZI /Od /I "../taocrypt/include" /I "../include" /I "../mySTL" /D "_DEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "NO_MAIN_DRIVER" /FR /YX /FD /GZ /c
+# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "../taocrypt/include" /I "../include" /I "../mySTL" /D "_DEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "NO_MAIN_DRIVER" /FR /YX /FD /GZ /c
# ADD BASE RSC /l 0x409 /d "_DEBUG"
# ADD RSC /l 0x409 /d "_DEBUG"
BSC32=bscmake.exe