/src/internal.c
C | 8996 lines | 7080 code | 1550 blank | 366 comment | 1611 complexity | 6cce09424e74b757c538993f414fadba MD5 | raw file
Possible License(s): GPL-2.0
Large files files are truncated, but you can click here to view the full file
- /* internal.c
- *
- * Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
- *
- * This file is part of CyaSSL.
- *
- * CyaSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * CyaSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
- */
- #ifdef HAVE_CONFIG_H
- #include <config.h>
- #endif
- #include <cyassl/internal.h>
- #include <cyassl/error.h>
- #include <cyassl/ctaocrypt/asn.h>
- #ifdef HAVE_LIBZ
- #include "zlib.h"
- #endif
- #ifdef HAVE_NTRU
- #include "crypto_ntru.h"
- #endif
- #if defined(DEBUG_CYASSL) || defined(SHOW_SECRETS)
- #ifdef FREESCALE_MQX
- #include <fio.h>
- #else
- #include <stdio.h>
- #endif
- #endif
- #ifdef __sun
- #include <sys/filio.h>
- #endif
- #ifndef TRUE
- #define TRUE 1
- #endif
- #ifndef FALSE
- #define FALSE 0
- #endif
- #if defined(OPENSSL_EXTRA) && defined(NO_DH)
- #error OPENSSL_EXTRA needs DH, please remove NO_DH
- #endif
- #ifndef NO_CYASSL_CLIENT
- static int DoHelloVerifyRequest(CYASSL* ssl, const byte* input, word32*);
- static int DoServerHello(CYASSL* ssl, const byte* input, word32*, word32);
- static int DoServerKeyExchange(CYASSL* ssl, const byte* input, word32*);
- #ifndef NO_CERTS
- static int DoCertificateRequest(CYASSL* ssl, const byte* input,word32*);
- #endif
- #endif
- #ifndef NO_CYASSL_SERVER
- static int DoClientHello(CYASSL* ssl, const byte* input, word32*, word32,
- word32);
- static int DoClientKeyExchange(CYASSL* ssl, byte* input, word32*, word32);
- #if !defined(NO_RSA) || defined(HAVE_ECC)
- static int DoCertificateVerify(CYASSL* ssl, byte*, word32*, word32);
- #endif
- #endif
- typedef enum {
- doProcessInit = 0,
- #ifndef NO_CYASSL_SERVER
- runProcessOldClientHello,
- #endif
- getRecordLayerHeader,
- getData,
- runProcessingOneMessage
- } processReply;
- #ifndef NO_MD5
- static void Hmac(CYASSL* ssl, byte* digest, const byte* buffer, word32 sz,
- int content, int verify);
- static void BuildCertHashes(CYASSL* ssl, Hashes* hashes);
- #endif
- #ifndef min
- static INLINE word32 min(word32 a, word32 b)
- {
- return a > b ? b : a;
- }
- #endif /* min */
- int IsTLS(const CYASSL* ssl)
- {
- if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor >=TLSv1_MINOR)
- return 1;
- return 0;
- }
- int IsAtLeastTLSv1_2(const CYASSL* ssl)
- {
- if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor >=TLSv1_2_MINOR)
- return 1;
- return 0;
- }
- #ifdef HAVE_NTRU
- static byte GetEntropy(ENTROPY_CMD cmd, byte* out)
- {
- /* TODO: add locking? */
- static RNG rng;
- if (cmd == INIT) {
- int ret = InitRng(&rng);
- if (ret == 0)
- return 1;
- else
- return 0;
- }
- if (out == NULL)
- return 0;
- if (cmd == GET_BYTE_OF_ENTROPY) {
- RNG_GenerateBlock(&rng, out, 1);
- return 1;
- }
- if (cmd == GET_NUM_BYTES_PER_BYTE_OF_ENTROPY) {
- *out = 1;
- return 1;
- }
- return 0;
- }
- #endif /* HAVE_NTRU */
- /* used by ssl.c too */
- void c32to24(word32 in, word24 out)
- {
- out[0] = (in >> 16) & 0xff;
- out[1] = (in >> 8) & 0xff;
- out[2] = in & 0xff;
- }
- #ifdef CYASSL_DTLS
- static INLINE void c32to48(word32 in, byte out[6])
- {
- out[0] = 0;
- out[1] = 0;
- out[2] = (in >> 24) & 0xff;
- out[3] = (in >> 16) & 0xff;
- out[4] = (in >> 8) & 0xff;
- out[5] = in & 0xff;
- }
- #endif /* CYASSL_DTLS */
- /* convert 16 bit integer to opaque */
- static INLINE void c16toa(word16 u16, byte* c)
- {
- c[0] = (u16 >> 8) & 0xff;
- c[1] = u16 & 0xff;
- }
- /* convert 32 bit integer to opaque */
- static INLINE void c32toa(word32 u32, byte* c)
- {
- c[0] = (u32 >> 24) & 0xff;
- c[1] = (u32 >> 16) & 0xff;
- c[2] = (u32 >> 8) & 0xff;
- c[3] = u32 & 0xff;
- }
- /* convert a 24 bit integer into a 32 bit one */
- static INLINE void c24to32(const word24 u24, word32* u32)
- {
- *u32 = (u24[0] << 16) | (u24[1] << 8) | u24[2];
- }
- /* convert opaque to 16 bit integer */
- static INLINE void ato16(const byte* c, word16* u16)
- {
- *u16 = (c[0] << 8) | (c[1]);
- }
- /* convert opaque to 32 bit integer */
- static INLINE void ato32(const byte* c, word32* u32)
- {
- *u32 = (c[0] << 24) | (c[1] << 16) | (c[2] << 8) | c[3];
- }
- #ifdef HAVE_LIBZ
- /* alloc user allocs to work with zlib */
- static void* myAlloc(void* opaque, unsigned int item, unsigned int size)
- {
- (void)opaque;
- return XMALLOC(item * size, opaque, DYNAMIC_TYPE_LIBZ);
- }
- static void myFree(void* opaque, void* memory)
- {
- (void)opaque;
- XFREE(memory, opaque, DYNAMIC_TYPE_LIBZ);
- }
- /* init zlib comp/decomp streams, 0 on success */
- static int InitStreams(CYASSL* ssl)
- {
- ssl->c_stream.zalloc = (alloc_func)myAlloc;
- ssl->c_stream.zfree = (free_func)myFree;
- ssl->c_stream.opaque = (voidpf)ssl->heap;
- if (deflateInit(&ssl->c_stream, Z_DEFAULT_COMPRESSION) != Z_OK)
- return ZLIB_INIT_ERROR;
- ssl->didStreamInit = 1;
- ssl->d_stream.zalloc = (alloc_func)myAlloc;
- ssl->d_stream.zfree = (free_func)myFree;
- ssl->d_stream.opaque = (voidpf)ssl->heap;
- if (inflateInit(&ssl->d_stream) != Z_OK) return ZLIB_INIT_ERROR;
- return 0;
- }
- static void FreeStreams(CYASSL* ssl)
- {
- if (ssl->didStreamInit) {
- deflateEnd(&ssl->c_stream);
- inflateEnd(&ssl->d_stream);
- }
- }
- /* compress in to out, return out size or error */
- static int Compress(CYASSL* ssl, byte* in, int inSz, byte* out, int outSz)
- {
- int err;
- int currTotal = (int)ssl->c_stream.total_out;
- ssl->c_stream.next_in = in;
- ssl->c_stream.avail_in = inSz;
- ssl->c_stream.next_out = out;
- ssl->c_stream.avail_out = outSz;
- err = deflate(&ssl->c_stream, Z_SYNC_FLUSH);
- if (err != Z_OK && err != Z_STREAM_END) return ZLIB_COMPRESS_ERROR;
- return (int)ssl->c_stream.total_out - currTotal;
- }
-
- /* decompress in to out, returnn out size or error */
- static int DeCompress(CYASSL* ssl, byte* in, int inSz, byte* out, int outSz)
- {
- int err;
- int currTotal = (int)ssl->d_stream.total_out;
- ssl->d_stream.next_in = in;
- ssl->d_stream.avail_in = inSz;
- ssl->d_stream.next_out = out;
- ssl->d_stream.avail_out = outSz;
- err = inflate(&ssl->d_stream, Z_SYNC_FLUSH);
- if (err != Z_OK && err != Z_STREAM_END) return ZLIB_DECOMPRESS_ERROR;
- return (int)ssl->d_stream.total_out - currTotal;
- }
-
- #endif /* HAVE_LIBZ */
- void InitSSL_Method(CYASSL_METHOD* method, ProtocolVersion pv)
- {
- method->version = pv;
- method->side = CLIENT_END;
- method->downgrade = 0;
- }
- /* Initialze SSL context, return 0 on success */
- int InitSSL_Ctx(CYASSL_CTX* ctx, CYASSL_METHOD* method)
- {
- ctx->method = method;
- ctx->refCount = 1; /* so either CTX_free or SSL_free can release */
- #ifndef NO_CERTS
- ctx->certificate.buffer = 0;
- ctx->certChain.buffer = 0;
- ctx->privateKey.buffer = 0;
- ctx->serverDH_P.buffer = 0;
- ctx->serverDH_G.buffer = 0;
- #endif
- ctx->haveDH = 0;
- ctx->haveNTRU = 0; /* start off */
- ctx->haveECDSAsig = 0; /* start off */
- ctx->haveStaticECC = 0; /* start off */
- ctx->heap = ctx; /* defaults to self */
- #ifndef NO_PSK
- ctx->havePSK = 0;
- ctx->server_hint[0] = 0;
- ctx->client_psk_cb = 0;
- ctx->server_psk_cb = 0;
- #endif /* NO_PSK */
- #ifdef HAVE_ECC
- ctx->eccTempKeySz = ECDHE_SIZE;
- #endif
- #ifdef OPENSSL_EXTRA
- ctx->passwd_cb = 0;
- ctx->userdata = 0;
- #endif /* OPENSSL_EXTRA */
- ctx->timeout = DEFAULT_TIMEOUT;
- #ifndef CYASSL_USER_IO
- ctx->CBIORecv = EmbedReceive;
- ctx->CBIOSend = EmbedSend;
- #ifdef CYASSL_DTLS
- if (method->version.major == DTLS_MAJOR
- && method->version.minor == DTLS_MINOR) {
- ctx->CBIORecv = EmbedReceiveFrom;
- ctx->CBIOSend = EmbedSendTo;
- }
- #endif
- #else
- /* user will set */
- ctx->CBIORecv = NULL;
- ctx->CBIOSend = NULL;
- #endif
- ctx->partialWrite = 0;
- ctx->verifyCallback = 0;
- #ifndef NO_CERTS
- ctx->cm = CyaSSL_CertManagerNew();
- #endif
- #ifdef HAVE_NTRU
- if (method->side == CLIENT_END)
- ctx->haveNTRU = 1; /* always on cliet side */
- /* server can turn on by loading key */
- #endif
- #ifdef HAVE_ECC
- if (method->side == CLIENT_END) {
- ctx->haveECDSAsig = 1; /* always on cliet side */
- ctx->haveStaticECC = 1; /* server can turn on by loading key */
- }
- #endif
- ctx->suites.setSuites = 0; /* user hasn't set yet */
- /* remove DH later if server didn't set, add psk later */
- InitSuites(&ctx->suites, method->version, TRUE, FALSE, TRUE, ctx->haveNTRU,
- ctx->haveECDSAsig, ctx->haveStaticECC, method->side);
- ctx->verifyPeer = 0;
- ctx->verifyNone = 0;
- ctx->failNoCert = 0;
- ctx->sessionCacheOff = 0; /* initially on */
- ctx->sessionCacheFlushOff = 0; /* initially on */
- ctx->sendVerify = 0;
- ctx->quietShutdown = 0;
- ctx->groupMessages = 0;
- #ifdef HAVE_OCSP
- CyaSSL_OCSP_Init(&ctx->ocsp);
- #endif
- #ifdef HAVE_CAVIUM
- ctx->devId = NO_CAVIUM_DEVICE;
- #endif
- if (InitMutex(&ctx->countMutex) < 0) {
- CYASSL_MSG("Mutex error on CTX init");
- return BAD_MUTEX_ERROR;
- }
- #ifndef NO_CERTS
- if (ctx->cm == NULL) {
- CYASSL_MSG("Bad Cert Manager New");
- return BAD_CERT_MANAGER_ERROR;
- }
- #endif
- return 0;
- }
- /* In case contexts are held in array and don't want to free actual ctx */
- void SSL_CtxResourceFree(CYASSL_CTX* ctx)
- {
- XFREE(ctx->method, ctx->heap, DYNAMIC_TYPE_METHOD);
- #ifndef NO_CERTS
- XFREE(ctx->serverDH_G.buffer, ctx->heap, DYNAMIC_TYPE_DH);
- XFREE(ctx->serverDH_P.buffer, ctx->heap, DYNAMIC_TYPE_DH);
- XFREE(ctx->privateKey.buffer, ctx->heap, DYNAMIC_TYPE_KEY);
- XFREE(ctx->certificate.buffer, ctx->heap, DYNAMIC_TYPE_CERT);
- XFREE(ctx->certChain.buffer, ctx->heap, DYNAMIC_TYPE_CERT);
- CyaSSL_CertManagerFree(ctx->cm);
- #endif
- #ifdef HAVE_OCSP
- CyaSSL_OCSP_Cleanup(&ctx->ocsp);
- #endif
- }
- void FreeSSL_Ctx(CYASSL_CTX* ctx)
- {
- int doFree = 0;
- if (LockMutex(&ctx->countMutex) != 0) {
- CYASSL_MSG("Couldn't lock count mutex");
- return;
- }
- ctx->refCount--;
- if (ctx->refCount == 0)
- doFree = 1;
- UnLockMutex(&ctx->countMutex);
- if (doFree) {
- CYASSL_MSG("CTX ref count down to 0, doing full free");
- SSL_CtxResourceFree(ctx);
- XFREE(ctx, ctx->heap, DYNAMIC_TYPE_CTX);
- }
- else {
- (void)ctx;
- CYASSL_MSG("CTX ref count not 0 yet, no free");
- }
- }
- /* Set cipher pointers to null */
- void InitCiphers(CYASSL* ssl)
- {
- #ifdef BUILD_ARC4
- ssl->encrypt.arc4 = NULL;
- ssl->decrypt.arc4 = NULL;
- #endif
- #ifdef BUILD_DES3
- ssl->encrypt.des3 = NULL;
- ssl->decrypt.des3 = NULL;
- #endif
- #ifdef BUILD_AES
- ssl->encrypt.aes = NULL;
- ssl->decrypt.aes = NULL;
- #endif
- #ifdef HAVE_CAMELLIA
- ssl->encrypt.cam = NULL;
- ssl->decrypt.cam = NULL;
- #endif
- #ifdef HAVE_HC128
- ssl->encrypt.hc128 = NULL;
- ssl->decrypt.hc128 = NULL;
- #endif
- #ifdef BUILD_RABBIT
- ssl->encrypt.rabbit = NULL;
- ssl->decrypt.rabbit = NULL;
- #endif
- ssl->encrypt.setup = 0;
- ssl->decrypt.setup = 0;
- }
- /* Free ciphers */
- void FreeCiphers(CYASSL* ssl)
- {
- (void)ssl;
- #ifdef BUILD_ARC4
- #ifdef HAVE_CAVIUM
- if (ssl->devId != NO_CAVIUM_DEVICE) {
- Arc4FreeCavium(ssl->encrypt.arc4);
- Arc4FreeCavium(ssl->decrypt.arc4);
- }
- #endif
- XFREE(ssl->encrypt.arc4, ssl->heap, DYNAMIC_TYPE_CIPHER);
- XFREE(ssl->decrypt.arc4, ssl->heap, DYNAMIC_TYPE_CIPHER);
- #endif
- #ifdef BUILD_DES3
- #ifdef HAVE_CAVIUM
- if (ssl->devId != NO_CAVIUM_DEVICE) {
- Des3_FreeCavium(ssl->encrypt.des3);
- Des3_FreeCavium(ssl->decrypt.des3);
- }
- #endif
- XFREE(ssl->encrypt.des3, ssl->heap, DYNAMIC_TYPE_CIPHER);
- XFREE(ssl->decrypt.des3, ssl->heap, DYNAMIC_TYPE_CIPHER);
- #endif
- #ifdef BUILD_AES
- #ifdef HAVE_CAVIUM
- if (ssl->devId != NO_CAVIUM_DEVICE) {
- AesFreeCavium(ssl->encrypt.aes);
- AesFreeCavium(ssl->decrypt.aes);
- }
- #endif
- XFREE(ssl->encrypt.aes, ssl->heap, DYNAMIC_TYPE_CIPHER);
- XFREE(ssl->decrypt.aes, ssl->heap, DYNAMIC_TYPE_CIPHER);
- #endif
- #ifdef BUILD_CAMELLIA
- XFREE(ssl->encrypt.cam, ssl->heap, DYNAMIC_TYPE_CIPHER);
- XFREE(ssl->decrypt.cam, ssl->heap, DYNAMIC_TYPE_CIPHER);
- #endif
- #ifdef HAVE_HC128
- XFREE(ssl->encrypt.hc128, ssl->heap, DYNAMIC_TYPE_CIPHER);
- XFREE(ssl->decrypt.hc128, ssl->heap, DYNAMIC_TYPE_CIPHER);
- #endif
- #ifdef BUILD_RABBIT
- XFREE(ssl->encrypt.rabbit, ssl->heap, DYNAMIC_TYPE_CIPHER);
- XFREE(ssl->decrypt.rabbit, ssl->heap, DYNAMIC_TYPE_CIPHER);
- #endif
- }
- void InitCipherSpecs(CipherSpecs* cs)
- {
- cs->bulk_cipher_algorithm = INVALID_BYTE;
- cs->cipher_type = INVALID_BYTE;
- cs->mac_algorithm = INVALID_BYTE;
- cs->kea = INVALID_BYTE;
- cs->sig_algo = INVALID_BYTE;
- cs->hash_size = 0;
- cs->static_ecdh = 0;
- cs->key_size = 0;
- cs->iv_size = 0;
- cs->block_size = 0;
- }
- void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
- byte haveDH, byte haveNTRU, byte haveECDSAsig,
- byte haveStaticECC, int side)
- {
- word16 idx = 0;
- int tls = pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_MINOR;
- int tls1_2 = pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_2_MINOR;
- int haveRSAsig = 1;
- (void)tls; /* shut up compiler */
- (void)tls1_2;
- (void)haveDH;
- (void)havePSK;
- (void)haveNTRU;
- (void)haveStaticECC;
- if (suites == NULL) {
- CYASSL_MSG("InitSuites pointer error");
- return;
- }
- if (suites->setSuites)
- return; /* trust user settings, don't override */
- if (side == SERVER_END && haveStaticECC)
- haveRSA = 0; /* can't do RSA with ECDSA key */
- if (side == SERVER_END && haveECDSAsig) {
- haveRSAsig = 0; /* can't have RSA sig if signed by ECDSA */
- (void)haveRSAsig; /* non ecc builds won't read */
- }
- #ifdef CYASSL_DTLS
- if (pv.major == DTLS_MAJOR && pv.minor == DTLS_MINOR)
- tls = 1;
- #endif
- #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
- if (tls && haveNTRU && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_NTRU_RSA_WITH_AES_256_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
- if (tls && haveNTRU && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_NTRU_RSA_WITH_AES_128_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA
- if (tls && haveNTRU && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_NTRU_RSA_WITH_RC4_128_SHA;
- }
- #endif
- #ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA
- if (tls && haveNTRU && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- if (tls1_2 && haveStaticECC) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384;
- }
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- if (tls && haveStaticECC) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
- if (tls1_2 && haveECDSAsig && haveStaticECC) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384;
- }
- #endif
- #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
- if (tls && haveECDSAsig && haveStaticECC) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- if (tls1_2 && haveStaticECC) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256;
- }
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- if (tls && haveStaticECC) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
- if (tls1_2 && haveECDSAsig && haveStaticECC) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256;
- }
- #endif
- #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
- if (tls && haveECDSAsig && haveStaticECC) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
- if (tls && haveStaticECC) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_RC4_128_SHA;
- }
- #endif
- #ifdef BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
- if (tls && haveECDSAsig && haveStaticECC) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_RC4_128_SHA;
- }
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
- if (tls && haveStaticECC) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
- if (tls && haveECDSAsig && haveStaticECC) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- if (tls1_2 && haveRSA) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384;
- }
- #endif
- #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- if (tls && haveRSA) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
- if (tls1_2 && haveRSAsig && haveStaticECC) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384;
- }
- #endif
- #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
- if (tls && haveRSAsig && haveStaticECC) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDH_RSA_WITH_AES_256_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- if (tls1_2 && haveRSA) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256;
- }
- #endif
- #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- if (tls && haveRSA) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
- if (tls1_2 && haveRSAsig && haveStaticECC) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256;
- }
- #endif
- #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
- if (tls && haveRSAsig && haveStaticECC) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDH_RSA_WITH_AES_128_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA
- if (tls && haveRSA) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDHE_RSA_WITH_RC4_128_SHA;
- }
- #endif
- #ifdef BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA
- if (tls && haveRSAsig && haveStaticECC) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDH_RSA_WITH_RC4_128_SHA;
- }
- #endif
- #ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
- if (tls && haveRSA) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
- if (tls && haveRSAsig && haveStaticECC) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
- if (tls1_2 && haveDH && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_256_GCM_SHA384;
- }
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_SHA256
- if (tls1_2 && haveECDSAsig && haveDH) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_SHA256;
- }
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8_SHA384
- if (tls1_2 && haveECDSAsig && haveDH) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8_SHA384;
- }
- #endif
- #ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8_SHA256
- if (tls1_2 && haveRSA) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_RSA_WITH_AES_128_CCM_8_SHA256;
- }
- #endif
- #ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_8_SHA384
- if (tls1_2 && haveRSA) {
- suites->suites[idx++] = ECC_BYTE;
- suites->suites[idx++] = TLS_RSA_WITH_AES_256_CCM_8_SHA384;
- }
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
- if (tls1_2 && haveDH && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_256_CBC_SHA256;
- }
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- if (tls1_2 && haveDH && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_128_GCM_SHA256;
- }
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- if (tls1_2 && haveDH && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_128_CBC_SHA256;
- }
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- if (tls && haveDH && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_256_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- if (tls && haveDH && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_128_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
- if (tls1_2 && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_RSA_WITH_AES_256_GCM_SHA384;
- }
- #endif
- #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
- if (tls1_2 && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_RSA_WITH_AES_256_CBC_SHA256;
- }
- #endif
- #ifdef BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
- if (tls1_2 && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_RSA_WITH_AES_128_GCM_SHA256;
- }
- #endif
- #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
- if (tls1_2 && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_RSA_WITH_AES_128_CBC_SHA256;
- }
- #endif
- #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
- if (tls && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_RSA_WITH_AES_256_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
- if (tls && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_RSA_WITH_AES_128_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_RSA_WITH_NULL_SHA
- if (tls && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_RSA_WITH_NULL_SHA;
- }
- #endif
- #ifdef BUILD_TLS_RSA_WITH_NULL_SHA256
- if (tls && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_RSA_WITH_NULL_SHA256;
- }
- #endif
- #ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
- if (tls && havePSK) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_PSK_WITH_AES_256_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
- if (tls && havePSK) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_PSK_WITH_AES_128_CBC_SHA256;
- }
- #endif
- #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
- if (tls && havePSK) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_PSK_WITH_AES_128_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_PSK_WITH_NULL_SHA256
- if (tls & havePSK) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_PSK_WITH_NULL_SHA256;
- }
- #endif
- #ifdef BUILD_TLS_PSK_WITH_NULL_SHA
- if (tls & havePSK) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_PSK_WITH_NULL_SHA;
- }
- #endif
- #ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA
- if (haveRSA ) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = SSL_RSA_WITH_RC4_128_SHA;
- }
- #endif
- #ifdef BUILD_SSL_RSA_WITH_RC4_128_MD5
- if (haveRSA ) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = SSL_RSA_WITH_RC4_128_MD5;
- }
- #endif
- #ifdef BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA
- if (haveRSA ) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = SSL_RSA_WITH_3DES_EDE_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_RSA_WITH_HC_128_CBC_MD5
- if (tls && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_RSA_WITH_HC_128_CBC_MD5;
- }
- #endif
-
- #ifdef BUILD_TLS_RSA_WITH_HC_128_CBC_SHA
- if (tls && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_RSA_WITH_HC_128_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_RSA_WITH_RABBIT_CBC_SHA
- if (tls && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_RSA_WITH_RABBIT_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
- if (tls && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_128_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
- if (tls && haveDH && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
- if (tls && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_256_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_DHE_WITH_RSA_CAMELLIA_256_CBC_SHA
- if (tls && haveDH && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA;
- }
- #endif
- #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
- if (tls && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256;
- }
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
- if (tls && haveDH && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256;
- }
- #endif
- #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
- if (tls && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256;
- }
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
- if (tls && haveDH && haveRSA) {
- suites->suites[idx++] = 0;
- suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256;
- }
- #endif
- suites->suiteSz = idx;
- }
- /* init everything to 0, NULL, default values before calling anything that may
- fail so that desctructor has a "good" state to cleanup */
- int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
- {
- int ret;
- byte haveRSA = 0;
- byte havePSK = 0;
- ssl->ctx = ctx; /* only for passing to calls, options could change */
- ssl->version = ctx->method->version;
- ssl->suites = NULL;
- #ifdef HAVE_LIBZ
- ssl->didStreamInit = 0;
- #endif
- #ifndef NO_RSA
- haveRSA = 1;
- #endif
-
- #ifndef NO_CERTS
- ssl->buffers.certificate.buffer = 0;
- ssl->buffers.key.buffer = 0;
- ssl->buffers.certChain.buffer = 0;
- #endif
- ssl->buffers.inputBuffer.length = 0;
- ssl->buffers.inputBuffer.idx = 0;
- ssl->buffers.inputBuffer.buffer = ssl->buffers.inputBuffer.staticBuffer;
- ssl->buffers.inputBuffer.bufferSize = STATIC_BUFFER_LEN;
- ssl->buffers.inputBuffer.dynamicFlag = 0;
- ssl->buffers.outputBuffer.length = 0;
- ssl->buffers.outputBuffer.idx = 0;
- ssl->buffers.outputBuffer.buffer = ssl->buffers.outputBuffer.staticBuffer;
- ssl->buffers.outputBuffer.bufferSize = STATIC_BUFFER_LEN;
- ssl->buffers.outputBuffer.dynamicFlag = 0;
- ssl->buffers.domainName.buffer = 0;
- #ifndef NO_CERTS
- ssl->buffers.serverDH_P.buffer = 0;
- ssl->buffers.serverDH_G.buffer = 0;
- ssl->buffers.serverDH_Pub.buffer = 0;
- ssl->buffers.serverDH_Priv.buffer = 0;
- #endif
- ssl->buffers.clearOutputBuffer.buffer = 0;
- ssl->buffers.clearOutputBuffer.length = 0;
- ssl->buffers.prevSent = 0;
- ssl->buffers.plainSz = 0;
- #ifdef OPENSSL_EXTRA
- ssl->peerCert.derCert.buffer = NULL;
- ssl->peerCert.altNames = NULL;
- ssl->peerCert.altNamesNext = NULL;
- #endif
- #ifdef HAVE_ECC
- ssl->eccTempKeySz = ctx->eccTempKeySz;
- ssl->peerEccKeyPresent = 0;
- ssl->peerEccDsaKeyPresent = 0;
- ssl->eccDsaKeyPresent = 0;
- ssl->eccTempKeyPresent = 0;
- ssl->peerEccKey = NULL;
- ssl->peerEccDsaKey = NULL;
- ssl->eccDsaKey = NULL;
- ssl->eccTempKey = NULL;
- #endif
- ssl->timeout = ctx->timeout;
- ssl->rfd = -1; /* set to invalid descriptor */
- ssl->wfd = -1;
- ssl->rflags = 0; /* no user flags yet */
- ssl->wflags = 0; /* no user flags yet */
- ssl->biord = 0;
- ssl->biowr = 0;
- ssl->IOCB_ReadCtx = &ssl->rfd; /* prevent invalid pointer access if not */
- ssl->IOCB_WriteCtx = &ssl->wfd; /* correctly set */
- #ifndef NO_MD5
- InitMd5(&ssl->hashMd5);
- #endif
- InitSha(&ssl->hashSha);
- #ifndef NO_SHA256
- InitSha256(&ssl->hashSha256);
- #endif
- #ifdef CYASSL_SHA384
- InitSha384(&ssl->hashSha384);
- #endif
- #ifndef NO_RSA
- ssl->peerRsaKey = NULL;
- ssl->peerRsaKeyPresent = 0;
- #endif
- ssl->verifyCallback = ctx->verifyCallback;
- ssl->options.side = ctx->method->side;
- ssl->options.downgrade = ctx->method->downgrade;
- ssl->error = 0;
- ssl->options.connReset = 0;
- ssl->options.isClosed = 0;
- ssl->options.closeNotify = 0;
- ssl->options.sentNotify = 0;
- ssl->options.usingCompression = 0;
- if (ssl->options.side == SERVER_END)
- ssl->options.haveDH = ctx->haveDH;
- else
- ssl->options.haveDH = 0;
- ssl->options.haveNTRU = ctx->haveNTRU;
- ssl->options.haveECDSAsig = ctx->haveECDSAsig;
- ssl->options.haveStaticECC = ctx->haveStaticECC;
- ssl->options.havePeerCert = 0;
- ssl->options.usingPSK_cipher = 0;
- ssl->options.sendAlertState = 0;
- #ifndef NO_PSK
- havePSK = ctx->havePSK;
- ssl->options.havePSK = ctx->havePSK;
- ssl->options.client_psk_cb = ctx->client_psk_cb;
- ssl->options.server_psk_cb = ctx->server_psk_cb;
- #endif /* NO_PSK */
- ssl->options.serverState = NULL_STATE;
- ssl->options.clientState = NULL_STATE;
- ssl->options.connectState = CONNECT_BEGIN;
- ssl->options.acceptState = ACCEPT_BEGIN;
- ssl->options.handShakeState = NULL_STATE;
- ssl->options.processReply = doProcessInit;
- #ifdef CYASSL_DTLS
- ssl->keys.dtls_sequence_number = 0;
- ssl->keys.dtls_peer_sequence_number = 0;
- ssl->keys.dtls_expected_peer_sequence_number = 0;
- ssl->keys.dtls_handshake_number = 0;
- ssl->keys.dtls_expected_peer_handshake_number = 0;
- ssl->keys.dtls_epoch = 0;
- ssl->keys.dtls_peer_epoch = 0;
- ssl->keys.dtls_expected_peer_epoch = 0;
- ssl->dtls_timeout = DTLS_DEFAULT_TIMEOUT;
- ssl->dtls_pool = NULL;
- #endif
- ssl->keys.encryptionOn = 0; /* initially off */
- ssl->keys.decryptedCur = 0; /* initially off */
- ssl->options.sessionCacheOff = ctx->sessionCacheOff;
- ssl->options.sessionCacheFlushOff = ctx->sessionCacheFlushOff;
- ssl->options.verifyPeer = ctx->verifyPeer;
- ssl->options.verifyNone = ctx->verifyNone;
- ssl->options.failNoCert = ctx->failNoCert;
- ssl->options.sendVerify = ctx->sendVerify;
-
- ssl->options.resuming = 0;
- ssl->options.haveSessionId = 0;
- #ifndef NO_OLD_TLS
- ssl->hmac = Hmac; /* default to SSLv3 */
- #else
- ssl->hmac = TLS_hmac;
- #endif
- ssl->heap = ctx->heap; /* defaults to self */
- ssl->options.tls = 0;
- ssl->options.tls1_1 = 0;
- if (ssl->version.major == DTLS_MAJOR && ssl->version.minor == DTLS_MINOR)
- ssl->options.dtls = 1;
- else
- ssl->options.dtls = 0;
- ssl->options.partialWrite = ctx->partialWrite;
- ssl->options.quietShutdown = ctx->quietShutdown;
- ssl->options.certOnly = 0;
- ssl->options.groupMessages = ctx->groupMessages;
- ssl->options.usingNonblock = 0;
- ssl->options.saveArrays = 0;
- #ifndef NO_CERTS
- /* ctx still owns certificate, certChain, key, dh, and cm */
- ssl->buffers.certificate = ctx->certificate;
- ssl->buffers.certChain = ctx->certChain;
- ssl->buffers.key = ctx->privateKey;
- if (ssl->options.side == SERVER_END) {
- ssl->buffers.serverDH_P = ctx->serverDH_P;
- ssl->buffers.serverDH_G = ctx->serverDH_G;
- }
- #endif
- ssl->buffers.weOwnCert = 0;
- ssl->buffers.weOwnKey = 0;
- ssl->buffers.weOwnDH = 0;
- #ifdef CYASSL_DTLS
- ssl->buffers.dtlsHandshake.length = 0;
- ssl->buffers.dtlsHandshake.buffer = NULL;
- ssl->buffers.dtlsType = 0;
- ssl->buffers.dtlsCtx.fd = -1;
- ssl->buffers.dtlsCtx.peer.sa = NULL;
- ssl->buffers.dtlsCtx.peer.sz = 0;
- #endif
- #ifdef OPENSSL_EXTRA
- ssl->peerCert.issuer.sz = 0;
- ssl->peerCert.subject.sz = 0;
- #endif
-
- #ifdef SESSION_CERTS
- ssl->session.chain.count = 0;
- #endif
- ssl->cipher.ssl = ssl;
- #ifdef FORTRESS
- ssl->ex_data[0] = 0;
- ssl->ex_data[1] = 0;
- ssl->ex_data[2] = 0;
- #endif
- #ifdef CYASSL_CALLBACKS
- ssl->hsInfoOn = 0;
- ssl->toInfoOn = 0;
- #endif
- #ifdef HAVE_CAVIUM
- ssl->devId = ctx->devId;
- #endif
- ssl->rng = NULL;
- ssl->arrays = NULL;
- InitCiphers(ssl);
- /* all done with init, now can return errors, call other stuff */
- /* increment CTX reference count */
- if (LockMutex(&ctx->countMutex) != 0) {
- CYASSL_MSG("Couldn't lock CTX count mutex");
- return BAD_MUTEX_ERROR;
- }
- ctx->refCount++;
- UnLockMutex(&ctx->countMutex);
- /* arrays */
- ssl->arrays = (Arrays*)XMALLOC(sizeof(Arrays), ssl->heap,
- DYNAMIC_TYPE_ARRAYS);
- if (ssl->arrays == NULL) {
- CYASSL_MSG("Arrays Memory error");
- return MEMORY_E;
- }
- #ifndef NO_PSK
- ssl->arrays->client_identity[0] = 0;
- if (ctx->server_hint[0]) { /* set in CTX */
- XSTRNCPY(ssl->arrays->server_hint, ctx->server_hint, MAX_PSK_ID_LEN);
- ssl->arrays->server_hint[MAX_PSK_ID_LEN - 1] = '\0';
- }
- else
- ssl->arrays->server_hint[0] = 0;
- #endif /* NO_PSK */
- #ifdef CYASSL_DTLS
- ssl->arrays->cookieSz = 0;
- #endif
- /* RNG */
- ssl->rng = (RNG*)XMALLOC(sizeof(RNG), ssl->heap, DYNAMIC_TYPE_RNG);
- if (ssl->rng == NULL) {
- CYASSL_MSG("RNG Memory error");
- return MEMORY_E;
- }
- if ( (ret = InitRng(ssl->rng)) != 0)
- return ret;
- /* suites */
- ssl->suites = (Suites*)XMALLOC(sizeof(Suites), ssl->heap,
- DYNAMIC_TYPE_SUITES);
- if (ssl->suites == NULL) {
- CYASSL_MSG("Suites Memory error");
- return MEMORY_E;
- }
- *ssl->suites = ctx->suites;
- /* peer key */
- #ifndef NO_RSA
- ssl->peerRsaKey = (RsaKey*)XMALLOC(sizeof(RsaKey), ssl->heap,
- DYNAMIC_TYPE_RSA);
- if (ssl->peerRsaKey == NULL) {
- CYASSL_MSG("PeerRsaKey Memory error");
- return MEMORY_E;
- }
- InitRsaKey(ssl->peerRsaKey, ctx->heap);
- #endif
- #ifndef NO_CERTS
- /* make sure server has cert and key unless using PSK */
- if (ssl->options.side == SERVER_END && !havePSK)
- if (!ssl->buffers.certificate.buffer || !ssl->buffers.key.buffer) {
- CYASSL_MSG("Server missing certificate and/or private key");
- return NO_PRIVATE_KEY;
- }
- #endif
- #ifdef HAVE_ECC
- ssl->peerEccKey = (ecc_key*)XMALLOC(sizeof(ecc_key),
- ctx->heap, DYNAMIC_TYPE_ECC);
- if (ssl->peerEccKey == NULL) {
- CYASSL_MSG("PeerEccKey Memory error");
- return MEMORY_E;
- }
- ssl->peerEccDsaKey = (ecc_key*)XMALLOC(sizeof(ecc_key),
- ctx->heap, DYNAMIC_TYPE_ECC);
- if (ssl->peerEccDsaKey == NULL) {
- CYASSL_MSG("PeerEccDsaKey Memory error");
- return MEMORY_E;
- }
- ssl->eccDsaKey = (ecc_key*)XMALLOC(sizeof(ecc_key),
- ctx->heap, DYNAMIC_TYPE_ECC);
- if (ssl->eccDsaKey == NULL) {
- CYASSL_MSG("EccDsaKey Memory error");
- return MEMORY_E;
- }
- ssl->eccTempKey = (ecc_key*)XMALLOC(sizeof(ecc_key),
- ctx->heap, DYNAMIC_TYPE_ECC);
- if (ssl->eccTempKey == NULL) {
- CYASSL_MSG("EccTempKey Memory error");
- return MEMORY_E;
- }
- ecc_init(ssl->peerEccKey);
- ecc_init(ssl->peerEccDsaKey);
- ecc_init(ssl->eccDsaKey);
- ecc_init(ssl->eccTempKey);
- #endif
- /* make sure server has DH parms, and add PSK if there, add NTRU too */
- if (ssl->options.side == SERVER_END)
- InitSuites(ssl->suites, ssl->version, haveRSA, havePSK,
- ssl->options.haveDH, ssl->options.haveNTRU,
- ssl->options.haveECDSAsig, ssl->options.haveStaticECC,
- ssl->options.side);
- else
- InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, TRUE,
- ssl->options.haveNTRU, ssl->options.haveECDSAsig,
- ssl->options.haveStaticECC, ssl->options.side);
- return 0;
- }
- /* free use of temporary arrays */
- void FreeArrays(CYASSL* ssl, int keep)
- {
- if (ssl->arrays && keep) {
- /* keeps session id for user retrieval */
- XMEMCPY(ssl->session.sessionID, ssl->arrays->sessionID, ID_LEN);
- }
- XFREE(ssl->arrays, ssl->heap, DYNAMIC_TYPE_ARRAYS);
- ssl->arrays = NULL;
- }
- /* In case holding SSL object in array and don't want to free actual ssl */
- void SSL_ResourceFree(CYASSL* ssl)
- {
- FreeCiphers(ssl);
- FreeArrays(ssl, 0);
- XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
- XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES);
- XFREE(ssl->buffers.domainName.buffer, ssl->heap, DYNAMIC_TYPE_DOMAIN);
- #ifndef NO_CERTS
- XFREE(ssl->buffers.serverDH_Priv.buffer, ssl->heap, DYNAMIC_TYPE_DH);
- XFREE(ssl->buffers.serverDH_Pub.buffer, ssl->heap, DYNAMIC_TYPE_DH);
- /* parameters (p,g) may be owned by ctx */
- if (ssl->buffers.weOwnDH || ssl->options.side == CLIENT_END) {
- XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, DYNAMIC_TYPE_DH);
- XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, DYNAMIC_TYPE_DH);
- }
- /* CYASSL_CTX always owns certChain */
- if (ssl->buffers.weOwnCert)
- XFREE(ssl->buffers.certificate.buffer, ssl->heap, DYNAMIC_TYPE_CERT);
- if (ssl->buffers.weOwnKey)
- XFREE(ssl->buffers.key.buffer, ssl->heap, DYNAMIC_TYPE_KEY);
- #endif
- #ifndef NO_RSA
- if (ssl->peerRsaKey) {
- FreeRsaKey(ssl->peerRsaKey);
- XFREE(ssl->peerRsaKey, ssl->heap, DYNAMIC_TYPE_RSA);
- }
- #endif
- if (ssl->buffers.inputBuffer.dynamicFlag)
- ShrinkInputBuffer(ssl, FORCED_FREE);
- if (ssl->buffers.outputBuffer.dynamicFlag)
- ShrinkOutputBuffer(ssl);
- #ifdef CYASSL_DTLS
- if (ssl->buffers.dtlsHandshake.buffer != NULL)
- XFREE(ssl->buffers.dtlsHandshake.buffer, ssl->heap, DYNAMIC_TYPE_NONE);
- if (ssl->dtls_pool != NULL) {
- DtlsPoolReset(ssl);
- XFREE(ssl->dtls_pool, ssl->heap, DYNAMIC_TYPE_NONE);
- }
- XFREE(ssl->buffers.dtlsCtx.peer.sa, ssl->heap, DYNAMIC_TYPE_SOCKADDR);
- ssl->buffers.dtlsCtx.peer.sa = NULL;
- #endif
- #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
- XFREE(ssl->peerCert.derCert.buffer, ssl->heap, DYNAMIC_TYPE_CERT);
- if (ssl->peerCert.altNames)
- FreeAltNames(ssl->peerCert.altNames, ssl->heap);
- CyaSSL_BIO_free(ssl->biord);
- if (ssl->biord != ssl->biowr) /* in case same as write */
- CyaSSL_BIO_free(ssl->biowr);
- #endif
- #ifdef HAVE_LIBZ
- FreeStreams(ssl);
- #endif
- #ifdef HAVE_ECC
- if (ssl->peerEccKey) {
- if (ssl->peerEccKeyPresent)
- ecc_free(ssl->peerEccKey);
- XFREE(ssl->peerEccKey, ssl->heap, DYNAMIC_TYPE_ECC);
- }
- if (ssl->peerEccDsaKey) {
- if (ssl->peerEccDsaKeyPresent)
- ecc_free(ssl->peerEccDsaKey);
- XFREE(ssl->peerEccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC);
- }
- if (ssl->eccTempKey) {
- if (ssl->eccTempKeyPresent)
- ecc_free(ssl->eccTempKey);
- XFREE(ssl->eccTempKey, ssl->heap, DYNAMIC_TYPE_ECC);
- }
- if (ssl->eccDsaKey) {
- if (ssl->eccDsaKeyPresent)
- ecc_free(ssl->eccDsaKey);
- XFREE(ssl->eccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC);
- }
- #endif
- }
- /* Free any handshake resources no longer needed */
- void FreeHandshakeResources(CYASSL* ssl)
- {
- /* input buffer */
- if (ssl->buffers.inputBuffer.dynamicFlag)
- ShrinkInputBuffer(ssl, NO_FORCED_FREE);
- /* suites */
- XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES);
- ssl->suites = NULL;
- /* RNG */
- if (ssl->specs.cipher_type == stream || ssl->options.tls1_1 == 0) {
- XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
- ssl->rng = NULL;
- }
- #ifdef CYASSL_DTLS
- /* DTLS_POOL */
- if (ssl->options.dtls && ssl->dtls_pool != NULL) {
- DtlsPoolReset(ssl);
- XFREE(ssl->dtls_pool, ssl->heap, DYNAMIC_TYPE_DTLS_POOL);
- ssl->dtls_pool = NULL;
- }
- #endif
- /* arrays */
- if (ssl->options.saveArrays)
- FreeArrays(ssl, 1);
- #ifndef NO_RSA
- /* peerRsaKey */
- if (ssl->peerRsaKey) {
- FreeRsaKey(ssl->peerRsaKey);
- XFREE(ssl->peerRsaKey, ssl->heap, DYNAMIC_TYPE_RSA);
- ssl->peerRsaKey = NULL;
- }
- #endif
- #ifdef HAVE_ECC
- if (ssl->peerEccKey)
- {
- if (ssl->peerEccKeyPresent) {
- ecc_free(ssl->peerEccKey);
- ssl->peerEccKeyPresent = 0;
- }
- XFREE(ssl->peerEccKey, ssl->heap, DYNAMIC_TYPE_ECC);
- ssl->peerEccKey = NULL;
- }
- if (ssl->peerEccDsaKey)
- {
- if (ssl->peerEccDsaKeyPresent) {
- ecc_free(ssl->peerEccDsaKey);
- ssl->peerEccDsaKeyPresent = 0;
- }
- XFREE(ssl->peerEccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC);
- ssl->peerEccDsaKey = NULL;
- }
- if (ssl->eccTempKey)
- {
- if (ssl->eccTempKeyPresent) {
- ecc_free(ssl->eccTempKey);
- ssl->eccTempKeyPresent = 0;
- }
- XFREE(ssl->eccTempKey, ssl->heap, DYNAMIC_TYPE_ECC);
- ssl->eccTempKey = NULL;
- }
- if (ssl->eccDsaKey)
- {
- if (ssl->eccDsaKeyPresent) {
- ecc_free(ssl->eccDsaKey);
- ssl->eccDsaKeyPresent = 0;
- }
- XFREE(ssl->eccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC);
- ssl->eccDsaKey = NULL;
- }
- #endif
- }
- void FreeSSL(CYASSL* ssl)
- {
- FreeSSL_Ctx(ssl->ctx); /* will decrement and free underyling CTX if 0 */
- SSL_ResourceFree(ssl);
- XFREE(ssl, ssl->heap, DYNAMIC_TYPE_SSL);
- }
- #ifdef CYASSL_DTLS
- int DtlsPoolInit(CYASSL* ssl)
- {
- if (ssl->dtls_pool == NULL) {
- DtlsPool *pool = (DtlsPool*)XMALLOC(sizeof(DtlsPool),
- ssl->heap, DYNAMIC_TYPE_DTLS_POOL);
- if (pool == NULL) {
- CYASSL_MSG("DTLS Buffer Pool Memory error");
- return MEMORY_E;
- }
- else {
- int i;
-
- for (i = 0; i < DTLS_POOL_SZ; i++) {
- pool->buf[i].length = 0;
- pool->buf[i].buffer = NULL;
- }
- pool->used = 0;
- ssl->dtls_pool = pool;
- }
- }
- return 0;
- }
- int DtlsPoolSave(CYASSL* ssl, const byte *src, int sz)
- {
- DtlsPool *pool = ssl->dtls_pool;
- if (pool != NULL && pool->used < DTLS_POOL_SZ) {
- buffer *pBuf = &pool->buf[pool->used];
- pBuf->buffer = (byte*)XMALLOC(sz, ssl->heap, DYNAMIC_TYPE_OUT_BUFFER);
- if (pBuf->buffer == NULL) {
- CYASSL_MSG("DTLS Buffer Memory error");
- return MEMORY_ERROR;
- }
- XMEMCPY(pBuf->buffer, src, sz);
- pBuf->length = (word32)sz;
- pool->used++;
- }
- return 0;
- }
- void DtlsPoolReset(CYASSL* ssl)
- {
- DtlsPool *pool = ssl->dtls_pool;
- if (pool != NULL) {
- buffer *pBuf;
- int i, used;
- used = pool->used;
- for (i = 0, pBuf = &pool->buf[0]; i < used; i++, pBuf++) {
- XFREE(pBuf->buffer, ssl->heap, DYNAMIC_TYPE_OUT_BUFFER);
- pBuf->buffer = NULL;
- pBuf->length = 0;
- }
- pool->used = 0;
- }
- ssl->dtls_timeout = DTLS_DEFAULT_TIMEOUT;
- }
- int DtlsPoolTimeout(CYASSL* ssl)
- {
- int result = -1;
- if (ssl->dtls_timeout < 64) {
- ssl->dtls_timeout *= 2;
- result = 0;
- }
- return result;
- }
- int DtlsPoolSend(CYASSL* ssl)
- {
- DtlsPool *pool = ssl->dtls_pool;
- if (pool != NULL && pool->used > 0) {
- int i;
- for (i = 0; i < pool->used; i++) {
- int sendResult;
- buffer* buf = &pool->buf[i];
- DtlsRecordLayerHeader* dtls = (DtlsRecordLayerHeader*)buf->buffer;
- if (dtls->type == change_cipher_spec) {
- ssl->keys.dtls_epoch++;
- ssl->keys.dtls_sequence_number = 0;
- }
- c16toa(ssl->keys.dtls_epoch, dtls->epoch);
- c32to48(ssl->keys.dtls_sequence_number++, dtls->sequence_number);
- XMEMCPY(ssl->buffers.outputBuffer.buffer, buf->buffer, buf->length);
- ssl->buffers.outputBuffer.idx = 0;
- ssl->buffers.outputBuffer.length = buf->length;
- sendResult = SendBuffered(ssl);
- if (sendResult < 0) {
- return sendResult;
- }
- }
- }
- return 0;
- }
- #endif
- #ifndef NO_OLD_TLS
- ProtocolVersion MakeSSLv3(void)
- {
- ProtocolVersion pv;
- pv.major = SSLv3_MAJOR;
- pv.minor = SSLv3_MINOR;
- return pv;
- }
- #endif /* NO_OLD_TLS */
- #ifdef CYASSL_DTLS
- ProtocolVersion MakeDTLSv1(void)
- {
- ProtocolVersion pv;
- pv.major = DTLS_MAJOR;
- pv.minor = DTLS_MINOR;
- return pv;
- }
- #endif /* CYASSL_DTLS */
- #ifdef USE_WINDOWS_API
- timer_d Timer(void)
- {
- static int init = 0;
- static LARGE_INTEGER freq;
- LARGE_INTEGER count;
-
- if (!init) {
- QueryPerformanceFrequency(&freq);
- init = 1;
- }
- QueryPerformanceCounter(&count);
- return (double)count.QuadPart / freq.QuadPart;
- }
- word32 LowResTimer(void)
- {
- return (word32)Timer();
- }
- #elif defined(THREADX)
- #include "rtptime.h"
- word32 LowResTimer(void)
- {
- return (word32)rtp_get_system_sec();
- }
- #elif defined(MICRIUM)
- word32 LowResTimer(void)
- {
- NET_SECURE_OS_TICK clk;
- #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
- clk = NetSecure_OS_TimeGet();
- #endif
- return (word32)clk;
- }
- #elif defined(USER_TICKS)
- word32 LowResTimer(void)
- {
- /*
- write your own clock tick function if don't want time(0)
- needs second accuracy but doesn't have to correlated to EPOCH
- */
- }
- #else /* !USE_WINDOWS_API && !THREADX && !MICRIUM && !USER_TICKS */
- #include <time.h>
- word32 LowResTimer(void)
- {
- return (word32)time(0);
- }
- #endif /* USE_WINDOWS_API */
- /* add output to md5 and sha handshake hashes, exclude record header */
- static void HashOutput(CYASSL* ssl, const byte* output, int sz, int ivSz)
- {
- const byte* adj = output + RECORD_HEADER_SZ + ivSz;
- sz -= RECORD_HEADER_SZ;
-
- #ifdef CYASSL_DTLS
- if (ssl->options.dtls) {
- adj += DTLS_RECORD_EXTRA;
- sz -= DTLS_RECORD_EXTRA;
- }
- #endif
- ShaUpdate(&ssl->hashSha, adj, sz);
- #ifndef NO_MD5
- Md5Update(&ssl->hashMd5, adj, sz);
- #endif
- if (IsAtLeastTLSv1_2(ssl)) {
- #ifndef NO_SHA256
- Sha256Update(&ssl->hashSha256, adj, sz);
- #endif
- #ifdef CYASSL_SHA384
- Sha384Update(&ssl->hashSha384, adj, sz);
- #endif
- }
- }
- /* add input to md5 and sha handshake hashes, include handshake header */
- static void HashInput(CYASSL* ssl, const byte* input, int sz)
- {
- const byte* adj = input - HANDSHAKE_HEADER_SZ;
- sz += HANDSHAKE_HEADER_SZ;
-
- #ifdef CYASSL_DTLS
- if (ssl->options.dtls) {
- adj -= DTLS_HANDSHAKE_EXTRA;
- sz += DTLS_HANDSHAKE_EXTRA;
- }
- #endif
- ShaUpdate(&ssl->hashSha, adj, sz);
- #ifndef NO_MD5
- Md5Update(&ssl->hashMd5, adj, sz);
- #endif
- if (IsAtLeastTLSv1_2(ssl)) {
- #ifndef NO_SHA256
- Sha256Update(&ssl->hashSha256, adj, sz);
- #endif
- #ifdef CYASSL_SHA384
- Sha384Update(&ssl->hashSha384, adj, sz);
- #endif
- }
- }
- /* add record layer header for message */
- stati…
Large files files are truncated, but you can click here to view the full file