diff options
Diffstat (limited to 'extra')
-rw-r--r-- | extra/yassl/README | 18 | ||||
-rw-r--r-- | extra/yassl/include/openssl/ssl.h | 2 | ||||
-rw-r--r-- | extra/yassl/src/make.bat | 18 | ||||
-rw-r--r-- | extra/yassl/src/ssl.cpp | 2 | ||||
-rw-r--r-- | extra/yassl/src/yassl_error.cpp | 12 | ||||
-rw-r--r-- | extra/yassl/taocrypt/benchmark/make.bat | 18 | ||||
-rw-r--r-- | extra/yassl/taocrypt/include/asn.hpp | 28 | ||||
-rw-r--r-- | extra/yassl/taocrypt/include/error.hpp | 6 | ||||
-rw-r--r-- | extra/yassl/taocrypt/include/file.hpp | 6 | ||||
-rw-r--r-- | extra/yassl/taocrypt/src/asn.cpp | 79 | ||||
-rw-r--r-- | extra/yassl/taocrypt/src/coding.cpp | 14 | ||||
-rw-r--r-- | extra/yassl/taocrypt/src/integer.cpp | 43 | ||||
-rw-r--r-- | extra/yassl/taocrypt/src/make.bat | 18 | ||||
-rw-r--r-- | extra/yassl/taocrypt/test/make.bat | 18 | ||||
-rw-r--r-- | extra/yassl/taocrypt/test/test.cpp | 46 | ||||
-rw-r--r-- | extra/yassl/testsuite/make.bat | 18 | ||||
-rw-r--r-- | extra/yassl/testsuite/testsuite.cpp | 4 |
17 files changed, 226 insertions, 124 deletions
diff --git a/extra/yassl/README b/extra/yassl/README index fbeffd9db77..4445266c639 100644 --- a/extra/yassl/README +++ b/extra/yassl/README @@ -1,4 +1,20 @@ -yaSSL Release notes, version 1.5.0 (11/09/06) +*****************yaSSL Release notes, version 1.5.0 (1/10/07) + + This release of yaSSL contains bug fixes, portability enhancements, and + support for GCC 4.1.1 and vs2005 sp1. + + + + Since yaSSL now supports zlib, as does libcur, the libcurl build test can + fail if yaSSL is built with zlib support since the zlib library isn't + passed. You can do two things to fix this: + + 1) build yaSSL w/o zlib --without-zlib + 2) or add flags to curl configure LDFLAGS="-lm -lz" + + + +*****************yaSSL Release notes, version 1.5.0 (11/09/06) This release of yaSSL contains bug fixes, portability enhancements, and full TLS 1.1 support. Use the functions: diff --git a/extra/yassl/include/openssl/ssl.h b/extra/yassl/include/openssl/ssl.h index 67c49a808fd..4f5baba9b38 100644 --- a/extra/yassl/include/openssl/ssl.h +++ b/extra/yassl/include/openssl/ssl.h @@ -41,7 +41,7 @@ #include "rsa.h" -#define YASSL_VERSION "1.5.0" +#define YASSL_VERSION "1.5.8" #if defined(__cplusplus) diff --git a/extra/yassl/src/make.bat b/extra/yassl/src/make.bat index 6ddf4ff98df..dde305721a7 100644 --- a/extra/yassl/src/make.bat +++ b/extra/yassl/src/make.bat @@ -1,22 +1,4 @@ REM quick and dirty build file for testing different MSDEVs - -@echo off -REM Copyright (C) 2006 MySQL AB -REM -REM This program is free software; you can redistribute it and/or modify -REM it under the terms of the GNU General Public License as published by -REM the Free Software Foundation; version 2 of the License. -REM -REM This program is distributed in the hope that it will be useful, -REM but WITHOUT ANY WARRANTY; without even the implied warranty of -REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -REM GNU General Public License for more details. -REM -REM You should have received a copy of the GNU General Public License -REM along with this program; if not, write to the Free Software -REM Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -@echo on - setlocal set myFLAGS= /I../include /I../taocrypt/mySTL /I../taocrypt/include /W3 /c /ZI diff --git a/extra/yassl/src/ssl.cpp b/extra/yassl/src/ssl.cpp index aa98465069c..5ca7dec399d 100644 --- a/extra/yassl/src/ssl.cpp +++ b/extra/yassl/src/ssl.cpp @@ -958,7 +958,7 @@ void ERR_print_errors_fp(FILE* /*fp*/) char* ERR_error_string(unsigned long errNumber, char* buffer) { - static char* msg = (char*) "Please supply a buffer for error string"; + static char* msg = "Please supply a buffer for error string"; if (buffer) { SetErrorString(YasslError(errNumber), buffer); diff --git a/extra/yassl/src/yassl_error.cpp b/extra/yassl/src/yassl_error.cpp index 25c595f40bc..24fc602d4e9 100644 --- a/extra/yassl/src/yassl_error.cpp +++ b/extra/yassl/src/yassl_error.cpp @@ -150,6 +150,10 @@ void SetErrorString(YasslError error, char* buffer) strncpy(buffer, "the read operation would block", max); break; + case CERTFICATE_ERROR : + strncpy(buffer, "Unable to verify certificate", max); + break; + // TaoCrypt errors case NO_ERROR_E : strncpy(buffer, "not in error state", max); @@ -255,8 +259,12 @@ void SetErrorString(YasslError error, char* buffer) strncpy(buffer, "ASN: bad other signature confirmation", max); break; - case CERTFICATE_ERROR : - strncpy(buffer, "Unable to verify certificate", max); + case CONTENT_E : + strncpy(buffer, "bad content processing", max); + break; + + case PEM_E : + strncpy(buffer, "bad PEM format processing", max); break; default : diff --git a/extra/yassl/taocrypt/benchmark/make.bat b/extra/yassl/taocrypt/benchmark/make.bat index 8b3c112ec52..bf1383f5e97 100644 --- a/extra/yassl/taocrypt/benchmark/make.bat +++ b/extra/yassl/taocrypt/benchmark/make.bat @@ -1,22 +1,4 @@ REM quick and dirty build file for testing different MSDEVs - -@echo off -REM Copyright (C) 2006 MySQL AB -REM -REM This program is free software; you can redistribute it and/or modify -REM it under the terms of the GNU General Public License as published by -REM the Free Software Foundation; version 2 of the License. -REM -REM This program is distributed in the hope that it will be useful, -REM but WITHOUT ANY WARRANTY; without even the implied warranty of -REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -REM GNU General Public License for more details. -REM -REM You should have received a copy of the GNU General Public License -REM along with this program; if not, write to the Free Software -REM Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -@echo on - setlocal set myFLAGS= /I../include /I../mySTL /c /W3 /G6 /O2 diff --git a/extra/yassl/taocrypt/include/asn.hpp b/extra/yassl/taocrypt/include/asn.hpp index 1151f3c944e..a82cd8d0d79 100644 --- a/extra/yassl/taocrypt/include/asn.hpp +++ b/extra/yassl/taocrypt/include/asn.hpp @@ -99,6 +99,17 @@ enum DNTags }; +enum PCKS12_Tags +{ + /* DATA = 1, */ // from ASN1 + SIGNED_DATA = 2, + ENVELOPED_DATA = 3, + SIGNED_AND_ENVELOPED_DATA = 4, + DIGESTED_DATA = 5, + ENCRYPTED_DATA = 6 +}; + + enum Constants { MIN_DATE_SZ = 13, @@ -195,6 +206,16 @@ private: }; +// PKCS12 BER Decoder +class PKCS12_Decoder : public BER_Decoder { +public: + explicit PKCS12_Decoder(Source& s) : BER_Decoder(s) {} + void Decode(); +private: + void ReadHeader(); +}; + + // General PublicKey class PublicKey { byte* key_; @@ -241,6 +262,7 @@ private: typedef STL::list<Signer*> SignerList; +enum ContentType { HUH = 651 }; enum SigType { SHAwDSA = 517, MD2wRSA = 646, MD5wRSA = 648, SHAwRSA =649}; enum HashType { MD2h = 646, MD5h = 649, SHAh = 88 }; enum KeyType { DSAk = 515, RSAk = 645 }; // sums of algo OID @@ -345,6 +367,12 @@ private: }; +// Get Cert in PEM format from BEGIN to END +int GetCert(Source&); + +// Get Cert in PEM format from pkcs12 file +int GetPKCS_Cert(const char* password, Source&); + } // namespace diff --git a/extra/yassl/taocrypt/include/error.hpp b/extra/yassl/taocrypt/include/error.hpp index 1a93056db45..368e2a27b73 100644 --- a/extra/yassl/taocrypt/include/error.hpp +++ b/extra/yassl/taocrypt/include/error.hpp @@ -70,8 +70,12 @@ DSA_SZ_E = 1035, // "bad DSA r or s size" BEFORE_DATE_E = 1036, // "before date in the future" AFTER_DATE_E = 1037, // "after date in the past" SIG_CONFIRM_E = 1038, // "bad self signature confirmation" -SIG_OTHER_E = 1039 // "bad other signature confirmation" +SIG_OTHER_E = 1039, // "bad other signature confirmation" +CONTENT_E = 1040, // "bad content processing" +PEM_E = 1041 // "bad pem format error" + + // add error string to yassl/src/yassl_error.cpp !!! }; diff --git a/extra/yassl/taocrypt/include/file.hpp b/extra/yassl/taocrypt/include/file.hpp index c12b5c73bac..79693cd054b 100644 --- a/extra/yassl/taocrypt/include/file.hpp +++ b/extra/yassl/taocrypt/include/file.hpp @@ -71,8 +71,10 @@ public: void SetError(ErrorNumber w) { error_.SetError(w); } friend class FileSource; // for get() -private: - Source(const Source& that) : buffer_(that.buffer_), current_(that.current_) {} + + Source(const Source& that) + : buffer_(that.buffer_), current_(that.current_) {} + Source& operator=(const Source& that) { Source tmp(that); diff --git a/extra/yassl/taocrypt/src/asn.cpp b/extra/yassl/taocrypt/src/asn.cpp index 3dc3638d85f..ceaedf00209 100644 --- a/extra/yassl/taocrypt/src/asn.cpp +++ b/extra/yassl/taocrypt/src/asn.cpp @@ -1098,4 +1098,83 @@ word32 DecodeDSA_Signature(byte* decoded, const byte* encoded, word32 sz) } +// Get Cert in PEM format from BEGIN to END +int GetCert(Source& source) +{ + char header[] = "-----BEGIN CERTIFICATE-----"; + char footer[] = "-----END CERTIFICATE-----"; + + char* begin = strstr((char*)source.get_buffer(), header); + char* end = strstr((char*)source.get_buffer(), footer); + + if (!begin || !end || begin >= end) return -1; + + end += strlen(footer); + if (*end == '\r') end++; + + Source tmp((byte*)begin, end - begin + 1); + source.Swap(tmp); + + return 0; +} + + + +// Decode a BER encoded PKCS12 structure +void PKCS12_Decoder::Decode() +{ + ReadHeader(); + if (source_.GetError().What()) return; + + // Get AuthSafe + + GetSequence(); + + // get object id + byte obj_id = source_.next(); + if (obj_id != OBJECT_IDENTIFIER) { + source_.SetError(OBJECT_ID_E); + return; + } + + word32 length = GetLength(source_); + + word32 algo_sum = 0; + while (length--) + algo_sum += source_.next(); + + + + + + + // Get MacData optional + /* + mac digestInfo like certdecoder::getdigest? + macsalt octet string + iter integer + + */ +} + + +void PKCS12_Decoder::ReadHeader() +{ + // Gets Version + GetSequence(); + GetVersion(); +} + + +// Get Cert in PEM format from pkcs12 file +int GetPKCS_Cert(const char* password, Source& source) +{ + PKCS12_Decoder pkcs12(source); + pkcs12.Decode(); + + return 0; +} + + + } // namespace diff --git a/extra/yassl/taocrypt/src/coding.cpp b/extra/yassl/taocrypt/src/coding.cpp index b8bbd29bb2b..e9e5cb69469 100644 --- a/extra/yassl/taocrypt/src/coding.cpp +++ b/extra/yassl/taocrypt/src/coding.cpp @@ -131,8 +131,7 @@ void HexDecoder::Decode() void Base64Encoder::Encode() { word32 bytes = plain_.size(); - word32 outSz = bytes * 4 / 3; - outSz += (outSz % 4); // 4 byte integrals + word32 outSz = (bytes + 3 - 1) / 3 * 4; outSz += (outSz + pemLineSz - 1) / pemLineSz; // new lines encoded_.New(outSz); @@ -159,7 +158,7 @@ void Base64Encoder::Encode() bytes -= 3; - if ((++j % 16) == 0) + if ((++j % 16) == 0 && bytes) encoded_[i++] = '\n'; } @@ -236,11 +235,18 @@ void Base64Decoder::Decode() if ((++j % 16) == 0) { byte endLine = coded_.next(); bytes--; + while (endLine == ' ') { // remove possible whitespace + endLine = coded_.next(); + bytes--; + } if (endLine == '\r') { endLine = coded_.next(); bytes--; } - assert(endLine == '\n'); + if (endLine != '\n') { + coded_.SetError(PEM_E); + return; + } } } diff --git a/extra/yassl/taocrypt/src/integer.cpp b/extra/yassl/taocrypt/src/integer.cpp index 1ed69ce34dc..5927f7e3d5e 100644 --- a/extra/yassl/taocrypt/src/integer.cpp +++ b/extra/yassl/taocrypt/src/integer.cpp @@ -88,7 +88,7 @@ namespace TaoCrypt { #ifdef SSE2_INTRINSICS_AVAILABLE template <class T> -CPP_TYPENAME AllocatorBase<T>::pointer AlignedAllocator<T>::allocate( +CPP_TYPENAME AlignedAllocator<T>::pointer AlignedAllocator<T>::allocate( size_type n, const void *) { CheckSize(n); @@ -572,24 +572,29 @@ static word AtomicInverseModPower2(word A) class Portable { public: - static word Add(word *C, const word *A, const word *B, unsigned int N); - static word Subtract(word *C, const word *A, const word*B, unsigned int N); - - static void Multiply2(word *C, const word *A, const word *B); - static word Multiply2Add(word *C, const word *A, const word *B); - static void Multiply4(word *C, const word *A, const word *B); - static void Multiply8(word *C, const word *A, const word *B); - static unsigned int MultiplyRecursionLimit() {return 8;} - - static void Multiply2Bottom(word *C, const word *A, const word *B); - static void Multiply4Bottom(word *C, const word *A, const word *B); - static void Multiply8Bottom(word *C, const word *A, const word *B); - static unsigned int MultiplyBottomRecursionLimit() {return 8;} - - static void Square2(word *R, const word *A); - static void Square4(word *R, const word *A); - static void Square8(word *R, const word *A) {assert(false);} - static unsigned int SquareRecursionLimit() {return 4;} + static word TAOCRYPT_CDECL Add(word *C, const word *A, const word *B, + unsigned int N); + static word TAOCRYPT_CDECL Subtract(word *C, const word *A, const word*B, + unsigned int N); + static void TAOCRYPT_CDECL Multiply2(word *C, const word *A, const word *B); + static word TAOCRYPT_CDECL Multiply2Add(word *C, + const word *A, const word *B); + static void TAOCRYPT_CDECL Multiply4(word *C, const word *A, const word *B); + static void TAOCRYPT_CDECL Multiply8(word *C, const word *A, const word *B); + static unsigned int TAOCRYPT_CDECL MultiplyRecursionLimit() {return 8;} + + static void TAOCRYPT_CDECL Multiply2Bottom(word *C, const word *A, + const word *B); + static void TAOCRYPT_CDECL Multiply4Bottom(word *C, const word *A, + const word *B); + static void TAOCRYPT_CDECL Multiply8Bottom(word *C, const word *A, + const word *B); + static unsigned int TAOCRYPT_CDECL MultiplyBottomRecursionLimit(){return 8;} + + static void TAOCRYPT_CDECL Square2(word *R, const word *A); + static void TAOCRYPT_CDECL Square4(word *R, const word *A); + static void TAOCRYPT_CDECL Square8(word *R, const word *A) {assert(false);} + static unsigned int TAOCRYPT_CDECL SquareRecursionLimit() {return 4;} }; word Portable::Add(word *C, const word *A, const word *B, unsigned int N) diff --git a/extra/yassl/taocrypt/src/make.bat b/extra/yassl/taocrypt/src/make.bat index 13675ae84de..0aa1350f7d8 100644 --- a/extra/yassl/taocrypt/src/make.bat +++ b/extra/yassl/taocrypt/src/make.bat @@ -1,22 +1,4 @@ REM quick and dirty build file for testing different MSDEVs - -@echo off -REM Copyright (C) 2006 MySQL AB -REM -REM This program is free software; you can redistribute it and/or modify -REM it under the terms of the GNU General Public License as published by -REM the Free Software Foundation; version 2 of the License. -REM -REM This program is distributed in the hope that it will be useful, -REM but WITHOUT ANY WARRANTY; without even the implied warranty of -REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -REM GNU General Public License for more details. -REM -REM You should have received a copy of the GNU General Public License -REM along with this program; if not, write to the Free Software -REM Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -@echo on - setlocal set myFLAGS= /I../include /I../mySTL /c /W3 /G6 /O2 diff --git a/extra/yassl/taocrypt/test/make.bat b/extra/yassl/taocrypt/test/make.bat index 04a0c25e4de..7b53e9abc90 100644 --- a/extra/yassl/taocrypt/test/make.bat +++ b/extra/yassl/taocrypt/test/make.bat @@ -1,22 +1,4 @@ REM quick and dirty build file for testing different MSDEVs - -@echo off -REM Copyright (C) 2006 MySQL AB -REM -REM This program is free software; you can redistribute it and/or modify -REM it under the terms of the GNU General Public License as published by -REM the Free Software Foundation; version 2 of the License. -REM -REM This program is distributed in the hope that it will be useful, -REM but WITHOUT ANY WARRANTY; without even the implied warranty of -REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -REM GNU General Public License for more details. -REM -REM You should have received a copy of the GNU General Public License -REM along with this program; if not, write to the Free Software -REM Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -@echo on - setlocal set myFLAGS= /I../include /I../mySTL /c /W3 /G6 /O2 diff --git a/extra/yassl/taocrypt/test/test.cpp b/extra/yassl/taocrypt/test/test.cpp index 9e3ef709a78..d2eff49c56c 100644 --- a/extra/yassl/taocrypt/test/test.cpp +++ b/extra/yassl/taocrypt/test/test.cpp @@ -74,7 +74,8 @@ using TaoCrypt::EncodeDSA_Signature; using TaoCrypt::DecodeDSA_Signature; using TaoCrypt::PBKDF2_HMAC; using TaoCrypt::tcArrayDelete; - +using TaoCrypt::GetCert; +using TaoCrypt::GetPKCS_Cert; struct testVector { @@ -103,6 +104,7 @@ int rsa_test(); int dsa_test(); int dh_test(); int pwdbased_test(); +int pkcs12_test(); TaoCrypt::RandomNumberGenerator rng; @@ -228,6 +230,13 @@ void taocrypt_test(void* args) else printf( "PBKDF2 test passed!\n"); + /* not ready yet + if ( (ret = pkcs12_test()) ) + err_sys("PKCS12 test failed!\n", ret); + else + printf( "PKCS12 test passed!\n"); + */ + tcArrayDelete(cipher); tcArrayDelete(plain); tcArrayDelete(msg); @@ -994,3 +1003,38 @@ int pwdbased_test() return 0; } + + +int pkcs12_test() +{ + Source cert; + FileSource("../certs/server-cert.pem", cert); + if (cert.size() == 0) { + FileSource("../../certs/server-cert.pem", cert); // for testsuite + if (cert.size() == 0) { + FileSource("../../../certs/server-cert.pem", cert); // Debug dir + if (cert.size() == 0) + err_sys("where's your certs dir?", -109); + } + } + + if (GetCert(cert) != 0) + return -110; + + Source source; + FileSource("../certs/server.p12", source); + if (source.size() == 0) { + FileSource("../../certs/server.p12", source); // for testsuite + if (source.size() == 0) { + FileSource("../../../certs/server.p12", source); // Debug dir + if (source.size() == 0) + err_sys("where's your certs dir?", -111); + } + } + + if (GetPKCS_Cert("password", source) != 0) + return -112; + + return 0; +} + diff --git a/extra/yassl/testsuite/make.bat b/extra/yassl/testsuite/make.bat index e4942f66b3f..ea2677db481 100644 --- a/extra/yassl/testsuite/make.bat +++ b/extra/yassl/testsuite/make.bat @@ -1,22 +1,4 @@ REM quick and dirty build file for testing different MSDEVs - -@echo off -REM Copyright (C) 2006 MySQL AB -REM -REM This program is free software; you can redistribute it and/or modify -REM it under the terms of the GNU General Public License as published by -REM the Free Software Foundation; version 2 of the License. -REM -REM This program is distributed in the hope that it will be useful, -REM but WITHOUT ANY WARRANTY; without even the implied warranty of -REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -REM GNU General Public License for more details. -REM -REM You should have received a copy of the GNU General Public License -REM along with this program; if not, write to the Free Software -REM Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -@echo on - setlocal set myFLAGS= /I../include /I../taocrypt/include /I../taocrypt/mySTL /c /W3 /G6 /O2 /MT /D"WIN32" /D"NO_MAIN_DRIVER" diff --git a/extra/yassl/testsuite/testsuite.cpp b/extra/yassl/testsuite/testsuite.cpp index 49113a552cd..1cf6a78ebe7 100644 --- a/extra/yassl/testsuite/testsuite.cpp +++ b/extra/yassl/testsuite/testsuite.cpp @@ -86,8 +86,8 @@ int main(int argc, char** argv) // input output compare byte input[TaoCrypt::MD5::DIGEST_SIZE]; byte output[TaoCrypt::MD5::DIGEST_SIZE]; - file_test((char*) "input", input); - file_test((char*) "output", output); + file_test("input", input); + file_test("output", output); assert(memcmp(input, output, sizeof(input)) == 0); printf("\nAll tests passed!\n"); |